Technology
HOW FRAUD TEAMS CAN HELP BANKS SOLVE THE DIGITAL IDENTITY CRISIS

Source: Finance Derivative
By Glenn Smith, EMEA Head of AML and UKI Head of Fraud at SAS
Fraud is often seen as a cost centre for banks, but there’s an opportunity for fraud teams to become a driver of better customer experience (CX) – and here’s how.
The Covid-19 pandemic has dramatically accelerated customer adoption of digital banking services, which is a dream come true for digital transformation teams. However, as a huge number of customers try online services for the first time, there’s bound to be friction.
Balancing fraud prevention and CX
When customers are less digitally savvy, it’s easier for fraudsters to take advantage of their inexperience. If there’s a significant uptick in fraud and regulators take the view that banks haven’t taken reasonable steps to prevent it, senior executives could be held directly responsible under the Senior Managers and Certification Regime (SMCR).
But fraud prevention isn’t just a regulatory issue – it’s a CX issue too. If banks don’t protect new and potentially vulnerable users of online services from fraudsters, they could see digital adoption regress to pre-pandemic levels, and set digital transformation initiatives back by a decade.
Customer awareness of fraud has risen during the pandemic, and recent research by SAS into consumer attitudes underlines why it’s important banks get this right. Three-fifths (60 per cent) of people are either more vigilant when it comes to fraud or have experienced it personally. This highlights how businesses need to establish extensive fraud-protection measures.
The problem with playing it safe
On the other hand, if banks take an overly cautious approach and decide that it’s not safe to allow customers to use certain services online, that also affects CX. Digital natives resent being told to visit a branch to change their address or marital status, for example – yet several banks still require this.
Requiring customers to jump through multiple hoops to establish their identity online is not a good option either. For customers who are comfortable online, the need to juggle usernames, passwords, and two-factor authentication codes is a major cause of annoyance – especially if it leads to failed logins or locked accounts. Meanwhile, for people who are less digitally able, even getting past the login screen can feel like an insurmountable obstacle.
How fraud teams can help
Fraud teams can help by providing identity risk scores that other lines of business can easily embed into their own processes. This enables the bank to assess how confident it should be that the person on the other end of the internet connection is a genuine customer, not a fraudster.
These identity risk scores can be calculated from a wealth of information that the bank holds internally, alongside data sourced from specialist third-party identity providers. By bringing together these data sources and applying the right algorithms, fraud teams can help the business detect red flags and take appropriate action.
Why aren’t more banks doing this?
The challenge is that orchestrating all these data streams from different identity providers is a complex task. Most banks end up with a hodgepodge of point solutions from multiple vendors. Each of these may be best-in-class for assessing a single risk vector, but none of them can provide the holistic view needed to detect sophisticated fraud attempts with high accuracy.
What’s needed is a technology platform that can handle the data integration and orchestration automatically, bringing together device data, behavioural information, and biometrics, and applying machine learning-based anomaly detection to generate risk scores on demand.
From cost centre to CX champion
This sophisticated approach to fraud analytics helps to craft smoother, safer customer journeys – giving genuine customers a warm welcome to their online banking experience, while keeping fraudsters locked out in the cold. It also means the risk team can raise its profile within the organisation from regulatory cost centre to a key partner in improving CX
You may like
Technology
The state of Artificial Intelligence in 2024

