ABA Banking Journal
No Result
View All Result
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive
SUBSCRIBE
ABA Banking Journal
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive
No Result
View All Result
No Result
View All Result
Home Compliance and Risk

Capturing These Three Data Types Can Transform Your Fraud Monitoring

February 25, 2021
Reading Time: 4 mins read
Capturing These Three Data Types Can Transform Your Fraud Monitoring

By Matthew Van Buskirk

When we think of the work done by anti-fraud and AML teams, we automatically view it from the bank’s perspective. We know that bad actors are trying to commit fraud and launder money through the financial industry, and we take steps to stop it. We think in terms of how much it costs to keep the bad guys out.

But we rarely think about this from the bad guys’ perspective and how much it costs them to get in. Viewing things through their eyes is the key to understanding how to design modern AML programs—don’t try to block them outright. Instead, make it too expensive for them to bother trying.

Bad actors are changing their tactics quickly, and keeping up is difficult for banks.

Compromised Data and Synthetic Identities

Security firm Norton reported that 4.1 billion consumer records were compromised in 2019. We have reached a point where a fraudster may be more likely to pass standard KYC/CIP checks than a legitimate customer. This is possible because the fraudster can buy a full set of compromised identity data on the dark web and enter completely accurate customer information when signing up for an account. Since that information is entered via a script, the fraudster won’t make any mistakes where a real person may fat finger a digit in their Social Security number.

Compromised data sets are bad, but there is still a chance that the consumer will notice unexplained accounts on their credit report. Synthetic identities remove that risk for the bad actor. The FTC identified synthetic fraud as the fastest growing form of fraud in the U.S.

This approach is even harder to detect since the identities are manufactured to appear real. Bad actors combine pieces of different individuals’ personal information into a synthetic persona then patiently build a history for that persona, often including financial accounts, on-time loan payments and an online social media presence. In the fraud context, the bad actors are looking to build trust to allow access to large credit lines before “busting out” and disappearing. Most of the focus on synthetic identities is on their potential for fraud, but the more nefarious use case may be in money laundering where the manufactured identity keeps operating normally with no fraud occurring.

If the only tools at the banks’ disposal are credit checks, validation of CIP data fields, and rules-based transaction monitoring, it will be nigh-on impossible to differentiate between the good customers and the wolves in sheep’s clothing.

So, how should a bank deal with these evolving threats?

In short, look to capabilities developed in the fintech space that center on gathering data beyond the scope of traditional KYC/AML programs.

In a fintech firm, the customer’s primary if not only means of interaction with the product is through a smartphone. They never meet their customers face to face and may only rarely speak with them on the phone. A bank’s face-to-face interaction with its customers is often viewed as a positive since it allows for some certainty that the person is real, but that is a false sense of confidence. The various channels a customer can use to interact with a bank mean that the bank needs to spread its risk controls more widely. By contrast, fintech companies invest more deeply in digital capabilities. That investment mainly focuses on capturing additional data signals that can paint a more complete picture of customer activity to determine whether something feels off.

Three categories of data are mattering more than ever:

1. IP intelligence—Bad actors take steps to hide their internet tracks, making it difficult to trace the activity back to them. Legitimate customers may use tools such as VPNs to protect themselves from identity theft, but more sophisticated tools such as TOR are more often than not a mark of something suspicious going on. IP intelligence monitoring can give compliance teams insight into how the customer connects to the bank’s platform and prime them to ask the customer to reconnect without any masking techniques to validate who they are. Of course, this signal alone isn’t enough for the most sophisticated bad actors as they may be working with a network of compromised home computers and can route their activity through a customer’s IP address without the customer knowing.

2. Device fingerprinting goes a step beyond simple IP intelligence to capture additional device attributes such as its operating system, web browser, hardware properties, languages installed, etc. Each element makes the bad actor’s job more demanding since they either need to figure out how to fake everything or literally go out and buy a new device for each account that they open. Adding device fingerprinting capabilities can suddenly surface connections across accounts that may look wholly unrelated and otherwise completely normal, allowing you to ask some pointed questions about why they all appear to be connecting through the same device.

The prior two categories of data add technical complexity to any effort to circumvent a bank’s controls. That complexity requires an investment of time and money, but it is still possible for more sophisticated bad actors to find their way through.

3. Behavioral signals are the final, and perhaps most potent, category of data to capture. Behavioral analytics tools have become more sophisticated in recent years as tech companies sought to understand how their customers interact with their products. Knowing where the customer was tapping the screen was incredibly valuable for designers seeking to provide the best possible experience and for advertisers who wanted to know the best placement for an ad. Conveniently for bank AML teams, those same signals are clear indicators of abnormal customer behavior.

