New account opening fraud: How to protect your businessLearn what account opening fraud is, how it can impact your business, and the ways you can prevent it
Guide
New customers are the lifeblood of any bank or business and successfully acquiring them is usually a cause for celebration. Particularly when company goals include scaling and higher profits. However, new customers don’t come without risks.
Account opening fraud can significantly impact your company’s reputation and bottom line, which is why so many organisations are prioritising protection against it. In fact, according to our Annual Fraud Report 2023, more than 1 in 5 businesses consider account opening fraud as an increased stress on their organisation.
In this guide, we’ll explain exactly what account opening fraud is – specifically in relation to opening new accounts with banks and other financial institutions. We’ll also share handy tips on preventing the threat of this type of fraud and what you can do to reduce the risk.
What is account opening fraud?
Account opening fraud - sometimes referred to as ‘new account fraud’ - is a criminal act where an account or new facility is successfully opened using either false or stolen information. Once opened, the new account can then be used for illegal activities such as money laundering, terrorist financing, or accessing financial assets that a person or business may not otherwise be eligible for.
This fraudulent activity usually occurs in the context of banking and financial services, online platforms, and any other business that involves the use of customer accounts. A good rule of thumb to remember is that if an organisation requires personal data in order to receive a product or service, then they are at risk.
Account opening fraud comes in two forms
1. First-party account opening fraud
This is where a customer deliberately uses false information themselves, like hiding addresses that have previous defaults or exaggerating their income.
2. Third-party account opening fraud
This is where criminal gangs use false or stolen identities to set up accounts and apply for credit or undertake fraudulent activity.
Experian statistics taken from the National Hunter database show that in the past twelve months, third party fraud accounted for 67% of all reported account opening fraud, with first-party fraud accounting for the remaining 33%.
Most new account fraud tends to be identified within the first 90 days of the account being opened. However, criminals may operate the account normally, even making small deposits or paying the first one or two instalments in an attempt to not raise suspicion. If first-party fraud has taken place – including things like missed or irregular repayments, or unusual transactions – it may not be spotted until the account conduct highlights such activity. This can be many months or even years after the account has been opened, so vigilance is needed across the entire lifespan of an account, not just at the opening stage.
This type of criminal activity has increased significantly in recent years, with fraudsters taking advantage of technological advancements in order to avoid detection. With the latest technology at their disposal, criminals can convincingly falsify documents and better bypass security systems.
They can also blend real information with counterfeit to make tracking and preventing crime that much harder. With such sophistication and a larger volume of applications, businesses can become overwhelmed by the amount of manual checks needed for new accounts, making it a major challenge to track and safeguard against.
Account opening fraud vs application fraud
At first glance it may seem that account opening fraud and application fraud are the same thing and each term can be used interchangeably. However, there is a distinct difference between them.
Application fraud is the act of applying for an account with false information. A fraudster may attempt to pass as a legitimate customer by using stolen or fabricated identities, but this application may not be successful.
On the other hand, account opening fraud is the successful creation of a new account, having used falsified or stolen data to bypass security systems. For fraudsters, this is the desired outcome of application fraud.
Think of these as different stages of fraud activity. Application fraud is the first step (or the attempt), which may or may not be successful. And account opening fraud is the second step, considered to be the successful outcome.
Why do fraudsters create new accounts?
Economic crime is said to cost the UK economy around £290 billion per year and opening a new account is a fundamental part of facilitating criminal activity.
By opening an account in someone else’s (or a completely fabricated) name, a fraudster is able to conduct crimes such as:
- Theft – opening an account with the intent to steal the credit facility granted to them or to build up the credit profile available to them before taking off with the maximum amount they can.
- Money laundering – by using false identities and opening multiple accounts, criminals can ‘layer’ transactions to conceal the money’s true source, and eventually ‘integrate’ it into the legitimate economy without raising suspicion.
- Asset conversion – receiving goods on a finance agreement with the intention to immediately sell onwards with no intention to repay.
- Product / facility misuse – using the opened account to facilitate the laundering of illicitly obtained funds from other fraud- and scam-related activities.
Which industries are most affected?
As with the majority of financial crime, banks, finance and leasing providers, building societies and retailers are the most at risk and take the hardest hit.
However, businesses across other sectors should remain vigilant too, as account opening fraud can take place within many companies and industries, including – but not limited to:
- Accountants and tax advisers
- Cryptoasset businesses
- eCommerce platforms
- Gaming and casino businesses
- Trust providers
How do fraudsters open new accounts?
For first-party account opening fraud, the process is simple. Either they exaggerate details about their financial status or purposefully don’t disclose information that could prevent them from obtaining an account. When it comes to third-party account opening fraud, the process is a little more complex.
Where it starts to become even more complicated – and therefore harder for businesses to track – is in the type of fake identity that is created. Here are three main ones:
1. An entirely fake identity
On the surface the identity may appear authentic. However, all of the information it holds has been created using fake data, bought from the dark web or obtained through a scam such as phishing.
