By: Lin Danwan, CFE
In recent years, fraudulent schemes have been on the rise, evolving constantly in their modus operandi. To counter this growing threat, information sharing mechanisms related to fraud detection and prevention have advanced significantly. Notably, an increasing number of fraudulent information-sharing initiatives are now adopting a public-private partnership approach, involving cooperation between government agencies, law enforcement and private sector entities. This collaborative model leverages the expertise and resources of both sectors to create a more comprehensive and effective response to fraud.
Trend in Fraud Information Sharing: Public-Private Partnerships
Traditionally, collaboration against fraud was confined to private actors, such as banks. However, the public-private partnership approach is now being increasingly utilized to combat fraud. Initiatives like, the Fraud & Money Laundering Intelligence Taskforce (FMLIT) in Hong Kong and the Fintel Alliance launched by Australian Transaction Reports and Analysis Centre (AUSTRAC) in Australia, exemplify such joint efforts.
In this model, public agencies possess legal authority and access to intelligence, while private companies hold real-time data and cutting-edge technologies. This accelerates information sharing, reduces response time and enhances the overall understanding of the threat landscape. Proactive measures can then be taken against fraud, leading to more cost-effective solutions. The partnership also seeks to adopt a more efficient and systemic approach with the support of information technology, as seen in initiatives like Financial Intelligence Evaluation Sharing Tool (FINEST) in Hong Kong.
Challenges to Public-Private Partnership of Fraud Information Sharing
While partnerships can be effective in combating fraud, they do come with some challenges that need to be addressed. It is essential to balance the liabilities and benefits of such partnerships, with some of the concerns easily noted including information security, protection of privacy interests and potential conflicts of interest.
- Data privacy concerns: Private companies often handle customer data carefully and share with government agencies only under specific regulatory requirements. Striking a balance between the purpose for fraud prevention and detection, and protecting individual privacy is uneasy and requires the establishment of a certain legal framework delineating the purpose and scope.
- Information security under this partnership: The scope of the shared information, the sharing channel or system, technical components that constitute the sharing solution necessitate deliberation and befitting technological development to ensure robust information security.
- Differing priorities and liability model: Public and private entities may have distinct proprietary concerns and nuanced priorities. Aligning these priorities and setting common goals is essential for effective collaboration.
- Legal and regulatory challenges: Many private companies operate with global jurisdictional coverage; the varying legal and regulatory frameworks complicate cross-border information sharing and cooperation.
Accordingly, the solutions are expected to cover the below dimensions:
Liability Model Setting
- Clear legal frameworks: Legal agreements and frameworks should be established, outlining the scope of information sharing, data protection, liability and the specific purposes for which data can be used.
- Roles and responsibilities: Establishing a partnership guideline to define the roles and responsibilities under the collaboration model is crucial to all stakeholders involved.
Framework / Mechanism Setting
- Standardized data formats: Encouraging the use of standardized data formats and sharing protocols can simplify and streamline the exchange of information between public and private entities.
- Incident response plans: Developing incident response plans that involve both public and private stakeholders can ensure a coordinated and efficient response to fraud incidents.
- Public-Private dialogues: Collaboration can be strengthened by establishing regular forums and working groups where representatives from both sectors can meet and discuss common challenges and solutions.
Reliable Technical Support
- Cybersecurity capacity building: Supporting capacity building programs for both public agencies and private companies can enhance their ability to detect, prevent and respond to fraud and cyber threats.
An operable partnership requires rigorous model setting, defined roles and responsibilities, technical commitment and a shared understanding of the benefits of collaboration. With these in place, public and private sectors can create a more resilient and effective defense against fraud. By embracing the public-private partnership approach to information sharing, we can collectively stay one step ahead of the evolving fraud landscape and protect the integrity of financial systems worldwide.