Potential Fraud Risk Management Pitfalls for Banks and Fintechs

BY CHRISTINA HUNT-FUHR



Fraud is everywhere in financial services. It’s increasing in both volume and cost, now accounting for up to 5% of financial institutions’ annual revenues. As just one example, criminals laundered $8 billion through cryptocurrency alone in 2021, an increase of 30 percent. The many and varied financial programs rolled out to provide pandemic relief brought with them an unprecedented spike in fraud that prosecutors and regulators are still trying to unravel.


With traditional fraud prevention solutions falling short, financial institutions and fintechs are increasingly turning to technology, using AI, ML, data filters and other automated solutions to prevent fraud. According to one report banks spent more than $217 billion on AI fraud prevention solutions in 2021.


You’d think regulators would support such efforts, and generally you’d be right, but as recent Consumer Financial Protection Bureau (CFPB) and Office of the Comptroller of the Currency (OCC) enforcement actions against Bank of America (BofA) demonstrate, fraud prevention is a balancing act. Regulators are generally in favor of fraud risk management activities that reduce risk to a company’s earnings and capital from fraud losses - but they are also (and increasingly, since the Biden Administration took office) focused on preventing harm to consumers. These consent orders make clear that however well-intentioned, fraud risk management activities that result in consumer harm can lead to significant UDAAP concerns and expensive consequences.


I recently broke this down for an article here but the bottom line is - banks and fintechs should carefully review their fraud risk management programs in the wake of these actions.