Fraudulent account opening is a global problem that continues to rise. In Australia, there has been a rise in the number of fraudulent attempts to open transaction bank accounts by money mules, as well as efforts to use stolen identities to open accounts. This increase can be attributed to:
- Customers demanding access to more products and services through digital channels
- Financial Institutions meeting customer demand in offering more, often higher-risk, products and services through the digital channels
- Consumer Scams increasing 10% during 2018 and 94% in 5 years to the end of 2018[1]
- The New Payments Platform (NPP) launched in Australia in February 2018 and an increasing number of Financial Institutions offering OSKO payments throughout 2018 and 2019, with increasing transaction and daily limits.
The issue of fraudulent account openings is not unique to the Australian market and was observed in the UK around the launch of Faster Payments in 2008 with fraud levels up as much as 300%[2].
Fraudulent account origination has both a financial and non-financial cost to the industry and can also present a reputational and compliance risk.
There are many ways to calculate the financial cost of onboarding fraudulent transaction accounts and the cost can vary significantly, based on the level of automation and ability to quickly identify and close fraudulent accounts.
Addressing the issue
Addressing fraudulent account openings by financial institutions in Australia has been varied and mostly dependent on banking platforms, fraud detection systems, and the ability to retrieve relevant data from source systems, IT and People resources.
Solutions offered in the market may be unsuitable or cost-prohibitive to some financial institutions, so not all solutions will provide the same results for all.
Equifax is observing varying patterns in fraudulent account openings[3]. Accounts opened using stolen identities tend to be opened quickly, across numerous financial institutions, often outside of Australian business hours, and can happen at over 10 financial institutions in a matter of hours. Identities may or may not have already been fraudulently used to apply for unsecured credit through banks, alternative finance providers and telecommunications companies. In contrast accounts opened by money mules and individuals involved in romance scams tend to be seen at one or two financial institutions every week or two. This pattern likely represents actions taken by those financial institutions to identify mule activity to close such accounts.
Fraud minimisation solutions
No single solution will stop all fraudulent account openings, and a multi-layered approach to detecting fraud, across all channels, should be adopted.
The first step a business can take to reduce fraudulent account opening should be looking at its own data and matching this to internal hotlists. Fraudulent customers should be restricted from opening new accounts following the closure of their previous accounts that had been deemed fraudulent.
Device intelligence tools can be used to reduce fraudulent account origination from known fraudulent devices and to prevent multiple accounts being opened by the same fraudsters over time. These tools can assist in lowering account origination from known high-risk devices, undesirable locations, and devices trying to disguise their identity, amongst others.
Electronic Verification (EV) tools are primarily Know Your Customer (KYC) compliance tools. A periodic review of verification rules can help reduce fraudulent customer onboarding. Any changes to verification rules should be carefully considered, so that the right balance between genuine customer onboarding and stopping dishonest customers is struck.
It’s important to note that fraudsters often use real people’s details and have experience in both navigating financial institutions’ websites and finding relevant information on identity documents. This may seem counter-intuitive, but due to their experience, fraudsters are more likely to pass EV than the actual owners of the identification documents.
Any strengthening of EV rules can often lead to a reduction in onboarding of genuine customers. With that in mind, it is important to consider account origination webpage design, to make it easier for the genuine customers to enter relevant information into the webpage. Visual clues, document samples and confirmation of entered data are all important to improve genuine customer experience.
A driver licence is currently the most frequently used document to open accounts using stolen identities. Applying some restrictions to the use of a driver licence may be of benefit in combatting fraud.
Fraudsters find access to stolen documents, which can be bought online for $180 - $900[4], or they can be obtained from an ever-increasing number of individuals involved in romance scams who often provide their identity documents as part of a scam[5]. However, a combination of documents can be harder to obtain and more expensive to purchase.
Biometric Solutions offered by Equifax can link information on identification documents to an individual’s face. They can be the most reliable customer verification tools. When combined with a use of EV, a fraudsters’ ability to use someone else’s identity documents is dramatically reduced.
In-house Analytics is an essential tool to periodically review fraud patterns and adjust response plans, as well as any system rules. ‘Set and forget’ systems and processes are ill-equipped to combat fraud. As all fraud types continue to grow, continuous financial and operational investment into fraud prevention and detection is imperative.
Identification and review of common fraud patterns, which change regularly, is important for all businesses.
Staff Training and Knowledge Sharing is another proven tool in combatting fraud. Front line staff training has been proven invaluable in identifying customers that may be involved in scams or are acting fraudulently.
Conclusion
Fraudulent account opening is an industry-wide problem that is not unique to the finance sector nor Australia. It is likely to continue until significant improvements are made across the industry, by State and Federal governments, in technology and data ownership and protection by the individuals. At which time, the use of stolen identity is likely to move to the use of synthetic identity, seen in other markets such as Canada and the United States.
Equifax has a range of products and services that can help businesses balance effective customer onboarding and fraud mitigation needs. Contact us to find out more.
- ACCC – Targeting scams. Report of the ACCC on scams activity 2018
- https://www.financialfraudaction.org.uk/fraudfacts17/; https://www.biocatch.com/blog/faster-payments-faster-fraud; https://www.pymnts.com/news/2017/faster-payments-faster-fraud-biocatch-u...
- Non-credit accounts
- https://www.theherald.com.au/story/2215768/police-warnings-over-buying-d... https://www.news.com.au/technology/online/security/inside-the-dark-web-w... https://www.theguardian.com/australia-news/2017/jul/04/the-medicare-mach...
- ACCC – Targeting scams. Report of the ACCC on scams activity 2018