BankThink

Sharing information is the best defense against AI-enabled fraud

BT on best defense against AI-enabled fraud
As any fraud-fighting veteran knows, combating fraud is a perpetual arms race, and generative AI has destabilized the status quo, writes Tom Oscherwitz, of Informed.IQ.
Who is Danny - stock.adobe.com

Recently the Treasury Department issued an ominous report warning banks they are at risk of emerging artificial intelligence fraud threats. The culprit, Treasury says, is a failure to collaborate. The report warns that lenders are not sharing "fraud data with each other to the extent that would be needed to train anti-fraud AI models."

This report should be a wake-up call. As any fraud-fighting veteran knows, combating fraud is a perpetual arms race, and generative AI has destabilized the status quo. The same technology that helps people write song lyrics, plan vacations, draw pictures or improve their software coding is now being used to commit financial fraud. An aspiring fraudster can now purchase an AI chatbot on the dark web, called Fraud GPT, to create phishing emails and phony landing pages.

According to the Treasury report, new AI technologies are "lowering the barrier to entry for attackers, increasing the sophistication and automation of attacks, and decreasing time-to-exploit." And Treasury is right to point out that lenders need to collaborate to ward off these attacks. While they offer few solutions on how lenders should collaborate, the logical place to look is fintechs.

Despite advancements in AI for transaction monitoring, financial institutions share little in the way of fraud data, undermining efforts to combat crimes including check fraud.

April 2
Fed Pivot To Rate Cuts Raises Optimism For Quicker IPO Revival

B2B fintechs are already building platforms that allow lenders to see emerging patterns as well as fraud threats outside their portfolio. It took companies like FICO and its Falcon software to corral transaction fraud. I worked at ID Analytics in the early 2000s when we created a consortium of identity information with major lenders to turn the tide on identity fraud. Today's fintechs hope to repeat these successes.

Just in the past few years, several fintechs including Experian, Early Warning, InformedIQ and Sardine have constructed fraud consortia. So, how can lenders help these efforts and benefit? Partner with these fintechs where it makes the most sense to your business.

Collaboration is critical to building datasets large enough to see emerging AI-generated fraud trends, to identify the subtle anomalies in financial data and documents that indicate manipulation and to have a global view of applicant behavior.

Bankers should look for a consortium partner who has a solution relevant to your fraud risk that is built on data that you can't easily acquire elsewhere. If you're a large bank, you want to share data with your peers, and also at credit unions, and small-dollar lenders. If you're a smaller player, you definitely want to tap into broader industry sources. Fraudsters tend to rinse and repeat. Fraud tools come in a variety of guises such as identity fraud, account takeover, insider fraud, first party fraud, document fraud and income fraud. So, also think about your business priorities and which fraud prevention solution closes needed gaps.

Is the consortium sufficiently large to solve a piece of your problem? If a fintech doesn't have sufficient volume to justify your participation, what is their pathway to get there?

How does it stack up against competitors in the same space? If a company's data mirrors another's solution, you should assess whether there is value to participating in both groups. To some degree, this is less important because it's OK to layer fraud solutions on top of each other.

How good are the technical chops of the organization you are working with? Take a hard look at its tech stack. Fraud is constantly dynamic. You want a team that can react as emergent AI fraud risks branch off into new directions.

And finally, carefully review the compliance controls the fintech has in place to manage the consortia. Just as lenders are stewards of customer data, fintechs are the stewards of your data. Make sure the fintech has adequate controls in place, is trustworthy and understands its obligations.

Treasury is right about the emerging AI fraud threat. Fintechs hold the key to fighting back.

For reprint and licensing requests for this article, click here.
Artificial intelligence Fraud Fintech
MORE FROM AMERICAN BANKER