On September 17, techUK hosted an event in London on the subject of “Preventing and tackling financial crime”. Over the course of the event, participants looked at how financial crime affects people and organisations and what can be done to bolster both prevention and enforcement. Among the experts who delivered presentations at the sold out session was CyNation’s Insurance Business Director, Silvi Wompa Sinclair (right).
Q. How was the event?
Silvi: I found it extremely interesting because I am always learning new things! I already knew quite a lot about this area, but not nearly as much as I’d like to know, so I found the event very useful. It was also useful for CyNation to attend and it was good for our reputation.
Q. What were the themes of the event?
Silvi: Specifically it was how to use technology to tackle financial crime, in particular money laundering, fraud and the using of dual accounts to transfer money from illicit activities and so on.
Q. What was the essence of the message you delivered?
Silvi: My message benefited because it was put nicely into context by the other speakers. I went onstage just after a panel of bankers and representatives from other financial institutions. They were saying that, essentially, they had to sit and wait for a crime to take place before they were able start monitoring or investigating the crime. It was quite useful to go onstage and say: “actually there is technology that can map out patterns so, although you may not be able to catch every culprit, if you catch 20% that is a major improvement”.
I spoke about how pattern recognition and AI can establish the kinds of event that are taking place and, if you can stop them, before it happens then a lot can be gained.
The overall speech showed how CyNation does this. I took a starting point by explaining how a huge portion of cyber crime is financial crime and much of this comes about through third-party ecosystems. It’s for this reason that CyNation focuses on monitoring and understanding any company’s third-party ecosystem.
I then described how CyDesk does this and how it helps people to prevent and predict financial crime by extracting data from some 900 data sources, both internal and external and from the light web and dark web. I outlined how CyDesk turns that into intelligence that can actually be used.
I finished with two use case examples: one for a bank client in central Europe and one for a retail client. The bank example covered the following points:
- Monitoring the risk performance of their critical digital banking vendors.
- The risk performance of one of the vendors didn’t match the due diligence report. The vendor handles online payments and ATMs for the bank.
- The vendor denied any issues.
- CyDesk identified the fourth parties to whom the vendor was outsourcing the payment processing and with whom they were sharing the bank’s data.
- The vendor had failed to mention the changes in their fourth parties, especially as some of them were not compliant with the banking requirements in the country. Not to mention that the processing of the bank data was taking place outside the agreed jurisdiction.
- In a follow-up investigation, it was identified that the identified fourth parties and certain individuals within the vendor were running a fraud operation that cost the bank a few million over the past two years.
The retailer example demonstrated the abilities of CyDesk to forecast potential financial fraud across the supply chain:
- Monitoring the risk performance of their critical suppliers.
- CyDesk observed that one of the retailer’s vendors was facing financial difficulties from:
o Accounts filed
o News headlines
- As a consequence, CyDesk took a closer look at the risk performance of the retailer’s own company directors and executives:
o News and reputation
o Legal cases
o Criminal history
o Cyber hygiene breaches (emails, business accounts, bank accounts, credit cards leaked to or for sale on the dark web)
- CyDesk highlighted an increased risk to the retailer from:
o Business interruption due to financial or digital disruption to the vendor service
o Invoice fraud due to the ability of a malicious actor/criminal to take over a senior manager/executive account and orchestrate changes in payment details
Q. How did the presentation go down?
Silvi: I had several enquiries, asking for more information. One enquiry was from the Australian Trade Commission, asking if we could come to Australia! Another was interested in co-selling with us. Another asked if our technology was applicable to all industries – which it is. And the networking was very useful.
From my insurance point of view, attending and presenting at this event definitely gave me a different view. If you take the insurance industry perspective, we can now strongly predict how likely a particular client is to be vulnerable to financial crime of one sort or another.