Combatting Financial Crime at Scale
The CAPTURE® Platform is an unprecedented organized financial crime, terrorism and innovation executive-decision support and response system. The system is used in War Rooms and Boardrooms as the last line of defense when all else fails. The system provides trend intelligence about previously unknown, real-time massive attacks that operate beyond traditional system silos, peer groups, and accounts. The dashboard provides insights for executives, allowing them to pinpoint the exact impact of an attack without having to close the entire bank – instead, they can close only parts that are affected, before the attack becomes serious.
Belleron builds upon it’s established position as an Advanced Persisting Threats (APT) company. We have been successfully fighting APT for years, by installing defense systems, such as cyber-security systems, anti-fraud systems and compliance systems. As threats get more sophisticated and better funded, attackers take more time and they attack in more advanced, massive and difficult-to-detect ways. Most banks make tremendous effort to prevent security breaches, identity theft, financial fraud, money laundering, terrorist financing, and other risk-sensitive customer activities.
The main vulnerability of their protection systems is that they:
- Operate based on preventing “outside evil” from getting inside
- Are organized in stovepipes
- Do not cover scenarios in which they are internally compromised
The only conclusion to be made is that banks must start to anticipate threats that are unknown to them. Innovative banking requires more intelligent defense, providing the last line of defense when all else fails.
The bank defense systems are all concentrated on capital gain. Criminals attack a bank to win money. However, in our experience terrorists do not have capital gain as their main objective; instead they strive for disruption. What they want to create is disbe- lief, fear and panic. They want to kill your bank… Not by stealing money but by making sure that the public will stop using the services of your bank. So, it’s disruption and loss of credibility that the terrorists are trying to create; however, all the existing defense systems are related to financial crime for capital gain – not financial terrorism.
By installing all these APT defense systems, at Belleron we have seen all the available information and analyzed every threat for many years. We saw that, in every case, only the top of the information iceberg was used in these systems. That’s perfect for individual fraud, regardless the size; however, for massive attacks, these systems can’t prevent chaos.
Preventive real-time analytics are the Holy Grail when it comes to massive and difficult-to-detect terrorist attacks on banks and managing intelligent responses during the time of an attack unfolding. Today’s bank defense systems come with many limitations. Bank executives do not know how to respond when the attacks unfold.
They lack the executive decision support systems needed combatting unknown threats into measured responses. Below are four simple examples of fundamental issues that cause protection challenges.
- Most banks don’t track fraud cases under $100, because investigating it will cost a lot more than the $100 itself. However, if these frauds are unfolding and there’s 10,000 of these $100 fraud cases then these systems won’t spot this because they do not look at them nor see them as a main threat.
- Most banks don’t even monitor the information combined in a central environment on a very generic level, and, therefore, the “triggers” revealing the massive attack can’t be identified!
- Even if a central real-time combined information system is in place, banks are not able to work with such a system.They should be able to create “anomalies” with “adaptive thresholds” and “preventive analytics”, so that they can contain or block potentially unfolding attacks before they become a massive attack.
- But, that’s just the beginning, banks must make sure that the combined information system continues learning from what it’s monitoring. They must create smaller and smaller “fuse boxes”, so that, whenever a massive and difficult-to-detect attack unfolds, the impact on the bank is brought to a bare minimum, with very specific appropriate and effective responses to stop the attack.