Home / Banking Strategies / Lessons from SWIFT’s warning: Three steps to head off cyberfraud

Lessons from SWIFT’s warning: Three steps to head off cyberfraud


Controversy. Doomsday scenarios. Industries in crisis. The media is often accused of thriving on these dire topics, and many more. But in one recent case, the alarm bells did a tremendous service to the global financial community:  It gave a platform of urgency to SWIFT, a global member-owned cooperative leading the way in secure financial messaging services for thousands of financial institutions.

SWIFT’s recent warning to its participating businesses and corporate user group members raised the profile of payment fraud—particularly high-value cyber fraud. Cyberfraud is constantly morphing, seeking an easy path to increase its value potential.

When cyberfraud infests the world of high-value global payments, it poses a real, material threat to the stability of financial institutions—and the global financial system itself. And lack of informed action by financial institutions could trigger a massive, destabilizing episode.

Consider the $81 million cybertheft from the Bangladesh central bank account at the New York Federal Reserve Bank in February. It wasn’t the first fraud perpetrated.  And it won’t be the last.  SWIFT warns that more attacks could surface anytime.

To be clear: The security of the SWIFT network has not been undermined. The threat right now lies in messages initiated to move funds between accounts, which in turn can drive payments for goods and services to the world’s financial institutions.

How might this work?  Imagine criminals hijacking a legitimate account to initiate a fraudulent transaction worth millions of dollars. Yet the stolen funds may have been set aside to meet legitimate obligations. Now the account holder cannot meet obligations due to the fraud. And a cycle of unfulfilled obligations could create a domino effect impacting many organizations—and the entire system. Such undetected large-scale fraud carries with it the threat of gridlock in the financial system. That would impact impacting not only SWIFT members, but large corporations as well.

Yet there is good news: Most of this exposure is preventable in real-time. How? Financial institutions and corporations of every size can protect themselves by taking these three key steps:

1. Monitor transactions that have the potential to impact your business in real-time and incorporate alerts for anomalies.

Specialized software can automatically monitor batch/bulk files as well as individual electronic funds transfer transactions, in real-time across SWIFT and other payment channels. These include Fedwire, SEPA and ACH. Keep in mind all payment channels are susceptible to payment fraud. No one is immune.

When fraud monitoring software identifies potential fraud or other anomalies, the software alerts your fraud team for research and decision making. The most advanced software includes alert screens with a comprehensive view of the risk, including reason codes. It also pinpoints areas for recommended review. Where relevant, alerts may also include hyperlinks; these make it easy to find related information and drill further into risk.

If an analyst determines a transaction is fraudulent, a message can be sent to SWIFT to block it. While monitoring technology is valuable, monitoring alone can result in high false positive rates—which lead to manpower-intensive investigations. And when payments are delayed because they were mistakenly flagged, it negatively impacts the customer experience. Fraud detection and prevention must be balanced with customer expectations of near real-time payments.

Deploy “hybrid fraud analytic models” to detect more fraud and greatly reduce false positives.

Simply put, hybrid models use multiple techniques, algorithms and data sources from historical sources to learn fraudulent behaviors, patterns and anomalies—and better predict future fraud risk. The superior speed and accuracy of these models represents the most effective way to balance fraud management with a peerless customer experience.

An effective model begins with business rules and parameters set by your institution. Using these, predictive analytic models produce “fraud scores” for every payment in real-time—whether high value/low volume, or low value/high volume. This allows you to set a threshold: Payments with a fraud score of X and below, and transaction value of Y and below, flow through unimpeded. Fraud scores greater than X and transaction values greater than Y require further scrutiny.

Hybrid predictive models prove remarkably effective: Typical improvement over traditional models increases fraud detection by 20%, even as the model generates far fewer reviews. The result?  Lower fraud losses and higher NPS scores that tally how often customers recommend your company’s products and services to others.

3. Leverage data to inform the analytics.

With nearly every business scenario, input begets output. And the data that fuels predictive fraud models is critical. Predictive analytic models can be fueled from two sources:  your institution’s data, which is good, and historical data from hundreds of financial institutions. This combination emerges as the most powerful, as fraud tends to seek the path of least resistance. By contributing data to the consortium, financial institutions band together for a common good: fraud prevention.

SWIFT has warned financial institutions to monitor the ever-present risk of cyberfraud—and prepare for more instances of it. If you haven’t completed a cyberfraud risk-assessment lately, do it now. Though the threat is real, the consequences are preventable.

 And if you’ve already taken the above steps, congratulations. You’re ahead of the curve, and a step ahead of the fraudsters.