We’re living in a golden age for financial crimes and it’s a good time to be a bad actor. Among the many potentials for crime is stimulus fraud – such as what occurred last year with the major stimulus packages passed in response to the pandemic. In 2020 alone, fraudsters siphoned off $36 billion meant for unemployed Americans, and Californian authorities are investigating the possibility that nearly $11 billion was stolen by criminals making fraudulent claims. While unemployment fraud happens elsewhere in the world as well, the sheer scale of the U.S.’s reactive social stimulus structure is a perfect storm for theft.  

In light of the latest COVID-19 stimulus package, the risk of fraud and theft will only increase. It’s time to look again at why this type of funding carries the risk of fraud and what needs to be done to stop it.  

Understanding the potential for stimulus fraud during a pandemic 

There are two types of fraud at play - the smaller-scale, opportunistic types of crimes, and then there is industrial-scale, organized crime. Within these two categories are wholesale identity theft, elder theft and human trafficking. There is a ripple effect when it comes to stimulus theft that goes far beyond what the Federal Trade Commission counts when compiling pandemic-related stimulus fraud reports. 

To understand the potential for COVID-19 stimulus fraud and why it’s so significant, it’s important to understand the situation at hand. The number of shell companies, for instance, has gone through the roof during the pandemic. While money launderers are still selling drugs, they have piles of cash that they haven’t been able to launder through the channels they normally would use due to business closures and lockdowns. So now, they are buying small, distressed businesses for cash, like restaurants. And while the ownership has changed, the operation model hasn’t – and these businesses are making payroll protection claims, for instance.  

Once again, regulatory and law enforcement officials are concerned about the pivot of traditional financial crime into a new and incredibly lucrative opportunity. The most logical comparison is the Troubled Asset Relief Program (TARP). The man who ran TARP, Bill Barofsky, once said that 10% fraud was assumed with that stimulus package. Going by this estimate, the exposure is a quarter to half a trillion dollars of fraud – or $250 billion to $500 billion potentially being stolen. That’s roughly the size of the GDP of Portugal! And, TARP was a well-run, well-understood stimulus, focused on a manageably small number of recipients. Think about the programs that aren’t as well-run and the implications there. The trouble is that these massive amounts of loss are being accepted as the cost of doing business. 

What banks need to know and do 

Two of the largest problems complicating this issue are a lack of oversight and banks’ inability to truly know their customers. Banks need to understand their customers enough to understand the risks at hand, but they’re currently being hindered by outdated technology.   

There’s also a fundamental misunderstanding about where the responsibility lies when it comes to regulating the release of stimulus money. The big issue in five or six years’ time will be when the U.S. Justice Department tries to hold the banking industry accountable for paying out half a trillion dollars to fraudulent recipients. Of course, the banks will lay the blame on the federal government and argue that they were just doing what they were told to do. But then the Justice Department will remind them that they have a fiduciary responsibility as the custodian of federal funds. In the end, it will likely have to be settled in the courts.  

 It’s understood that there’s a problem, but in the interest of releasing funds in a timely manner, it’s a situation of either pointing fingers or simply kicking the can down the road and assuming it can be dealt with later.  

Does AI really know your customer? 

 Eventually, banks are going to pay the price. The better option is to take a proactive approach to reducing the problem before it becomes one. Knowing your customer is a huge step toward that approach. 

 Banks must get to know their customers intimately. Financial institutions must deal with the personal data protection mandates put forth by regulations like GDPR and the California Consumer Privacy Act (CCPA). In addition to those challenges, they are dealing with processes, technologies and policies that are outdated, sometimes by 20 years or more. When it comes to most types of financial crime, banks and other such institutions are relying on techniques and rules from the early 2000s. Those techniques and rules were codified against known crimes from the 1980s and 1990s. It’s outdated, to put it mildly.  

Many look to artificial intelligence to solve this challenge. However, it has become evident that typical approaches to fighting fraud using machine learning and AI fail to address today’s stimulus fraud-fighting needs. That’s because even with the advantage of AI, risk officers are unable to identify false negatives amidst the massive alert backlog – especially using outdated rules. These are the same types of problems that many organizations face with traditional business analytics tools too. There’s a stark contrast between actually being able to know your customer and the perception of being able to do so.  

In short, investigators need more accurate alerts. AI becomes a valuable investment because it does what even the best investigator can’t: it finds that weak signal in behavioral change across massive dimensions of evolving new data. It certainly can’t be done by systems using rules designed over a decade ago. AI can help fraud teams spot that customer who has thus far kept a low profile but decides to make the most of relaxed “know your customer” rules and get all they can from a stimulus package.  

Precision fraud prevention 

The $1.9 trillion COVID-19 relief package passed earlier this year brings an absolutely massive opportunity for fraud. As banks continue to release federal funds to applicants whom they believe are qualified, risk proliferates.  In this golden age for cybercrime, banks can use precision AI to radically reduce the number of inaccurate alerts so that fraud teams can focus on the true threats and fight stimulus fraud. That’s a win both for individual banks and the federal budget. This is a journey; not all AI solutions are created equal and it’s not a silver bullet. Banks and other financial institutions have their work cut out for them in terms of due diligence, but solving these problems is imperative.