What advisers and brokers need to know about financial crime
The accelerated adoption of artificial intelligence (AI) and machine learning by financial institutions is playing right into the hands of criminal syndicates specialising in digital fraud and online harm. Digitalisation, coupled with the shift of financial transactions to non-bank networks, is also making it more difficult for enforcement agencies and regulators to tackle financial crime and fraud.
Undermining trust in financial services
“We are concerned about the recent rise of digital fraud, and want to warn that if this is not promptly and effectively dealt with, it poses a significant risk to public trust, which is the mainstay of financial sector integrity and stability,” said Unathi Kamlana, Commissioner of the Financial Sector Conduct Authority (FSCA) at the FSCA Digital Fraud Roundtable, held in Johannesburg recently. The event coincided with the signing of a three-way Memorandum of Understanding between the FSCA, South African Banking Risk Association (SABRIC) and the South African Fraud Prevention Service (SAFPS).
The challenge facing the country’s financial sector enforcement agencies became clearer during a subsequent panel discussion, where the above parties were joined by representatives from the Banking Association of South Africa (BASA), the Independent Communications Authority of South Africa (ICASA), the Communications Risk Information Centre (COMRiC), and the recently established Association of Comms and Technology (Act for SA). Towards the end of the hour-long discussion, the panellists conceded that future discussions may have to accommodate up to 15 sectors or interest groups.
The pros and cons of digitalisation
The FSCA Commissioner took pains to weigh the tangible benefits of digital transformation against the risks. On the plus side, the fast-tracking of digital solutions expands competition and consumer choice, while delivering accessibility, affordability and efficiency gains. On the minus side, the very tools that enable these benefits “are now being manipulated by criminals determined to exploit every vulnerability that exists.” Kamlana commented on organised criminal networks that were sharing data and tools across platforms, sectors and even borders.
The Commissioner shared a list of digitally enabled criminal activities that the brokers and financial advisers among FAnews’ readership will be quite familiar with. Many of you are the first port of call when a business or individual client falls victim to malware, ransomware, phishing attacks, remote access scams, SIM swaps, social engineering or synthetic identities. These tech-enabled crimes are becoming endemic. In its Annual Crime Statistics 2024 report, SABRIC conceded that criminals are deploying AI to stay one step ahead of traditional controls.
SABRIC estimates that some R2.72 billion was lost to financial crime in 2024, of which R1.89 billion arose from digital banking fraud. Incidents of fraud were up 86% in 2024 compared to 2023, and the associated losses up 74%. And things are about to get sketchier. AI has given rise to a wave of applications that allow users to fabricate identities with alarming realism.
An experienced user can now use software to create deepfake audio, still images and video that risk overriding existing safeguards. Locally, we have already seen deepfake videos of the likes of Elon Musk, Johan Rupert and, more recently, Siya Kolisi encouraging viewers to invest in questionable schemes.
Financial planners in a spin
The stats shared during the Commissioner’s opening address should have financial planners in a spin. And your writer reckons the aforementioned SABRIC report could serve as the basis for some excellent external client communications. You could, for example, warn your clients that banking app fraud was the single largest contributor to digital banking fraud, accounting for 65% of the incidents, and causing R1.2 billion in losses.
“What is more devastating about these numbers are the lives impacted: the pensioner who loses their savings after clicking on a fraudulent link; the small business owner whose account is emptied overnight after being enticed into a scam investment; or the graduate whose stolen identity bars him from accessing work or credit because they gave their details to someone claiming to be from their bank,” Kamlana said. A show of hands during the later panel discussion revealed that everyone in the audience had been, or knew someone who had been, a victim of digital fraud.
AI-generated spoofing on the rise
These incidences range from the benign, where your credit card gets cloned and used for a handful of small transactions in Azerbaijan, to the full-scale compromise of your banking application during which all of your linked accounts get drained to zero, and your credit card account maxed out.
A quick Google search produced hundreds of warnings, including one from a leading retail bank saying that fraudsters were using AI-generated voices and emails to impersonate bank officials. They urged clients to be extra vigilant, and FAnews urges advisers and brokers to take extra steps to educate clients about this emerging risk.
“No single bank or individual financial institution, no single telecommunications provider, no single regulator or law enforcement agency can fight this battle in isolation,” Kamlana said, calling for a collaborative, cross-sector response to the scourge of digital crime. His comments were well-received, but your writer picked up an undertone of concern over the risk of collaboration in the context of the country’s strict competition and information protection laws.
Ironically, the Competition Act and Protection of Personal Information Act make it difficult for institutions to cooperate and / or respond swiftly to financial crime and fraud.
The only game in town
“Scammers thrive on fragmentation … they exploit the cracks in our systems, and it is in those very gaps that they succeed,” Kamlana said. He introduced the day-long digital fraud roundtable as an opportunity for regulators, banks, telcos, law enforcement agencies and other partners to discuss and forge a coordinated response. He declared: “Collaboration in the fight against financial crime and fraud is the only game in town.” He listed six ‘wishes’ or nice-to-haves that will almost certainly require softening of some of our existing laws to bring about.
Intelligence sharing in real time was the first item on the list. “A scam detected by one bank or any financial institution can be flagged across the entire system before it spreads; timely information is one of the most powerful tools we have, and we must use it collectively,” the Commissioner said. His second wish was for joint monitoring of high-risk platforms such as social media channels.
This is both an interesting and frightening proposal, but not impossible if one considers a recent article published in The Times (UK) that reveals UK police make over 30 arrests per day for ‘offensive’ online communications…
Surveillance, but hopefully not UK-style
The FSCA is keen, it seems, for a less sinister joint surveillance of channels such as Facebook, Instagram, Twitter, YouTube and even WhatsApp by banks, telcos and regulators to pool data, flag suspicious patterns and cut off abuse. The third wish is for affected institutions to embrace technology as part of the solution, leveraging AI, machine learning and advanced analytics to defend against cash-flush criminal syndicates. The Commissioner backs technology to “detect fraud earlier, intervene faster and give consumers greater protection.”
Wishes four, five and six span aligned policies and regulatory frameworks; strengthening enforcement and accountability; and consumer education and awareness. “As regulators, we must coordinate so that the rules are clear, consistent and comprehensive,” Kamlana said. He argued that the South African Police Service (SAPS), the National Prosecuting Authority (NPA) and other law enforcement agencies would have to work hand in hand to investigate, prosecute and disrupt criminal networks.
Advisers key to consumer education
His comments on consumer education will resonate with financial advisers, who can play a vital role in this part of the defence. “Scammers prey on fear, anxiety and lack of awareness … consumer awareness is a frontline defence,” he said, calling on all stakeholders to do whatever possible to empower clients to spot fraudulent messages, to verify information and to protect their personal details.
Writer’s thoughts:
Brokers and advisers are often the first to hear when a client falls victim to a financial crime. How do you reassure them in the aftermath, and how are you educating them to prevent this from happening in the first place? Please comment below, interact with us on X at @fanews_online or email us your thoughts [email protected].
