Published: November 1, 2024
With 14 years’ experience as a police detective and 7 years’ investigating organised and complex fraud for banks and FinTechs, Keith Finson has seen first-hand the devastating effect financial crime can have on people and organisations.
As Head of Financial Crime at Unity Trust Bank, Keith is passionate about keeping our customers safe. He’s making sure the right controls and procedures are in place to safeguard against criminal activity.
We are helping to raise awareness about Authorised Push Payment (APP) fraud. This happens where people are made to believe fraudulent payments are genuine. Keith explains a bit more about the criminals behind this activity and what banks do to protect their customers. He also shares how everyone can play their part in keeping their money safe.
When it comes to serious financial crime such as APP fraud, we’re not dealing with a individual who has compromised a credit card and tried to buy a pizza. We’re dealing with sophisticated and committed organised crime groups that operate all over the world.
These groups are using masses of compromised personal details to ring up customers and socially engineer them. They are very good at what they do. They have very good profiles on who people are and can target certain demographics.
Over £600 million was lost to APP fraud last year and that’s just what we know about. There’ll be another unseen amount that doesn’t get reported. In terms of prevention, if the banks weren’t putting the provisions in place to protect customers that they are, there would be far more losses.
When APP fraud occurs, it’s usually the customer who is performing the transaction. This makes it inherently more difficult to detect.
If someone has been socially engineered by a group of fraudsters, they may make a number of different payments on behalf of their organisation. However, they’re not going to look too different to when they carry out normal transactions. They’re going to log in from the same IP address, they’re going to be the same person, they’re going to know their passwords. Nothing’s going to flag up so banks have to think outside the box.
Banks look at the way customers interact and profile customer behaviour to see what’s normal and what’s not. If a customer is being engineered, they’re more likely to act under duress, for example, so there are signals that we can look for.
A lot of the stuff that goes on in this space is completely unseen by the customer. It’s a lot more complex than people realise. It’s a combination of intelligence and additional verifiable information pulled from a number of sources. This will be fed into an analyst or investigator and they will work the alert and Unity Trust Bank will make contact if they think they need to.
Take Five is a national campaign offering straightforward advice to help prevent email, phone and online fraud especially where criminals impersonate trusted organisations. It’s key messaging is:
STOP – Take a moment to stop and think before parting with your money or information.
CHALLENGE – Consider whether it could be fake. It’s okay to reject, refuse or ignore any requests as only criminals will try to rush or panic you.
PROTECT – Contact your bank immediately if you think you’ve been scammed and report it to Action Fraud.
Being a former police officer, I would encourage people to be more suspicious when it comes to payments. Be cautious if you receive requests for things like new payment details or getting an unexpected invoice or if there’s been an element of urgency introduced into the conversation.
We are constantly evolving and enhancing our approach to financial crime. But, it’s imperative that customers also look to protect themselves too.
If we work together to combat financial crime – as the police and public work together – it will be far more effective.