Guide to Loan Fraud: Business Risks for Lenders

Lending money inherently comes with risks. And it gets even riskier when fraudsters join the party.

In this article, we’ll look at the most common methods fraudsters employ to commit loan fraud, and – importantly – how to protect your business from them.

Let’s see how bad agents exploit the lending process and how to stop them.

What Is Loan Fraud?

Loan fraud or lending fraud encompasses any kind of deceitful action designed to gain a financial advantage during the loan process. 

There are many types of loan fraud, such as mortgage fraud, payday fraud, ATO loan fraud, and loan scams. All of them will see someone end up out of pocket, while the counterparty will gain money and disappear. 

In the US, this type of scam is on the rise, with an estimated 1 in 164 mortgage applications are deemed suspicious according to CoreLogic – though the landscape is much more dangerous online, where startups are looking to attract customers with frictionless and quick processes.

It’s worth noting that the roles of the victim or criminal may change depending on the type of lending fraud.

In some cases, the person or organization offering the loan (creditor) acts fraudulently. In other cases, it is the person or organization receiving the loan (debtor) who is acting in bad faith. 

How Does Lending Fraud Work?

All lending fraud is built on deception. At some point in the money lending process, someone is pretending to be someone they are not. 

In most cases, it is the debtor who will provide false details. They will use stolen IDs or synthetic IDs, which stitch legitimate person’s details together with made-up information. Once their loan has been approved, they will disappear without repaying it. The same applies to business loans.

More sophisticated fraudulent debtors will repay their loans diligently in order to build a better credit history. Then, they will take out a huge loan and then disappear. 

What Are the Types of Loan Fraud?

Let’s have a look at those types of lending fraud that are on the rise.

First-Party Fraud (or Personal Loan Fraud)

Here, the applicant will intentionally provide false information or exaggerate their financial status to get approval for credit they might not ordinarily qualify for. These illegal attempts make most digital lenders misconstrue first-party fraud as a credit loss. 

With first-party loan fraud on the rise, you’ll have difficulty determining how much you actually lose to fraud versus credit risk. 

Unfortunately, loan companies won’t have it easier anytime soon. In the first half of 2021 alone, personal loan fraud rose by 40%, up 63% from the previous year, per Experian.

Second-Party Loan Fraud 

Second-party fraud occurs whenever an individual gives their personal information to another person to commit fraud. The accomplice can be a family member or friend. 

Sometimes, the person who’s details are being used might not even be aware of the borrowing scheme.

It’s hard to spot second-party loan fraud as there’s often no sign of illegality. After all, the information provided is legitimate. You’ll see how to limit this growing type of attack below.

Third-Party Loan Fraud 

Otherwise known as identity theft, third-party loan fraud is when an individual uses a fake identity or another person’s identity (without their consent) to gain credit with no intention of payback. 

This is mainly supported by synthetic identities, in which the fraudster creates a new persona by combining stolen and fake information. After that, they legitimize this new persona and inflate its credit score by borrowing small amounts and actually paying off the debt.

This allows them to then borrow large sums and proceed to vanish without a trace. 

Third-party loan fraud can also happen offline, wholly or partially. For instance, fraudsters have been known to use stolen SIM cards to apply for loans.

The frictionless, fully-online onboarding process associated with digital lending makes third-party fraud a particularly common pain point and, done at a scale, leads to huge losses. Per McKinsey, synthetic identities cause 10% to 15% of lender losses annually. 

Loan Stacking 

Loan stacking happens when the same borrower applies for several loans in a short period, with no intention of repayment. 

Given how new accounts and credit inquiries can take up to 30 days to display on a credit profile, sometimes lenders can’t identify who applied for multiple loans within a short time frame until it’s too late.

Fraudsters recognize how lucrative this loophole can be and exploit it to their advantage. 

Such fraud risks can cripple your lending companies, especially so microlenders, startups and fintech pioneers.

To keep fraudsters in check, you need a robust, insightful fraud detection and prevention solution.

What Causes Loan Fraud? 

Once again, it’s a push-and-pull between the need to provide a pleasant, friction-free experience and keeping your organization safe from fraud and scams. To this, add new developments in the fraud landscape, and you’ve got an explosive combination that bad actors are eager to take advantage of.

The Need to Maintain Seamless Borrower Experience

Convenience is the bread and butter of digital lending.

This explains why digital lenders keep KYC verification checks as simple as possible.

And while this is appreciated by borrowers looking for a quick and simple application process, it introduces a greater risk of fraud as fraudsters can steal data through biometrics hacking, deepfakes, and massive data breaches with little or no resistance and use them to attempt to pass as someone they’re not.

Synthetic ID Theft Keeps Growing 

Pairing stolen ID documents and fictitious information is how fraudsters bypass KYC checks when applying for a loan. Given the pressure on lenders to maintain a seamless borrower experience and the prevalence of stolen info available to procure and work with, there’s no end in sight for synthetic ID fraud.

