Protect your fintech from fraud… now!

Fintech companies have worse fraud problems than banks

When we talk about fraud, fintechs are often more targeted than traditional financial institutions.

Recent studies have found that Fintechs have been targeted more frequently by fraudsters than banks (118% more fraud attempts according to RiskIQ). They also lose more money to fraud than traditional banks (twice as much fraud losses according to FIS).

This could be explained by three parameters:

First, while most banks exists for many many years, fintech companies are much more recent. As a consequence, their portfolio of customers has less history (hence less data), and the large customer acquisition programs brought in fraudsters among regular customers.

Secondly, fintechs often have less robust and proof-tested security measures and protocols than banks, especially when they start their operations.

Lastly, they also cannot commit the same level of resources to combat fraud.

Anticipate that fraud is going to be an issue from day 1

Our advice to young fintech companies would be to anticipate fraud as much as possible and start thinking about it even before your product is live.

Because the exact day that your fintech product is live, you will start acquiring customers (and fraudsters at the same time).

Fraudsters usually target new platforms. They find ways to create an account in your platform (using stolen ID or falsified documents) and they will use it for scams and money laundering.

Be specifically mindful when you launch referral and acquisition programs. Fraudsters usually spot new fintechs this way and they will not hesitate to take advantage of it.

This is double sentencing for young fintechs who end up spending their acquisition money in the fraudsters’ pocket.

Consequences go beyond monetary losses

Letting fraud become anything else than a top priority on your list can have disastrous consequences, both in the short and long-run.

First, you will spend time reviewing your client portfolio and eliminating false accounts, hence diluting precious internal resources instead of growing your product. Fraud puts pressure on your teams: if you are a young company, chances are high that you are understaffed. Managing fraud is time-consuming and will either put your teams under stress or your management under the pressure to recruit very fast.

Then, fraud attacks will be disclosed one day or another. And when they are, they could tarnish your reputation and damage the fragile trust you are trying to build. This applies to companies of all stages, as you can check with Zelle’s example here.

Finally, if you rely on a bank or a BaaS to distribute your financial product, chances are that they will become more demanding and scrupulous as your portfolio risk increases.

Unfortunately, fraudsters tend to be resentful and fill extremely bad reviews of your offer (on Trustpilot for instance) when they are kicked out of your platform. You definitely do not want them in!

How you can tackle it

The first step is to put in place rigorous onboarding checks. By meticulously verifying the identity of your users, you will be able to sort out fallacious accounts and onboard good customers. To do so we recommend designing a comprehensive process with various checks, leveraging external solutions (like Ubble or Onfido for ID checks), and performing a manual check whenever there is a doubt. Do not hesitate to add additional services providing device fingerprinting and additional checks to ensure repeat fraudsters are definitely kicked off your platform.

Unfortunately, you should expect most sophisticated fraudsters to pass KYC verifications.

This is why you need a second step to properly safeguard your business.

And this is where advanced transaction monitoring and risk-management solutions come into play.

When choosing and implementing such tools we recommend to :

• Define an initial set of rules and make it an iterative process. Your rules should be regularly updated as fraud schemes evolve over time.
• Integrate every data you have at your disposal. Do not limit yourself to transactions. Password change, date of account opening, or customer activity might be as relevant data points as transactions in some cases. This will make your risk scenarios more accurate.
• Perform checks in real time because it will give you the right level of velocity when fighting fraudsters.
• Automate your decision-making (and automatically approve/decline transactions) instead of hiring a large team of analysts to manually review accounts and transactions.

Marble is a real-time fraud and compliance decision engine. Our solution is specifically designed for fintech companies and financial institutions.

Working on risk, financial crime, or financial ops at fintech companies? We would love to chat with you.