During the years 2021-22, Indian banks were confronted with a staggering number of fraud reports. These incidents of fraud reached 9,097, with an estimated value of around Rs. 59,819 crores. In the preceding year, 2020-21, there were 7,338 frauds recorded, involving a massive sum of Rs. 1,32,389 crores.
The financial industry is still grappling with fraud challenges, as evidenced by the latest data from 2022-23. Public sector banks reported 3,405 frauds, totalling Rs. 21,125 crores, while private banks encountered 8,932 cases amounting to Rs. 8,727 crores. Foreign banks, financial institutions, small finance banks, and payment banks collectively reported the remaining cases.
It is alarming that a significant 95% of the total reported fraud, amounting to Rs. 28,792 crores out of Rs. 30,252 crores, was associated with loans.
In response to this critical issue, we organized the webinar “Fraud Detection & Prevention in Financial Institutions” The webinar delved deep into the challenges faced by financial institutions in combating fraud and discussed the latest trends, technologies, and best practices to stay one step ahead of fraudsters. Join us as we explore effective strategies and solutions to bolster fraud detection and prevention efforts in the financial sector. Together, we can safeguard our financial systems and protect the interests of institutions and customers alike.
Vikas Naik, CISO of Vishwas Co-op Bank, is a seasoned cybersecurity professional with 20+ years of experience. He has a diverse background working with many organizations, showcasing expertise in information security, leadership, and strategy. He excels in various aspects of information security, including policy analysis, program design, risk assessment, and conveying Information Security Management Systems effectively to technical and non-technical audiences.
Vinayak Chavan who is the CISO at GP Parsik Sahakari Bank, with a professional background spanning over 20 years in IT and 7 years in IS. He holds the responsibility of overseeing the bank’s cyber security posture, which includes assessing security controls, ensuring compliance with audit findings, and conducting employee cyber security awareness training.
Sudhakar Raja, the CEO of TRST Score, is a seasoned entrepreneur with 30+ years of experience. He has a diverse background, has been the former CTO of Shriram General Insurance, & was previously working with Oracle and KPMG in the US on Strategy and Technology. Additionally, he is actively involved in mentoring numerous startups as a TiE Charter Member.
Preekshit Gupta is a business and technology executive with nearly 20 years of experience providing strategic leadership to Fortune 500 companies and start-ups. With a strong background in leading companies like FIS, RSA Security, and TransUnion, he currently drives the growth of Bureau ID as Vice President in international markets, leveraging his expertise in sales, business development, and product strategies.
Mani Parthasarathy, CEO of Cloudbankin, is a renowned fintech expert with over a decade of experience. His company provides technology solutions like Digital Onboarding, Loan Origination System, Credit Rule Engine Solution & Loan Management System to UCBs, NBFCs, Banks and Fintechs. You can find his insights on digital lending under the hashtag #manispeaksmoney on LinkedIn.
Frauds can be categorized into three types:
Recently, a prevalent form of fraud involves small applications. In this scheme, individuals receive SMS messages prompting them to download an app. Even if they have no intention of using it, money is transferred to them. These fraudsters, referred to as “dupers,” then exploit vulnerable targets. Unfortunately, such fraud has surged during the Covid-19 period. Moreover, fraudsters have grown more sophisticated, exploiting end-to-end technology with minimal human interaction, which poses challenges for banks and lenders in effectively verifying applicant identities.
Many financial institutions have adopted several crucial steps to identify and combat fraud within their organizations effectively. These measures include:
Fraud remains an ever-persistent and intriguing topic, constantly evolving with new sophistication each year. The dynamic nature of fraud keeps everyone, including customers, regulators, and technology providers, on their toes. The continuous game of cat and mouse ensures that fraud will remain relevant as long as the digital economy exists.
Recently, a compelling case study sheds light on the prevalence of synthetic identity fraud. This type of fraud combines real and fake identity information to create accounts for malicious purposes. Fraudsters use various tactics, such as fake mobile numbers, email IDs, and forged personal information, to carry out their schemes. However, there are solutions available to detect and prevent synthetic identity fraud.
