Introducing, Maya Reiss, Senior Compliance Analyst at Step. She sees a lot of COVID-relief related fraud, describes some fraudulent activity we've never seen before and even schools us on the meaning of the Japanese term "tabe-aruke!"
Check out the transcript below or watch the 20 minute video.
Shannon: Hi everyone. I'm Shannon Slaughter, Risk Ops Analyst at SentiLink. Our guest for today's Fraud Patrol Spotlight Maya Reiss. She is the Senior Compliance Analyst at Step. Hi, Maya, thank you so much for joining me today.
Maya: Shannon. So glad to be here.
Shannon: Alright, so let's just go ahead and jump right in. So, tell me a little bit about yourself and your role at Step.
Maya: I'm a Senior Compliance Analyst at Step, which is a Fintech company that's geared towards teens and young adults, which helps them on their financial journey. We offer a no fee secured credit card that allows users to start building positive credit. Step launched in September 2020. But I've been with the company now since a little before launch as I started in July 2020. And you know, the nature of it being a small, young startup, I wear many different hats, but my focus right now is heading our KYC process and the different initiatives we have to improve that.
Shannon: Well, that's so interesting. You've been there since before it launched. So right from the beginning. and you guys have a unique product. Alright, so where did you grow up?
Maya: I grew up in Canada, in Ottawa, which is the capital of the country, but I've been in the US for almost 10 years.
Shannon: And where did you go to school?
Maya: I went to school in Canada as well. So, I did my undergrad in Halifax at Dalhousie University, I studied Economics, and then I did my master’s degree in Ottawa at Norman Paterson School of International Affairs.
Shannon: One of my favorite things about meeting new fellow fraud fighters is learning how they got their start in fraud. So how did you get into fighting fraud?
Maya: I kind of fell into it. I was living and working in New York. My job was unfulfilling at the time, and I was looking to try and move somewhere else. And I got a great opportunity to move to San Francisco and work for a bank in their anti-money laundering department. I would still say that my perspective tends to lean more towards AML side rather than fraud because that's how I cut my teeth. But I was working at the bank for a few years doing investigations. And then, about a few years ago, I moved over to the Fintech space, where I really started getting exposed more to fraud itself.
Shannon: So that's something that we have in common. And we talked earlier and we both kind of started in the traditional banking industry. Another thing that you brought up that you cut your teeth on AML type work. And we've also previously talked about fraud and compliance. They do tend to be kind of different animals. There's some overlap between the two. But it is different work altogether. What types of fraud do you typically see on a day-to-day basis?
Maya: On a day-to-day basis, something that we have seen a lot it at Step and I'm sure other Fintechs can commiserate with this is, we've seen a crazy amount of unemployment insurance fraud, and PPP fraud. Especially in the last few years, just a lot of that. I think fraudsters are just doing what they can to test us, looking at any holes or weaknesses in our programs and exploiting that as much as they can, especially for any young startups, which makes us react quickly and put controls in place. On a day-to-day level, since I'm more in the KYC space, I see a lot of identity theft fraud. So, a lot of users applying, trying to open an account using stolen PII. Or stolen ID cards, things like that.
Shannon: Yeah, it's not going away anytime soon, right? As far as PPP fraud, those fraudsters - I don't think they could have done any better at taking advantage of that program. I don't think anyone knew how bad it was going to get. And I feel like we're going to be kind of unraveling that huge, tangled mess for years and years to come. My second favorite thing to talk about with fellow fraud fighters are the crazy cases that they see. What’s one of the craziest things that you've seen throughout your career?
Maya: So, I'll focus on fraud because I’ve seen some crazy AML things but due to the laws regarding SARS, I'm not allowed to disclose any of those. One of the ones that I wanted to bring up is one of the first fraud cases that I looked at when I was at my previous startup. I came across a bunch of accounts that were entirely of funded from prepaid cards or mobile cash, things like that. And the activity consisted entirely of sending outgoing $1 transactions to super sketchy, weird un-Google-able websites. But once I did a little bit of research, and I could look up the websites, they were all these shady looking online credit reporting services. And we would see they had like hundreds, if not thousands of these transactions that weren’t being detected because they were so little, they're like $1 transactions. We ended up closing these accounts, still never really got to the bottom of it, but my hypothesis was they were fraudsters who were likely opening accounts using fake identities, and then, running other stolen identities through the credit reporting checks to see what they would be good to use for. So, yeah, it was crazy. It was weird. It made me realize how many random websites there are on the internet. Sometimes you think you know so much. And then you're like, oh, wow, there's like this whole other world that we're just on the cusp of.
