Real-time payments, near real-time payments, faster payments, immediate payments — those are just some names used to describe the increasing speed of the settlement transaction process. Slow clearing times for payments can have a negative effect on businesses and consumers, but a quicker process may introduce fraud risks.

The National Automated Clearing House Association (NACHA) issued the Faster Payments initiative to address the “lack of a real-time or faster-payment system” within the U.S., a situation that puts both businesses and consumers at a disadvantage. However, speeding up processing and clearing times entirely changes the way the financial industry works. Faster transactions times can significantly impact operational risk, including security and fraud risks.

Understanding Operational Risk

Operational risk refers to the risks associated with financial or information losses and breakdowns due to faulty or failed internal processes, systems, people or an external event. Speeding up the processing times of financial transactions requires institutions to review their operational risks and institute mitigation practices. When mitigating these new risks, they may create new policies, processes and, potentially, systems to meet the requirements of this initiative.

Read the white paper: Do faster payments mean faster fraud?

Financial institutions rely on strong policies and processes to efficiently conduct business. These policies include risk management, corporate governance, efficient monitoring and testing functions, internal audits and strong regulatory compliance programs. Compliance programs are necessary to ensure that internal policies align with external, U.S.-governed economic sanctions and rules. Some such external regulatory requirements are the Bank Secrecy Act (BSA), Know Your Customer (KYC) rules and guidance from the Office of Foreign Assets Control (OFAC).

Increasing the speed of transactions and clearing times means there is less time to review transactions for suspicious activity. Financial institutions must have updated and agile security and fraud detection systems in place to combat this. These systems must produce immediate fraud indicators with low false positive rates and a real-time transaction validation process.

Security and Fraud Risks

Operational risk is made up of security and fraud risks. These refer to risks associated with controls, assets and asset misappropriation, corruption and loss of data, information or funds. Banks often have robust authentication processes in place to help ensure that only true users are accessing their accounts. Cybercriminals exploit the vulnerabilities present in these processes to gain unauthorized access to data.

With the Faster Payments initiative increasing financial transaction clearing times, the potential for security and fraud risks will rise. Banks will need to be even more diligent in watching for online fraud, first-party fraud, false claims and check fraud.

Online banking fraud refers to any type of scheme that takes advantage of the online banking to exploit vulnerabilities and gain illegal access to customer information and funds. Fraudsters use malicious malware, phishing scams, social engineering, remote access Trojans (RATs), keylogging and other methods to gain access to accounts and withdraw funds, also known as account takeover attacks.

First-party fraud refers to financial fraud in which cybercriminals open an account with no intention of repayment. This covers a wide range of fraud methods, including synthetic ID fraud, bust-out schemes, application fraud and mule accounts/strawman.

False claims involves claiming that a payment, money transfer or transaction on your account was unauthorized, when, in fact, you conducted the activity. Check fraud is the act of using checks to illegally acquire, spend or borrow funds from a nonexistent balance in the owner’s account. There are many types of check fraud, including forgery, counterfeiting and check kiting.

Comprehensive Fraud Prevention

IBM Security Trusteer Pinpoint Detect offers a fundamentally different approach to security that can help financial organizations detect fraud while reducing false positives and the overall alert rate. The IBM approach to fraud detection is based on three core principles: visibility, a global threat intelligence network and agility by design, all of which align with the needs and risks associated with processing transactions faster.

The Faster Payments initiative may help U.S. businesses become more competitive in the global market, shorten clearing times for financial transactions, and ensure that transactions and bill payments are completed in a timely fashion. But as antifraud technology advances, fraudsters will look to exploit any system vulnerabilities to their advantage. Shorter transaction times can potentially increase this risk.

This is where fraud detection solutions can help. Trusteer Pinpoint Detect uses evidence-based indicators to offer a proven approach that helps address the shortcomings of traditional risk engines. Using real-time fraud indicators, a risk score approach, a deep understanding of strategies exploited by fraudsters and actionable intelligence, the Trusteer Pinpoint Detect solution provides real-time, highly accurate information to determine whether a transaction is fraudulent. This offers financial institutions a comprehensive fraud prevention platform that delivers broad visibility across the threat landscape.

Do faster payments mean faster fraud? Read the white paper to find out

More from Fraud Protection

What’s up India? PixPirate is back and spreading via WhatsApp

8 min read - This blog post is the continuation of a previous blog regarding PixPirate malware. If you haven’t read the initial post, please take a couple of minutes to get caught up before diving into this content. PixPirate malware consists of two components: a downloader application and a droppee application, and both are custom-made and operated by the same fraudster group. Although the traditional role of a downloader is to install the droppee on the victim device, with PixPirate, the downloader also…

Unveiling the latest banking trojan threats in LATAM

9 min read - This post was made possible through the research contributions of Amir Gendler.In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target Latin America, with a particular emphasis on its financial institutions.In this blog post, we’ll shed light on the group responsible for disseminating this campaign. We’ll delve into the method of web injects and Man in the Browser, and…

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today