November 07, 2011
International Fraud Awareness Week is here
According to the Association of Certified Fraud Examiners (ACFE), organizations worldwide lose roughly 5 percent of annual revenues to fraud. That's huge. A theme that we return to again and again in Portals and Rails is the fact that technology is making our lives—including the ways we transact consumer payments—more efficient and secure. But these new technologies also offer fraudsters new and sometimes better ways to perpetrate crime.
In an effort to promote fraud awareness and education, starting November 7, the ACFE is sponsoring International Fraud Awareness Week, a "time dedicated to fraud awareness, detection, and prevention." So in keeping with this theme, we are using this space to refocus on some of the issues around payments fraud in the United States.
U.S. payments fraud is on the rise but hard to measure
Unlike other countries, the United States does not have a single, uniform repository for collecting fraud loss data. Industry analysts primarily base their concerns about the industry on anecdotes from law enforcement, financial intelligence agencies, and regulators. In addition, recent media accounts of check fraud, corporate account takeovers, payment card breaches, card payment terminal skimming, and the like leave no doubt that in the retail payments arena, leave no doubt that the problem of fraud is universal and growing.
Also validating the growing concern are proxies such as fraud surveys from organizations like the American Bankers Association (ABA), which measures deposit account fraud in banks, and the Association for Financial Professionals, which works with corporations to measure their fraud loss experience. However, more information may be needed as payment systems grow more complex, provide new alternative solutions and access new electronic channels.
Internal fraud is growing globally
The global economic downturn has led to an increased incidence of payments fraud. Sometimes financially distressed employees—rationalizing their behavior in light of dire circumstances—commit frauds within a business, effectively stealing from their employers. For example, employees in financial institutions who have access to large amounts of customer data may use their insider access to commit fraud. In one of our podcasts, an expert noted that internal fraud is more growing more common—and complex—as criminal rings increasingly place their people within legitimate organizations, where they can then steal data. Once they have the data, they can use it to commit a variety of frauds, including identity theft and payment crimes, such as card counterfeiting and counterfeit checks, to name just a few.
Fraud awareness week highlights old-school solutions
The International Fraud Week web page highlights resources for fraud prevention and education that businesses and consumers can tailor to their own particular needs. For example, the site offers a link to a Fraud Prevention Check-Up, which provides a framework for business to assess their risk and evaluate the strength of their fraud mitigation environment. Another anti-fraud resource is a presentation with tips to help organizations prevent and detect fraud.
To that same end, Portals and Rails in an earlier blog offered a recommendation for businesses to be proactive by adopting relatively simple control processes. For example, basic checklists like the one that follows can help organizations comply with ACH rules and regulations, avoid human error, and reduce fraud.
International Fraud Awareness Week activities
To help raise awareness around fraud, the ACFE recommends that businesses participate year round in its blog and in other social media initiatives, such as forums for dialoguing and sharing ideas on fraud detection and mitigation. It also suggests that organizations spread the word to colleagues and clients about International Fraud Awareness Week and the resources available to promote strong fraud risk management program development.
One thing we know for certain, and can't say enough, is that our payment systems are growing more and more complex, in terms both of sophisticated technologies and of multiple new nonbank service partners entering the mix. With this constant change and development, the payment distribution chain will undoubtedly contain more points of potential vulnerability to risk and fraud. Taking basic preventive measures and increasing industry awareness through the activities and resources highlighted during International Fraud Awareness Week can go a long way to combating payment-related risks and fraud.
By Cynthia Merritt, assistant director of the Retail Payments Risk Forum
November 7, 2011 in crime, fraud, identity theft, payments risk, payments systems | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c015392dfd1e6970b
Listed below are links to blogs that reference International Fraud Awareness Week is here:
Comments
October 17, 2011
As payments system evolves, "funny" money is still no laughing matter
Counterfeit money in the United States has been in circulation since colonial America. During the Revolutionary War, counterfeiting of Continental American money became so rampant that the currency became worthless. Hence, the phrase "not worth a Continental" was born. Counterfeiting continued after the country's independence from the British, so the government established the U.S. Secret Service in 1865 to suppress it. It was only later that the agency was also tasked with the highly visible and publicized mission of protecting national leaders, most notably the president, and visiting foreign leaders.
