Clari5

Are Real-time Payments Actually Fueling Financial Crime?

Are Real-time Payments Actually Fueling Financial Crime?

Over 30 countries now have real-time payment processes of some kind, some of them in use since decades and the benefits are evident. But in a real-time world, does faster payments mean faster fraud? What can financial institutions do to stay ahead of financial crime in payments?

Are Real-time Payments Actually Fueling Financial Crime?

real-time payments
Real-time and near real-time payment systems have changed the very fabric of online commerce. Over 30 countries now have real-time payment processes of some kind, some of them in use since decades.

The growth in Real-time Retail Payment Systems (RT-RPS) has been encouraging, with 18 countries now having a ‘live’ RT-RPS systems in place. Additionally, 12 countries are exploring/planning/building RT-RPS systems, with another 17 exploring RT-RPS through a pan-European initiative.

Over the last year, papers on real-time payments published by the U.S. Federal Reserve Bank, the European Payments Council and the European Banking Association have created considerable interest within the banking ecosystem.

RT-RPS systems have some common characteristics, like instant clearing confirmation to support instant or near real-time posting by banks, 24/7/365 operations and a focus on richer data standards, such as ISO 20022.

In a real-time or a near-real-time environment, once the transaction is over, the money is gone, compared to traditional payment mechanisms which gave financial institutions ample time to scrutinize transactions before they were cleared. Fraudsters had to wait for the money to hit accounts before they could vanish with the loot.

By shrinking the transaction processing window, the time to detect and act on fraud is greatly diminished. So whatever the technology that is used to accelerate payments, it must also support the bank’s ability to detect and thwart fraud.

Launched in 2008, UKFP (UK Faster Payments) was one of the first of the new generation RT-RPS services. While UKFP has been a success, the potential for fraud was seen immediately. In UKFP’s first two years, fraud tripled according to behavioral biometrics firm Biocatch.

Even though the infrastructure was sound, the entry points to transaction initiation were weak, and this was exploited by fraudsters. To enhance authentication, some quick steps were taken to improve verification of customer credentials using two-factor identification, tokenization and smartcard readers.

Fraudsters today are increasingly using malware to hijack user sessions and move money quickly and automatically, forcing banks to further fortify their defense mechanisms. As countries continue to roll out faster payment systems, it would be wise to pay heed to these lessons.

Quite evidently, real-time payments calls for extreme real-time fraud detection and prevention.

Financial institutions must arm themselves with financial crime prevention capabilities that are able to detect, investigate, prevent and resolve financial crimes much more intelligently.

Faster payment services are typically available across multiple channels (IVR, online, mobile, ATM, POS, etc.), so transactions must be monitored (and anomalies acted up on) in extreme real-time and across all channels. An intelligent monitoring system must therefore cover all channels to look for undesirable patterns or deviations from a customer’s known/usual behavior.

Another critical risk in real-time payments is identity management. Multi-factor identification to confirm payment parties makes payment initiation more secure. Behavioral analytics and biometric information to combat remote access attacks and malware also add to the overall defense framework.

Besides helping real-time payment fraud prevention, detection and investigation, new age cross-channel, extreme real-time systems also address regulatory compliance and audits.

Not so long ago, fraud monitoring used to follow an ‘observe and report’ process. Global compliance efforts are now choosing to pro-actively stop transactions based on suspicious activities, before they are executed.

It has also become increasingly vital to utilize the collective, cross-channel wisdom about customers, so that even the slightest deviation during a real-time payment is detected in absolute real-time. Extreme real-time transaction monitoring enables banks to make more accurate, in-the moment, ‘segment of one’ interventions.

Constantly staying several steps ahead of sophisticated digital financial crime has become an inevitability amidst the economic and regulatory pressures challenging retail banking worldwide.
Financial institutions cannot do away with customers expecting immediate and secure real-time payment transactions. But with real-time payments increasing the vulnerability to financial crime, the situation demands more intelligent, extreme real-time and cross-channel preventive systems.

References:
• Faster Payments Equals Faster Fraud in a Real-Time World, Trevor Mast, Payments Leader
• Real-time payments: Towards speed and transparency, Payments Cards and Mobile
• Continuing the Evolution of Real-Time Payments in the U.S., VolanteTech

Applying Machine Learning And AI In Fraud Detection: A Primer

In the world of financial transactions, rule based heuristics are often employed to detect fraud, rather than to detect anomalies. The cat and mouse chase of financial institutions and fraudsters is an ongoing battle that has costed the global economy close to half a trillion dollars. Given the fundamental shortcomings of rule based heuristics, how does machine learning help in fraud detection?

January 2018 Issue

Interview: Open The Floodgates For Enterprise AI In Your Bank

CustomerXPs CEO Rivi Varghese on deploying AI as a core strategic capability to overcome the ‘yin-yang’ predicament.
How AI-powered regtech enhances a bank’s regulatory compliance efficiencies and why banks must make it a key component in their operation risk management strategy.
If the fraud liability is going to shift to PSPs and banks, it means that they will have to look at unconventional and smarter fraud prevention ideas.
When an unauthorized charge is made in a location other than the one specified by customer, it can be detected automatically. See how location based authentication works in detecting fraud.