Virtual Banking: Weighing better financial inclusion against digital risks

The mind-boggling amount of stolen cryptocurrency shows how vulnerable digital money is. Will virtual banking be any different?

With operating costs significantly lower than those of traditional banks, the arrival of virtual banking is inevitable. One expectation is that virtual banks would boost financial inclusion and address a most glaring requirement: nearly three-quarters of Southeast Asia cannot claim to have a bank account. However, looking past the obvious appeal, are there any foreseeable financial downsides? Can the accompanying risks in countries that are not ready for virtual banking outweigh the benefits for the bankers and their customers? 

Imagine, if fraud is difficult to detect when it occurs in traditional banks, how much more (or less) risk will entirely-digital banks be exposed to? According to advanced-analytics company LexisNexis Risk Solutions, virtual banking entails faster processing and access to data. With the availability of that data comes new opportunity to prevent (or commit) fraud. 

As an illustrative example, a bank in the Philippines lost nearly PhP15.2 billion (around US$299,641,847.00) when investors sold their shares after an incident of fraud. More than two years after the incident, a Congressman in the Philippines has filed a bill on virtual banking regulation, in line with that country’s central bank thrust towards financial inclusion. Incidentally, a study by LexisNexis Risk Solutions revealed that the cost of fraud was 4.01 times the face value of the transactions. Leveraging data would have alerted the bank to risks and the eventual huge loss. One thing is for sure: the must be sufficient controls and remediation protocols to minimize lost transaction value and future costs incurred after any incidence of fraud. 

With the current widening net of financial crime, as well as the new prospects and risks presented by virtual banking, DigiconAsia had a brief chat with Cameron Church, Director of Market Planning, Fraud and Identity Management, LexisNexis Risk Solutions, to get a feel of likely market trends in the year ahead.  

DigiconAsia: When financial crime does happen in digital banks, is this more likely to happen to big depositors rather than private individuals, or is financial crime like a net where even the smallest income earners can be caught?  

Cameron Church: As you know, financial crime occurs in grandiose and bold transactions. However, it also occurs in small and recurring transactions that skim a little as just a few cents from every transaction but repeated thousands and thousands of times unnoticed. Across digital channels, financial crime does not discriminate: it targets accounts regardless of balance value owned by customers of all socio-economic backgrounds. Criminals do not care about who they steal from—they just want to move funds through the financial system to appear clean when it comes time to cash out. 

When the accounts of larger companies are attacked, there is generally a more specific focus on attacking specific vulnerabilities that may exist in their operations, processes or personnel. When the bank itself is attacked directly (along with its client assets), it is usually more indiscriminate, where accounts of varying sizes may be hit. 

However, technology today allows for the capture of small-time and large-scale criminals alike. The ability to use machine learning to monitor statistical anomalies in transfer amounts allows banks these days to monitor client accounts of all sizes. Thus, fraud teams can capture an anomalous transfer out of an account that is below standard alert levels because it is unexpected versus historical behavior. 

DigiconAsia: What “new risks” can be expected when a country goes full-blast into virtual banking—even with regulations in place?

Cameron Church: The absence of face-to-face interactions brings about new challenges and inherent risks that businesses will have to address. The risks can be summarized by one question: How does a financial institution know for certain that the persons transacting are exactly who they say they are?  

Verification and authentication technology available today can greatly augment a financial institution’s fraud detection capabilities. These tools can go as far as detecting whether the consumer is using a new device to transact, if the location from where they are transacting is different from usual, whether the consumer is now typing in a pin code to access their account when they used to use their thumbprint to authenticate transactions on their phone. Security tools can analyze hundreds of attributes to ensure your customers are who they say they are, then flag a transaction the instant something is off. The fraud team can then review and analyze the data for better risk decisioning. 

DigiconAsia: How do you envision the digital banking landscape will be in digitally proactive countries such as Singapore in mid-2021 and five years after?  

Cameron Church: Singapore has been at the forefront of digitization—take NETs, EZ-Link and the world of Grab. By mid-2021, I foresee virtual banks as a widely adopted alternative to the traditional banks. Looking ahead a further five years, they could become the next pillar in the financial services network, just as strong and important as traditional banks—potentially even more so.