Since the establishment of the Secret Service, payment types have advanced from paper bills to checks and card-based payments. Alongside the advancement of our nation's payment methods, the security features of each payment type are evolving to combat attempts at counterfeiting. Yet today, 111 years after the Secret Service was established, counterfeiting remains a threat to the U.S. payments system. This blog examines the security technological advances currently deployed and those in development to fight counterfeiting schemes in consumer payments.
Counterfeit currency
In 1865, approximately one-third of all currency in circulation was counterfeit. Today, counterfeit currency is estimated to represent only 3/100ths of 1 percent of total currency—yet the crime of counterfeiting currency remains popular. According to its Fiscal Year 2010 Annual Report, the Secret Service made more than 3,000 domestic and international arrests for counterfeiting offenses in 2010, resulting in the removal of more than $261 million in counterfeit currency from circulation. This amount is an increase of more than 150 percent from the 2008 level of $103 million. Continued advancements in computer and printing technologies aid counterfeiters in producing hard-to-detect counterfeit bills. It is also important to note that counterfeit bills do not have to be perfect. These bills just need to be good enough for the counterfeiters to exchange once to another party to be deemed successful.
To mitigate the production of counterfeit currency and to help detect it, the U.S. Department of the Treasury constantly enhances paper currency's security features. Newer features such as color-shifting ink, watermarks, and security threads have made paper currency more difficult for criminals to counterfeit accurately.
Counterfeit checks
Much like paper currency, checks became an important payment instrument in the United States following the Revolutionary War. And as is the case with paper currency, checks are also a common target for counterfeiters. Even as check usage continues to decline, check fraud continues to increase and remains one of the largest threats to businesses today, according to the 2011 AFP Payments Fraud and Control Survey: Report of Survey Results. Also according to this report, the counterfeiting of nonpayroll checks using an organization's MICR line data remains the most widely used technique to commit check fraud.
Counterfeit cards
Since the first credit card was introduced in the United States in 1958, card-enabled debit and credit payments have become many consumers' preferred payment methods. But just as payments migrated from paper to electronic methods such as debit and credit cards, counterfeiting fraud schemes have shifted from paper as well. Today's payments fraud-related headlines are flooded with stories of card-skimming schemes to produce counterfeit cards. Fraudsters are using skimming devices on point-of-sale (POS) terminals and at ATMs to capture card numbers. As my colleague Cynthia Merritt previously discussed in an earlier post, these skimming devices are becoming more sophisticated. According to Verizon's 2011 Data Breach Investigations Report, tampering of ATMs and POS terminals accounted for 98 percent of physical data breaches in 2010. The report notes that these tampering attacks, which have been occurring for years, are on the rise.
Despite the continued evolution of payment types and their corresponding security features, counterfeiters persist in finding ways to harm the payments system, regardless of payment type. Although the industry can and should strive to eliminate the success of counterfeiters, history shows us that the task is all but impossible. It will be very interesting to see the effect that new security enhancements as they develop will have on counterfeiting trends in the United States. For me, I am eagerly anticipating the effect that dynamic data chip-enabled transactions will have on the skimming and counterfeiting of payment cards should the industry adopt the technology.
By Douglas A. King, payments risk expert in the Retail Payments Risk Forum at the Atlanta Fed
October 17, 2011 in check fraud, crime, fraud, payments systems | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c014e8c5020ad970d
Listed below are links to blogs that reference As payments system evolves, "funny" money is still no laughing matter:
Comments
September 06, 2011
Using data mining to catch suspected financial wrongdoers
The seemingly inconsequential disclosure of a phone number or ZIP code to a store clerk can ultimately end up far away from where it was first shared, especially if it is used for data mining purposes. Data mining is the use of computer-based analytic tools that sift through large collections of data searching for patterns based on statistical techniques. Often times, data records containing personal identifiers are compiled from many sources and transferred to third parties for data analysis.
