Recent allegations against Block by Hindenburg Research, concerning inflated user metrics via “frictionless fraud facilitation,” underscore a critical lesson for the fintech industry: proactive fraud and compliance measures are paramount. While these allegations remain unproven, the immediate 13% stock drop highlights the severe consequences of perceived vulnerabilities in compliance.
For fintechs and financial institutions, fraud and compliance should be a central consideration, not an afterthought. Several red flags have emerged which should be noted. Here are key solutions to counter them:
Robust KYB identity verification processes are essential. This includes sanctions checks (OFAC, PEP, SDN) and negative news screening during account opening. While sanctions checks are a regulatory requirement, negative news screening adds an invaluable layer to your risk program, helping to prevent fraudulent activities. Employing automated scoring systems that utilize fuzzy matching logic can identify potential risks, such as connections to previously incarcerated individuals. A risk-based approach allows for tiered onboarding procedures based on fuzzy match scores, with stricter monitoring for higher-risk accounts.
Real-time transaction monitoring is vital for identifying and offboarding users involved in illicit activities like terrorism financing, or general money laundering. A comprehensive database of Anti-Money Laundering (AML) typologies is crucial for effective monitoring. Leverage a pre-built rule bank with hundreds of typical AML and fraud typologies to jump-start your compliance efforts across onboarding, account funding, logins, payments, and other key checkpoints.
Implement customer risk scoring at onboarding to verify identity ownership beyond static PII. Employ methods like documentation verification (passport, national ID card, driver’s license) for medium/high-risk users, and utilize behavioral biometric profiling to assess the authenticity of provided information. Matching identity packages to verified phone numbers via telco data further strengthens verification.
Combine customer risk rating with transaction monitoring, adjusting thresholds based on individual risk profiles. Ensure deposit and spending patterns align with the stated source of funds, pausing suspicious transactions for further investigation.
Utilize connected user analysis via network graphs to identify relationships between accounts, emphasizing strong attributes like shared SSNs, device IDs, or email addresses. Automate the discovery of connected users by aggregating counts of users sharing the same device ID, email, or phone number. Identify fraud rings by monitoring the number of strongly connected users.
Before shipping cards, conduct thorough address verification checks to determine if the address is residential, and matches the latest address provided. Assess address volatility and velocity to identify potentially fraudulent activity. Ensure the name on the account matches the intended recipient by validating counterparty bank details for ACH credits and debits.
By prioritizing fraud and compliance, businesses protect themselves from financial loss and legal penalties, and build a stronger foundation for sustainable growth and increased customer trust.