How Much Does Fraud Prevention and Compliance Cost Banks?

The financial sector is on the front lines of the fight against fraud. As online transactions surge and financial technology (fintech) companies disrupt traditional banking models, banks are under increasing pressure to protect their customers from ever-more sophisticated fraudsters. At the same time, a growing web of regulations mandates stricter compliance measures, adding another layer of complexity (and cost) to financial institutions' operations.
  
This article explores the escalating costs of fraud prevention and compliance for banks. We'll delve into the factors driving this rise, including the surge in online fraud, stricter regulations, and the need for enhanced security measures. We'll also explore the impact these costs have on banks and fintech’s, particularly new entrants to the financial services market.

The online fraud threat: a growing monster 

• Evolving financial crimes: Fraudsters are becoming more sophisticated than ever, employing social engineering and impersonation tactics, account takeover schemes, and increasingly leveraging AI in elaborate deep fake scams to perpetrate financial crimes. 
• Real-time payments: The rise of real-time payment systems has created huge opportunities for fraudsters to defraud consumers and businesses while evading detection and capture.
• Profits from trafficking and trade-based money laundering: Criminals are increasingly using the financial system to launder money derived from illegal activities.

The regulatory burden: a compliance conundrum 

In addition to the evolving threat landscape, banks are also grappling with a growing body of regulations designed to combat financial crime. These regulations, often introduced by government agencies, aim to protect consumers from fraud and money laundering. While these regulations are essential, they also add a significant compliance burden for banks.  
 
Here are some examples of regulations that impact bank compliance costs:

• Know Your Customer (KYC) Rules: KYC regulations require banks to verify the identity of their customers and understand the nature and purpose of their accounts. In the face of increasing levels of synthetic identity fraud and now the emergence of deep fakes, it’s crucial that banks and FI’s find the right balance between security and customer experience without deterring new customers.
• Anti-Money Laundering (AML) Regulations: AML regulations require banks to monitor customer transactions for suspicious activity that might indicate money laundering. In recent years the rate of money mule accounts has rocketed as individuals (many young people and students suffering the effects of the cost-of-living) have allowed fraudsters to use their accounts in return for financial rewards. These kinds of trends necessitate investment in transaction monitoring systems and compliance personnel.
• Fraud and Cybersecurity Regulations: As fraud and cyber threats become more prevalent, regulators are imposing stricter cybersecurity and fraud protection requirements on banks. This includes investing in data security measures, incident response plans, employee training and critically more effective solutions to protect consumers from fraud incidents and financial loss.

How regulation is evolving to encourage greater collaboration between industry sectors

As criminals exploit vulnerabilities across different sectors, regulations are increasingly pushing for greater collaboration, recognising that fraud is a complex problem that can't be tackled in silos.

The shared responsibility model for tackling Authorised Push Payment fraud is a prime example of this collaborative approach. It acknowledges that multiple parties play a role in facilitating a fraudulent transaction and therefore should share the responsibility for mitigating the harm caused. 

Working together, the banking, payments, financial services, telecommunications, and tech industries can create a more secure environment for consumers and businesses alike.

The financial fallout, how much are banks spending? 

Quantifying the exact cost of fraud prevention and compliance for banks is challenging. The figures vary depending on the size and complexity of the bank, as well as the specific regulations they are subject to. However, several studies shed light on the significant sums involved.

• A 2024 report by LexisNexis Risk Solutions found that UK banks and fintechs collectively spend a staggering £38.4 billion annually on compliance activities. This represents a 33% increase since 2021.
• The True Cost of Compliance research from Oxford Economics estimates that the global expenditure on financial crime compliance surged to approximately $274 billion in 2022.

These figures highlight the immense financial burden that fraud prevention and compliance place on banks. But the impact goes beyond just the bottom line.

