While identity theft has been in the modern lexicon for decades, a newer, more insidious and faster-growing variant of identity fraud is taking hold in the U.S.—and it’s costing U.S. financial institutions billions of dollars and keeping fraud executives awake at night.
Unlike traditional identity theft where an unwitting victim’s financial identity, including SSN, name, address, and accounts are breached and taken over to either deplete existing accounts of funds or establish new accounts, synthetic “Franken” identities are built, most typically, by conjoining real information garnered from multiple identities—and sometimes augmented with fabricated information. For example, a legitimate SSN (often stolen from a child or elderly person), another person’s real name, another person’s address and phone number and a new email account controlled by the fraudster may be used to create an “authentic enough” personal identity.
Armed with this identity and enough legitimacy to slip through a bank’s or credit union’s Know Your Customer (KYC) controls, the fraudster is now in a position to establish and bleed fraudulent lines of credit.
The long, slow game
Synthetic ID fraud is the fastest growing financial crime in the U.S., according to McKinsey & Company, accounting for as much as 15 percent of charge-offs in typical unsecured lending portfolios.
What makes synthetic ID fraud so insidious is that it is very difficult to detect—even after huge financial losses occur. Financial institutions (FIs) are often not even aware they’ve been attacked by operators deploying synthetic ID fraud, instead assuming credit losses are simply due to consumers unable or unwilling to repay and then writing off the losses as per the standard procedure.
The fact that, on the surface, these fraudulent customers pass the initial identity sniff test is just one troublesome aspect leading to high financial losses. The other is that synthetic ID fraudsters can take as long as five years to nurture fraudulent account identities, building a certain level of trust with financial institutions before deploying what is known in the industry as a “bust out” where credit lines have been maxed out and then abruptly abandoned.
The stakes are high. Aite Group estimates losses from unsecured credit products resulting from synthetic ID fraud will reach $2.42 billion by 2023. Bank and credit union fraud executives are keenly aware of the problem and the gap in their current fraud detection capabilities. Aite Group’s recent survey of financial services fraud executives shows that synthetic ID fraud is the vulnerability gap they are most concerned with within their institution’s current fraud controls.
So, what can financial institutions do to combat synthetic identity fraud?
A multi-pronged approach
Experts agree the best defense is a multi-layered approach that leverages a wide range of available information—from in-house sources, public records and the digital footprint. Elements from accessible data sources, including financial history, property records, social media accounts, data analytics services, mobile phone number ownership, email address history and more can all be used to build a complete picture of the person presenting themselves to the financial institution and compared against the information presented at account opening. Each piece of information that doesn’t point back to the account originator should be further examined.
Of course, the challenges, as always, are time, staff, and financial resources as well as risking friction that puts good customers and members off the idea of opening an account or applying for a loan.
How, then, can financial institutions minimize the risk of falling victim to synthetic ID fraud while providing a delightful experience to legitimate applicants?
Halt fraudsters, not progress
Effectiv’s turnkey, customizable application and onboarding fraud detection and compliance automation platform help community banks and credit unions stop fraud at the source while minimizing friction for legitimate applicants by eliminating false positives.
Effectiv’s solution does the work in near-real-time it would take a team of already-stretched-thin compliance staff to complete in days—and would stop the application process in its tracks—creating frustration for consumers.
The platform is already integrated with trusted third-party data intelligence providers, so the system is working in the background to confirm that all the data input by applicants checks out when compared against publicly available information sourced from a wide range of records and digital resources as an application is submitted.
Once the check is complete, the application is either approved instantly, flagged for further investigation or rejected.
The unique thing about the Effectiv platform is that its artificial intelligence (AI) and machine learning (ML) models can be customized by FIs as per their risk tolerances – which means the system only gets more and more accurate over time. Something the system may have found suspicious one time can be trained to be disregarded the next time.
The built-in AI/ML also helps ensure optimal workflow productivity and cost-effectiveness. If the system detects that something in an FI’s workflow isn’t generating productive results, it can be eliminated from the process.
The Effectiv platform is the most sensible solution for community banks and credit unions. It’s ready to deploy out of the box but at the same time can be customized with zero engineering intervention. This means it offers the same level of protection and sophistication provided by costly enterprise solutions deployed by big-bank competitors yet at a fraction of the cost.