The future is collaborative
Collaboration and the sharing of data and intelligence is widely accepted as the best method of combatting digital fraud – we have seen clear evidence of success in detecting and preventing financial crime through the near real-time sharing of suspicious activities linked to devices, digital identities, or mule accounts. A recent report, The Future of Digital Trust, predicts that collaboration and data sharing will increasingly play an essential role in fraud prevention . The report imagines an ‘authentaverse’ – a world where organizations share intelligence, facilitated by shared databases and data consortia that act as independent arbiters.
The significant barriers to achieving this are data protection regulation, and commercial sensitivity. In other words, institutions need to exchange competition for collaboration, and policymakers need to provide a legal framework to support them as they do.
Data sharing in the real world
Information sharing – in the form of a public/private arrangement, for example, or a consortium between stakeholders – takes us a significant step forward in the fight against digital fraud. But in our experience, financial institutions are reluctant to explore data sharing if the rules are unclear – particularly the rules around information that can and cannot be shared, and the liabilities attached to disclosure.
Exact requirements vary by jurisdiction but generally, banks and other institutions are restricted from sharing information under a combination of banking regulation, data protection laws, and regulatory guidance. As a result, the current industry standard for cross-border data sharing is a tokenized approach, where no personal data is shared.
Institutions need to be able to share a wider range of information in near real-time if they are to intervene to block or delay payments of a highly suspicious nature, in particular when cybercriminals operate fraud and mule networks in multiple jurisdictions. That means that an effective data sharing framework that works nationally and across borders has become essential – but how can policymakers make this a reality?
Ingredients for effective insight sharing
An effective information sharing framework requires three essential elements:
- Digital footprint. Increasingly sophisticated techniques used by fraudsters, including synthetic and fake identities, cross-border networks and multiple linked devices, are difficult to detect and require a rethink of fraud prevention strategy. Leveraging fraud intelligence within a data and intelligence sharing arrangement, which might include device information or IP address, and an email address or phone number as well as standard information such as an account number, enable businesses to build more reliable and robust fraud defenses to distinguish between genuine users and bad actors. It is essential that any information sharing arrangement includes the digital footprint of an event or transaction.
- A consistent approach. Institutions have their own methodologies and technologies to assess risk, but to be effective, information sharing arrangements need to be as standardized as possible in order to build trust in their use. A national information sharing arrangement should be complementary to the existing regime for reporting suspicious transactions. Asset and risk classifications, for example, should be consistent across both.
- Legal protection. If institutions are encouraged to share data and intelligence in order to prevent fraud and financial crime, setting the appropriate level of legal and data protection helps encourage institutions to participate in the information sharing arrangement.
Jurisdictions on board
Fraud is costly and harmful for customers, institutions, and risks undermining public confidence in digital financial services. Information sharing between institutions is seen as a critical and effective tool that will help the financial services sector and governments worldwide fight back. The UK’s National Crime Agency, for example, recently
extended a pilot data sharing scheme with seven major banks, which it believes is helping to combat organized crime, and several jurisdictions, including
Hong Kong, are considering legislative changes that would facilitate information sharing between institutions.
LexisNexis® Digital Identity Network®, which analyzes billions of online interactions and delivers actionable risk intelligence, is already helping organizations worldwide tackle fraud and complex cybercrime. To fight back against the rise of online fraud, we need to harness the power of data – together.