The information collected and stored in large databases can be used to detect suspicious spending patterns or to uncover improper spending of federal relief funds. Often, the results of the analysis lead to the detection of overall trends or patterns that reveal unusual activity and other specific parameters. While some data mining techniques are used to help with national security, others are in place to help combat financial fraud.
Federal agencies
The Federal Agency Data Mining Reporting Act requires federal agencies to submit reports periodically to Congress informing them of their data mining activities. For instance, two bureaus of the Department of the Treasury regularly engage in data mining activities: the Internal Revenue Service (IRS) and the Financial Crimes and Enforcement Network (FinCEN). The IRS mines financial data to predict which individual tax returns have the greatest potential for fraud and which corporations are most likely to make improper use of tax shelters. FinCEN focuses its data mining on money laundering activities and other financial crimes.
Both agencies use similar data mining technologies that include a database that reviews aggregate Bank Secrecy Act (BSA) forms and information. However, because BSA reports—such as the Suspicious Activity Report and Currency Transaction Reports—do not on their own reveal potential underlying criminal activity, FinCEN, for instance, may also query other law enforcement databases for further data on suspicious trends or patterns indicative of anomalous or illicit activities.
Data mining limitations
While data mining can reveal helpful patterns and trends, it has inherent limitations. For example, data mining cannot identify the underlying cause of the identified patterns and trends. The user must determine the significance of the data collected and must be able to draw relevant and accurate inferences.
A significant drawback to using commercial data is the possibility that the data contain errors or is of poor quality—it may be duplicative, for example, or dated. The accuracy, timeliness, and completeness of the data and analysis of the data are important. Drawing erroneous or adverse inferences about any individual can quickly become problematic. According to the Treasury's data mining report, FinCEN uses checks and balances in its data mining and analysis to ensure that the data is used only by authorized agencies and for statutorily authorized purposes.
Interpreting the data
Large aggregated collections of information are valuable intelligence resources. It is important to understand how and why access to such information is valuable. Sophisticated information retrieval techniques such as data mining allow users to search extremely large collections of data for trends and patterns and to zero in on particular transactions of interest. The information collected can also help law enforcement agencies identify emerging financial criminal trends. However, it is prudent to keep in mind that the initial data gathered many times only serves as lead information, and it may not be that until further analytical and investigative steps are taken that the information can ultimately work to help catch financial wrongdoers.
By Ana Cavazos-Wright, senior payments risk analyst in the Retail Payments Risk Forum at the Atlanta Fed
September 6, 2011 in crime, fraud | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c0153915d68c0970b
Listed below are links to blogs that reference Using data mining to catch suspected financial wrongdoers:
Comments
August 29, 2011
Seeing what dimly lies in the distance: Parting thoughts on addressing payments system risk
As this post for Portals and Rails runs, it is likely that my concerns about fraud may be starting to center on whether the manufacturer's claims about the bass lure I am using are fraudulent. I guess that's a way of saying that on August 31, I will officially retire after 38 years with the Federal Reserve, an extraordinary organization faced with extraordinary challenges across the three legs of its mission responsibilities: monetary policy, bank supervision and regulation, and payments services. I have been blessed to have had so many challenging and diverse experiences through the years, including the last two years directing the fascinating work of the Retail Payments Risk Forum. Learning about the risks in our payments system, marveling at the entrepreneurship of those who want to exploit its weaknesses to commit fraudulent activity, and working with the industry to try to find ways to mitigate those risks has been both interesting and exhilarating.
Clearly such work is never done and the constant arms race to stay ahead of the bad guys in a technology-centric payments world is not likely to abate. My hope is that those who read this column continue to support the work of the Forum, its outstanding staff, and its new leader. But even more importantly, my hope is that the industry continues to make progress in collaboratively addressing the needs of our payments system in difficult times when investment dollars are scarce and tough choices must be made. At the risk of waxing philosophic, it is with all this in mind that I leave the following thoughts for others to consider and hopefully run with.
