The pandemic has led to many drastic changes over the last year. We’ve seen a large exodus from brick-and-mortar retail and a massive spike in eCommerce. In fact, 2020 saw online retail grow over 40% alone. And while Amazon is responsible for a large part of that (40% to be specific), services like Shopify and Squarespace have seen a large increase in demand as well.
Platforms like Shopify help facilitate the online transition by providing the tools, payment systems, and infrastructure for businesses to sell online. Since Covid-19 has encouraged (and practically forced) countless businesses to turn to online marketplaces, these platforms have seen an incredible influx of clients looking to get into eCommerce.
But this cultural shift hasn’t come without repercussions. The Congressional Research Service released a paper highlighting increasing financial crime due to the pandemic. The research focuses on emerging trends and patterns in fraud, money laundering, and cybercrime and suggests increased vigilance within the government as well as businesses.
But what does this have to do with the increased attention eCommerce has gathered? As more companies transition to online sales, new payment systems and processes are being implemented and used. The introduction of these new systems offers new targets for exploitation as newer technology tends to have the most vulnerabilities. Additionally, more online activity means more possible victims of fraud and other financial crimes.
Now more than ever, companies and organizations should focus on the importance of anti-money laundering (AML) and financial regulations to protect themselves and their customers. While these regulations are a great place to start, it’s highly unlikely that they will be enough to counteract the increasing development of malicious software and fraudulent processes.
With cybercrime increasing by over 600% due to the pandemic, there are a considerable amount of forces working against the financial industry. So now is the time for organizations to step up and implement more sophisticated data monitoring systems.
The demand for higher standards and regulations
As more data is processed and stored online, cybercriminals are working harder than ever to exploit any possible vulnerabilities. The climate created by the increase in eCommerce, online activity, and acceptance of cryptocurrency has made the internet the perfect medium for fraud and malicious activities. This will no doubt lead to stricter regulations on data and cybersecurity, and companies could face seriously damaging liability issues.
Ransomware is one area that has had a quick governmental response. Ransomware is a type of malicious software that gets onto a computer and quickly spreads throughout the network. It then encrypts the host’s entire hard drive, rendering it completely useless. The culprits then charge the victims a ransom typically paid in Bitcoin and other cryptocurrencies.
Ransomware attacks have crippled large organizations throughout the world including a large chain of hospitals, oil infrastructure, and more recently Kaseya, a Cloud provider that serviced a large number of customers. The government has acted swiftly to counteract the rising rate of ransomware attacks and has established a dedicated department to deal with these issues.
With the current rate of financial crime, it’s only a matter of time before additional regulations are enacted. But fin-tech companies should be looking ahead and implementing preventative measures before governmental requirements. It’s no secret that government regulations tend to be delayed, and are typically enacted after major damage is done. So being ahead of the game can pay considerable dividends. But what about current regulations?
Existing governmental regulations
Implementing and adhering to existing regulations is a great place to start. Fin-tech companies should have a thorough understanding of what the government requires and the standards that should be in place. But these standards are being continuously updated and changed as the environment demands.
In fact, the NDAA was passed at the beginning of the year and significantly modified the Banks Secrecy Act (BSA) and the Anti-Money Laundering (AML) Act. The modifications made several substantial changes to the reporting of beneficial owners, whistleblowers, and more. The legislation introduced several key changes.:
- Beneficial owners must now be reported to the Financial Crimes Enforcement Network (FinCEN). The article goes on to define beneficial owners as a person who owns a 25% equity stake or exercises substantial control over the entity.
- Whistleblowers now have additional protection and compensation has been increased for violations that lead to monetary penalties. This incentivizes reporting of BSA and AML violations to keep companies accountable.
- The Act requires the Treasury to evaluate different ways to streamline suspicious activity reporting (SAR) as well as currency transaction reporting (CTR). The treasury has one year to report its findings which suggest that there could be considerable changes to CTR and SAR by 2022. This provides potential opportunities to fintech companies that are looking to innovate and improve on the processes required for SAR and CTR.