Shannon: Oh, yeah. New sites all the time. Flagged sites being taken down all the time. Right. It doesn't surprise me that accounts like that would be open with a stolen identity. They don’t want that kind of activity being traced back to them. But yeah, I have not seen anything like that. I’m really glad that you brought that up. What is your proudest accomplishment so far?
Maya: I would say a lot of it is just day to day stuff, seeing the rules that we're putting into place or controls that we've implemented, the effect fact that they had, how we're able to stop fraud from coming through or just even improve our internal systems and processes and make them better. Especially joining pre-launch, just to see how much we've grown and gone from the early days where we had manual review processes, and now we've been able to automate the majority of it and just get more sophisticated with our controls and everything we do.
Shannon: That must be so rewarding to help build something pretty much from the ground up and then to come in contact with some of these issues with fraudsters trying to take advantage of any loopholes that they find and then being able to pivot and put something in place to stop it. That is a really rewarding feeling I bet.
Maya: Yeah. And being in the compliance fraud space we tend to see on a day-to-day basis the bad users more often, those are the ones we're exposed to but it's important to remember that what we're doing, we're trying to stop as many of those users to make as good of a user experience possible for the actual legitimate users. A lot of our users, the majority of them, it's geared towards teens. So, for a lot of them it's their first bank account and so seeing how much we're able to help them it's just really rewarding as well.
Shannon: So, let's talk about the future of financial fraud. I know like we said before, fraud, compliance, kind of two different things. But do you have any predictions about the future of financial fraud, especially in relation to compliance issues?
Maya: Oh, that's a good question. As we move more towards Fintechs, and online culture we're making it a lot easier for fraudsters - we're opening the space to them, and they have a lot of different vectors to try and commit fraud. So, as it gets more sophisticated and fraudsters do this as a full-time job and are sophisticated are able to figure this out maybe an optimistic prediction, or maybe it's more of like what I hope would be the creation of some sort of sharing mechanism. A collaboration or channel between different neo banks and Fintechs that would allow more cross company sharing of information. Being where we are, we only have a little bit of visibility into what fraudsters are doing and we can see they're transacting with other Fintech companies or other Neo banks. We’re not always able to determine for sure, and so having more collaboration that would allow better controls in place. We’re seeing this a little bit from FinCEN. They have the recent proposal to allow US financial institutions to start sharing SARS, with non-US branches, their affiliates, and subsidiaries. So, hopefully, that opens a step for something like this in the fraud space for Neo banks and Fintechs.
Shannon: Yeah, I love that you brought that up. I 100% agree. The only way that we're really going to be able to have a chance at staying ahead of fraudsters is collaboration, right? And there are a lot of roadblocks, unfortunately, legal, and then also from individual institution to individual institution. Their own privacy policies that they have, that’s what fraudsters do. They don't even hide it anymore. You can go to Reddit, there are a lot of places online that you can go and find information on how to commit fraud. So yeah, I feel like we need to be just as collaborative, if not more, so. Yeah. I'm glad you brought that up. So, I'm switching gears a little bit. What do you do for fun to blow off steam? I know that fraud and compliance work can often be tough work. So, what do you do to balance them?
Maya: I’m a big fan of crosswords. So, I do that every night. The New York Times crossword as soon as it's available here on the West Coast, it's usually around like seven o'clock at night, I'm usually doing it by then. I would say also, a big thing I like to do, especially you know, during the pandemic, just walk around a lot and explore different neighborhoods. So, one of the best things about living in San Francisco is what a walkable city it is. In Japanese, there's like a term called “tabe-aruke” which translates to eating and walking. And I think it's kind of like if you're restaurant hopping or exploring different restaurants. I would literally do that and just I like to walk a lot and explore new restaurants and cafes
Shannon: I love you’re a fellow foodie! That's great. I've only been to San Francisco a couple of times. And I love walking around there. You're right. It is very walkable. There's so much great food. I can't really think of a better way to spend some free time than to just do exactly what you described. So. All right. Well, I think this is a good place to wrap it up. I really appreciate you taking the time to talk with me today.
Maya: Thank you. It was a pleasure.