Reducing Scam and Mule Fraud Risk

To combat this growing threat and to comply with the Monetary Authority of Singapore (MAS) and Infocomm Media Development Authority (IMDA) new fraud prevention regulations, the bank has deployed LexisNexis® ThreatMetrix®, unifying key components of risk technology into one holistic decision engine, that leveraged the use of Open Smart Learning, the self-service AI capability of ThreatMetrix®.

Goals:

The bank sought to achieve the following objectives:

1. Tackle Digital Fraud: Combat scams, account takeover (ATO) fraud, and money mules across multiple touchpoints (logins, detail changes, payments).
2. Meet Regulatory Requirements: Ensure compliance with the Shared Responsibility Framework (SRF), which mandates financial institutions to implement real-time fraud surveillance systems by mid-2025.
3. Improve Fraud Detection Rates: Enhance detection of complex fraud scenarios, reducing financial losses and reputational damage.
4. Leverage Machine Learning: Utilize machine learning to automate fraud detection, improve accuracy, and reduce operational costs.

Solution:

The bank implemented the advanced machine learning ThreatMetrix services to improve its fraud detection capabilities. Key features of the solution include:

1. Scam Detection: ThreatMetrix provides advanced tools to detect and prevent scams. Through real-time data analysis, ThreatMetrix can identify high-risk transactions, where victims are tricked into authorizing payments to fraudsters under false pretenses. It can efficiently help identify:

• Job Scams: Fraudsters posing as employers to trick victims into paying fees for non-existent job opportunities.
• Ecommerce Scams: Fraudulent online retailers or sellers convincing victims to make payments for goods or services that are never delivered.
• Phishing and Impersonation Scams: Fraudsters using deceptive methods to obtain sensitive personal information or financial credentials.
• Romance Scams: Fraudulent schemes where attackers build fake romantic relationships with victims to convince them to send money.
• Investment Scams: Scammers offering fake investment opportunities to persuade victims to transfer funds for fraudulent ventures.

2. Advanced Machine Learning: The bank leverages advanced machine learning services from ThreatMetrix that continuously evolve to detect new fraud patterns. Using SHAP (Shapley Additive Explanations), these models provide interpretability, enabling organizations to understand the reasoning behind each risk decision (e.g., large payment made to risky beneficiary while on an inbound call).

3. Scalability and Flexibility

• Versatility: ThreatMetrix allowed the bank to build multiple machine learning models targeting different fraud vectors, enabling scalable and flexible fraud management. For instance, a specific model can be tailored to detect BEC scams, while another model can focus on romance scams or crypto fraud.
• Adaptability: As fraudsters evolve their tactics, ThreatMetrix can adjust and incorporate new fraud detection techniques.

4. Real-Time Fraud Surveillance: With real-time fraud surveillance capabilities, the bank can monitor transactions as they happen. This is critical for preventing fraudulent payments before they are completed, especially in scenarios involving urgent and high-value transactions that are common in scams..

5. Regulatory Compliance: The new Shared Responsibility Framework (SRF) for phishing scams, effective December 16, 2024, requires financial institutions to implement advanced fraud surveillance systems. The ThreatMetrix service delivers a robust solution that ensures compliance with these requirements. By deploying real-time fraud detection systems and implementing fraud prevention measures, the bank is well-positioned to meet the regulatory expectations ahead of the mid-2025 deadline.

6. Data Explainability and Governance: To enhance transparency, ThreatMetrix uses SHAP to simplify model outputs into less than 20 reason codes. This allows fraud analysts to understand why a transaction was marked as fraudulent, ensuring a transparent and accountable decision-making process. The bank also benefits from easy-to-use model monitoring and retraining capabilities, ensuring the models remain relevant and accurate.

Implementation:

The bank deployed ThreatMetrix through a phased integration process, ensuring minimal disruption to customer service and internal workflows. The fraud detection models were initially focused on high-priority fraud types such as account takeover, before expanding to other fraud scenarios such as scams and mules. A dedicated fraud management team within the bank is now responsible for monitoring the system, retraining models, and responding to alerts in real-time.

Key Performance Updates:

• Protection Across Touchpoints: Machine learning models now safeguard the bank against authorized payment scams, ATO fraud, and money mules across logins, details changes, and payments.
• Fast Deployment: A mule fraud detection model was built and shadow-deployed in 1 day, going live within a short timeframe of 21 days after validation.
• Significant Impact on Mule Fraud: Weekly average mule payment attempts were reduced by more than 80% after the mule detection module was deployed.

Results:

1. Reduced Fraud Losses: The bank detected several million dollars in fraudulent payments within the first quarter of deployment, significantly reducing successful scams.
2. Improved Detection Accuracy: The bank detected over 60% of scams, 80% of ATO fraud, and 80% of mule fraud, minimizing false positives and allowing legitimate transactions to proceed with minimal friction.
3. Regulatory Compliance: The bank successfully implemented the real-time fraud surveillance required under the Shared Responsibility Framework (SRF), positioning itself to meet the regulatory deadline of mid-2025 with a well-established fraud prevention system.
4. Operational Efficiency and Cost Reduction: Machine learning-driven automation reduced the need for manual reviews, leading to over 2000% ROI and improved operational efficiency.

Conclusion

By adopting advanced machine learning capabilities of ThreatMetrix, the bank enhanced its ability to detect and prevent scams. The versatile and scalable system not only improved fraud detection rates but also ensured compliance with Singapore's evolving regulatory landscape. With real-time fraud surveillance, machine learning-based models, and an easy-to-understand SHAP interpretability framework, the bank has successfully strengthened its fraud prevention capabilities and operational efficiency, leading to better protection for both customers and the financial institution.