Fraud detection: 12 common red flags

Over 50 percent of companies disclosed they were victims of fraud between 2020 and 2022, according to PwC’s Global Economic Crime and Fraud Survey 2022. This is the highest percentage of fraud seen in the last two decades of research conducted by the professional services network. In the UK, fraud now constitutes 40 percent of all crime, and yet only two percent of police funding is spent on combatting it. 

Due to the complexity of fraud, companies need to have an up-to-date of the most prevalent indicators and ensure their fraud detection solution is accurately calibrated to avoid missing any suspicious activity. This article explores twelve common fraud indicators and detection best practices – and why firms should move beyond loss prevention to integrated fraud risk management.

Signs of fraud: 12 red flags

As with any financial crime, different fraud typologies exhibit different behavioral profiles. Because fraudsters constantly adapt their methods, there is no exhaustive list of red flags for fraud. However, some indicators are common enough that they should be on any firm’s radar. They include:

Discrepancies in customer information 

This type of warning sign can suggest identity fraud and includes:

1. Multiple accounts with methodical spelling variations on the same name (ex., William Smith, Will Ian Smith, Bob Smith, Bobby N. Smmith, etc.).

2. Multiple customers with different names using the same contact information.

3. Accounts with inconsistent personal details, such as a social security number that comes back invalid or returns a different name than is on the account.

4. Multiple accounts manifesting unusual activity using minors’ personally identifiable information (PII).

Transactions inconsistent with the customer’s profile

Transactions that don’t match a customer’s typical or likely activity can indicate many fraud typologies. Examples include account takeover, stolen payment information, check kiting, scams, and public benefits fraud. Signs to watch out for include:

5. Point-of-sale (POS) transactions inconsistent with the customer’s address or typical habits, especially if they occur at wildly varying locations or without time for travel (e.g., a customer spends at a supermarket in their hometown at noon, then at a boutique shop in Paris an hour later).

6. Payments or received funds that don’t match a customer’s lifestyle, income, or expected behavior. This can include unusually high deposits quickly withdrawn or immediately paid back to the originating account. It can also include excessive payments exceeding a balance or credit limit – especially when combined with repetitive, unusual timestamp or amount patterns.

7. Public benefit payments (such as Social Security retirement) to an individual that does not qualify and whose spending is not on behalf of a legitimate recipient.

8. Repetitive purchase returns, disputes, and/or chargebacks that exceed reasonable activity for the customer.

A Practical Guide to AI for Financial Crime Risk Detection

Explore real-world use cases showing how artificial intelligence can enhance transaction monitoring systems.

Download the Guide

Signs the customer is being pressured or manipulated

Firms should be vigilant for signs of coercion or abuse when interacting with customers, particularly those with vulnerabilities such as cognitive disabilities, isolation, age-related health issues, or economic difficulties. This may happen in person or when the bank contacts the customer to verify an unusual transaction. Signs to be aware of include:

9. The customer says they have to send large or repetitive sums of money to a loved one, particularly if it involves an urgent or secretive situation.

10. The customer believes they are in personal danger if they do not perform a transaction or make a withdrawal.

11. A customer appears to be unduly influenced to make transactions by a third party, such as a new friend, a family member, or a caretaker. This third party may be in-person, on the phone with them, or repeatedly mentioned while not present.

12. The customer makes repetitive transactions they cannot explain or seem agitated about.

It’s important to note that fraud indicators are not conclusive on their own and always require further investigation before firms can establish the nature of the activity in question. Firms ultimately need to perform a comprehensive enterprise-wide risk assessment (EWRA) and refresh it regularly. This will ensure they focus on the fraud typologies and red flags affecting their operations.

Firms should also note that although fraud and money laundering are separate offenses, they are connected. For example, many fraud victims become money mules unwittingly or through manipulation. Both fraudsters and money launderers may rely on similar deceptions to conceal their funds. Money laundering is often integral to fraud scheme logistics performed by the same entity or group. This is why fraud and money laundering can sometimes share red flags.

Detecting fraud effectively: Best practices

Firms should integrate their fraud detection processes into a broader, risk-based framework. Here are several best practices that can lay the groundwork for effective fraud detection:

• Start with a thorough risk assessment – Although certain red flags are shared across various scenarios, each firm’s risk is unique to its business model and practices. Firms should not rely on a one-size-fits-all approach to fraud typologies, red flags, or risk management, as this can lead to inefficient and ineffective fraud detection. Instead, firms should include fraud risk in a regular, thorough EWRA to establish their unique risk profile. This assessment should consider financial crime risk across the board, from fraud to money laundering and terrorist financing.
• Take a holistic view of financial crime – When applying the results of a firm’s individualized risk assessment, a truly risk-based approach will consider the whole ecosystem of financial crime. Traditionally, firms have viewed fraud detection as part of a process primarily aimed at reducing loss to the company and maintaining positive customer service. While these are important aspects of fraud detection and prevention, they are not the whole picture. As a predicate offense to money laundering, fraud is often tied to broader criminal activity, from other predicate crimes such as wildlife and drug trafficking to money laundering and terrorist financing. To effectively combat fraud, firms must understand it in its entire context rather than viewing fraud events as isolated incidents.
• Collaborate with compliance teams – All too often, fraud and AML teams operate in siloes. Yet, the crimes they seek to mitigate are part of the same system. If combined, both departments have access to information that could significantly improve the firm’s overall understanding and mitigation of its risks. 
• Ensure teams are well-equipped – Even the best fraud prevention policy relies on teams with the knowledge and tools to carry it out. Firms should provide ongoing, risk-based training to their analysts. But even the best-trained analyst needs effective tools to do their job well. Conduct a thorough audit of existing fraud detection tools, including a gap analysis highlighting deficiencies or siloes, and plan to implement technological updates as needed.
• Prioritize alerts to reduce false positives – One cost-effective way to give a legacy system new life is to use an artificial intelligence (AI) overlay that prioritizes existing alerts. Such a solution doesn’t require a total overhaul but can assess risk in alerts generated by a firm’s native rules-based engine. Based on this risk analysis, the overlay prioritizes the riskiest alerts so analysts can quickly recognize and investigate true positives.
• Create custom rules – By creating custom rules that trigger based on a variety of scenarios, firms can tailor their fraud detection software to specific risks and evolving fraud tactics. Out-of-the-box rule libraries can also be utilized to ensure common fraud patterns are identified and prevented. 

By following these best practices for effective fraud detection and prevention, firms can ensure their risk management framework is well-prepared to meet the rising challenges of global financial crime.