As fraud typologies become more complex, , it is harder for firms to ensure they have robust detection practices in place. Yet while some red flags cover many fraud types, precise detection requires a forensic approach to pick up on complex, highly contextual, activity. In a constantly evolving risk environment, how can firms ensure they are detecting fraud proactively, efficiently, and accurately?
Common Red Flags
Customer behavior changes are often a core indicator of fraud. Certain changes in customer behavior are clear enough that they broadly apply to most situations. These behaviors apply to many cases, making it simpler to create traditional rules to catch them. For example, in the case of elder financial abuse, the American Bankers Association (ABA) has identified 14 red flags to watch out for. These include:
- Transactions suddenly completed for the customer by other individuals – without required documentation (even if they are loved ones or caretakers)
- Account information changes – such as statements sent to addresses not on file for the customer
- Transactions much larger than usual – or that suddenly exceed available funds
Other crimes are more sophisticated, such as account takeover (ATO) fraud. In this situation, a fraudster uses details obtained through hacking or social engineering to gain access to a customer’s account and funds. They then attempt to behave as though they were the customer to avoid detection. Despite ATO fraud’s complexity, certain patterns are commonly visible. For example, changes in a customer’s login behavior could indicate someone else (or even a bot) is attempting to gain access. Other red flags could include changes in typical user routines or IP addresses that don’t match the customer’s normal location.
Similar patterns may occur in the case of digital payment or credit card fraud. In each case, broad changes in historical behavior – like transaction locations, velocities, or amounts – can alert analysts and alerting systems.