Feeling the squeeze: the pressure on banks and fintechs 

The rising costs of fraud prevention and compliance create a squeeze for banks. On the one hand, they must invest in robust security measures to protect their customers and avoid regulatory fines. On the other hand, they need to keep costs in check to remain competitive. This pressure can lead to: 

• Reduced innovation: Banks may be hesitant to invest in new technologies or services if they perceive them to be too expensive or complex from a compliance standpoint.
• Higher fees for customers: Banks may pass on some of the compliance costs to their customers in the form of higher fees.
• A disadvantage for new entrants: The high cost of compliance can create a barrier to entry for new fintech companies and challenger banks who may not have the resources to compete with established players.

These consequences underscore the need for a more balanced approach to fraud prevention and compliance. Banks need to find ways to effectively manage risk and meet regulatory requirements without stifling innovation or placing undue burdens on their customers.

One area they must be focused on is the long-term impact of new products and services, including fraud strategies they deploy, and how they may impact and facilitate fraud threats of the future.

Voice authentication is one such example that has been implemented by banks and other service providers. The rise in audio deep fakes, in the form of voice cloning to impersonate customers and call centre agents threatens the service, and while there are counter solutions already available, the question has to be asked whether investing in it in the first instance makes commercial sense?

Striking a balance: the path forward 

The escalating costs of fraud prevention and compliance are a significant challenge for the financial industry. However, several strategies can help banks navigate this complex landscape:

• Embracing technology: Investing in advanced technologies like artificial intelligence (AI) and machine learning (ML) can automate many compliance processes, reducing costs and improving efficiency. AI-powered systems can analyze vast amounts of data to detect suspicious patterns and flag potentially fraudulent transactions.
• Greater understanding of fraud threats: Today fraudsters come well armed and well resourced. They are agile, unencumbered by national borders, and deploy scams designed to circumvent cybersecurity efforts. Banks must ensure they partner with companies that understand how fraud is perpetrated and what solutions will meet the challenges of balancing fraud prevention with great customer experiences.
• Collaborating across sectors: Greater collaboration with different sectors is already proving fruitful for banks. As banking has gone mobile and consumers increasingly interact via their smartphones, innovative partnerships and data sharing between mobile network operators and financial services is helping to rapidly detect and stop fraud. Most recently UK operators hailed a solution to tackle Authorised Push Payment (APP) fraud, recognised as the world's number 1 fraud threat. These kinds of partnerships can help banks stay ahead of the curve in the fight against fraud.
• Adopting a risk-based approach: Rather than applying a one-size-fits-all approach to compliance, banks can adopt a risk-based approach. This involves focusing resources on the areas of highest risk, allowing for more efficient allocation of resources.
• Improving data sharing with law enforcement: As online fraud has become the realm of organised crime groups perpetrating financial fraud on an industrial scale from across the globe, greater collaboration between banks, regulators, and law enforcement agencies can help to identify and combat its effects more effectively. Sharing data and intelligence can lead to more proactive and preventative measures.

Conclusion 

The cost of fraud prevention and compliance is a significant and growing expense for banks. The increasing sophistication of online fraud, coupled with stricter regulations, has created a perfect storm for financial institutions. While these costs are substantial, they are a necessary investment in protecting customers and maintaining trust in the financial system and ensuring long-term stability. By embracing technology, greater collaboration, and adopting a risk-based approach, banks can navigate this challenging landscape and strike a balance between security, compliance, and innovation. The future of financial services depends on it.

JT's Mobile Intelligence solutions use the unique datasets from Mobile Network Operators including subscriber and device data and provide it to banks, the financial services and payments sector, and wider economy to detect and stop online fraud and identity crime, and to provide greater assurance to KYC checks. Our services are helping UK high street banks combat Authorised Push Payment fraud, and we provide fraud alerts to over 135 million consumers worldwide. To find out more complete the form below and one of our fraud specialists will contact you:

Alternatively, Clare Messenger, and her colleague Jessica Letterman will be attending this year's Fraud Leaders' Summit. Do reach out to them to meet up at the event.