Industry Thoughts

3 strategies to fight fierce fraud tactics in 2024 from Bill.com & BHG Financial

minute read

As we approach 2024, many banks and fintechs find themselves in the unenviable position of fighting fraud on two fronts.

As discussed in our recent webinar, Fraud predictions for 2024, the industry is expected to experience a surge in first-party fraud as individuals navigate a challenging economic landscape. At the same time, sophisticated digital tools, such as generative AI, are giving rise to an uptick in advanced third-party fraud.

Though first- and third-party fraud may differ in terms of the attacker’s strategy, techniques, and rationale, the reality is that successful defense across both categories comes down to three key elements: a culture of continuous learning, a collaborative approach, and advanced technologies to give human reviewers superhuman powers.  

In this post, I’ll review some of the recommendations from my fellow webinar panelists Maria Pukhovskaya, Senior Manager, Threat Intelligence, Bill.com, and Michael Coomer, Manager, Fraud Management, BHG Financial— to help organizations identify emerging fraud tactics and continually outsmart fraudsters of all kinds.

1. Continuously monitor and investigate your fraud controls

The fraud landscape is constantly evolving — and that means companies need to commit to continuous learning.

“To effectively prepare for what’s coming, you need to have a good baseline of your controls and systems and where any weak points may be,” said Maria. “When our team experiences a case of known fraud, we do a deep dive and figure out how the actor circumvented our controls.”

A close examination of new or creative fraud attempts provides Maria and Bill.com a better understanding of the methodologies and mindset of fraudsters and how they should adapt their defenses as a result.

Even for companies with a strong track record today, it’s important to continuously evaluate systems within the context of the landscape to maintain or even increase their edge.

“Never rest on your laurels,” said Michael. “Don't let your systems stagnate. Look back to what you previously implemented, reevaluate, and optimize your existing thresholds so that you can address new attack vectors as they emerge.”

2. Get connected with virtual or in-person fraud-fighting communities

One of the reasons fraudsters have become more successful in recent years (capable of pulling off more complex attacks) is because they are working together — sharing tips, techniques, and information among themselves just like any professional network would (albeit via the dark web).

Equally importantly, when these fraudsters discover a technique that works, they will use it over and over on new targets, big and small, until would-be victims get wise to the scheme.

And that’s why collaboration as an industry is so important. According to Maria, organizations should assume the same collaborative mindset to fight fraud effectively, banding together, learning from each other’s experiences, and sharing best practices. In so doing, it becomes more difficult for fraudsters to successfully launch the same attack across multiple targets without running into any resistance.

“Bad actors are organizing decentralized rings that are constantly evaluating what is and isn't successful,” said Michael. “They do as much ROI analysis as we do as professionals and they adjust their approach accordingly. As an industry, we need to do the same.”

Maria recommends joining industry groups, such as the Financial Services Information Sharing and Analysis Center (FS-ISAC), which is a global industry consortium dedicated to reducing cyber-risk in the global financial system, to provide the organization with both a sounding board and an alert system.

“We found it extremely valuable to make those connections,” said Maria. “We are all on a common mission to eliminate and exchange intelligence about fraud.”

3. Adopt the latest advancements in AI and machine learning faster than fraudsters 

Fraud is a very human crime that requires a very high-tech approach. If companies want to fight fraud successfully, then they need to incorporate advanced technologies, such as AI, into their defense strategy for 2024.

This is critical since so many signs of fraud — like document manipulations or patterns across multiple data streams — are impossible to detect with manual reviews and traditional tools.“It’s important to equip frontline teams with the right tools,” said Maria. “AI is something that fraudsters are using, and it’s becoming harder to detect. Having the team be equipped with the tools that can counter those incoming pressures is becoming more crucial. If companies want to stay ahead, it’s an investment that needs to be made.”Another huge advantage of using AI-enabled technology is that the security defenses will evolve and strengthen over time.

“Vendor partnerships are incredibly important,” said Michael. “They are critical to our existing intelligence and investigation teams. Partnering with companies like Inscribe helps supplement our resources, allowing us to stay lean while also scaling our capabilities. It helps us close the gap and stay ahead of the curve.”  

With the new year shaping up to be a challenging year for banks, fintech, and financial institutions of all kinds, it’s more important than ever to take clear steps to protect themselves against fraud and set themselves up for healthy growth. With these three best practices, organizations will be on their way to fighting fraud on both fronts in 2024 and beyond.

If you’re ready to take your first step to reduce risk and grow revenue with an end-to-end Risk Intelligence solution, speak with a member of our team. Or, test drive Inscribe for yourself with our interactive product tour.

  • About the author

    Andy Bernard is a Senior Product Manager at Inscribe AI. He has previously served as the product lead for financial crime compliance at Checkout.com, in addition to roles with Hotels.com and HSBC. Andy has his Bachelors from University of Warwick and has a professional degree in banking practice and management from IFS School of Finance. He currently resides in London, England.

Deploy an AI Risk Agent today

Book a demo to see how Inscribe can help you unlock superhuman performance with AI Risk Agents and Risk Models.