Brokerage firms need to rethink what counts as a “red flag” when it comes to frauds and investment scams, as artificial intelligence-powered tools are enabling criminals to pull off schemes that wouldn’t trigger traditional alarms, according to panellists at the U.S. Financial Industry Regulatory Authority Inc.’s (FINRA) annual conference in Washington, DC.
In a discussion that addressed trends in financial crime, panellists discussed the evolving threat environment for industry firms.
Given the industry’s embrace of digital technologies over the past five years, and the growing availability of AI tools, firms have seen their control of the threats against them diminish — as fraudsters can now easily fake the kinds of documentation that industry firms traditionally used as identity verification, such as cheques and bank statements, the conference heard.
This, in turn, is enabling more schemes that don’t raise traditional red flags, said Thor Nelson, head of financial crimes compliance at Ameriprise Financial Services, LLC.
For instance, scammers are posing as new clients, opening accounts in person, with relatively modest amounts of money, to carry out schemes that don’t trigger typical compliance alerts, he noted.
At the same time, the availability of tools for making sophisticated fake documents, or deep fakes, is making it cheaper, faster and easier to carry out schemes such as account takeovers and pump-and-dump schemes — expanding the population of potential scammers, noted Max Tourtelot, vice-president, surveillance and market intelligence at FINRA.
In this climate, pump-and-dumps, ramp-and-dumps, and other kinds of market manipulation schemes are being carried out much more quickly, he noted. In addition, listed companies are increasingly being used to carry out these schemes, instead of just targeting the over-the-counter (OTC) stocks that are the traditional vehicles for these sorts of schemes.
Against this backdrop, guarding against the growth of AI-powered scams requires firms to refine what constitutes a red flag, deepening their approach to querying client activities, and to understanding their reps’ businesses, attendees heard.