- The Act also expands a number of definitions to include digital currencies, as well as expand on future regulations for cryptocurrency and blockchain applications.
The implementation of these regulations is not only required to avoid possible penalties and issues with law enforcement, but it’s an important part to protect companies and their clients as well. It’s also a sign that additional regulations are in the works, and innovative companies might just be able to offer solutions to some of the problems the industry currently faces.
The increasing effect of financial crime
A report published by the Financial Action Task Force (FATF) highlights some of the most affected areas of the current rise in financial crime. The report was originally published in May 2020, and an update was released in December confirming the continued increase in criminal activity. While fintech companies are the most likely to feel pressure from financial crime, companies from all industries should conduct business with increased vigilance in the areas highlighted.
With the shift to online and remote interaction, fraudulent schemes have been given more credibility due to the normalcy of remote contact. Companies should be on the lookout for fraudulent activities including:
- Impersonation of officials – Criminals are taking advantage of the heightened interaction between government officials and citizens due to the Covid-19 pandemic. Schemes can range from claims of a sickness relative to requiring bank information for stimulus deposits. With the number of government assistance programs introduced by the pandemic, these scams are quite popular.
- Fraudulent investment scams – Another popular scheme takes advantage of the financial position many people are in due to the pandemic. These scams include promotions of products that can falsely cure Covid-19 as well as potential “up and coming” microcap stocks.
- Counterfeit goods – With the high demand for certain items such as masks and other medical supplies, counterfeit goods are a very real risk. Online marketplaces can be used to facilitate these counterfeit items so businesses and individuals should practice vigilance in who they conduct business with.
Cybercrime is another aspect that is highlighted in the report as it has seen a sharp increase due to the pandemic. While many of the attacks and scams were common before Covid-19, their occurrence has drastically increased and new variations are constantly being constructed and used.
- Email phishing attacks – Cybercriminals use fake emails to install malware onto the victim’s computer. The malware can then be used in a variety of ways including harvesting personal data such as account names and passwords, as well as stealing other personal information. This can also be used to facilitate a ransomware attack.
- Compromised business email – With the increase in remote work, new vulnerabilities have been introduced into business networks. Cybercriminals are exploiting these gaps and gaining access to business accounts to target other employees, customers, and vendors. Since the email is coming from a reliable address, it is more readily trusted. The sender then requests payment to an illicit account with the promise of goods or services.
- Ransomware attacks – Ransomware attacks are a growing threat and are used to extort money from victims by disabling computers and hardware. Ransomware can be installed through phishing emails, malicious websites, and even mobile applications. Malicious actors have been noted using Covid-19 related information to gain access to the victim’s device and lock it down until the ransom is paid.
Financial cybercrime is increasingly relevant as more work, shopping, and communication are done online. Fintech companies have an obligation to their employees and customers to ensure that they are providing the utmost protection and security against these issues. Compliance with government regulations can help provide more secure services, but it oftentimes isn’t enough. Cybercriminals continue to concoct new ways for money laundering, exploitation, and fraud, and organizations should take preventative measures to protect themselves.
Now is the time for new innovations to help enhance processes like suspicious activity reporting (SAR). Improving the infrastructure of banking and payment processing can benefit businesses and support the continued growth of eCommerce and the online marketplace. Fintech companies hold the key to the future of online business and can provide the tools needed to ensure the future of the internet economy.
About the author
Netaniel (Nathan) Segal
MBA, MPA , CAMS, PMP, CSPO , CSM
Netaniel is a highly experienced Senior Consultant in the Financial Industry. He performed variety of roles as a lead consultant in different aspects of the financial industry – Accounting, Retail Banking, Wealth Management application, Risk Management and financial crime solutions. Netaniel Led capital market projects for major clients on Wall Street including building a data warehouse for fixed income, investment back office, and middle office development for large investment international brokerage banks.