One notable case involved a large Indian bank dealing with CASA (Current Accounts Saving Accounts) cards, which experienced a combination of synthetic identity and account takeover fraud. The fraudsters launched bot attacks, creating fake accounts and gaining unauthorized access to customers’ mobile apps. To deceive customers further, they employed social engineering techniques, leading to customers unknowingly sharing sensitive information like SMS OTPs and passwords.
Thankfully, technology providers have developed tools to combat such fraud. By analyzing the risk associated with mobile numbers, email IDs, and device fingerprints, they can detect suspicious activities in real time. This approach ensures that 70% of risky transactions are successfully halted, resulting in a significant increase in accurate user onboarding by over 90%.
This recent case study demonstrates how the financial industry can stay ahead of fraudsters by leveraging technology to safeguard customers and financial institutions alike. As fraud techniques evolve, so will the countermeasures, making this an ongoing battle in the world of digital lending.
Collaborative Data Approach
Data Democracy and Risk Assessment
Extending Data Democracy Beyond Finance
Addressing Internal Fraud Challenges
Building an Inclusive Data-sharing Ecosystem
The RBI has mandated all banks to promptly report identified frauds to the central fraud registry (FMR) in real-time. This database serves as a central repository where all financial institutions submit their fraud-related data. As part of RBI’s vision for 2020-2025, they aim to create a negative list of fraudulent account numbers and publish it in real-time. Although currently accessible through their website, RBI plans to offer API integration for easier access to this data.
With the central fraud registry in place, banks can leverage this data to cross-check before disbursing loans, helping identify potential fraud risks. By integrating with any API, FIs can proactively prevent fraud proceeds from being transferred to fraudulent accounts, strengthening their fraud detection capabilities. RBI’s strategic vision is to establish a fully functional system by 2025, providing a vital tool for combating loan fraud and ensuring a more secure financial ecosystem.
Experienced individuals with a long history in banking or dealing with financial institutions often possess a keen intuition for identifying fraud at an early stage.
To provide examples of pre-warning signs for such frauds:
Such behaviours indicate desperation beyond normal levels, raising red flags and suggesting potential fraud. In such cases, it becomes crucial to double-check and reverify every step of the loan process. Employing advanced technologies, as mentioned earlier, can aid in cross-verifying information and reducing the occurrence of such fraudulent activities.
Identifying these signals is essential when borrowers display excessive desperation, negotiate unrealistically low-interest rates, or submit an excessive number of documents. Bankers can carefully assess such red flags and make informed decisions based on the evidence at hand. Being vigilant in this manner helps safeguard financial institutions from falling victim to fraudulent schemes.
In the digital lending landscape, physical connections with borrowers are diminishing, making it imperative to implement robust controls to assess risk, especially in document verification. Fortunately, technology now offers tools that enable real-time document checks and auto OCR (Optical Character Recognition) during user onboarding. These tools automatically extract and validate data from the provided documents while ensuring authenticity.
To enhance the fraud detection process further, financial institutions can explore the account aggregator framework introduced by RBI. This framework allows access to other lenders’ loan histories, aiding in comprehensive risk assessment. Additionally, utilizing strong alternate data-based scoring mechanisms can provide deeper insights into a borrower’s profile, including mobile numbers, email IDs, and digital footprints.
By combining document tampering proof, alternate data, account aggregator, and advanced technology, banks can safeguard their lending process and mitigate risks efficiently. Implementing these solutions not only improves efficiency and reduces costs but also enhances the overall borrower experience.
Furthermore, technology advancements enable real-time access to paychecks and employment records, providing lenders with valuable data for quicker loan decisions and ensuring safer loan disbursals. The availability of such information allows for more comprehensive risk analysis, taking into account the borrower’s employment history across previous organizations, enabling lenders to make faster and more informed lending decisions.
It primarily involves training rather than just raising awareness, as the key is to lend to the right borrowers. The training focuses on the usage of the latest technology tools to prevent fraud while also creating awareness among customers. SMS alerts and web sliders are used to raise awareness for customers against falling prey to fraud lenders. Moreover, the employees, especially in the credit department, receive training on how to scrutinize loan applications using document screening tools. Additionally, they are educated on identifying forged documents or numbers in balance sheets and GST returns, emphasizing the importance of using appropriate verification tools. Furthermore, employees are trained to identify potential fraud in MSME loans, such as detecting forged documents or misrepresented financial figures. Such comprehensive training and awareness programs play a crucial role in equipping financial institutions’ employees to combat fraud effectively.
