Fraud, cyber attacks and other compliance risks are widespread and pose increasing threats to financial institutions. While organizations have cyber, fraud and compliance teams to mitigate these threats, the challenge is that the threats are often intertwined and require expertise from many risk domains to effectively address them.
Consider, for example, the case of an employee stealing client data from their company while working from home. This raises all three threats at once, creating a “threat loop” of fraud, compliance risk and cyber-security breach. Instead of looking at the risks in isolation, an effective defense against the threat loop should address those threats simultaneously as one incident.
Enter the fusion centre, which came to prominence many years ago to provide just this kind of collective, interconnected and unified effort. They brought teams working in different risk areas out of their separate silos to work together on intersecting threats. Through physical collaboration and knowledge sharing, they brought information and datasets together to generate insights, make decisions and find better solutions.
A changing ecosystem
We speak from direct experience. One of us (Marilyn) works in fraud prevention/detection and forensics investigations and the other (Adil) does cyber security. We provide services to fusion centres, but neither of us can do so alone.
Meanwhile, though fusion centres were a terrific solution for their time, much has changed since the concept emerged. First, the pandemic entirely changed the way people work. Financial institutions pivoted to remote work, as did their fusion centres, with technology now enabling those former collaborations. The compliance landscape has also grown more complex, with cybersecurity governance rising in parallel with fraud and anti-money laundering regulations and practices. Regulators are holding financial organizations accountable for their partners’ cyber-resilience and data privacy controls and placing the onus on them to protect consumer data and provide secure access to e-commerce applications. Lastly, as end-consumer expectations regarding security grow, the performance of fraud, cyber and compliance have become increasingly tied to brand and reputation.
The need for these three risk areas to work together is critical.
An integrated approach
The way forward is through a reimagined fusion centre. While the original concept focused on bringing people together, Fusion Centre 2.0 enhances or renews these collaborations with an integrated alert technology and advanced digital capabilities as befits our new ways of working.
In basic terms, an integrated risk alert platform provides a true, 360-degree view of the customer and the risks impacting given transactions. The deployment of analytics, machine learning and artificial intelligence helps defend and mitigate against threats more effectively.
When threats are flagged, employees/investigators in different areas can see connections between different transactions or customers in near real time and know whether they’re dealing with the same threat. Customer profiles and behavioral data can be combined with cyber-intelligence feeds for deeper insights. Risks are identified, documented and rated across multiple areas, without compromising data privacy.
Integrated capabilities make it easier and faster to prioritize risk incidents, make holistic decisions, and reduce false positives. The result is better and faster incident response, creating new efficiencies.
A new direction
Another advantage is that organizations shift their response stance from reactive to proactive. Data is leveraged to find indicators of potential compromise and integrated teams are empowered to take informed, defensive steps against anticipated tactics and techniques. This allows the teams to get in front of the threat and take mitigating steps to prevent or minimize the impact of an incident.
Instead of cyber, fraud and compliance teams building their own alerts or rule sets within their own tools, they work together to identify patterns of suspicious activity using data points across the various risks. This cohesiveness is critical in today’s omnichannel banking environment, where data needs to be correlated across a wide range of channels and domains to be truly informative.
Data governance can be a challenge. Financial institutions often support multiple customer channels with different products and different technical systems with different data formats. An integrated alert platform promotes data governance to ensure the information is usable, accessible and protected. This creates new efficiencies around managing the data and the ability to use more data points for rule sets.
While the benefits of an integrated approach are clear, it can be a challenge to adopt a new approach. Each risk area has its own leadership, practices and decision-making, and supplementing these with an integrated approach requires staffing, budgets and time. However, with new cohesiveness between risk governance, threat assessment and control, organizations acquire agility and effectiveness in responding to impending threats—and continuous improvement to risk management overall.
To learn more about how KPMG can boost your organization’s resilience and agility, safeguard the present and reimagine the future, don’t hesitate to reach out to either one of us.
Stay up to date with what matters to you
Gain access to personalized content based on your interests by signing up today