An antifraud culture at nonbanks starts with customers at the center
Antifraud practices for nonbank financial services organizations are industry table stakes. Customers expect organizations to be vigilant fighting fraud, or they wouldn’t feel comfortable entrusting their finances or their personal information with nonbanks.
A successful, holistic antifraud program means building the right culture inside and outside the organization, says Steven Ramirez, CEO of Beyond the Arc. And it starts and ends with keeping the customer top of mind.
In a BAI interview, Ramirez drilled down deeper into the theme of what makes up the desired culture at non-banks. His responses were edited for brevity and clarity.
What are some antifraud practices nonbanks need to know and follow?
Four areas make up a holistic approach:
- Reviewing data and technology.
- Understanding business processes.
- Understanding the employees’ role in preventing fraud and acting on cases where there is fraud.
- Engaging customers as a line of defense.
Beyond strict adherence to regulatory requirements, within each of these areas you should consider steps you can take to strengthen your position to fight fraud. Think about customers. Customers are often a key line of defense against fraud. Make sure your nonbank customers have the transparency and information they need to raise a red flag. The more customers understand their relationship with the organization and the process, the more equipped they are to help fight fraud. Additionally, leveraging data and technology, having the right business processes in place and making sure employees understand their role are integral to a successful fraud prevention and mitigation program.
What about the Bank Secrecy Act and Anti-Money Laundering – and their relevance to nonbanks?
It depends on the specific lines of business you are in. Money laundering is increasing, and nonbank employees need to know the warning signs to protect your organization. Those warning signs can come from customer behavior, lending activity and even employee activities. It is important to have a conversation with your legal and compliance teams. And now increasingly there is a third pillar, which is your operational risk groups as well. These folks can tell you the requirements you need to be meeting.
What does it mean to have a culture of risk and compliance – and how is it cultivated?
A strong culture of compliance is all encompassing. It includes integrating compliance best practices into every aspect of how you do business on a daily basis The ‘you’ is universal. Everyone in the organization has a role to play in helping to manage risk and prevent fraud. Financial services organizations are successful in creating a culture of compliance when leadership can articulate a vision and a clear set of customer experience priorities, and there is an operating model that reinforces that.
What are some best practices for creating the culture?
To build a strong culture of compliance, it can’t be just leadership and managers. It’s critical to activate employees in the fight against fraud. Make sure employees receive ongoing communication and training and know that resources are available to help them do their jobs with these principles in mind. A sense of shared responsibility and accountability is critical. It’s important that adhering to the compliance expectations is included in performance reviews, salary discussions and bonuses. This is not just espousing a point of view but doing business in a different way, that is guided by this set of principles.
What are the top factors to consider when building a fraud prevention program?
First is engaging with internal stakeholders when creating your strategy. Years ago, fraud and risk were more likely to happen in a vacuum, and fraud and risk tended to be the purview of fraud and risk departments. Now there is a need to infuse this into every aspect of your business. To have an effective fraud prevention program, line of business, product management, IT and HR must work side by side with the fraud and risk teams.
The second factor to consider is the strength of your systematic assessment of your organization’s current areas of risk. From this assessment, you can create an inventory of all potential vulnerabilities. You can’t have an effective prevention program if you don’t have that risk assessment.
Third is having a process to design and implement these control activities. It has to start with the customer experience. How are these controls going to impact customers? What are the ways you can reduce friction between the protection measures and the customer? You have to understand that so you aren’t frustrating your customers while you’re trying to protect them.
Another factor is to make sure you’re using data to inform decisions and making sure that internally there is clear, concise communication, and everyone is on the same page. And you need an ongoing process for reporting and investigation with a clear follow-up process that leads to improvements.
How can nonbank organizations be forward thinking to prepare for evolving technologies?
It’s really important to be proactively looking at technology solutions to make your current practices more scalable. That means a move away from controls and practices driven by humans and toward more that are controlled by machine learning, artificial intelligence and robotic process automation. Continuously tracking trends and technology will help nonbank leaders stay up to date and understand what enhancements are right for their organization.
What about preparing for things like instant payments?
Financial services does not sit still. It’s a constantly evolving landscape. You have to make sure your fraud practices keep up. The move toward instant payments is one you have to have on the radar. Today we rely on being able to stop fraud in the process of the transaction. But as we transition to instant payments or even faster payments, that will no longer happen. I imagine we’re going to see a huge uptick in fraud activity once these payment solutions start to hit the market. This is a specific area where we can look ahead to changes we anticipate. That’s why creating the right culture is important. A strong compliance culture helps you detect fraud even when it’s not the kind you have seen before.
Above all else, what’s the one key takeaway when it comes to antifraud practices?
Create an organizational culture that helps increase fraud awareness and prevent fraud. It has to be proactive. It has to be driven by data and supported by an understanding that everyone has a role in helping to prevent fraud.
And it is critical to maintain the focus on the customer experience. What are customers thinking or feeling and what is on their mind? Fraud can either be totally traumatic or it can be an opportunity for creating amazing moments of clarity – and loyalty — in the customer experience.
Amy George is a writer based in Charlotte, North Carolina.