Scams have become big business in Australia, thanks to a lack of a standardized approach in addressing them. That is set to change, with the Australian Competition and Consumer Commission approving a move for the financial sector to share insights and collaborate on new industry standards.
Scams cost Australians $3.1 billion in 2022 — an 80% increase over 2021. $1.5 billion came from investment scams, with remote access scams ($229 million) and payment redirection scams ($224 million) rounding out the top three.
Now, thanks to a recent decision by the ACCC, Australian banks will be allowed to collaborate on the development of industry standards to combat these threats.
This authorization is only an interim one for now and has been enacted quickly because the ACCC is concerned about scam acceleration. It means that all Australian Banking Association member banks — which includes all of the “big four” retail banks as well as large international players such as J.P Morgan ANZ, HSBC and MUFG — have been given leave to coordinate a response to scam prevention and customer redress.
This is also a response to the federal government’s upcoming legislation for a cross-industry code that will be imposed on banks, telcos and social media platforms in the near future. The ABA has proposed that a bank industry standard in this area can form the building blocks of the legislated cross-industry code.
Jump to:
Collaboration is essential to combat scams
The ACCC said in a statement on why it granted the interim authorization, “ … a coordinated response across government, law enforcement and the private sector is essential to effectively combat scams that are evolving rapidly and with increasing sophistication.”
The Australian banking sector, for its part, has already been looking for ways to work together to combat fraud. In May, 17 banks announced that, thanks to a collaboration between them, they had been able to halve the time it takes to identify and block payments to scam operators.
This effort is powered by the ABA’s Fraud Reporting Exchange. This initiative cross-matches data between participating banks and allows for nearly real-time communication of fraudulent transactions across the network.
Other government initiatives, meanwhile, include the new National Anti-Scams Centre, which went live on July 1. This organization will enable faster sharing of information, so police and regulators can act on scams more quickly. There will also be an Australian Sender SMS ID registry that will provide a “whitelist” of phone numbers that can be used to block scam calls and SMS messages that supposedly come from government agencies.
Banks could be doing more
Despite all of this, there are calls for Australian banks to do more. The CEO of the Consumer Action Law Centre, Stephanie Tonkin, pointed out that scams weren’t eating into bank profits.
“Despite their increasing profit margins, the major banks continue to underplay a crisis that is affecting thousands of their customers and causing untold financial and emotional distress in the community,” Tonkin said. “Banks argue that it is the individual’s responsibility to recognize and prevent scams, even though scams are becoming increasingly complex, elaborate and sophisticated — often impersonating or replicating the banks’ own platforms.
“Customers who lose money this way are rarely reimbursed by their bank, and if they are, the amount is often a small proportion of that loss.”
However, there’s more to the issue than simply throwing money at it. Banks often face the tension between security and meeting customer expectations around the user experience. Some banks are turning to AI as a possible solution. In July of last year, Commonwealth Bank announced the use of AI technology to detect suspicious and unusual behavior on its platforms.
Globally, there’s also a big push towards biometrics as an “unbreakable” approach to security. This will put new pressure on security teams within banks, as biometrics need to be stored within the institution’s systems.
However, in an often-cited example of how effective it can be, Hong Kong and Shanghai Banking Corporation reduced $500 million in fraud using consumer voice and its VoiceID tech. AI can be applied here too, as it’s possible to train algorithms on user behavior and mannerisms to detect and flag unusual behavior of users.
PwC’s five steps toward combating fraud
Across all of financial services, PwC Australia believes the crux of the problem is simple: Scammers are getting better at their jobs, and ad-hoc approaches to security and fraud prevention won’t cut it.
In addition to collaborating on a whole-of-sector approach, bank security teams need to redouble their focus in five key areas.
1. Understand fraud risks and controls
Financial services security teams could be more proactive with addressing fraud risks. This assessment will also highlight controls that may introduce excessive friction in the customer experience and highlight how the organization might approach rationalizing the two.
2. Maintain rigorous identity verification and authentication processes
PwC research found that know-your-customer failures remain the most disruptive issue for many financial services organizations, perhaps explaining why so many are turning to AI. After all, being able to quickly detect and flag unusual behavior and questionable onboarding is the quickest way to minimize the risk of a KYC failure.
3. Invest in a cohesive detection tool set
PwC finds that Australian financial institutions continue to lag other regions with investing in fraud prevention and detection technology. This is beginning to change with these recent steps around collaboration. However, there’s still a need for banks to look within themselves, apply AI and machine learning, and build more robust customer intelligence around authentication, transaction patterns and biometric data.
4. Introduce auto-blocks for high-risk scam activity
While it might compromise the customer experience to an extent, it’s important that financial services companies automatically block online payments that are deemed to be at “high risk” of scams — for example, payments to online retailers known to be linked to scams. This allows financial services organizations to alert a customer of a scam concern and then check if they want to proceed. As an added benefit, the customer’s response can feed into the behavioral analysis to allow for better identification in the future.
5. Educate customers
Financial services are becoming more proactive in warning customers about security threats. However, there’s yet more that can be done on an ongoing basis to ensure society is aware of each new development in scams, as criminals become evermore sophisticated.
Cross-banking collaboration aims to leverage technology to combat scams
Addressing Australia’s financial services scam epidemic will rely on all levels working in collaboration with regulators, the financial services themselves and consumers. However, ultimately beating scammers means leveraging technology to ensure human error — which scammers typically rely on — can’t be capitalized on. This means facilitating real-time sharing of data across the sector and the use of AI to proactively identify and flag high-risk interactions.
About Author
