Four financial crime predictions for 2022
2021’s rise in traditional cybercrime is likely to persist, with new records possible for ransomware, social engineering, identity fraud and money laundering.
The time has come to close another year and look ahead at, what will hopefully be, a post-pandemic 2022.
When it comes to financial fraud, people predicted an explosion in cybercrime during the pandemic due to the global transition to a remote workforce. This did not fully materialize at the height of the pandemic, as fraudsters directed their focus to the COVID-19 relief funds being injected by the federal government into the financial system. Paycheck Protection Program (PPP) loans were particularly targeted.
As the loans and relief programs dry up, we have seen an uptick in traditional types of cybercrime. This trend is likely to continue in 2022 – ransomware, social engineering, identity fraud and money laundering are poised to reach record rates.
We have seen ransomware attacks hit record numbers in 2021, with the FBI warning that there are now 100 different strains circulating around the world.
One memorable ransomware attack in 2021 targeted Colonial Pipeline, creating a regional shortage of gas in the eastern U.S. This incident not only shows that ransomware attacks can completely shut down a company’s operations, but also that it can pose a threat to a well-functioning society.
Ransom payments are also increasing. The average rose to $220,000 in early 2021, up 43% from the fourth quarter of 2020, according to Coveware. While the sums are generally not large for big companies, they can be significant for smaller and midsized organizations.
The increase in ransomware attacks is likely to continue in 2022, putting even the most sophisticated financial institutions at risk. It’s easy to find a ransomware-as-a-service toolkit on the dark web – once that’s done, fraudsters often target the path of least resistance, namely employees and customers/members.
In moving most employees to work-from-home, financial institutions lost some of their critical security controls. This has create more exposure to vulnerabilities like lack of firmware updates, weak local networks and default passwords. People also tend to let their guard down in their own homes, where they are more comfortable and sometimes get distracted.
This is a perfect environment for fraudsters, who are now adapting their tactics and exploiting poor network infrastructures and inadequate cyber and data security.
According to a survey by Deloitte, a quarter of all employees have noticed an increase in fraudulent emails, spam and phishing attempts since the beginning of the pandemic. This is likely to continue in 2022 and beyond, especially since both full-time and partial remote working are likely to stay.
An increase in identity fraud was one of our predictions for 2021, and that forecast continues into the new year.
Greater digitalization in people’s everyday lives significantly increases their exposure to identity fraud. Traditional identity theft is where a criminal uses a person’s real information to create a new identity, while synthetic identity theft involves criminals combining both real and fake information to create a new identity.
Synthetic identity fraud is particularly difficult to monitor and catch, as fraudsters may take years to build a good profile before stealing money and abandoning the identity. According to a report by the Federal Reserve, synthetic fraud is the fastest growing type of financial crime in the United States.
Although the sophistication of controls from financial institutions has increased worldwide, criminals are now spending more time preparing for attacks and using new techniques that leverage today’s more digitalized world.
Once money launderers break through security layers and deposit funds into a financial institution, those funds are extremely difficult to track and identify. This trend is likely to continue in 2022 and beyond.
We also predict a rise in money laundering done through old-school fronts. The hospitality sector took one of the hardest hits from the pandemic, so many restaurants and bars are now in dire straits and are searching for ways to keep their head above the water. This has created an opportunity for money launders.
Although fraudsters are moving quickly, so are the industry’s defenses. Financial institutions are building strong defense programs that are increasingly difficult to penetrate. These include firewalls, real-time monitoring for fraud detection, and backup and recovery programs to mitigate losses.
The financial industry is collaborating better than ever to share active fraud risks. Together, we can work to win for the greater good, keeping consumers and businesses safe and comfortable in their new digital banking experiences.
Rene Perez is a financial crimes consultant at Jack Henry & Associates.