3. Landscape of challenges: current sanctions & fraud
risks
Compliance failures & fraud hurt
Requirements for sanctions compliance & fraud
detection
Sanctions compliance & fraud detection through
Kyriba Fraud & Compliance Module
Agenda
4. 4
Public Health
Government Checks
Business Emails
I.T. Support
Distraction & Deception
Bad actors impersonating the CDC or WHO asking for individuals
SSN, Tax IDs, or financial information
Impersonation of the IRS or other federal agencies regarding
the checks being sent to Americans
Fraudsters acting as the CEO or other executives, requesting
employees wire money or transfer funds to a fake account
An individual from IT is impersonated and requests an employee's business login
credentials or asks them to download malicious software
With more people working from home with increased
distractions, it makes it easier to fall victim to fraud
01
05
04
03
02
Top
COVID-19
Scam
Scenarios
More than ever, organizations must remain vigilant to protect
themselves, customers and employees from these targeted attacks
5. As a historically targeted area, Payment Fraud has seen an increase given
the recent increased shift to remote work
5
81%
Percent of companies
reported being
targets of payment
fraud in 2019
80%
Percent of
organizations who
experienced Business
Email Compromise
(BEC) in 2019
54%
Percent of
organizations
reporting financial
loss as a result of BEC
64%
Percentage of
payment fraud
committed by an
individualoutsidethe
organization
As of 4/7/2020 the FTC had received 13,372 complaints related to the
virus outbreak, with more than 7,500 of these being a direct result of
coronavirus fraud.
The COVID-19 work environment places business-specific
communications at high risk for BEC. As a result bad actors will focus
on those with high-value information or access to an organizations
money.
3
1
Victims have reported over $9.6 million in losses due to these COVID-
19 related scams.
2
COVID-19 and Payment Fraud
8. #1 Challenge: Sanctions lists are growing, directly
increasing the amount of possible matches.
OFAC list grew 40% since 2016
US trajectory stands out in relative
terms
212
241
265
404
576
578
692
1652
1679
2376
Iraq
Venezuela
Human Rights & Corruption
North Korea
WMD Proliferation
Syria
Ukraine / Russia
Iran
Terrorism
Narcotics
US Top 10 Sanctions programs
13. #1 Takeaway: No industry is immune from OFAC
enforcement
♦ Designation for sanctions: in 2019, OFAC
listed a breaching company’s executive as
“Foreign Sanctions Evader”
♦ Prison sentences: Several criminal cases
where individuals are jailed for breaching
sanctions
♦ Remediation & regulatory monitoring:
settlements may include commitments to
enhance compliance resources
♦ Reputational impacts…
Special Measures under the Patriot Act pose
strategic risks (cut-access to USD, removal of
licenses)
14. #2 Takeaway: Enforcement actions have reached a record
year in 2019, current administration has committed to
aggressive enforcement.
8
4
3
2
2
1
1
1
1
1 1 1
Bank & Finance
Industrial machinery and
services
Travel services
Insurance
Oilfield equipment &
services
Aircraft
Chemicals
Number of cases per sector 2019
A cosmetics company was fined because
one of its suppliers sourced items from
North Korea
Kollmorgenaction was about a subsidiary’s
failure to comply with Iranian sanctions.
Local executive was willfullybreaching
sanctions.
Apple had a glitch in their screening tool
that failed to match “SIS doo” with “SIS
DOO”.
“Only” 31% of actions concerned banks, but
these are the largest, by far. These 8 actions
against banks represent 99% of the fines.
15. #3 Takeaway: Important financial impact of fraud
$125,000
*2020 Report to the Nations – ACFE
of fraud cases caused losses* of
21%
$1 million+
Median loss per payment fraud*
of organizations experienced attempted and/or actual
payments fraud in 2019*
81%
*2020 Payments Fraud & Control Survey – AFP
16. • Global Financial Services Firm – lost $18M in
payment fraud in less than a week in a phishing
scheme.
• Large Manufacturing Firm – lost ~$3M over 1 year in
a drip campaign
• Tech Firm – released $1.2M wire from Deepfake CFO
impersonation
• Engineering firm – lost $31M over several years due
to internal wire fraud
Fraud Examples: Breakdown of Controls
17. Best Practices to protect your
organization from Sanctions
& Fraud risks
19. Best Practice #1: Document the process & framework
♦ Corporate policies clarify
acceptable behaviors and
commitments to compliance
♦ Policies must be known to all
employees. Communications &
training are necessary to ensure
adherence.
♦ Procedures implement controls
♦ Procedures are critical for
mitigating:
Operational risks: process
delivery is documented,
allowing stable execution
and reducing reliance on key
staff
Regulatory risks: compliance
controls embedded in
operating procedures.
♦ A set of records must be kept to
demonstrate effective controls
♦ For sanctions compliance, records
may be required to prove:
adequate due diligences,
informed decisions on alerts
sound testing of screening
controls
Policies Procedures Records
20. Best Practice #2: Get equipped to comply efficiently
♦ Screening technology must be
fit for purpose:
• Capabilities to detect partial
matches
• Capabilities to handle
different linguistics
• Tuning options to adjust
detection
♦ Data quality is key to generate
productive alerts:
Screened data must be
accurate, complete and
structured
Watchlist data must be
current: regulatory updates
need to be implemented
without delay.
♦ Different skillsetrequired to
implement soundcontrols:
Senior Management –
Overseas the overall program,
spreads compliance culture
Compliance functions – Design
overall control framework,
provides expertise
General Staff – First line of
defense to detect & report risks.
Tools Data People
23. Gain control over your payments thanks to the
Fraud & Compliance module
Sanction List ScreeningFraud Detection
Detect supicious payments that may be
fraudulent thanks to:
Your customizable rules
Our Machine Learning model,
available for you, out-of-the-box
Centralized cockpit to detect potential fraud and compliance breach in
real time, before it happens and analyze them seamlessly.
Detect payments not
compliant with sanction lists:
Fully integrated solution, sanction lists
automatically updated daily
Proactive check to avoid frozen
funds, fines, reputation damage
Fraud & Compliance
24. Default package:
OFAC
United Nations
European Union
Real time detection to gain control over your
payments
Your white
lists
?
Payment
Payments integration
from ERPs
Workflow until the
payment file generation
Official sanction lists
automatically updated daily
In charge of
analysis
Fraud &
Compliance
Fraud detection
Sanction List
ScreeningBank file approval
?
?
Your customized rules
Our Machine Learning
capabilities
25. Overcome sanctions compliance & fraud challenges
thanks to the Fraud & Compliance module
25
Traceability
Full audit trail &
storing of all
information in Kyriba
database
Flexibility
A few clicks to manage
the scope of screening
and your white lists
based on your risk
assessment
Real time
Real time screening
against up-to-date
sanction lists and a
large scope of anti-
fraud controls
26. Thank You
Upcoming Webinars
Demystifying the Fed’s Main Street Lending Programs for Small to Medium-Sized
Businesses
July 15 • 12 pm ET • 9 am PT • 1.2 CTP
RSVP Today >> https://info.kyriba.com/wbn/demystifying-the-feds-main-street-lending-
programs-for-small-to-medium-sized-businesses
AFP's Best Practices for Business Continuity Planning
July 16 • 12 pm ET • 9 am PT • 1.2 CTP
Sign up today >>
https://info.kyriba.com/wbn/afps_best_practices_for_business_continuity_planning