How banks and fintechs can prepare for more fraud amid Silicon Valley Bank shutdown

Chaos ensued over the past several days after regulators shut down Silicon Valley Bank (SVB) across markets, in a move that will have lasting implications for the banking and startup industries worldwide.

Beginning last Wednesday, many businesses started moving money or opening new accounts at other banks to protect their assets. As we learned from the over $100 billion in pandemic relief funds stolen by fraudsters in the US and billions in other countries globally, bad actors see a chaotic atmosphere like this as a window of opportunity to strike; this time by opening fraudulent accounts while you are already seeing a spike in new account openings.

Banks and fintech companies that have a flexible fraud tech stack in place will be best equipped to respond to the higher volume of fraud they will see in the coming days, weeks, and months.

Fraud patterns to pay extra attention to right now

In response to SVB’s shutdown, many businesses are now opening new bank accounts and moving their money into them. You should expect to see a spike in new business account applications and ensure your business onboarding processes are set up to detect and prevent new business account fraud.

How to prevent new business account fraud

Over the past eight years, over 400 companies have used Alloy’s API-based platform to connect to more than 170 data sources. We have leveraged this experience to optimize strategies for automating identity decisions during account origination and ongoing fraud monitoring. Our broad network of data providers ensures that banks and fintech companies are set up to detect and prevent fraud in any scenario — including a spike in new business applications.

To understand how to prevent fraud in this climate, take a look at our best practices for onboarding new businesses, which combine meeting (Know Your Business) KYB requirements and preventing fraud in a single workstream while maintaining a frictionless experience for legitimate customers.

1. Streamline your business verification and individual verification workflows to get the complete picture of the business you’re onboarding and its beneficial owners. If the business is a sole proprietorship, you can run it through your standard Know Your Customer (KYC) workflow. If the business is an incorporated business, such as LLC or Ltd., you should run it through your KYB workflows while simultaneously running any Beneficial Owners through your KYC workflows.

2. Set up tracking and alerting to easily flag fraudulent users trying to open multiple accounts. We recommend flagging accounts that share identity elements, such as the same:

   1. National identity number/ national insurance number, such as the US Social Security Number (SSN)

   2. Phone number

   3. Email address

   4. Names

3. If your initial data sources yield inconclusive results, route these applicants to step-up verification/Enhanced Due Diligence (EDD) for further investigation. Leverage additional verification steps for applicants that surpass certain risk thresholds, such as document verification (IDV), selfie verification, and phone-based verification. Alloy works with step-up vendors who have tailored their experiences to maximize conversion.

4. Use device analytics in combination with other signals like behavioral analytics to detect risky behavior, such as foreign IP addresses or copying and pasting in personally identifiable information (PII).

5. Analyze your data for trends in new accounts that are consistent with bad actors in your historical data. For example, if you see an influx in new applicants using Hotmail email accounts, and you have historically seen a higher rate of fraud among users with Hotmail accounts, you may want to send these applicants through an additional step-up/EDD ID verification check vs. straight through KYC database checks.

6. Continue to monitor for fraud closely during the first few months of the customer lifecycle. Best practices include:

   1. Implementing alerts that detect unusual activity around inflows and outflows of that new bank account

   2. Leveraging AI-based models that take into account both onboarding data and account activity

   3. Validating any changes in contact information after account opening

You don’t have to build all this from scratch

The waters will continue to be murky as the banking and startup industries react to this shake-up. Luckily, tools exist to help you beat fraudsters at their game. If you’re an Alloy client, good news: Alloy does all the above out of the box!

If you’re not already an Alloy client, we can help set you up with a “new-applicants” review to identify any obvious fraudulent accounts onboarded recently. Reach out to us at [email protected].