2. A stolen identity
This works by using a real person’s identity and data, having illegally accessed the information over time. Criminals tend to collect the necessary identity details over a set period so as not to arouse suspicion.
3. A fake identity created using several real ones
Sometimes known as a Frankenstein or Synthetic identity, this is where both genuine and falsified information is used to create a single profile. This is considered the fastest-growing type of identity fraud[1] in the world.
Key Takeaway: Keeping on top of the latest trends enables you to make more informed strategic decisions
Understand the latest fraud trends for the main financial services products with our latest Fraud Index Report.
What are the red flags to watch out for?
Suspicious email addresses
It should come as no surprise that account opening fraud is more likely to happen online than in person at a branch or office. This means email address verification should be integral to your account opening process. Email addresses that have not previously been used by a victim, can’t be verified, or have been used across several new account applications should all be considered red flags.
Information inconsistencies on applications and IDs
A mismatch between the information used on an application and what’s confirmed on an ID can be a cause for concern. To stop themselves from being detected, fraudsters can sometimes use secondary contact details to avoid the victim receiving communication about the new account.
Small cash deposits
Banks often put a hold on customers using new accounts until the first cheque has cleared, which is why many criminals choose to deposit small amounts of funds via cash instead. Using cash is preferable for fraudsters as it can be untraceable and fewer questions are asked because of the low amounts in question. If cash in small amounts is being handled, it’s worth investigating further.
Making deposits at specific times
For many criminals, the perfect time to commit fraudulent account activity is on weekends, bank holidays, and during holiday seasons like Easter or Christmas. This strategic timing gives them more opportunity to make withdrawals and commit financial fraud before any deposited items are processed and returned.
Limited supporting business documentation
Business accounts are often given more privileges than consumer accounts, with larger daily maximum withdrawal limits. This makes them more enticing to scammers, and so creating a fake business is often their chosen route into account opening fraud. Be vigilant towards unestablished businesses who have limited supporting documentation to back up their claims.
How can you reduce the risk of account opening fraud?
As with all fraud and financial crime prevention, a sophisticated and layered approach is the safest option. Relying on a single security capability or just a few data points can make it easier for fraudsters to slip past detection.
By combining multiple data sources – including things like biometric and behavioural data or device information – criminals will find it harder to pass each step of the account opening process. So much so, that they may even give up trying before you have a chance to reject their application – which is an even greater win.
Here are our top ten steps to help reduce the risk of account opening fraud.
Step 1 – Identity verification
Robust identity verification – including multi-factor authentication – will help ensure that whoever is opening the account are who they claim to be.
Step 2 – Document verification
Only accept official documents for verification, such as government-issued IDs or utility bills. These are harder to forge than other documents, so can help ensure the account owner’s legitimacy.
Step 3 – Biometric authentication and behavioural analysis
Using biometric authentication, like fingerprint or facial recognition, is an advanced way to reduce the risk of impersonation. Similarly, behavioural analysis can help spot any unusual or high-risk activity out of a customer’s normal pattern.
Step 4 – Fraud detection systems
Artificial intelligence can be used as a tool in the fight against fraud thanks to its advanced machine learning algorithms. This is done by analysing user patterns and detecting suspicious behaviour during the account opening process.
Step 5 – Device recognition
Tracking the devices being used during the account opening process and matching them to a customer’s previously used devices can help flag any anomalies or inconsistencies that could lead to fraudulent activity.
Step 6 – Geolocation tracking
By using geolocation tracking you can verify a user’s physical location during the account creation process. This reduces the risk of fraudulent access to information from different or suspicious places.
Step 7 – Regular audits and reviews
Conducting regular audits and reviews of new accounts will allow you to identify and investigate any suspicious or high-risk activities.
Step 8 – Educate employees
Training employees to recognise the signs of account opening fraud can be hugely rewarding. Be sure they have the tools and means to escalate and report any suspicious activity.
Step 9 – Collaborate with industry partners
Sharing information with your industry partners about fraudulent activity and money laundering patterns can help you spot the signs of a crime before it takes place. National Hunter[2] is an example of this type of network, providing real-time information on fraud.
Step 10 – Customer education
Educating customers on how and why they should protect their personal information, as well as the latest in security best practices, can help reduce the chances of account opening fraud taking place.
Key Takeaway: Consider how much your business could already be losing to application fraud
Use our fraud ROI calculator to estimate how much your organisation could financially benefit from robust fraud prevention measures.
How we can help
Account opening fraud can have significant negative impacts on your business, costing you time and money in remediation, not to mention the reputational damage that a financial crime like this can cause.
To stop account opening fraud before it’s even begun, there are plenty of security and prevention measures you can put into place. Find out how we can help you do this, by getting in touch.
Related products
[1] Trends in synthetic identity fraud, Thomson Reuters
[2] National Hunter