Considering bad actors’ perspective once again, it is important to remember that they also have daily lives to live. They do not want to sit at a desk and manually manage every compromised account, so they design software bots to help them. From a tech-savvy bank perspective, a bot interacting with its platform will look very different from a real person. Even if there are no bots in use, there is still a good chance that the account will show signs of abnormal behavior in terms of when customers interact with the product, how long they are in the product, and what aspects of the product were used. It is also likely that they will be checking in on all of their accounts simultaneously, so the bank may see spikes in activity across many accounts that don’t look to be related to one another.

Where does this leave the bad actors? When faced with a bank that has invested in augmenting its technology stack with the ability to gather all of this additional data, they are likely to take their “business” elsewhere.

Matthew Van Buskirk is co-founder and co-CEO of Hummingbird.

Tags: Anti-money launderingDataFraudRisk management
ShareTweetPin

Related Posts

New task force to tackle financial fraud, scams

Survey finds most U.S. adults were scammed in 2025

Compliance and Risk
July 8, 2026

More than two in three adults report they were personally scammed last year, with those scams costing an estimated $68 billion, or four times what was reported to federal authorities, according to a new survey by the Stop...

ABA, BPI support proposed process to create drone no-fly zones

ABA, BPI support proposed process to create drone no-fly zones

Cybersecurity
July 7, 2026

In a joint letter to the FAA, ABA and BPI said that unauthorized unmanned aircraft activity near financial institution sites can create “obvious and legitimate risk” to physical security as well as cybersecurity, as the technology can be...

How to Talk About Your Bank’s Fintech Collaborations

The trust dividend

Technology
July 7, 2026

How regulatory and consumer expectations are shifting how partner banks compete for fintech deposits.

FCC grants ABA-requested extension of ‘revoke all’ rule’s effective date

ABA joins with consumer rights group to protect fraud alerts

Compliance and Risk
July 1, 2026

ABA joined with the National Consumer Law Center and ACA International in proposing to the FCC a rewrite of the “revoke all” rule. The rule is set to take effect on January 31, 2027, but the FCC is...

A close call with fraud

ABA Fraudcast: Defending customers from wire fraud

Compliance and Risk
July 1, 2026

'It's asking questions like: Have you been coached? Is someone telling you to do this? Is this going into an account that you opened or authorized to be opened?'

Republican lawmakers urge Trump officials to preserve CDFI Fund

House committee advances ABA-backed bills on fair credit liability, check fraud

Compliance and Risk
June 30, 2026

The House Financial Services Committee advanced legislation that would align Fair Credit Reporting Act liability with other financial consumer protection laws, reform the Securities and Exchange Commission and give banks more time to verify suspicious checks. The three...

NEWSBYTES

Survey finds most U.S. adults were scammed in 2025

July 8, 2026

ABA urges lawmakers to restore limited NOL carryback option

July 8, 2026

Consumer credit was unchanged in May

July 8, 2026

SPONSORED CONTENT

Why Your Systems Keep Slowing Down — and What to Do About It

Examiners Are Now Looking at Your Non-Core Systems

June 11, 2026
Your Floorplan Audit and Your Credit Decision Are Weeks Apart. That Gap Has a Price.

Your Floorplan Audit and Your Credit Decision Are Weeks Apart. That Gap Has a Price.

June 1, 2026
A Modern Blueprint for Serving High-Net-Worth Families

A Modern Blueprint for Serving High-Net-Worth Families

May 28, 2026
Why Your Systems Keep Slowing Down — and What to Do About It

AI Is in Your Bank. Is Your Cloud Contract Governing It?

May 20, 2026

PODCASTS

Podcast: Understanding the 2025 Home Mortgage Disclosure Act data

July 8, 2026

Podcast: Financing America’s independence

June 29, 2026

Podcast: Talent and innovation in community banking

June 18, 2026

American Bankers Association
1333 New Hampshire Ave NW
Washington, DC 20036
1-800-BANKERS (800-226-5377)
www.aba.com
About ABA
Privacy Policy
Contact ABA

ABA Banking Journal
About ABA Banking Journal
Media Kit
Advertising
Subscribe

© 2026 American Bankers Association. All rights reserved.

No Result
View All Result
  • Topics
    • Ag Banking
    • Commercial Lending
    • Community Banking
    • Compliance and Risk
    • Cybersecurity
    • Economy
    • Human Resources
    • Insurance
    • Legal
    • Mortgage
    • Mutual Funds
    • Payments
    • Policy
    • Retail and Marketing
    • Tax and Accounting
    • Technology
    • Wealth Management
  • Newsbytes
  • Podcasts
  • Magazine
    • Subscribe
    • Advertise
    • Magazine Archive
    • Newsletter Archive
    • Podcast Archive
    • Sponsored Content Archive

© 2026 American Bankers Association. All rights reserved.