On top of this, fraudsters are getting smarter about synthetic IDs. The Federal Reserve shares the same view. According to them, synthetic ID fraud is the fastest-growing type of fraud in the US, with up to 95% of synthetic IDs unflagged by fraud prevention. 

Application Fraud Attempts Are Becoming More Overwhelming 

Criminals are increasingly relying on bots to complete fraudulent loan applications. These bots help them fill out loan applications in large volumes that easily overwhelm lenders whose processes still have some manual elements. 

What the criminals are doing here is playing a numbers game, hoping that the volume of applications means less scrutiny – or just knowing that the more attempts they make, the more likely they’ll succeed.

Credit Data Simply Isn’t Available 

Most loan companies lack adequate data to conduct accurate risk profiling. Interestingly, this scarcity is not their fault. 

First, some loan companies, including microloan and fastloan companies, focus on developing countries with a high underbanked or unbanked population and no credit bureau. As a result, they don’t really know most of their borrowers’ credit history and, importantly, are having a hard time assessing their trustworthiness.

For loan companies in more developed countries, the problem is thin-file – people with little or no credit history. In the US, for instance, there are over 45 million people for whom there simply is no paper trail. These people are caught in a catch 22: they can’t build up their credit score because they don’t have access to lending, but won’t be granted access to lending because of their non-existent or very low credit score.

Of course, this complicates the vetting process, to the point of many lenders not even considering such applicants.

Savvy fraudsters see these loopholes as an opportunity to milk digital lending, especially since online loan decisions are expected to be swift. 

How Do You Prevent Loan Fraud Risks?

In addition to efficient underwriting practices, loan fraud risk can be minimized by creating an accurate profile of each applicant that stems from both their device configuration and the information they offer us about themselves, including their IP, email address and phone number.

SEON goes beyond identity verification solutions and device fingerprinting data, combining this intel with powerful digital footprint analysis from 50+ online sources and social media, all in real time.

Both social lookup and device fingerprinting help you enrich borrowers’ KYC info via well-designed modules. Let’s take a closer look.

Using Digital Footprint Analysis to Stop Loan Fraud

As industry insiders have warned time and again, basic identity verification is no longer effective. For this and other reasons, we need an identity proofing system that cannot be gamed – at least not as easily.

As noted in Javelin’s Study on Digital Lending Fraud:

“Relying on the simple validation of core PII elements to simultaneously comply with Customer Identification Program (CIP) requirements and manage fraud risk is no longer adequate to thwart fraudsters.”

Enter digital footprint analysis, otherwise known as digital footprinting. 

Digital footprinting involves looking into a person’s online presence (that is, their digital footprint) to get an idea of who they are. It’s rooted in the realization that phone and email addresses are the new digital passport. 

There is a great deal of public information linked to each of these, which we can use to find out more about the customer. Importantly, unlike the typical personal information details submitted in loan applications, you wouldn’t fake or falsify a digital footprint. 

To be precise, a determined fraudster could, in theory, set this up to some extent. However, such a method would not scale, as it take time and effort to sign a new email address up to various services – plus some aspects of SEON’s methodology return time-stamped results and are thus next to impossible to spoof.

Digital footprinting is deliverable in real-time and at scale, making credit scoring checks possible even in underbanked markets. For example, FairMoney, a neobank serving Nigeria, a country with a vast unbanked population, overlaid SEON’s digital and social lookup with device fingerprinting to filter out fraudsters by assessing the applicants’ digital presence. 

This is a way to get alternative data on your applicants in real-time to allow you to make better decisions. Let’s take a look at the three ways in which SEON does digital footprint analysis to catch fraudsters in their tracks.

Email Analysis

On to digital footprinting with email analysis. Through deep social media profiling and domain verification, this module helps you confirm the legitimacy of an email address by looking up 50+ online platforms and social sites to find profiles connected to the email. It also reveals whether the email address has been involved in blacklists and data breaches, any public user pictures, and more.

You can look up an email manually, or integrate the Email API into your risk tech stack via either API calls or the SEON Dashboard:

[SEON analyzes whether the address has been used on 50+ social media and online platforms such as Facebook, Twitter, Booking.com, Airbnb, and more, and gleans information from there to determine a risk scoring]

You can also check multiple email addresses at once:

With these risk scores, you should be more concerned about the second user

Phone Analysis

This module confirms whether the submitted phone number is real, if it’s used for messaging purposes and if it has messaging and social profiles connected to it – among other data points.

[With a risk score of 0, it’s safe to say this user’s phone number is real]

IP Analysis

You can use this module to know the origin of the customer’s connection to your site, their location, and whether it is masked with Tor, a proxy or a VPN:

[It’s safe to say this user actually lives in London and that the location is not a proxy]

It might not be obvious just how useful the data points revealed by these modules are but when you connect the dots, you’ll realize they’re a powerful predictor of fraud risk as well as indicators of applicant affordability.

As a case in point, an Asian microlending company proved this. 

