Real-time payments, near real-time payments, faster payments, immediate payments — those are just some names used to describe the increasing speed of the settlement transaction process. Slow clearing times for payments can have a negative effect on businesses and consumers, but a quicker process may introduce fraud risks.

The National Automated Clearing House Association (NACHA) issued the Faster Payments initiative to address the “lack of a real-time or faster-payment system” within the U.S., a situation that puts both businesses and consumers at a disadvantage. However, speeding up processing and clearing times entirely changes the way the financial industry works. Faster transactions times can significantly impact operational risk, including security and fraud risks.

Understanding Operational Risk

Operational risk refers to the risks associated with financial or information losses and breakdowns due to faulty or failed internal processes, systems, people or an external event. Speeding up the processing times of financial transactions requires institutions to review their operational risks and institute mitigation practices. When mitigating these new risks, they may create new policies, processes and, potentially, systems to meet the requirements of this initiative.

Read the white paper: Do faster payments mean faster fraud?

Financial institutions rely on strong policies and processes to efficiently conduct business. These policies include risk management, corporate governance, efficient monitoring and testing functions, internal audits and strong regulatory compliance programs. Compliance programs are necessary to ensure that internal policies align with external, U.S.-governed economic sanctions and rules. Some such external regulatory requirements are the Bank Secrecy Act (BSA), Know Your Customer (KYC) rules and guidance from the Office of Foreign Assets Control (OFAC).

Increasing the speed of transactions and clearing times means there is less time to review transactions for suspicious activity. Financial institutions must have updated and agile security and fraud detection systems in place to combat this. These systems must produce immediate fraud indicators with low false positive rates and a real-time transaction validation process.

Security and Fraud Risks

Operational risk is made up of security and fraud risks. These refer to risks associated with controls, assets and asset misappropriation, corruption and loss of data, information or funds. Banks often have robust authentication processes in place to help ensure that only true users are accessing their accounts. Cybercriminals exploit the vulnerabilities present in these processes to gain unauthorized access to data.

With the Faster Payments initiative increasing financial transaction clearing times, the potential for security and fraud risks will rise. Banks will need to be even more diligent in watching for online fraud, first-party fraud, false claims and check fraud.

Online banking fraud refers to any type of scheme that takes advantage of the online banking to exploit vulnerabilities and gain illegal access to customer information and funds. Fraudsters use malicious malware, phishing scams, social engineering, remote access Trojans (RATs), keylogging and other methods to gain access to accounts and withdraw funds, also known as account takeover attacks.

First-party fraud refers to financial fraud in which cybercriminals open an account with no intention of repayment. This covers a wide range of fraud methods, including synthetic ID fraud, bust-out schemes, application fraud and mule accounts/strawman.

False claims involves claiming that a payment, money transfer or transaction on your account was unauthorized, when, in fact, you conducted the activity. Check fraud is the act of using checks to illegally acquire, spend or borrow funds from a nonexistent balance in the owner’s account. There are many types of check fraud, including forgery, counterfeiting and check kiting.

Comprehensive Fraud Prevention

IBM Security Trusteer Pinpoint Detect offers a fundamentally different approach to security that can help financial organizations detect fraud while reducing false positives and the overall alert rate. The IBM approach to fraud detection is based on three core principles: visibility, a global threat intelligence network and agility by design, all of which align with the needs and risks associated with processing transactions faster.

The Faster Payments initiative may help U.S. businesses become more competitive in the global market, shorten clearing times for financial transactions, and ensure that transactions and bill payments are completed in a timely fashion. But as antifraud technology advances, fraudsters will look to exploit any system vulnerabilities to their advantage. Shorter transaction times can potentially increase this risk.

This is where fraud detection solutions can help. Trusteer Pinpoint Detect uses evidence-based indicators to offer a proven approach that helps address the shortcomings of traditional risk engines. Using real-time fraud indicators, a risk score approach, a deep understanding of strategies exploited by fraudsters and actionable intelligence, the Trusteer Pinpoint Detect solution provides real-time, highly accurate information to determine whether a transaction is fraudulent. This offers financial institutions a comprehensive fraud prevention platform that delivers broad visibility across the threat landscape.

Do faster payments mean faster fraud? Read the white paper to find out

More from Fraud Protection

PixPirate: The Brazilian financial malware you can’t see

10 min read - Malicious software always aims to stay hidden, making itself invisible so the victims can’t detect it. The constantly mutating PixPirate malware has taken that strategy to a new extreme. PixPirate is a sophisticated financial remote access trojan (RAT) malware that heavily utilizes anti-research techniques. This malware’s infection vector is based on two malicious apps: a downloader and a droppee. Operating together, these two apps communicate with each other to execute the fraud. So far, IBM Trusteer researchers have observed this…

New Fakext malware targets Latin American banks

6 min read - This article was made possible thanks to contributions from Itzhak Chimino, Michael Gal and Liran Tiebloom. Browser extensions have become integral to our online experience. From productivity tools to entertainment add-ons, these small software modules offer customized features to suit individual preferences. Unfortunately, extensions can prove useful to malicious actors as well. Capitalizing on the favorable characteristics of an add-on, an attacker can leverage attributes like persistence, seamless installation, elevated privileges and unencrypted data exposure to distribute and operate banking…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today