By Maxime Vermeir, Senior Director of AI Strategy, ABBYY
This year, we saw innovation teams experimenting with a variety of automation tools powered by artificial intelligence (AI). As enterprises navigate the potential for business value through large language models (LLMs) like generative AI, adoption of AI continues to grow increasingly widespread. According to recent research, the large majority (89%) of IT executives say that they have AI strategies in place, with 37% having a roadmap spanning three to five years.
Organisations were surrounded with AI hype in 2023 but have since had time to cut through the noise and determine the best business use cases for using it in their operations. This resulted in a realisation that despite their profound potential to generate value, the most powerful general-purpose AI tools can be unscalable, costly, and resource-consumptive, rendering them unsuitable for many enterprise automation goals. However, enterprises that don’t find a way to apply specialised AI solutions to business goals will find themselves falling behind their competitors.
In 2024, there is a need for purpose-built AI that will solve specific pain points effectively, efficiently, and in a scalable and resource-conscious way.
Key challenges and focuses for businesses in 2024 will be strategically integrating AI into organisations, measuring the success of AI implementation, and managing the ethical and legal risks of AI while staying ahead of the innovation curve.
AI strategies
In order to harness the power of AI, businesses need to anchor their AI strategies around clear, purpose-driven goals that align with business outcomes. These are three steps businesses should follow to establish effective AI strategies:
- Identify Clear Objectives:
- What business objectives do you want to achieve with AI? Whether it’s improving operational efficiency, enhancing customer experience, or driving innovation, it is crucial to clearly define your goals and the metrics by which you’ll measure success.
- Choose Specialised AI Solutions:
- The versatility of generalised AI can seem appealing, but opting for specialised, contextual AI solutions tailored to specific business challenges are more likely to deliver accurate and actionable insights with less cost and risk.
- Invest in Quality Data:
- Relevant, high-quality data is necessary for successful AI implementations. Ensure your data is clean, organised, and accurate to real-world scenarios your AI solutions will encounter.
Measuring success of AI projects
From ABBYY’s perspective, the crux of measuring success of AI initiatives lies in the tangible impact they have on business processes, rather than just the technical metrics. Metrics like F-scores can provide useful insights into the performance of AI models, but they don’t necessarily translate to how effective they are in the real-world. Success metrics should always go back to how AI can enhance business operations.
The three main metrics we prioritise are those that reflect direct business value. These include:
- Straight-Through Processing Rate (STPR): An increase in STPR means that more transactions or processes are being completed without manual intervention thanks to AI
- Time Saved: Efficiency gains can be estimated by measuring the time saved by implementing AI solutions
- Return on Investment (ROI): This captures the financial value from AI initiatives and demonstrates the cost-effectiveness and value add to the business. In 2023, an average of 57% respondents anticipated seeing at least twice the cost of investment ROI, while only 43% delivered this increase.
By focussing on these metrics, businesses can ensure their AI initiatives are delivering real value, driving process efficiency, and contributing to the bottom line. This approach can help businesses achieve meaningful enhancements in how they operate and deliver value.
Addressing the environmental impact of AI
Businesses will continue to grapple with the trade-off between generative AI capabilities and their ecological impact, such as immersive search capabilities that consume large amounts of energy. Using generative AI today to search and summarise data consumes 10 times the energy of a normal search, which is unsustainable in the global effort to reach an average planetary temperature of 1.5 degrees by 2025. There are alternative AI models that use robust machine learning and natural language processing with business rules for highly specified purposes; for example, in transportation and logistics, extracting data from the 44M bills of lading issued every year and processed by at least 9 stakeholders at 12 touchpoints with a highly accurate AI-model, trained on thousands of bills of lading.
The growing influence of regulation
As AI technologies continue to permeate various sectors, regulatory bodies will likely ramp up scrutiny to ensure ethical use and data privacy. This will also include measures to ensure that claims made by AI vendors are accurate and verifiable. These frameworks and regulations will sensitise users to the potential risks that shadow the possibilities and will bring business users back to the reality of integration challenges.
With more demand for transparency among businesses and regulators in AI decision-making, advancements in Explainable AI (XAI) will gain momentum, as it helps to demystify complex AI models and foster trust among users and stakeholders.
Embracing a human approach to AI
C-suite leaders have already begun to discover the hidden costs and ecological impact of generative AI, lifting the veil of hype to reveal practical challenges of integrating AI applications into their organisation’s infrastructure. Still, artificial intelligence has proven itself as a transformative tool that will be instrumental in modernising businesses and driving operational excellence.
In order to overcome these challenges, business leaders need to embrace a more human understanding of their data and processes. This involves bridging the gaps in understanding between AI teams and the business side of the organisations they serve. By fostering collaboration between AI specialists and professionals with actionable, hands-on business knowledge, enterprises can ensure that AI is driving operational excellence in the right areas and yielding truly actionable insight. Businesses need to carry this approach through impact assessments, strategising, implementation, and measuring success.
Business
‘Tis the Season to be Wary: How to Protect Your Business from Holiday Season Hacking

