Members of the committee, good afternoon and thank you for having me today.
My name is Simon Marchand, and I am the chief fraud prevention officer at Nuance Communications Canada. Nuance is an American company with a strong presence in Montreal. It develops technologies that rely on artificial intelligence and voice biometrics for use in fraud prevention, among other things. My specific role is to apply those voice biometric technologies to identity theft prevention. Nuance's products are widely deployed throughout Canada, with most of the big banks and telecommunications carriers using its biometric-based technologies. Nuance also has an extensive international clientele, including major U.S. banks and most of the world's big companies. We develop solutions for law enforcement agencies and government service providers, as well, to help them gather evidence and identify citizens.
I am here today to share with you some of our observations. In my capacity, I'm obviously abreast of all the major scams around the world. I'd like to tell you what we've seen in relation to the COVID-19 pandemic and flag some of the risks that need to be addressed, to help ensure Canada's legislation is equipped to deal with fraud-related issues that may be imminent.
I'll start with some of the internal risks. In response to the COVID-19 pandemic, companies quickly reorganized their operations to accommodate telework. I'm not here to praise or criticize telework, but I will say that it poses real risks, especially in connection with customer service. All customer service representatives who usually work in call centres are now working from home, in an unsupervised environment. Despite having few tools, they now have access to sensitive information about consumers, ranging from information about their assets to information that someone could use to impersonate someone else.
The current socio-economic reality will no doubt put pressure on many households. When it comes to internal fraud, we know that pressure and opportunity are the two basic factors that drive an employee to go against their employer's interests and commit fraud, including stealing information belonging to the organization. Let us not forget that some organizations collect highly sensitive information about Canadians.
These changes in how work is organized raise the possibility of information being stolen and eventually posted on the dark web. That will definitely serve identity thieves well.
Other witnesses have talked about phishing scams, a problem that's already well documented. Sophisticated criminals have adapted to the pandemic and are using COVID-19 as a cover to trick people into providing their information. Some areas have seen a 600% increase in the number of phishing scams involving COVID-19; attachments, links to websites and other methods are being used to lure victims.
Fraudsters will be able to get their hands on vast amounts of consumer information, which they won't use in the next few weeks. Rather, they'll wait six to 18 months before opening up accounts, taking out financial products and acquiring products from telecommunications carriers.
Since banks and telecommunications carriers are federally regulated, lawmakers need to be aware of these risks. Much of the focus is on the company's responsibility to protect the data entrusted to it. I think, though, the focus should be on accountability and the responsibility companies have in relation to the information they use to deliver services. When a bank's system is hacked and client information is stolen, it calls into question the bank's responsibility, which is protecting that information. No one asks about what will happen to the information once it's collected. There's a huge accountability gap.
I would be happy to answer any questions you have on the subject.