AI Fraud Systems Frazzled by Covid-19

Banks are reporting a sharp rise in cases of internal and external fraud perpetrated during the coronavirus pandemic – and with typical patterns of behavior among retail and corporate clients turned on their respective heads, detection systems that rely on past patterns of behavior to make predictions are struggling to cope.

In ordinary times, machine learning technology can dramatically improve fraud detection rates by spotting transactions that look atypical of observed customer behavior, cutting the workload of overseers by reducing the false positives spat out by traditional rules-based approaches. Industry sources routinely put the number of false positives in financial crime analytics as high as 90%.

But with footfall in stores and restaurants collapsing to near-zero across many jurisdictions amid the global Covid-19 lockdown, and with online transaction volumes soaring, the tables have been turned: Machine learning programs that depend on learned patterns of behavior are having trouble managing the new data, say banks.

“Machine learning models are going to spit out a lot of false positives, because they’ve been trained based on behavior of volumes from six months ago, and all of a sudden they are seeing abnormally high activity. Machine learning [now] needs to be balanced with rules-based methods,” says Gautam Sachdev, managing director of compliance at Macquarie Group.

Many machine learning models make use of natural language processing techniques to detect market abuse, flag suspicious communications, and artificially learn new behavioral patterns. Older rules-based systems classify transactions according to pre-set criteria such as age, occupation and income, which are determined by analyzing existing data.

The dramatic rise in false positives has massively added to the caseload of fraud prevention executives—banks ordinarily set a fairly high bar for investigating transactions as suspicious—at a time when operational risk resources are already being stretched; but given the scope of the present threat, greater scrutiny is required.

“The number of alerts is extremely high due to the volatility,” says Anthony Amendolare, director of operational risk controls at Bank of America. “Alerts can often be treated as business as usual, but in this environment you need individuals to do proper investigation and classification of alerts, and escalation as needed.”

The Financial Conduct Authority has warned firms to be on their guard to prevent market abuse during the pandemic, adding that the regulator will continue to monitor for market abuse and take action if necessary.

Banks and buy-side firms are cognizant that the potential for market abuse increases during times of increased market risk; when analyzing trade surveillance alerts, companies need to have at their disposal the full range of voice communication records, trade data and employee behavior in order to determine whether a transaction is truly suspicious—a challenge, when so many employees are either working from home or remote trading floors. This requires close coordination between the risk management and trade surveillance teams.

“Whenever there’s a huge downturn, there’s a greater likelihood of market abuse and market manipulation coming into play. We need to take a holistic approach to risk management as opposed to just looking at it from a financial crimes and surveillance viewpoint,” says Sachdev. 

With traders working from home, financial firms are enforcing voice recording and surveillance on personal mobile phones, sources say.

The FCA expects firms to adapt surveillance procedures to the current environment and implement appropriate controls, such as in working from home arrangements. While it expects firms to continue to record calls, it accepts that this may not always be possible. In such situations, companies should take steps to mitigate risks if they are unable to conduct voice surveillance.

On the retail side, banks are experiencing a surge in alerts for suspicious transactions related to the pandemic. The US Department of Justice has warned of scams such as selling fake cures for Covid-19 online, phishing emails from entities posing as the World Health Organization or the Centers for Disease Control and Prevention, malicious websites and apps that appear to share virus-related information in order to lock access to devices until payment is received, and seeking donations to purported charities.