As fraud risk soars, lenders struggle to combat issue

A string of attacks that hit high profile mortgage players in recent months demonstrate that cybercrime continues to be a pressing issue for the financial services industry, and a fourth quarter report reveals that the risk of fraud is getting worse.  

There is usually an uptick in fraud at the end of the year and 2023 was no different, a report by FundingShield published Tuesday said. 

More than half of the loans in a $61 billion portfolio had at least one risk issue that could lead to wire or title fraud, marking a 5% increase from the prior quarter. Meanwhile, the rate of errors per loan jumped by 30% compared to the third quarter, the fraud prevention firm's report said.

The incidents in recent months and the report's findings highlighted the "industry's lack of readiness," FundingShield's CEO Ike Suri said.

"We saw the challenges created by the Fidelity National Financial and First American Title cyber events prompted lenders' risk and compliance, operations, funding and accounting teams to address the impact of bank closures, widespread technology or data outages and preparing for those challenges today," Suri said in a press release. "These intentional acts of cybercrime create financial losses within impacted firms but also threaten the enterprise valuations of listed public firms."

Loans showing signs of fraud risk had 2.2 issues on average in the fourth quarter, up from two the prior quarter. At the same time, wire-related issues and license related issues spiked by 33.67% and 79.48% from the third quarter, respectively. Flaws found in closing-protection letters rose by 22.28%.

The risk of fraud-related events is likely to amplify as the tools available for cyber criminals to attack the mortgage and title space grows.

Aging technology applications with gaps in security updates and an availability of artificial intelligence-driven tools to deploy attacks can be potential avenues for nefarious players to attack the financial services sector, Suri said.

"We are in the trenches, holding hands with our client's loan by loan," FundingShield's CEO added. "We have been speaking to COOs, CISOs, CFOs, heads of Capital Markets, and treasury on the need for funding controls as part of their cybersecurity defense and readiness as auditors or investors ask for evidence of a plan."

Since November, at least four players in the housing space have been hit by cyber attacks, including Mr.Cooper, Fidelity National Financial, First American Title and most recently Loandepot.

Of the four companies, three have thus far reported that personal identifiable information of customers has been leaked. Mr. Cooper, Loandepot and Fidelity have all offered identity monitoring services to past and current customers impacted.