At the Emerging Financial Crime Threats webinar, Michael Holland, Head of Financial Crime Intelligence at Commonwealth Bank, Matt Mueller, CIO at Iluka Resources and Non-Executive Director at Curtin University and NSW Police Det. Sgt. Cleland McFadden Cyber Crime Squad, State Crime Command discussed emerging financial crime trends and the contemporary ways of controlling it. This discussion was moderated by McGrathNicol Forensic Director, Andrew Gill.
The webinar heard that the Australian Cyber Security Centre (ACSC) recently reported an increase in cybercriminal activity, compounded by an increase in the complexity and sophistication of cybercriminal operations. Consistent with the ACSC Annual Cyber Threat Report 2021, discussions focussed on ransomware, business email compromise and cryptocurrencies.
Michael highlighted one of the key focuses of financial institutions is to build rules and methodologies to proactively identify activity that is conspiratorial in form. One example is looking at behavioural indicators across cohorts to identify risky behaviour, such as properties purchased with proceeds of crime by sophisticated and complex networks or facilitators acting on behalf of unknown operators. Michael recognised that banks need to get better at tracing funds through the banking network to the point of integration (beyond ‘placement’ and ‘layering’).
From a CIO perspective, Matt emphasised the importance of ‘cyber hygiene’ aligned with recognised frameworks such as the NIST Cybersecurity Framework. He highlighted that preventing the initial infection using multiple layers of controls, is a more robust strategy. Matt noted that cyber criminals’ “speed to market” to exploit and create automated attacks using reverse engineering of Microsoft security alerts. If businesses do not respond quickly to alerts and patch servers within days of these alerts, they leave themselves vulnerable to exploitation.
Indeed, ransomware will persist in a technology-led environment. As such, Cleland spoke to the importance of companies having the agility to respond to financial crime involving cryptocurrency. This should be a priority for businesses. Although cryptocurrency is a legitimate financial investment for many people and organisations, it is also seized as proceeds of crime. There have been successful prosecutions in Australian courts who rely on evidence of blockchain transactions.
Finally, the webinar discussed business email compromise as another key financial crime threat and a threat that can only increase. Businesses need to have processes to escalate quickly and report actual or suspected compromise. This can be assisted by automated risk tests to identify gaps in existing controls, their design or operation.