Take On Payments, a blog sponsored by the Retail Payments Risk Forum of the Federal Reserve Bank of Atlanta, is intended to foster dialogue on emerging risks in retail payment systems and enhance collaborative efforts to improve risk detection and mitigation. We encourage your active participation in Take on Payments and look forward to collaborating with you.
Federal Reserve Web Sites
Other Bank Regulatory Sites
April 07, 2014
Learning from Experience to Handle Suspicious Payment Transactions
In a post earlier this year, we addressed the difficulty of identifying and tracking remotely created checks (RCCs) in the payments stream. Electronic payment orders (EPOs), which are electronic images of "checks" that never exist in paper form, are another payment vehicle difficult to identify and track. EPOs can be created by the payee as an image of an RCC, or created and electronically signed by the payer.
Financial institutions have to address all suspicious payment transactions, whether they occur with traditional payments, like checks and ACH or these new variants, the RCCs and EPOs. Institutions rely on a variety of ways to become aware of suspicious payment transactions:
- The institution's anomaly detection processes highlight transaction patterns that are atypical for a customer.
- A bank customer contacts the bank after identifying an unauthorized transaction on the bank statement.
- Consumer complaints about a business suddenly increase.
- Another institution contacts the bank with concerns about a particular business.
- The bank becomes aware of legal actions taken against a business.
- Returns for a business's payment transactions increase.
Regardless of payment type, institutions can apply the simple approach in this diagram to handling suspicious payment transactions.
When an institution becomes aware of suspicious transactions, its first step is to take care of the customer. This may include returning transactions, placing stop payments, monitoring account activity, addressing security protocols, or changing authentication tools.
The next step would be to reach out to other institutions, law enforcement, and regulators. Other institutions may not be aware of the issue and can assist with resolving the customer’s concern and addressing the underlying cause of the problem. Support for information sharing between financial institutions includes the safe harbor provisions within Section 314(b) of the U.S. Patriot Act. Submitting suspicious activity reports, or SARs, and contacting appropriate law enforcement such as the local police or FBI enables law enforcement to address fraudulent behavior, monitor the extent of the fraud, and address areas of concern that are affecting multiple institutions. Information-sharing groups, such as the Financial Services Information Sharing and Analysis Center (FS-ISAC) and BITS, are other important avenues.
Critical to the approach is the importance of the affected institution consistently adjusting its identification processes based on its experiences with suspicious transactions. For example, if the anomaly detection system has default settings for origination volume or return rates, and the institution learns that those settings were ineffective in identifying a problem, then the institution should adjust the settings.
As the payments industry continues to evolve, with newer payment types such as RCCs and EPOs, criminals will find new ways to use them to their benefit. And as perpetrators of fraudulent payments adjust their approaches, a financial institution must also be a "learning" institution and adjust its approach to identifying the suspicious payments.
How often does your institution adjust its processes for handling suspicious transactions based on current fraud experiences?
By Deborah Shaw, a payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
TrackBack URL for this entry:
Listed below are links to blogs that reference Learning from Experience to Handle Suspicious Payment Transactions:
- Friendly Fraud: Nothing to Smile About (Part 1)
- Unsafe at Any Speed?
- Biometrics and Privacy, or Locking Down the Super-Secret Control Room
- Growing, Growing, Gone!
- The More Things Change, the More They Stay the Same
- The Current Tokenization Landscape in the United States
- “Customer, You Have the Conn”
- Is the Conventional Wisdom about EMV Migration Right?
- Follow the Money
- A Presumption of Innocence
- July 2015
- June 2015
- May 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- account takeovers
- ATM fraud
- bank supervision
- banks and banking
- card networks
- check fraud
- consumer fraud
- consumer protection
- cross-border wires
- data security
- debit cards
- emerging payments
- financial services
- identity theft
- law enforcement
- mobile banking
- mobile money transfer
- mobile network operator (MNO)
- mobile payments
- money laundering
- money services business (MSB)
- online banking fraud
- payments risk
- payments study
- payments systems
- phone fraud
- remotely created checks
- risk management
- Section 1073
- social networks
- third-party service provider
- trusted service manager
- Unfair and Deceptive Acts and Practices (UDAP)
- wire transfer fraud
- workplace fraud