Real-time payments, near real-time payments, faster payments, immediate payments — those are just some names used to describe the increasing speed of the settlement transaction process. Slow clearing times for payments can have a negative effect on businesses and consumers, but a quicker process may introduce fraud risks.

The National Automated Clearing House Association (NACHA) issued the Faster Payments initiative to address the “lack of a real-time or faster-payment system” within the U.S., a situation that puts both businesses and consumers at a disadvantage. However, speeding up processing and clearing times entirely changes the way the financial industry works. Faster transactions times can significantly impact operational risk, including security and fraud risks.

Understanding Operational Risk

Operational risk refers to the risks associated with financial or information losses and breakdowns due to faulty or failed internal processes, systems, people or an external event. Speeding up the processing times of financial transactions requires institutions to review their operational risks and institute mitigation practices. When mitigating these new risks, they may create new policies, processes and, potentially, systems to meet the requirements of this initiative.

Read the white paper: Do faster payments mean faster fraud?

Financial institutions rely on strong policies and processes to efficiently conduct business. These policies include risk management, corporate governance, efficient monitoring and testing functions, internal audits and strong regulatory compliance programs. Compliance programs are necessary to ensure that internal policies align with external, U.S.-governed economic sanctions and rules. Some such external regulatory requirements are the Bank Secrecy Act (BSA), Know Your Customer (KYC) rules and guidance from the Office of Foreign Assets Control (OFAC).

Increasing the speed of transactions and clearing times means there is less time to review transactions for suspicious activity. Financial institutions must have updated and agile security and fraud detection systems in place to combat this. These systems must produce immediate fraud indicators with low false positive rates and a real-time transaction validation process.

Security and Fraud Risks

Operational risk is made up of security and fraud risks. These refer to risks associated with controls, assets and asset misappropriation, corruption and loss of data, information or funds. Banks often have robust authentication processes in place to help ensure that only true users are accessing their accounts. Cybercriminals exploit the vulnerabilities present in these processes to gain unauthorized access to data.

With the Faster Payments initiative increasing financial transaction clearing times, the potential for security and fraud risks will rise. Banks will need to be even more diligent in watching for online fraud, first-party fraud, false claims and check fraud.

Online banking fraud refers to any type of scheme that takes advantage of the online banking to exploit vulnerabilities and gain illegal access to customer information and funds. Fraudsters use malicious malware, phishing scams, social engineering, remote access Trojans (RATs), keylogging and other methods to gain access to accounts and withdraw funds, also known as account takeover attacks.

First-party fraud refers to financial fraud in which cybercriminals open an account with no intention of repayment. This covers a wide range of fraud methods, including synthetic ID fraud, bust-out schemes, application fraud and mule accounts/strawman.

False claims involves claiming that a payment, money transfer or transaction on your account was unauthorized, when, in fact, you conducted the activity. Check fraud is the act of using checks to illegally acquire, spend or borrow funds from a nonexistent balance in the owner’s account. There are many types of check fraud, including forgery, counterfeiting and check kiting.

Comprehensive Fraud Prevention

IBM Security Trusteer Pinpoint Detect offers a fundamentally different approach to security that can help financial organizations detect fraud while reducing false positives and the overall alert rate. The IBM approach to fraud detection is based on three core principles: visibility, a global threat intelligence network and agility by design, all of which align with the needs and risks associated with processing transactions faster.

The Faster Payments initiative may help U.S. businesses become more competitive in the global market, shorten clearing times for financial transactions, and ensure that transactions and bill payments are completed in a timely fashion. But as antifraud technology advances, fraudsters will look to exploit any system vulnerabilities to their advantage. Shorter transaction times can potentially increase this risk.

This is where fraud detection solutions can help. Trusteer Pinpoint Detect uses evidence-based indicators to offer a proven approach that helps address the shortcomings of traditional risk engines. Using real-time fraud indicators, a risk score approach, a deep understanding of strategies exploited by fraudsters and actionable intelligence, the Trusteer Pinpoint Detect solution provides real-time, highly accurate information to determine whether a transaction is fraudulent. This offers financial institutions a comprehensive fraud prevention platform that delivers broad visibility across the threat landscape.

Do faster payments mean faster fraud? Read the white paper to find out

More from Fraud Protection

Virtual credit card fraud: An old scam reinvented

3 min read - In today's rapidly evolving financial landscape, as banks continue to broaden their range of services and embrace innovative technologies, they find themselves at the forefront of a dual-edged sword. While these advancements promise greater convenience and accessibility for customers, they also inadvertently expose the financial industry to an ever-shifting spectrum of emerging fraud trends. This delicate balance between new offerings and security controls is a key part of the modern banking challenges. In this blog, we explore such an example.…

Remote access detection in 2023: Unmasking invisible fraud

3 min read - In the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges in detecting this invisible threat. Let’s examine the modus operandi of fraudsters, prevalence rates across different regions, classic detection methods and Trusteer’s innovative approach to RAT detection through behavioral analysis. A rising threat As Fraud detection methods become more and…

Gozi strikes again, targeting banks, cryptocurrency and more

3 min read - In the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. Over time, Gozi underwent a significant transformation and became associated with other malware strains, such as Ursnif (Snifula) and Vawtrak/Neverquest. Now, in a recent campaign, Gozi has set its sights on banks, financial services and cryptocurrency platforms,…

The rise of malicious Chrome extensions targeting Latin America

9 min read - This post was made possible through the research contributions provided by Amir Gendler and Michael  Gal. In its latest research, IBM Security Lab has observed a noticeable increase in campaigns related to malicious Chrome extensions, targeting  Latin America with a focus on financial institutions, booking sites, and instant messaging. This trend is particularly concerning considering Chrome is one of the most widely used web browsers globally, with a market share of over 80% using the Chromium engine. As such, malicious…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today