Written by Jason Morris on Tuesday June 11, 2019
At the recent City Week International Financial Services Forum in London, one of the panel sessions focused on the evolution of financial crime, and a statistic highlighted during the session struck a chord with me. It said that 84% of reported fraud crimes in the UK were cyber-related. Cybercrime is known to be on the rise, but this statistic seemed to me extraordinary.
Initially, my thought was that this increase had to be linked to technology, which as we know has made huge strides in recent years, advancing to the point where the use of artificial intelligence (AI) and machine learning is accelerating in financial services systems.
Financial technology – FinTech, to use the widely recognised vernacular – describes the use of technologies in the financial services sector, initially adopted by financial institutions to streamline back office operations, but which are now also used to disrupt traditional financial services, such as mobile payments and money transfers, and which in turn are being exploited by financial criminals.
In this way, technology has a direct effect on financial crime, but is it as a result increasing? The alternatives to traditional banking services made available by this technology present opportunities to money launderers to move their illicit funds at a much faster pace pretty much anywhere in the world.
The sheer number of transactions that technology can now accommodate suggests an increase is a natural consequence, but it also presents a significant challenge to compliance teams to be able to monitor this amount of traffic effectively.
This only makes the challenge faced by compliance teams a much bigger one. So, on the face of it, yes financial crime is on the increase and technology is, to some degree, responsible.
The world of compliance is fighting back though, and the development of regulatory technology – RegTech – has become a central objective for many regulatory authorities as a way of combating these risks. FinTech and RegTech are often mentioned together because of the intrinsic connection between the two, and you’ll no doubt have seen them being hotly debated at many financial services events in recent years, reflecting the seriousness with which the industry views them.
Bringing it back to cybercrime and the statistic I quoted at the beginning, it is reasonable to assume that the opportunities for committing cyber-related crimes are now vast. There are well over 25 billion devices connected to the Internet of Things (IoT) around the world, and this is rapidly growing year on year.
The varying types of cybercrimes only expand the opportunities available. Examples include phishing, malware, online scams, identity theft via fake emails or viruses, spamming, logic bombs, hacking and ransomware. Globally, people-based attacks have increased the most, suggesting the cyber-criminals have identified human beings as the perpetual weak-link.
Of course, financial institutions have very little control over how well (or not so well) an individual protects their own social media or email account, but there are lots of media campaigns ongoing that aim to address this problem. Given the figures shown above, this is a campaign that has to continue. Education is the key, and hopefully, over time, the public will be able to protect itself better.
The threat to British businesses is also on the increase. According to research carried out by Hiscox, 55% of UK firms faced a cyberattack in 2019, which is an increase of 40% from last year. More worryingly, the research also found that a lot of businesses were underprepared for cyberattacks as they ‘incorrectly felt that they weren’t at risk’.
The introduction of GDPR last year is likely to have an impact on this way of thinking (across Europe, at least), given the threat of a potential fine of 2–4% of a firm’s global turnover for failing to report a data breach. It could be argued, of course, that the increase itself is a consequence of the new reporting requirements under GDPR, but either way, these statistics should help focus the attention of businesses on this very real threat.
So, where does that leave us in addressing the titular question? The answer is yes, financial crime is on the increase, but the focus of these crimes has changed. There are far more cyber-related crimes, which offer different challenges to businesses.
Of course, methods are available to companies (and individuals for that matter) to help prevent cybercrime, such as regularly backing up your data, applying strong password protocols, updating software systems, having a firewall in place and increasing employee awareness of the risks through training and education. But lots of companies don’t have a dedicated resource to address the cybercrime risk, something that some firms should certainly look to change.
This is most definitely a global issue: the worldwide cost of cybercrime in 2017 was estimated to be $600 billion. Because of the reach that cybercrime has – across borders, in schools, homes and businesses too – a coordinated, tactical approach adopted by the governments of the world is the key to disrupting this activity.
Watch the ICA’s The True Cost of Financial Crime series to learn more about human trafficking and how it can be combated.
You may also like to read:
This article forms part of the #BigCompConvo - Join us as we explore and debate the latest challenges and issues facing you and regulatory and financial crime compliance professionals all over the world. If you’d like to contribute an article as part of the Big Compliance Conversation get in touch with us at firstname.lastname@example.org
Thank you. Your comment is awaiting moderation and should appear on the site shortly.
Required fields are not completed, please ensure all required fields (*) have been filled in properly.
You can leave the name empty should you wish to remain Anonymous.
Help and support
Alternatively contact us on: +44(0)121 362 7534 / email@example.com (Course information)
or +44(0)121 362 7533 / firstname.lastname@example.org (Enrolled learners)
or +44(0)121 362 7747 / email@example.com (Membership)
or +44 (0) 121 362 7503 / firstname.lastname@example.org (End Point Assessment)