The holiday season will soon be in full swing, but cybercriminals aren’t known for their holiday spirit. While consumers have traditionally been the prime targets for cybercriminals during the holiday season – lost in a frenzy of last-minute online shopping and unrelenting ads – companies are increasingly falling victim to calculated cyber attacks.
Against this backdrop of relaxed vigilance and festive distractions, cybercriminals are set to deploy everything from ransomware to phishing scams, all designed to capitalise on the holiday haze. Businesses that fail to prioritise their cybersecurity could end up embracing not so much “tidings of comfort and joy” as unwanted data breaches and service outages well into 2024.
Threat Landscape
With the usual winter disruptions about to kick into overdrive, opportunistic hackers are aiming to exploit organisational turmoil this holiday season. Industry research consistently indicates a substantial spike in cyber attacks targeting businesses during holidays, particularly when coupled with the following factors:
- Employee Burnout: Employee burnout is rife around the holidays. Trying to complete major projects or hit targets before the end of the year can require long hours and intense workweeks. Overwrought schedules combined with the seasonal stressors of Christmas shopping, family politics, travel expenses, hosting duties etc., can lead to a less effective and exhausted workforce.
- Vacation Days: The holiday season is a popular time for employees to use up their vacation days and paid time off. This means offices are often emptier than usual during late December and early January. With fewer people working on-site, critical security tasks are neglected and gaps in security widen.
- Network Strain: The holidays also mark a period of network strain due to increased traffic and network requests. Staff shortages also reduce organisational response capacity if systems are compromised. The result is company networks that are understaffed and overwhelmed.
Seasonal Cyber Attacks
There are many ways bad actors look to exploit system vulnerabilities and human errors to breach defences this time of year. But rather than relying solely on sophisticated hacking techniques, most holiday-fueled cyber attacks succeed through tried and true threat vectors:
- Holiday-Themed Phishing and Smishing Campaigns: Emails and texts impersonating parcel carriers with tracking notifications contain fraudulent links, deploying malware or capturing account credentials once clicked by unwitting recipients trying to track deliveries. A momentary slip-up is all it takes to unleash malware payloads granting complete network access.
- Fake Charity Schemes: Malicious links masquerading as holiday philanthropy efforts compromise business accounts when donated to.
- Remote Access Exploits: External connectivity to internal networks comes with the territory of the season. However, poorly configured cloud apps and public Wi-Fi access points create openings for criminals to intercept company data from inadequately protected employee devices off-site.
- Ransomware Presents: Empty offices combined with delayed threat detection gives innovative extortion malware time to wrap itself around entire company systems and customer data before unveiling a not so jolly ransom note on Christmas morning.
Without proper precautions, the impact from misdirected clicks or downloads can quickly spiral across business servers over the holidays, leading to widespread data breaches and stolen customer credentials.
Essential Steps to Safeguard Systems
While eliminating all risks remains unlikely and tight budgets preclude launching entirely new security initiatives this holiday season, businesses can deter threats and address seasonal shortcomings through several key actions:
Prioritise Core Software Updates
Hardening network infrastructure is the first line of defence this holiday season. With many software products reaching end-of-life in December, it is critical to upgrade network architectures and prioritise core software updates to eliminate known vulnerabilities. Segmenting internal networks and proactively patching software can cut off preferred access routes for bad actors, confining potential breaches when hacking attacks surge.
Cultivate a Culture of Cybersecurity Awareness
Cybersecurity awareness training makes employees more resilient to rising social engineering campaigns and phishing links that increase during the holidays. Refreshing employees on spotting suspicious emails can thwart emerging hacking techniques. With more distractions and time out of the office this season, vigilance is more important than ever! Train your staff to “never” directly click a link from an email or text. Even if they are expecting a delivery they should still go directly to the known trusted source.
Manage Remote Access Proactively
Criminals aggressively pursue any vulnerabilities exposed during the holiday period to intercept financial and customer data while defences lie dormant. Therefore, businesses should properly configure cloud apps and remote networks before the holiday season hits. This will minimise pathways for data compromise when employees eventually disconnect devices from company systems over the holidays.
Mandate Multifactor Authentication (MFA)
Most successful attacks stem from compromised user credentials. By universally mandating MFA across all access points this season, retailers add critical layers of identity verification to secure systems. With MFA fatigue setting in over holidays, have backup verification methods ready to deter credential stuffing.
Prepare to Respond, Not Just Prevent
Despite precautions, holiday disasters can and do occur. Businesses need response plans for periods of disruption and reduced capacity. Have emergency communications prepared for customers and partners in case an attack disrupts operations. The time to prepare is before vacation schedules complicate incident response. It’s important to know how and when to bring in the right expertise if a crisis emerges.
By following best practices to prevent cybersecurity standards slipping before peak winter months, companies can enjoy the holidays without becoming victims of calculated cyber attacks. With swift and decisive action there is still time for businesses to prepare defences against holiday season hacks.
Business
Transforming unified comms to future-proof your business