Data leakage is a significant concern, especially when dealing with personally identifiable information (PII). Two notable incidents, the AIMS hospital data breach and the Fullerton incident, highlight the critical need to address this challenge effectively.
The Challenges:
Enhancing Data Security:
To tackle these issues and enhance data security, robust encryption mechanisms have been implemented, comprising the following features:
Tokenization for Enhanced Security:
Protecting Sensitive Information:
Consent Management:
Extending the Solution:
The Challenge
In the realm of fraud identification and detection, machine learning and data analytics play a pivotal role. With the abundance of data available today, the key challenge lies in efficiently processing and transforming this data into actionable insights in real-time. Without timely detection and decision-making, the entire effort becomes futile in today’s fast-paced digital world.
The Solution
To address this challenge, an analytics-driven approach becomes imperative. Data-driven decision-making, underpinned by machine learning and AI, emerges as the crucial horizontal aspect of fraud prevention and mitigation. For instance, many organizations have been successful in consolidating diverse data silos, such as identity verification, fraud detection, transactions, and payments, into a unified platform. Such platforms offer a holistic view of a user’s journey. This single-pane view becomes a valuable asset for stakeholders, be it the CIO, CTO, CSO, or CEO of a financial institution.
The adoption of such analytics platforms at an early stage is advantageous, as it allows the analytical models to mature and yield meaningful results over time. Leveraging machine learning techniques, these models learn and adapt, incorporating additional tools like behavioural analytics. For example, the analysis of a user’s device behaviour, including unique patterns, touch gestures, dwell time, and the relationship of the user with the device, creates a distinctive fingerprint that aids in identifying and differentiating legitimate users from fraudsters who may attempt to tamper with devices.
In response to the Supreme Court’s June 2023 ruling, banking institutions face a challenge in adjusting their automation systems for fraud flagging. As per the master direction, banks must report any identified fraud to the central registry. While they must comply with this requirement, the regulatory body determines whether the information is published. To ensure legal measures are followed, banks now have to provide a three-month window before declaring an account as fraudulent, and only after proper legal measures or directions are taken. The Supreme Court emphasizes the importance of offering fair opportunities and equal treatment to customers during the process. This approach aims to prevent abrupt harassment and ensures customers are provided with a proper legal process before any conclusive actions are taken.
In the context of social media fraud, one of the significant concerns is impersonation, where malicious actors create fake profiles to deceive others. Institutions must exercise caution while assessing profiles and leverage available technological solutions to identify and take down such fraudulent accounts. Detecting fake organization pages, product pages, and posts on social media can be achieved through various tools and solutions currently available in the market.
From a lending perspective, institutions can assess a user’s digital footprint and monitor their presence across different social media platforms. By evaluating their accounts and the number of social handles they use, institutions can implement straightforward checks to ensure the authenticity of the user during the onboarding process. Many fintech companies have already deployed these measures to gauge user credibility during the onboarding journey.
Furthermore, certain NBFCs providing educational loans have taken additional steps to validate applicants’ LinkedIn details by cross-referencing them with the certificates they provide. Although this process emphasizes the importance of data validation, it is essential to strike a balance by not solely relying on any single data point for assessment.
You may also like: Unleashing The Power of Innovations in MSME Credit
Vikas Naik: Staying alert and aware of evolving trends and current events is crucial. Keep an eye on the news and join forums to stay updated on the latest happenings, including frauds. It’s a common but essential practice.
Vinayak Chavan: From the perspective of lenders, especially Co-op Banks or NBFCs, it’s essential to acknowledge that fraudsters are always ahead in leveraging technology. Currently, lending processes are mostly manual, but in this digital world, my key advice to financial institutes and banks is to embrace technological advancements. To remain relevant and competitive, they must adopt and adapt to new technologies, deploy tools, provide workforce training, and improve efficiency (TAT – Turnaround Time). It’s crucial not to rely on yesterday’s technology to ensure their presence in the business tomorrow.
