Quick and easy is invariably better than cumbersome and time consuming, so, of course, businesses would rather submit borrowing requests electronically than sit with a lender to sign and verify stacks of documents. And from a lender’s perspective, automating underwriting makes smaller loan requests more cost efficient.
But speed comes with risks: The process opens new opportunities for fraud.
“When there’s very little human interaction, ‘synthetic identity’ fraud comes to the forefront,” says Brad Day, chief compliance officer for Live Oak Bank, a Wilmington, North Carolina, bank with $8 billion in assets.
One such scam involves a synthetic individual identity—in which criminals carefully curate scraps of real data, like one person’s Social Security and another’s mailing address—and attach that fake identity to a legitimate business. Another entails a synthetic business identity, constructed using fake bank and financial documents, perhaps layered with a counterfeit website or even legitimate articles of incorporation to add credibility.
Another fraud iteration thriving in cyberspace is “loan stacking,” whereby several fraudulent loan applications are submitted in quick succession through multiple platforms.
“First-party” fraud—a real business borrower is typically so desperate for an injection of funds that he or she inflates financials and other documents, sometimes also with the intent of not paying back the loan which existed long before digital loan platforms arrived on the scene—is also a concern in today’s electronic lending environment.
Gauging fraud is inexact science
In 2019, David O’Connell of consulting firm Aite Group surveyed lenders across all types, some fully electronic, and found that 33 percent of SMB lenders estimated that one percent of their loans were fraudulent. “But I think it’s a conservative estimate,” O’Connell says.
At many banks, small business lending isn’t fully electronic, with lending officers or other bank personnel inputting information specific to the business borrower and taking other manual measures.
But ever more sophisticated scammers can find their way even into electronic lending systems with some human oversight, says Shaun Murphy, EVP and COO at Freedom Bank, a $750 million bank in Fairfax, Virginia, that concentrates on commercial.
Bank practices developed from the expertise in AML and BSA, risk and compliance, credit risk, tech and business lending teams maximize fraud prevention expertise, Murphy says. He points to recent coordination of Freedom’s technology and operations experts to work with the bank’s loan origination system vendor to develop an API for its CRM. By seeing where all applications are in the approval process, suspicious activity can be more readily identified bank-wide.
Cultivating a questioning mind-set
Banks are increasingly investing in anti-fraud technology and taking advantage of innovations such as AI, which can analyze a scanned beneficial owner document for suspect language, notes Neil Katkov, who oversees risk and compliance for consulting firm Celent.
Live Oak Bank, which began in 2008 strictly serving veterinary practices, now has expanded to some thirty other business domains, like agriculture and insurance. Loan officers who question any aspect of a particular borrower’s documentation reach out to the domain experts in that industry, Day shares.
Automated processes don’t change the age-old task of paying attention to fundamental credit discipline, says Murphy. Just pulling a Dun & Bradstreet credit report can reveal that there’s no such business at a specific address, he explains.
A physical check of an address, which can reveal that a supposed thriving business is actually an abandoned building, may not be time-efficient, Katkov says, adding that a close examination of a Google Maps view can yield the same insight.
An institution’s culture is key to cultivating individual investigative initiative, says Murphy. “You don’t want a ‘gotcha’” attitude, where there’s blame attached to incidences of fraud. “Everyone has their role, and there should be a healthy respect for the people who perform those roles.”
In this month’s BAI Executive Report, we examine where things stand with fraud protection and how it can be done more efficiently and effectively, including looking at the role of both humans and technology in fraud prevention strategies. Download Now...
A strong authentication process is key to mitigating mobile phone fraud and distinguishing legitimate customers from fraudsters. Don Smith, product manager of global fraud solutions at Neustar, a TransUnion company, spoke with BAI about strategies to strengthen customer authentication....
Compliance training and professional development courses that are efficient, effective and on-point. Give your people the latest industry-approved tools they need to improve performance, reduce operational risk and better serve your customers.