This page contains a Flash digital edition of a book.
K


nowing who you are dealing with or who you are employing should be the most


obvious start to any counter fraud strategy and technology is certainly evolving to help address this fundamental check. In particular, the deployment of scanners and accompanying software to help detect fraudulent identification documentation is on the increase with its proven ability to detect false documents across a whole range of public and private sectors.


Different organisations want to detect fraudulent identification for different reasons and therefore there will always be a varying emphasis on counter fraud activity based on individual risk assessments. However, as well as detecting possible fraud, most organisations will need to comply with some form of regulation within its their sector. In financial services there are the Know Your Customer (KYC) and Anti Money Laundering (AML) regulations. In the high value goods sector there are also AML considerations for selling any goods over €15.000. All employers in the UK need to comply with the Right to Work legislation. Whilst all these pieces of regulation were introduced to protect against different problems, they all have a common aspect – the need to verify the identity of the customer/passenger/potential employee. The potential fines and brand damage can be very high for non-compliance and it is therefore often the desire to stay compliant that drives organisations to carry out work that will also help fight fraud and increase security. Without the regulation, many organisations may not believe they have sufficient fraud risk to warrant any resource or effort to counter fraud. Even in financial services, how stringent would identity checks be if KYC and AML regulation did not exist as the cost of fraud is simply priced into products?


How does an organisation that wishes to or is required by regulation to verify identity go about doing so?


First of all, an organisation needs to define what verifying identity actually means. Close reading of the example legislation set out above will often provide statements such as, “You must satisfy yourself that the identity document is genuine”. In reality that means, at best, that a member of a HR team in any organisation recruiting staff in line with the Right to Work legislation will do a visual inspection of the presented document. Two different HR staff in the same organisation will have different levels of scrutiny – based on experience, training or attitude. Different organisations in the same sector will enforce the requirement differently and will certainly be conscious of any commercial impact of such regulation in defining what constitutes an acceptable check internally. In essence, all organisations are left to decide themselves what is acceptable checking of fraudulent identity documentation, making the reality a very inconsistent approach to such a vital element of remaining compliant and combating fraud.


© CI TY S ECURI TY MAGAZ INE – SUMMER 2014


technology helps prevent fraud and increases compliance at the same time


As with all regulation there is the very practical issue of supervision. As has been highlighted during the crisis in the financial services sector, regulation existed but some organisations either chose to ignore it or did not understand exactly what the regulator required of them. This is the problem with most regulation – it is rarely precise in its requirement of the organisations it covers and supervision can be limited due to scarce government resources, thereby creating an inconsistent environment and potentially unfair commercial situations. The recent Immigration Bill has pushed increased emphasis on identity authentication to anybody operating in providing financial services, housing, benefits, healthcare or employment, in an effort to restrict access to such services to illegal immigrants. Whether the government will follow up such increased demands on the public and private organisations within these areas with increased supervision remains to be seen – but organisations should plan that they will and they have demonstrated intent by planning to increase the fine for employing an illegal immigrant from £10,000 to £20,000.


So, given we know identity verification is important to a counter fraud strategy and we now accept that it is a key but ill-defined part of much regulation – is there a way technology can assist? Scanning technology for the checking of identity (and other) documents has been around for some time; however, what is new is the growing acceptance that such technology is now priced at a level to be accessible to many more organisations and provides a number of key benefits:


• Provides a higher detection capability than any human visual check carried out – for example, it is impossible to check MRZ algorithms or UV features by visual inspection alone


• Provides consistency of checking with minimal specialist document training. Simply by scanning a document, users will be provided with an electronic record of that check – ideal for any compliance checks that may be carried out in the future


• Reduces the management time and training cost of trying to stay at a level of competence to carry out visual checks –


there are thousands of identity documents and it would be unreasonable to expect most staff involved with checking to know and keep abreast of all the various physical document features


• Provides an additional insight to the level of potential fraud faced by an organisation by measuring the detection rate of fake documents presented at the point of entry by either customers or employees


• In addition to the checking of the identity document many systems will also interface with on line data providers to carry out simultaneous checking – for example, the need to prove address.


Systems sold on the market these days can be deployed as stand-alone solutions linked to desk top computers, as mobile solutions on laptops or as an enterprises/Cloud solution across multiple sites. All imagery and results are stored for client use and some providers will share detected fraudulent documents with other elements of the counter fraud community.


Further support for the use of such technology was provided in the 2013 Home Office Document “Guidance on the use of document scanners” that states, “The exploitation of identity by criminals has a major role in underpinning a wide variety of organised criminal activity… as a first line of defence, they [scanners] are a useful tool for identifying fraudulent documents, are relatively easy to use and have proved to be a useful deterrent to criminals.”


In summary, many organisations should be and are checking identity documents as part of their counter fraud or compliance regime. The fact that it is the regulatory pressure that forces such action is a benefit to the overall battle against fraud – that is an important part of some regulation. However, the inconsistency of execution is massive due to the largely human element of the checking that still takes place. Technology does now exist at a cost level far below the cost of the fraud it is designed to combat or the imposed fine for failing to carry out reasonable checks and is simple to deploy and very easy for staff not trained as document experts to use.


Tony Machin CEO, TrustID


trustid.co.uk > 11


Scanning


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40