Sudhakar Raja: When data is shared, it helps in solving issues collectively, making data democracy essential. Lenders should prioritize data security, considering cloud platforms as a more vetted option than in-house solutions. Choosing the right technology is vital for success. Together, we can combat challenges effectively.
Preekshit Gupta: Collaboration is crucial for the greater good of the community. Fraudsters excel in working together to launch attacks on a larger scale. Therefore, it’s essential for all of us to unite and share information with other organizations. Embracing available technology and adopting advanced techniques can help us stand strong against these challenges and overcome them together.
What does 2022 say about the lending industry? For the
It's that time of the year where people flood your
© 2024 LightFi India Private Limited. All rights reserved.
(Formerly known as Habile Technologies)
After smartphone penetration, people are not watching their SMS at all. They use SMS only for OTP related transactions. That’s it.
But What can a Lender see in your SMS after you consent to them?
Lender can see income, expenses, and any other Fixed Obligation like (EMIs/Credit Card).
1) Income – Parameters like Average Salary Credited, Stable Monthly inflows like Rent
2) Expenses – Average monthly debit card transactions, UPI Transactions, Monthly ATM Withdrawal Amount etc
3) Fixed Obligations – Loan payments have been made for the past few months, Credit card transactions.
It also tells the Lender the adverse incidents like
1) Missed Loan payments
2) Cheque bounces
3) Missed Bill Payments like EB, LPG gas bills.
4) POS transaction declines due to insufficient funds.
A massive chunk of data is available in our SMS (more than 700 data points), which helps Lender to make a credit decision.
An interesting insight on vehicle loans for lenders.
A trend we are seeing today – the first-hand vehicle ownership is decreasing with time. Why? People are upgrading their vehicles in every few years because of technological advances. And, this can be seen more with the millennial generation.
So, what should a lender do in terms of financing?
– Estimating the residual value of the vehicle at the start of the financing period.
– Charging a borrower only for the residual value (which is the difference between the value after a few years and the current value)
Example: A bike currently is INR 1 lakh. You want to buy the vehicle for 2 years. A lender will estimate the residual value of that bike today and what it would be after 2 years. If the estimated residual value = INR 45,000, the lender will charge you only that (say, INR 55,000 with interest for this instance) during your tenure.
At the end of 2-year period, you have 3 choices:
1. Return the bike and upgrade to a new one without going through the struggle of selling it.
2. Pay the lump sum remaining amount to own the vehicle outright.
3. Extend the financing and own it by keep paying the EMIs for the remaining amount of the vehicle for the next 12 or 18 months.
Benefits for the borrowers?
– Flexibility to use a vehicle and upgrade to a new one.
– Affordability to not pay for the complete value of the vehicle with the intention to use for a lesser amount of time.
– Convenience in owning the vehicle.
Say goodbye to the old lending option and embrace the new way of financing for vehicle by lenders!
How many of us know this?
1) Tiktok does Lending ( is it an entertainment company or social media company or a fintech company?
2) Youtube China does Lending
3) Top 100 internet companies in China(no matter what business they are in) do Lending
The team which was heading Lending in Tiktok was the Advertisement team. If we do Ads, we do X no of revenue. But if we do lending, we’ll get X+30% more revenue. This is on the same Ad spot.
Ad team has transformed into a lending team, and in today’s world, it’s possible because the subject matter expertise can be put in as an API and given to you.
Embedded Lending as a service is becoming popular in India too, and I am happy to be part of this ecosystem.
The answer is No. Only the top 10 crore people have access to many credit products in India. Almost all Banks focus on this market.
Once you go beyond that, the credit access rate has dropped significantly due to multiple factors.
1) Customers who are having low income(30-40K per month)
2) Not earning from an employer who belongs to Category A or B
3) Not from Tier 1 or 2 cities
NBFCs and Fintechs focus on the above segment, pushing another 10 crores of people.
But in India, 70 crores more people are formally or informally employed, which still needs to be tapped.