• 7 January 2022
  • 5.1 mins
  • 950 views

In 2020, Cyberattacks were rated the fifth top risk to the public and private sectors worldwide. This is predicted to worsen as the number of attacks is expected to double by 2025, costing $10.5 trillion a year (it was recorded at $3.5 trillion in 2015).

The number of crimes is not the only thing that is causing concern; the rate of detection and prosecution is also an issue, with the US alone registering either in only 0.05% of cases in 2020. This has led to cybercrime representing the greatest transfer of economic wealth in history.

The pandemic only served to exacerbate the situation with cybercrime (including everything from theft or embezzlement to data hacking and destruction) rising 600% in the first half of last year alone as a direct result of COVID-19. Almost every industry has had to embrace new solutions and try to adapt to this new landscape, offering criminals new and enterprising ways to try and profit.

The diverse nature of cybercrime means very few industries are safe from the possibility with banks and financial institutions, healthcare and manufacturing some of the most targeted, but by no means the only ones.

Cybercrime is an issue that needs addressing urgently, whether for big businesses, start-ups or private individuals. Here we will take a look at a specific example featuring the Black Axe confraternity in Nigeria that rocked the world this year and use it to highlight how we can use modern compliance methods to tackle financial crimes.

The Problem: The Case of the Black Axe?

The Black Axe is a confraternity in Nigeria. Confraternities are student groups likened to secret societies within higher education that have, more recently, become involved in illegal and violent activities. Locally they are referred to as a cult due to their secret rituals and intense loyalty of their members, but they are a criminal organisation, pure and simple.

A secret two-year investigation has led to the discovery that Black Axe could be one of the world’s most dangerous and far-reaching criminal groups. It also revealed that the primary source of revenue for the gang was internet fraud.

This was uncovered by a secret hacker, known only by the alias Uche Tobias. Along with ten years worth of communications between the Black Axe members, he also uncovered thousands of receipts, bank transfers, and emails pertaining to online scams around the world. Romance scams, inheritance scams, real estate scams and business email scams.

In 2010 a man in California was targeted by a network of “Axemen” and defrauded of a total of $3m before he realised what was happening.

They had even made a lucrative business as recently as last year, taking part in Pandemic Unemployment Payment fraud in the UK, harvesting Health and Safety Executive (HSE) staff emails and sending bogus emails to the public. The plan was originally intended to make them up to €1m.

Black Axe’s international crime revenue is thought to be generating billions of dollars and is spread across multiple countries throughout the world; Canada, the US, the UK, Italy and Malaysia are just a few of the ones that have come to light.

Currently, various efforts are being made by law enforcement agencies worldwide to defeat this syndicate, with varying degrees of success. However, this is one of the many examples of how comprehensive protection against cybercrimes could help protect people and businesses from these types of attacks before they are even aware that something may be wrong.

The Solution: Managing the Risks Through Compliance

While sometimes many may look at compliance as a restrictive set of rules and regulations, they exist to keep individuals and institutions safe and ensure a fair, legal framework under which everybody can work and progress.

There are multiple legislations set out that can help o battle against the likes of criminal organisations and their fraudulent means.

The first and most obvious of these is Know Your Customer (KYC) as part of Anti-Money Laundering (AML) protocols.

Banks and financial institutions having rigorous protocols around KYC can make sure they can weed out suspect or dubious parties before they even begin to do business with them, even going so far as to report suspicious groups or individuals to relevant authorities.

Data Analytics are another help in the fight against cybercrime. Institutions can use data analytics to manage risk and identify problem transactions that can point out any fraudulent activities in a more targeted and efficient way, prioritising dealings they may wish to investigate further.

With fraud moving increasingly from data theft to payment fraud, the security of payment environments needs to be assessed. Transaction reporting can provide an important layer of quality assurance by giving a global summary of inbound and outbound counterparty payment flows. This can highlight suspicious activity and allow transactions to be cancelled and funds to be recovered before it is too late. Payments can also be monitored in real-time, allowing action to be taken instantly rather than retrospectively.

There are plenty of other measures that can be used to sniff out fraudulent parties and their activities, from Sanction Screening, IP risk scores, wallet tracing and much much more.

Cybercriminals thrive on the inactivity and carelessness of individuals and organisations to aid their progress. Their methods become much more innovative, subtle, and sophisticated as the world evolves. In this world of fast-moving payments and transactions, it becomes easier and easier for them to cover their tracks once they are done.

It’s only by having comprehensive, compliance-based tech and procedures in place that you can protect yourself, your business and your customers from falling prey to the rising threat of cybercrime.

Find out more about how to protect yourself and your business with our Sekuritance RegTech Suite featuring several modules with technology dedicated to keeping you safe online.

About Sekuritance

The Sekuritance RegTech platform provides a single platform for every eGRC need, including end-to-end AML/CTF, CECL, FCPA, vendor management, beneficiary onboarding, investor check, card processing MFA checks, blockchain wallet checks, cyber-risk assessments, and other RegTech or Business Process Management requirements.

Stay tuned for more info and follow us on:

Twitter: http://twitter.com/sekuritance

Telegram: http://t.me/sekuritance

Website: https://sekuritance.com

Back to Blog