Industry Voice: Protecting against cybercrime

Civica looks at implementing secure ID & verification, while maintaining trust

clock • 5 min read
Chris Jones, Managing Director, Civica Pensions
Image:

Chris Jones, Managing Director, Civica Pensions

The rapid advance of digital technologies has transformed our everyday lives, from paying bills to planning our holidays. As citizens, we take for granted that we can access and manage our personal finances at the click of a button, including our pension.

Although digitalisation has offered many people an extraordinary level of visibility and control over their retirement planning, it's also introduced new, and more sophisticated forms of criminality.

Cybercrime is an increasingly serious threat for virtually every business, public body, and private citizen. Online fraud, data breaches and hacking of well-known businesses and organisations are an almost daily feature in our national press. Just last month Scotland's largest Local Government Pension Scheme reported a suspected £300,000 fraudulent claim to the police, after it was revealed a deceased pensioner was receiving pay-outs! Families not disclosing that a member has died, has always been one of the classic risks for any pension fund.

Pension schemes pay out millions in benefits every year, so the impact of fraud is high. As the ‘trusted guardians' of the future financial security of millions of people, cybercrime, fraudulent activity, and the associated costs and reputational damage are among the many challenges faced by pension funds…

(Unfortunately) this is nothing new.

Despite the National Fraud Initiative's (NFI)  best efforts its most recent report identified £55.5m of pension fraud and overpayments, relating to pension payments of a deceased.

Identity fraud - criminal offence for monetary gain

Technological advances have enabled criminals to produce high quality, false documents and the internet has made these easy to acquire.

Since the COVID-19 pandemic, Interpol has reported an alarming 59% of threats, categorised as Phishing/Scam/Fraud attempts which is an enormous concern for the pensions industry.   

You name it…passports, bank statements and death certificates can all be replicated and manipulated - even for the trained eye, it's difficult to spot. If these documents are used within organisations that haven't invested in smart detection software (which is the case within many pension funds), they're opening their doors to successful fraud, which poses a serious risk for both themselves and their customers! 

Pension funds face the twin challenge of ensuring that their member portals are both user-friendly and secure. From one-time codes to hidden identity checks, there's numerous steps that can be taken by both the funds and their customers to ensure maximum trust and security. Our customers are also exploiting enhanced identity document checks to alleviate the risk of false (UK and foreign) identity documents being used; whilst checking for signs that they've been tampered with. These digital checks are extremely accurate, harnessing the expertise of specialist ID and verification partners and extensive technological advances. These capabilities are far more extensive and accurate than the naked eye of one of your administrators.

Existence fraud - stealing the family silver  

Pensions being illegitimately claimed (usually) by family members is a classic problem. This significant risk of fraud is usually associated with a close family member of the deceased, who fails to declare a death and consequently falsely allows pensions to be paid, in some cases for years after. 

Since the pandemic and remote working, we've seen a push to update previously awkward processes to verify a pensioner is still alive. Embracing specialist technology in this area, we've embedded proof of life checks into many processes both online and within the pension's administration functions. These silent checks confirm whether a member appears on a deceased list and stops any possible existence fraudster in their tracks!

We've also streamlined the proof of life process by publishing this on our member portal, allowing members to photograph their ID and go through a live check to verify themselves, removing the cost and risk associated with paper based ID verification processes. This can also be used for overseas members, providing a swift and easy service for both the member and the fund.   

Inside Fraud - hand in the till

There are risks from inside a pension fund, with staff who have access and knowledge to carry out a variety of frauds. ‘Lost pensions' are a particular risk, and many beneficiaries wouldn't even realise that they'd become a victim of fraud (as many lose track of their pension pots). With an estimated £20 billion in lost pensions out there, according to new stats from the Pensions Policy Institute, and the average missing pot worth almost £13,000, this presents an immense risk. 

To tackle insider fraud, embedded bank validations ensure that we accurately verify UK sort codes and bank account numbers - guaranteeing that all details are valid. We safeguard the process even further by checking all details match the member, to be extra vigilant. With every step of any process captured we know exactly what users have been doing, with a forensic ability that confirms pensions are protected. 

#TrustedPartner - giving you the assurance that you and your members need

As expectations change, citizens want more access and control over their pensions via member portals. This is where pension funds need to guarantee security and be assured that they can trust the technology they're using to protect their customers' money. At Civica, we're constantly challenging ourselves to invest in research and development, to come up with new creative solutions to counteract cyber threats and ensure maximum security.

Cybercrime will always be a challenge, and the risk of pension fraud has never been greater. But as the risks grow, so too do the means to tackle them. With continuing advances in cyber-security there are now powerful techniques to mitigate against identity, existence, and insider fraud.

Civica continues to take advantage of advances in cyber-security to develop cutting-edge, sophisticated document checks and services that allow funds to assure members that trustworthy security controls are in place - guaranteeing the protection of pension transactions.

 

Civica provides pensions administration software and consultancy services across the private and public sector including 44% of Local Government Pension Schemes in England and Wales. Their latest contracts with Southwark Council and Local Pension Partnership Authority builds on strong momentum and growth in the sector. Civica's new inspiring content series, Perspectives* explores how emerging technologies can help us build more innovative public services for today, and tomorrow. Get in touch for more information.

More on Regulation

Rise in reported cyber incidents in 2023/24

Rise in reported cyber incidents in 2023/24

Eversheds Sutherland finds 284 reported cyber incidents occurred in last financial year for pensions

Jasmine Urquhart
clock 22 November 2024 • 1 min read
TPO orders trustee director to repay £9.7m into schemes

TPO orders trustee director to repay £9.7m into schemes

Former director of trustee firm ordered to pay into Uniway Systems and Genwick schemes

Jasmine Urquhart
clock 19 November 2024 • 1 min read
SPP says multi-employer CDC regulations could be 'unduly onerous' in areas

SPP says multi-employer CDC regulations could be 'unduly onerous' in areas

Trade body says it mostly supports the DWPs proposed regulations

Jasmine Urquhart
clock 18 November 2024 • 1 min read
Trustpilot