Trader fraud is on the rise. Last year, the Security and Exchange Commission
announced it filed 868 enforcement actions exposing financial reporting-related misconduct by companies and their executives. The announcement noted that 2016 had the most ever cases involving investment advisers or investment companies (160) and the most
ever independent or standalone cases involving investment advisers or investment companies (98).
As the SEC findings suggest, fraud is prevalent in banks today. Google “trader fraud” and there will likely be a recent news story on it describing how one individual (or a bank) committed the crime. So, what’s promoting the rise in fraudulent transactions?
The truth is, when it’s an inside job, trader fraud is “easy” to pull off. Standard practice is to have an employee authenticate the trade by inputting a password (either their own or a generated "one-time password”) or using a token. But, if the news has
taught us anything over the past year and more – passwords can very easily be hacked or stolen. So if a trader approves a fraudulent trade and gets caught, they can easily deny having made the transaction. Using these current methods, there’s no way to prove
otherwise: after all, someone indeed could have stolen it and used his account to authorize the transaction.
Passwords and tokens are insufficient security measures in themselves because they cannot authenticate who requested the authorization. If a trader is required to authenticate a trade with a biometric identifier – like a fingerprint – there would be no question
about its ownership. Biometrics provide the legal non-repudiation needed to significantly reduce trading fraud.
Biometrics alone, however, may not even be enough. If financial institutions truly wish to practice strong security measures, they will adopt the one-two punch of biometrics and blockchain. With biometrics, we can prove transaction signing is safer, but
if the log itself is rewritten – biometrics cannot protect against that. This is where blockchain comes in: adopting blockchain to store signed transactions makes the log decentralized, untouchable, and more importantly – transparent.
At its simplest, blockchain is a decentralized, global notary ledger. Information recorded on the blockchain can be later retrieved, verified, exchanged, transferred, decrypted, or used as a proof of possession, non-repudiation, or for attestation depending
on the use case and context. If blockchain technology is used, fraudulent transactions could have never taken place. Even if, say, someone could replicate someone’s biometrics, with blockchain, the fraudulent activity would be recorded for everyone to see.
With increasingly sophisticated techniques used by hackers, adopting cutting-edge technology to thwart these efforts is no longer optional for banks and financial institutions – it’s an operational imperative. This is particularly true when protecting against
trader fraud. Top-notch security measures like these make it not only incredibly difficult to commit fraud, but also discourage those from taking practice in it. Fraudulent transactions cost banks – and individuals – millions each year. Let’s stop trader fraud
in its tracks with adopting the best-of-the-best security practices.