Financial Crime Risk Management Systems: Enterprise Fraud

The anti-fraud sector remains a hotbed of risk management activity. As criminals become ever more technically proficient, Financial Institutions (FIs) find themselves in a constant ‘arms race’, attempting to stay one step ahead. In recent years, the main theme in anti-fraud has been diversity. A wide range of new threats (and possibilities) has emerged, as technological changes inside and outside FIs have exposed them to faster payments, risky intermediaries, and new technical environments that include cloud deployments, ‘container’ technologies and open Application Programming Interfaces (APIs).

Since we last analyzed this market[1], these developments have influenced several prevalent trends in enterprise fraud and the way it is managed:

  • Attempts to integrate fraud have struggled, and it remains a standalone discipline.

While anti-fraud has a number of links with cybersecurity and Anti-Money Laundering (AML), organizations have struggled to integrate their various systems. This is because of fundamental differences in the speed of response (real-time payments vs batch AML reporting, for example), risk appetites and organizational structures (fraud and AML are typically managed by separate departments with asymmetric responsibilities and budgets). And while cybersecurity is increasingly inextricable from anti-fraud – almost all fraud is now at least partially cyber-enabled – it is still often managed by separate investigative teams and technical functions. As a result, as the anti-fraud ecosystem becomes more complex, it remains a largely distinct discipline.

  • The need for speed. Across the world, the time taken to process and clear payments is speeding up, and to respond effectively anti-fraud systems must be both fast and accurate. For FIs, the challenge is to keep pace with the rapidly increasing velocity of transactions within the constraints imposed by their infrastructure (such as their core banking processes or relational databases). 
  • A focus on payments. The payments landscape is evolving quickly; by contrast, other areasof fraud are relatively static. These areas (notably account-based fraud) have a higher burden of proof, and depend more heavily on investigations. Investigating long-term fraud activities is complex, involving the analysis of multiple factors to determine fraudulent activity. Technical and personal experience are highly valued, and incumbent technology providers are difficult to dislodge.
  • The ‘open’ bank. Spurred on by digital innovation, banks are becoming more ‘open’, using APIs and hosted services to reach and manage their customers in new ways. This is feeding into a complex technical ecosystem with a wide variety of approaches and processesand little standardization. In turn this is creating specific ‘technological niches’ and new potential hiding places for fraudsters.
  • New financial providers are emerging as payment channels evolve and become more streamlined. While these newcomers are unlikely to dislodge incumbent FIs (at least in more developed economies), they add another layer of complexity in monitoring the potential gaps between merchants, intermediaries and customers. They also require risk management and anti-fraud capabilities, which may be built into their systems or provided by vendors.

The impact of these trends on the anti-fraud marketplace is clear. As the market expands, it is becoming ever more diverse, leading to a split in the vendor landscape. Incumbent vendors, with their deep risk libraries and powerful and flexible case management systems, remain difficult to dislodge, and continue to dominate investigative and account-based fraud. The faster-moving, more flexible payments market, meanwhile, is attracting new entrants that are taking market share in areas such as payment fraud, advanced analytics and infrastructure. And as banks open up and new FIs emerge, vendors are becoming more focused, matching their offerings to APIs, core banking infrastructure and ‘container’ technologies used to deliver packaged applications.

Pre-existing and new vendors – even FIs themselves – will jostle for space. Whatever section of the market they cater to, vendors must increasingly be able to integrate their solutions quickly and efficiently with FIs’ systems, and/or provide their own advanced technologies to process risks in real time. Finally, success will be at least partially dictated by geography, with rapidly growing banking (and therefore Financial Crime Risk Management [FCRM]) markets – such as India – offering fertile ground for all vendor types to make their mark.

This report uses Chartis’ RiskTech Quadrant® to explain the structure of the market. The RiskTech Quadrant® uses a comprehensive methodology of in-depth independent research and a clear scoring system to explain which technology solutions meet an organization’s needs. The RiskTech Quadrant® does not simply describe one technology solution as the best risk management solution; it has a sophisticated ranking methodology to explain which solutions would be best for buyers, depending on their implementation strategies.

This report covers the leading vendors of enterprise fraud solutions: ACI Worldwide, Argoscope, Ayasdi, BAE Systems, Booz Allen Hamilton, BPC, CustomerXPs, EastNets, Featurespace, FICO, FIS, Fiserv, IBM, LexisNexis Risk Solutions, Manipal Group, NetGuardians, NICE Actimize, Oracle, Pelican, Quantexa, SAS, ThetaRay and Wolters Kluwer.

[1] See the Chartis report Financial Crime Risk Management Systems: Market Update 2017.