Real-Time Payments, Real-Time Fraud Risks?
Real-time payments, near real-time payments, faster payments, immediate payments — those are just some names used to describe the increasing speed of the settlement transaction process. Slow clearing times for payments can have a negative effect on businesses and consumers, but a quicker process may introduce fraud risks.
The National Automated Clearing House Association (NACHA) issued the Faster Payments initiative to address the “lack of a real-time or faster-payment system” within the U.S., a situation that puts both businesses and consumers at a disadvantage. However, speeding up processing and clearing times entirely changes the way the financial industry works. Faster transactions times can significantly impact operational risk, including security and fraud risks.
Understanding Operational Risk
Operational risk refers to the risks associated with financial or information losses and breakdowns due to faulty or failed internal processes, systems, people or an external event. Speeding up the processing times of financial transactions requires institutions to review their operational risks and institute mitigation practices. When mitigating these new risks, they may create new policies, processes and, potentially, systems to meet the requirements of this initiative.
Financial institutions rely on strong policies and processes to efficiently conduct business. These policies include risk management, corporate governance, efficient monitoring and testing functions, internal audits and strong regulatory compliance programs. Compliance programs are necessary to ensure that internal policies align with external, U.S.-governed economic sanctions and rules. Some such external regulatory requirements are the Bank Secrecy Act (BSA), Know Your Customer (KYC) rules and guidance from the Office of Foreign Assets Control (OFAC).
Increasing the speed of transactions and clearing times means there is less time to review transactions for suspicious activity. Financial institutions must have updated and agile security and fraud detection systems in place to combat this. These systems must produce immediate fraud indicators with low false positive rates and a real-time transaction validation process.
Security and Fraud Risks
Operational risk is made up of security and fraud risks. These refer to risks associated with controls, assets and asset misappropriation, corruption and loss of data, information or funds. Banks often have robust authentication processes in place to help ensure that only true users are accessing their accounts. Cybercriminals exploit the vulnerabilities present in these processes to gain unauthorized access to data.
With the Faster Payments initiative increasing financial transaction clearing times, the potential for security and fraud risks will rise. Banks will need to be even more diligent in watching for online fraud, first-party fraud, false claims and check fraud.
Online banking fraud refers to any type of scheme that takes advantage of the online banking to exploit vulnerabilities and gain illegal access to customer information and funds. Fraudsters use malicious malware, phishing scams, social engineering, remote access Trojans (RATs), keylogging and other methods to gain access to accounts and withdraw funds, also known as account takeover attacks.
First-party fraud refers to financial fraud in which cybercriminals open an account with no intention of repayment. This covers a wide range of fraud methods, including synthetic ID fraud, bust-out schemes, application fraud and mule accounts/strawman.
False claims involves claiming that a payment, money transfer or transaction on your account was unauthorized, when, in fact, you conducted the activity. Check fraud is the act of using checks to illegally acquire, spend or borrow funds from a nonexistent balance in the owner’s account. There are many types of check fraud, including forgery, counterfeiting and check kiting.
Comprehensive Fraud Prevention
IBM Security Trusteer Pinpoint Detect offers a fundamentally different approach to security that can help financial organizations detect fraud while reducing false positives and the overall alert rate. The IBM approach to fraud detection is based on three core principles: visibility, a global threat intelligence network and agility by design, all of which align with the needs and risks associated with processing transactions faster.
The Faster Payments initiative may help U.S. businesses become more competitive in the global market, shorten clearing times for financial transactions, and ensure that transactions and bill payments are completed in a timely fashion. But as antifraud technology advances, fraudsters will look to exploit any system vulnerabilities to their advantage. Shorter transaction times can potentially increase this risk.
This is where fraud detection solutions can help. Trusteer Pinpoint Detect uses evidence-based indicators to offer a proven approach that helps address the shortcomings of traditional risk engines. Using real-time fraud indicators, a risk score approach, a deep understanding of strategies exploited by fraudsters and actionable intelligence, the Trusteer Pinpoint Detect solution provides real-time, highly accurate information to determine whether a transaction is fraudulent. This offers financial institutions a comprehensive fraud prevention platform that delivers broad visibility across the threat landscape.