Banks saw more monthly fraud attacks in 2021 compared to the year prior, according to a study from LexisNexis Risk Solutions.
The ‘True Cost of Fraud Study’ surveyed 1,118 risk and fraud executives in retail and ecommerce companies in the US (973) and Canada (145) found that the average volume of monthly fraud attacks for banks earning more than $10 million in annual revenue has increased since 2020 from 1,977 to 2,320, the report found.
The study revealed that fraud costs also continued to rise. For every dollar of fraud lost in 2021, US financial services firms saw $4 in costs, up from $3.64 in 2020 before the pandemic. It also represents a 7.1% rise since the 2020 survey which was conducted during the pandemic.
The costs represent the transaction face value for which firms are held liable, fees and interest incurred, fines and legal fees, labor and investigation costs and external recovery expenses.
In 2021, online banking accounted for 33% of US banks fraud costs, up from 26% in 2020, while mobile transactions accounted for 29% of costs, up from 20% the year prior. In-person fraud accounted for 21% of fraud costs in 2021, down from 29% in 2020.
LexisNexis said the upshot in fraud costs attributed to the mobile channel stemmed from the pandemic pushing more consumers and fraudsters to do digital transactions. As people rely on their smartphones, the surge was greater on mobile channels.
The report also found that fraud losses take place across all stages of the customer journey, including opening a new account, account login and distribution of funds from a bank or investment account or a loan.
Among US banks, the distribution of funds stage was identified by 43% of respondents as being the phase of the customer journey most susceptible to fraud, followed by account login.
Banks noted that identity verification was a top challenge for online and mobile channels at all stages of the customer journey.
In November last year, federal agencies approved cyber-attack rules for the US banking system. The Office of the Comptroller of the Currency (OCC), Federal Board of Revenue and the Federal Deposit Insurance Corporation said that banks will be required to report incidents within 36 hours.
According to a report by Cybersecurity Ventures, total cybercrime costs are projected to reach $10.5 trillion by 2025, as account takeover cases, new account fraud, and other types of cyberattacks continue to rise.