In October 2020, the Central Bank of Brazil introduced PIX, a real-time payments system offering speed and ease of use. PIX was introduced to bring interoperable QR codes to digital wallets 24/7/365, meaning that person-to-person (P2P) payments can be made conveniently and instantly, and that merchants can accept payments without incurring extra acquiring charges. This has been transformational for payments in Brazil.
Looking back, one year on from the launch, PIX has increased the adoption of digital payments in Brazil, bringing about greater financial inclusion. During the pandemic, the adoption of digital financial services resulted in a 73 percent reduction of the unbanked population. With all of its benefits, PIX is undoubtedly the future of payments in Brazil, but what knock-on effects has this had on consumers' vulnerability to fraud, and what can we do to prevent it?
Does limiting transaction amounts prevent crime?
In recent months, there has been a resurgence of kidnappings in Brazil, in which people are held for ransom until they make a transfer of funds. Although it is not proven, the police attributed the 40 percent increase in kidnappings to PIX. The response from Brazil's central bank has been to put a $200 transfer limit on P2P payments during the night, when kidnappings are more likely. It is yet to be seen whether this solution will work.
To understand the issue, and to find a potential solution, we need to look back to the early 2000s when criminals were kidnapping people to withdraw cash at ATMs. Back then, what really helped mitigate the crime was to limit the amount of cash accessible as well as to implement artificial intelligence solutions, which enabled banks to decline certain transactions, with consumers eventually getting used to declines every now and then. So, can this strategy work with PIX?
While it might make an impact, it won't work as efficiently as it did with cards and ATMs. The benefit of PIX is convenience and instant transactions. Transfer limits will only make it harder to use PIX when it's needed by a consumer, defeating the purpose of the real-time payments system and blocking the further development of banking in Brazil. Instead of deterrents aimed at criminals, there is a need for robust fraud management on the side of the bank.
Cornering financial crime from all angles
Fraud prevention strategies have always been focused on stopping the fraudsters in action, but our mindset needs to extend beyond offense and include the defense too. Real-time payments come with ease of movement of cash and better visibility of available funds, but their instantaneous nature means fraudulent transactions are settled more quickly, making them harder to fix once fraud has occurred. With real-time payments, there is a greater need for all parties in the payment process to block fraud as it happens.
Up until now, we have focused on stopping fraud at the initiating end of a transaction by assessing strange behavior. However, the right strategy is to also stop crime at the receiving end - the criminal's "bank." If the bank on the receiving end notices an unusual amount being received into a dormant account, for example, it must be stopped immediately, held and investigated. For this to work, the bank at the receiving end of the transaction needs to be held accountable for KYC and mitigation strategies by regulatory bodies.
Fraud prevention technology in place today should be capable of analyzing and acting on abnormal behavior within incoming transactions, just as it does for outgoing transactions. Technology that includes peer group analysis, enhanced profiling capabilities and machine learning are ready and available to combat the crime from the receiving end, but there also needs to be incentives. Without an incentive, these crimes may not end, and other crimes such as money laundering will continue to pass through the financial system. An efficient onboarding process is necessary but won't solve the issue on its own. Financial institutions need a structured and reliable path to revert transactions, as well as regulations guaranteeing that financial institutions that don't have proper governance over their accounts will take the financial losses. That may be all the incentive needed.
Paving the way for better fraud prevention through collaboration
Implementing better fraud defenses does not mean we should forget about the offensive though. Fraud prevention at the initiation of a transaction must evolve as well (for PIX and non-PIX related crime). Financial institutions must join intelligence sharing networks and work together to prioritize the security of the ecosystem.
With increased collaboration, signals captured when a transaction is initiated will evolve from simply capturing a legitimate customer versus a fraudster to how the customer is physically feeling. For example, if the customer is in distress, biometric technology may pick up on abnormal behaviors when the customer is using their smart phone to make a PIX transaction. This will not necessarily lead to a declined transaction, but it could be a signal that accompanies the transaction, which will then be interpreted by an artificial intelligence solution at the receiving end. This signal will correlate with other signals within the intelligence network, working together to stop what the criminals want the most - getting access to the money.
By combining network intelligence with tighter regulations to stop fraudulent transactions on the receiving end of transfers, we will remove the opportunity for financial crime via PIX and beyond. No opportunity, no crime. The opportunity for criminals to access cash via PIX is not only from where the transaction is initiated. This thinking will diverge efforts and frustrate customers more than it will stop criminals. The focus must be on the receiving end - that's where the real opportunity for a quick turnaround is, as long as the financial institution is incentivized and accountable.