By Jonathan Wright, Director of Products and Operations at GCX
Telephony is not usually the first thing SMBs think about when it comes to their digital transformation. However, push and pull factors are bringing it up the priority list and leading them to rethink their approach.
Indeed, it is just one year until PSTN (the copper-based telephone network) will be switched off by BT Openreach. With a recent survey showing that as many as 88% of UK businesses rely on PSTN, many organisations’ hands are being forced to review their communications ahead of the deadline.
But even if this change for some is being forced upon them, the benefits of building a more future-proofed unified communications strategy far outweigh the associated challenges. Nearly three-quarters of employees in UK SMEs now work partly or fully remotely, indeed the highest percentage of any G7 country. Voice over Internet Protocol (VoIP) telephone systems are much better suited to distributed workforces as the phone line is assigned on a user basis, rather than to a fixed location.
And with more companies now integrating AI capabilities to augment their products and services – like Microsoft Teams Pro which leverages OpenAI for improved transcription, automated notes generation and recommended actions – the productivity-boosting benefits for users are only improving.
Making the right choice
For those companies that are seizing the opportunity to change their unified comms in 2024, what should they consider when making their decision?
- Choose platforms that will boost user adoption – User adoption will make or break the rollout of a new IT project. So due consideration should be given to what products or services will have the path of least resistance with employees. Choosing a service or graphical user interface (GUI) users are already used to, like Zoom or MS Teams, is likely to result in a higher adoption rate than a net new service.
- Embrace innovation with AI capabilities – While some of the services leveraging AI and Large Language Model (LLM) to enhance their capabilities are more expensive than traditional VoIP, the productivity gains could offer an attractive return on investment for many small businesses. Claiming back the time spent typing up meeting notes, or improving the response time to customer calls with automatically-generated actions, will both have tangible benefits to the business. That said, companies should consider what level of service makes sense to their business; they may not need the version with all the bells and whistles to make significant efficiency gains.
- Bring multiple services under a single platform – The proliferation of IT tools is becoming an increasing challenge in many businesses; it creates silos that hamper collaboration, leaves employees feeling overwhelmed by the sheer number of communications channels to manage, and leads to mounting costs on the business. Expanding the use of existing platforms, or retiring multiple solutions by bringing their features together in one new platform, benefits the business and user experience alike.
- Automate onboarding to reduce the burden on IT – Any changes to unified comms should aim to benefit all of the different stakeholders – and that includes the IT team tasked with implementing and managing it. Choosing platforms which support automated onboarding and activation, for example, will reduce the burden on IT when provisioning new tenants, as well as with the ongoing policy management. What’s more, it reduces the risk of human error when configuring the setup to improve the overall security. Or, in the case of Microsoft Teams, even negates the need for Microsoft PowerShell.
- Consider where you work – Employees are not only working between home and the office more. Since the pandemic, more people are embracing the digital nomad lifestyle, while others are embracing the opportunity to work more closely with clients on-site or at their offices. This should be considered in unified comms planning as those companies with employees working outside the UK will need to choose a geo-agnostic service.
- Stay secure – Don’t let security and data protection be an afterthought. Opt for platforms leveraging authentication protocols, strong encryption, and security measures to safeguard sensitive information and support compliance.
Making the right switch
As many small businesses start planning for changes in their telephony in 2024 as the PSTN switch-off approaches, it is important that take the time to explore how the particular requirements of their organisations and how the changes to their communications could better support their new working practices and boost productivity.

The state of Artificial Intelligence in 2024

‘Tis the Season to be Wary: How to Protect Your Business from Holiday Season Hacking

Transforming unified comms to future-proof your business

The Sustainability Carrot Could be More Powerful Than the Stick!

Hybrid cloud adoption: why vendors are making the switch in 2022 and why you should too
