Uncertainty and transformation were the watchwords of 2021, as the world came to terms with the pandemic and its wide-reaching effects.
Digitalization, already a theme before the pandemic, was turbo-charged last year by the need for contactless solutions, accelerating our transition to a digital-first world. The adoption of mobile banking and digital wallets skyrocketed, cryptocurrencies won broader appeal, and the use of physical cash declined.
On the other side of these positive trends were the criminals seeking to take advantage of them. Identity theft and money laundering in Europe continued to grow in 2021 with a 18% increase in identity fraud attempts, according to Fourthline’s data.
Will 2022 be the year that we fully adjust to our new realities? What are the core trends that banks and regulated institutions can expect to feature in the year ahead? Here, Krik Gunning, CEO of Fourthline, gives his top four predictions.
1. Focus on identity monitoring will increase
The pandemic has led to a huge rise in financial crime and criminals have employed increasingly sophisticated techniques to trick the system, from deepfakes and synthetic online identities to silicon masks. According to our data, social engineering and account takeover fraud remained criminals’ preferred form of identity fraud in 2021, surpassing counterfeit documentation. This trend looks set to gather still more momentum in 2022.
To combat this threat, banks and other financial institutions must go beyond simple document verification and take a holistic approach to data verification – one that combines checks across identity, biometric data, device metadata, watchlists and so on. This process must go beyond account opening, to monitor customer identities across the lifecycle, performing regular checks and responding to real-time alerts on changes to clients’ risk status. Money mules are a prime example of the need for continuous monitoring. These individuals may be legitimate at onboarding but could later – either voluntarily or by coercion - transfer access to their account to money launderers once it has passed initial document verification.
Adopting technology that can confirm the account user is the account holder throughout various points in the customer lifecycle will be critical. Of course, we want to catch these criminals before they have the chance to open an account, but it is equally important to reduce the threat of any ongoing fraud.
2. Sensitive data could become too hot to handle
GDPR is quickly becoming the global standard for data protection. Companies that do not have the capabilities to manage sensitive data at the highest standards will have two choices (i) delete the data, as Facebook’s parent company Meta has recently done with biometric data on more than 1 billion users; or (ii) find a partner that can help them reach the higher security bar.
As banks are required by law to store sensitive data it implies that (i) is not an option. We have already seen the first banks concluding that (ii) is a more attractive option than upgrading internal systems and procedures.
3. Crypto will remain in the regulators’ crosshairs
Cryptocurrencies were a hot topic in 2021 as they began to move into the mainstream. Bitcoin hit an all-time high of $68,000 in November. Coinbase, the largest crypto exchange in the US, overtook TikTok and YouTube to become the most downloaded app during the year. And Paypal allowed its UK customers to buy, sell and hold cryptocurrencies (Bitcoin, Ethereum, Litecoin, and Bitcoin Cash) for the first time.
With this growing popularity came increased regulatory scrutiny. China’s regulator banned banks and payment companies from offering any crypto-related services, while many regulators – including the UK’s FCA and the European Central Bank – issued stark warnings about the risks of trading in digital assets. Actions against crypto firms hit the headlines, with Binance, the world's largest crypto exchange, facing a series of publicized issues surrounding its anti-money laundering (AML) practices across the globe.
At the turn of the year, US regulators the Federal Reserve, FDIC, and OCC issued a joint statement outlining proposed rules for firms in the crypto space. As growth continues in the crypto industry this year, its sheer size will necessitate close monitoring. This could mean stricter compliance regulation in some markets, and lead to clearer divisions between those players that embrace regulation and those that continue to fight it.
4. Ethical AI will become a license to operate
Society at large has become increasingly interested in - and vocal about - how personal data is used and stored by technology companies. There will be more tough questions asked this year and the answers will need to meet a high ethical bar.
AI is, quite rightly, gaining traction but banks will need to explain how it is applied to compliance and fraud. Proof of an ethical approach to AI also impacts vendor onboarding – regulated institutions must understand whether their partners have full control of the technology they offer. Expect to see increased accountability regarding who organizations go into business with - every regulated institution will need to be able to explain, both to regulators and the general public, how and why a decision was taken.
For banks and regulated institutions, change is one thing we can be certain of in the year ahead. Companies will need to swiftly meet fresh challenges, diverting and adjusting resources to reflect both changing consumer demands and the shifting regulatory landscape, while also keeping abreast of the latest criminal techniques.