Using the email and phone modules to look into their users, SEON helped them discover that 75% of defaulting customers had no social media presence. Consequently, they became more careful whenever they encountered loan applicants with such a profile.

Overall, digital footprinting will help you:

• learn more about borrowers based on their online presence
• build more precise risk profiles based on single data points 
• enable dynamic, lightweight profiling without sacrificing security
• potentially save on your KYC costs by pre-screening applicants

More Sources of Intel on a Loan Applicant

Moving beyond the digital footprint analysis we’ve presented above, which allows us to create a near-impossible-to-fool profile of your customer, SEON’s anti-fraud solution makes use of data to do with someone’s device, location and behavior.

Part of SEON’s Fraud API, this examines available data on the borrowers’ devices used to access your lending, allowing you to:

• flag suspicious devices like emulators and VPNs
• connect users who are using shared devices, which can be tied to fraudulent practices
• see users’ activities across time and monitor when they are suspicious as a whole

Meanwhile, the system can also flag default and custom fields and make them add or subtract risk scores from an applicant, alerting you to those elements that you have discovered are important. In fact, SEON can do this for you if you choose to leverage the whitebox machine learning risk rules.

In addition, sophisticated fraud prevention software will also consider the user’s actions in relation to time. For a simple example, dozens of separate applications from the same device within a single day can hint at a fraudulent scheme.

Compliance & Regulatory Concerns

Staying in legislators’ good books is important for businesses in lending, especially so when they are part of the startup scene and the fintech boom. When considering a fraud prevention solution that works for you, don’t neglect compliance. Always confirm if using a product will expose your company to non-compliance risks. 

At SEON, we are ISO 27001-certified in addition to meeting GDPR and SCA requirements.

Online Loan Fraud Trends and Threats in 2022 and Beyond

The digital lending market is expected to grow at an 11.9% CAGR until 2026. It has changed drastically over the years thanks to the digital revolution, and SMBs have also driven that increase by borrowing heavily during the COVID-19 pandemic.

In terms of loan fraud trends, here are a few points to keep an eye out for:

Synthetic ID Fraud Keeps Growing

Stitching stolen ID documents and made-up information is a popular way of passing KYC checks when applying for a loan. 

According to the Federal Reserve, it’s the fastest-growing type of fraud in the US, while up to 95% of synthetic IDs aren’t flagged by fraud prevention systems, accounting for 20% of loan fraud losses.

The landscape is particularly challenging in the US, which relies heavily on static personally identifiable information, such as social security numbers.

Government-Backed Business Loan Fraud Will Continue

Business loan fraud is similar to first-party fraud, except the applicant misrepresenting information is a company. This has become a growing problem following the wave of government emergency loans. 

In the US, for instance, the Paycheck Protection Program, designed to assist SMBs during the pandemic crisis, could have benefited 11.8 million fraudsters according to estimates. That would be 15% of all the loans delivered. 

According to the Financial Times, 5-10% of UK businesses have missed repayments, which could add up to as much as £5/$6.78 billion.

Vetting business data requires special KYB (know your business) tools, which can allow you to make better decisions about partnerships or loans. 

Digital Customer Onboarding Must Evolve

Deepfakes, massive data breaches, biometrics hacking… Fraudsters have no shortage of modern techniques designed to beat KYC checks. With the never-ending supply of stolen documents from data leaks, fraudsters can easily acquire millions of IDs to test on challenger bank websites or use for payday loan applications.

While biometrics and video document verification appear safer on paper, these are still considered heavy KYC – in other words, high-friction.

This is why a growing number of companies that need to perform quick credit checks rely on digital footprint analysis instead.

Deal With Loan Fraud Risks Effectively

Loan fraud is fast eating deep into many digital lenders’ bottom lines.

For this reason, improving your company’s fraud prevention is a must. Layering your processes with SEON makes that improvement easier to achieve. 

Unlike an ID, a digital footprint can’t be stolen or falsified. Through digital footprinting, which provides risk scores with adjustable thresholds, SEON helps you filter out fraudulent and junk users easily – as well as get alternative credit scoring data.

It also keeps friction points at a minimum, allowing you to fight fraud without sacrificing the customer experience you are looking to deliver. 

Sources

• GDS Link: How Banks & Credit Unions Need to Treat Fraud Management in 2022
• Credit Connect: Bank account and loan fraud soars in pandemic
• Banking Exchange: COVID-19 and Synthetic Identity Fraud: The Importance of Lenders Mitigating Risks
• BusinessWire: Federal Reserve Releases Synthetic Identity Fraud Mitigation Toolkit to Educate, Fight Fraud
• Experian: UK bank account fraud soars during first half of 2021
• CoreLogic: Mortgage Fraud Trends Report
• PR Newswire: The Digital Lending Market is expected to register a CAGR of approximately 11.9% during the forecast period (2020 – 2025)
• Financial Times: Small UK businesses consider insolvency to escape state Covid loans