Threat actors love it that organisations operate in silos? The reason is simple. Siloed operations introduce latency in terms of how fast organisations can respond to a threat. Take fraud for instance and use Singapore as an example. The city-state reported S$1.1 billion in losses on the back of 51,501 scams in 2024.
New legislation empowering police to restrict banking transactions for potential scam victims marks a significant step forward. However, effective combat against cyber fraud necessitates an integrated approach involving collaboration and intelligence sharing across fraud, cybersecurity, financial crime, and anti-money laundering teams.
The Financial Services Information Sharing and Analysis Center (FS-ISAC) has introduced the Cyber Fraud Prevention Framework—a comprehensive tool designed to enhance cooperation among financial institutions in Asia. Given the region's complex landscape of interconnected fraud and cyber threats, this framework is particularly vital for financial services institutions (FSIs).
Structured approach to fraud prevention
The FS-ISAC framework delineates the lifecycle of a cyber-fraud attack into five distinct phases: Reconnaissance, Initial Access, Positioning, Execution, and Monetisation. This structured approach equips teams with a common lexicon to identify vulnerabilities early in the attack cycle, thereby bolstering threat visibility and strengthening fraud controls.
"The interconnectedness of fraud and cyber threats is intensifying, and financial firms cannot afford for their internal teams to operate in silos," warns Linda Betz, executive vice president of Global Community Engagement at FS-ISAC
Enhancing collaboration and information sharing
One of the framework's significant advantages is its capacity to foster collaboration among various teams within an institution. By pooling knowledge and insights, teams can better identify gaps in their understanding of fraud schemes and gather necessary data.
This synergy empowers institutions to disrupt cyber fraud more effectively, safeguarding both their reputations and financial assets.
"The Cyber Fraud Prevention Framework is crucial for enhancing our team's ability to prevent, detect, and respond to fraud, marking significant progress in the cyber fraud domain," added Dave Daniel, vice president of Cybersecurity Operations, Nationwide Mutual Insurance Company.
Strategic applications in Asia
In Asia, where financial systems are increasingly digital and interconnected, the framework serves as a critical tool for enhancing fraud prevention capabilities. By adopting this framework, Asian FSIs can:
- Unify Teams: Integrate cybersecurity, fraud, and financial crime teams to share intelligence and coordinate responses.
- Leverage Intelligence: Analyse fraud from multiple perspectives to identify vulnerabilities and deploy controls earlier in the fraud lifecycle.
- Implement Targeted Controls: Utilise insights from the framework to anticipate and prevent fraudulent activities before they materialise.
Future of the Framework
The framework will require continuous governance, adaptation, and the application of controls to address evolving threats. It also includes mechanisms for heat mapping high-risk areas, enhancing collaboration across the sector.
By providing a structured approach to fraud prevention and bolstering collaboration among critical teams, it plays a pivotal role in safeguarding the sector’s reputation and financial assets in an increasingly complex digital landscape.