Unite to win | KPMG | UK

Unite to win against financial crime

Unite to win against financial crime

Divided we fall: why communication and collaboration is the best weapon against cyber and financial fraud threats.

1000

Also on KPMG.com

Unite to win against financial crime - people in business suits forming a pyramind

Forget Airbnb and Uber: the ultimate business disruptors are the cyber criminals.

Composed of a network of specialists that collaborate and innovate 24-7, organised cyber crime has just one aim: to break down existing systems, find vulnerabilities and make a lot of money.

And it seems to be working: fraud and cyber crime are now the UK’s most common offences. More than five and a half million such incidences are thought to occur each year, according to the annual Crime Survey of England and Wales.

But what cyber criminals are exploiting is not just code, hardware and human gullibility. What they’re really exploiting are out-dated business structures and processes on the part of their victims.

Fraud team + cyber security team = a better response

For example, take the hard line between fraud and cyber security teams. Historically the cyber security function has existed within the Technology capability, while the fraud team sits in Financial Crime. 

The two functions fail to work together effectively in most organisations. But the bulk of cyber crime IS financial crime… otherwise, why would you do it? 

And because of this division between two teams, the exchange of information is stifled and the speed of response is slowed. Also, the ability to investigate lacks agility and genuine insight into the latest cyber crime tactics. 

The more collaboration and cooperation there is between functions, the more effective companies can become in tackling the threats. 

What does this look like in practice? In the finance sector, some banks are appointing a single person to unify responses. They’re also creating joint teams that bring together expertise from different areas of the business. 

It’s about encouraging the sharing of information and approaching the threat in a much more joined-up way.

There are several benefits to this approach: for example, more efficient incident responses, where fraud and cyber security experts work together to fix problems or respond to attacks quickly. 

Another upshot of this approach can be better intelligence-sharing and more accurate scoping of internal threats such as the ‘inside man’ assisting external criminals. In such situations, the cyber security team will spot suspicious behaviour first, but the fraud team will have the know-how to investigate what’s really going on.

Scroll down to continue reading...

Time for some social work

Another weakness that cyber criminals are exploiting is the space between the company and the customer

Banks need to ensure customers understand how to protect themselves. But they also need to understand customer behaviour, and not assume that people will always act in a way that is best for their own security. For example, when banks reach out to validate data they shouldn’t be surprised when customers initially refuse to respond. 

Managing the balance of supporting customers in protecting themselves, whilst also making the process of interacting with the bank as smooth and painless as possible is critical.

Cross-sector view

It’s no surprise banking is the sector that is most ‘on the case’ in the fight against cyber crime. But there is an opportunity for the finance sector to educate other industries, for mutual benefit.

Unfortunately, though, most collaboration tends to happen within sectors and not between them. For example, there is the Cyber Defence Alliance (CDA), whose members are Lloyds, Barclays, Deutsche Bank, Santander UK and Standard Chartered. The CDA allows members to pool their knowledge on cyber security and the latest attack methods.

Wider collaboration is improving, though. The Joint Money Laundering Intelligence Taskforce is an organisation that was set up last year between the National Crime Agency and the financial sector to combat high-end money laundering. It has partners in government, the British Bankers Association, law enforcement and more than 20 major UK and international banks.

Here comes the good news

If better collaboration can make a significant impact on your vulnerability to cyber crime, then that is something within your control, even if you don’t understand a line of code. 

Should you appoint a single person to unify responses? 

In what ways can you encourage a collaborative vision of cyber security and fraud protection? 

And how can you ensure that your customer is an active participant in security measures, not a baffled outsider without buy-in? 

These are not technical questions at all – in fact, they are all questions that belong firmly within your remit. 

It’s time to get talking.

Connect with us

 

Request for proposal

 

Submit