Combatting cyber fraud in Asia-Pacific
SWIFT complements anti-fraud solutions with Payment Controls Service, addressing the pressing need for ‘security-as-a-service’ in APAC
According to the Booz Allen Hamilton consultancy research report of 2018, Asia as a geography had experienced 668 cyber-attacks over the six-month research period, making it the primary geographical target for cybercrime.
Additionally, according to the global cybersecurity index, which looks to benchmark levels of cybersecurity commitment and awareness, many Asian geographies ranked very low.
Global Cybersecurity Index 2017
Guy Sheppard, Head of Asia-Pacific Financial Crime Compliance and Intelligence who recently spoke at the Indian Banks’ Association’s technology conference on cybersecurity in Mumbai said, “India is almost certainly a poster child for the four-key macro trends we see in cyber across Asia:
- It has a very active and focussed regulatory body that is keen to address this systemic market risk.
- India has a growing gap between the more sophisticated banks who have developed layered cyber prevention controls and the widening gulf between them and the rural institutions where awareness and preparedness is still very embryonic.
- The extreme growth of digitisation and the Indian customers’ expectation to enjoy a real-time, seamless and online experience with the banks so widening the attack factor significantly.
- And lastly, the unpleasant truth that Indian banks have already fallen victim to this type of cyber-crime.”
Sheppard added, “The Indian banking community is very much at par with its South East Asian cousins: they are at a crossroad where one path would see them organise, galvanise as a community to address this threat to the stability and trust placed in the Indian banking system whereas the other path will see this country suffer more attacks and loss of reputation.
But I leave this conference filled with hope and optimism that while India, like much of Asia, is the perfect breeding ground for this ‘common cold,’ it is where we are most likely to see the adoption of solutions like the SWIFT Payment Controls Service as the remedy to stave off these kind of attacks.”
What is SWIFT Payment Controls Service (PCS)?
PCS is a real-time, rules based direct response to the threats of fraudulent payments being sent from one institution to another by sophisticated and organised cyber criminals who have hacked the local infrastructure.
PCS offers three key capabilities:
- A network generated report of all in bound and out bound MT 103s, MT 202s, MT 202 covers, MT 205 and MT 205 covers for daily reconciliation and flags higher risk payments.
- A payments activity report that offers on-going deep insight into the institution’s payment flows, currencies, values and volumes of payments by correspondent as well as key operating hours to enable users to then define institution specific and relevant alerts.
- A real-time alerts and rule management system that will enable an institution to track, block and in extreme cases abort messages that trigger user defined rules and are declared fraudulent by the user.
The rules, capabilities and focus of the PCS solution have been crafted out of previous publicised cases of fraud as well as ongoing intelligence as to how this threat is evolving and changing. In this way, it is a specific solution for a pertinent and persistent threat.
The steps taken by the fraudsters to perpetrate the attack, in effect the modus operandi, has fundamentally not changed significantly and it is this attack type that is being repeatedly re-used to anchor against institutions connected with SWIFT network both globally and particularly in Asia.
Find out more