First, as an industry, we need to push our leaders to understand that the paradigms of success today are not those that served us well 10 years ago. The payments system is now a global infrastructure, and purely domestic solutions to managing fraud will not work. Business models for success changed with the advent of the Internet and they will change again with the evolution of mobile technology. A corporation's worst nightmare may be riding a train in Eastern Europe while simultaneously cleaning out a bank account in the United States. This means that it will inevitably be harder to implement solutions, but imminently necessary to extract ourselves from domestic thinking while building partnerships across the globe.
Second, standards are the key to long-term progress in such an environment. Certainty about what standards frees markets to invest in developing solutions to payments problems in a competitive environment that encourages escalating performance. Hence, we must give a lot of attention to doing the work in the basement rooms where standards folks work. While I suppose that revenue opportunities may abound for the entity that owns the standards, companies that are able to depend on standards to deliver risk management systems and products greatly reduce their cost of development and ongoing operations.
Third, it would be useful to clarify the roles of the many government (and sometimes private sector) groups that must engage in the business of protecting our payments system. The Forum and colleagues from the Boston Fed have been engaged in an ongoing effort with mobile payments that has demonstrated to us that nobody wants this clarity more than a frequently confused marketplace. While they long for integrated operations, integrated law, and integrated technology, it is integrated oversight that would help clarify who is responsible for what, encourage collaboration and sharing, and expose gaps in coverage that bad actors can exploit.
Fourth, in recent industry meetings I have heard payments professionals lament that a big part of our problem is that customers—both consumers and businesses—are not well educated in how to protect themselves against fraud. The discussion concerning who should be responsible for providing the education, however, resembles a group of folks juggling a hot potato. My suggestion is that financial institutions (individually or collectively through their trade associations) are the one party that touches both user groups and that stepping up and assuming the leadership role in payments education would not only be a great service but might actually be an endearing customer relationship and retention strategy.
Finally, as an industry we seem to be struggling to establish a vision for the future. On a wall at a recent meeting room, I read a quote by Thomas Carlyle that said, "Our main business is not to see what dimly lies at a distance, but to do what lies clearly at hand." Carlyle (who is credited with calling economics the "dismal science") may have had a point when he wrote this in the mid-19th century, but today the future comes at us so fast, it seems to me that we have to constantly keep our eye on what lies vaguely in the distance and create a vision for the future that embraces the possibilities. Said differently, it may be useful to create a vision for how we will collectively address future risks in the payments system even as we deploy new technology, rather than focusing on how to defeat the threats we already know.
With that, I wish our readership all the best and trust that perhaps our paths may cross again.
By Rich Oliver, executive vice president of the Atlanta Fed and director of the Retail Payments Risk Forum
August 29, 2011 in collaboration, crime, payments, payments risk | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c0153911c6dec970b
Listed below are links to blogs that reference Seeing what dimly lies in the distance: Parting thoughts on addressing payments system risk:
Comments
August 03, 2011
Fighting the rising tide of elder financial abuse
The successes and failures of law enforcement in fighting financial crime are big news here at the Retail Payments Risk Forum. Earlier this year, we highlighted the gains made in reducing identity theft in the United States. Unfortunately, one form of crime continues to grow despite law enforcement's best efforts: financial crimes targeting the elderly. Last month, MetLife released a report indicating that elder financial abuse is widespread and growing. The report estimated $2.9 billion in annual losses to victims. MetLife based these estimates on an analysis of news articles documenting crimes over two three-month periods in mid- and late 2010. Survey research conducted at Cornell confirms that this is a major problem in New York State, where an average 42 out of 1,000 elders were the victims of financial abuse. Furthermore, the report determined that victims reported fewer than 3 percent of incidents to authorities. While the rate of abuse remains subject to debate, fighting this grim crime is an ongoing battle for law enforcement and consumers.
| Resources |
|
Adult Protective Services—Directory of providers The National Center on Elder Abuse (NCEA) The National Committee for the Prevention of Elder Abuse (NCPEA) |
Elder financial abuse encompasses a category of crimes including theft, confidence tricks, Medicare and Medicaid fraud, forgery, and coerced property transfers. AARP has broadly defined the crime as "the illegal or improper use of a vulnerable adult's funds or property for another person's profit or advantage." The abuse is often a betrayal of a trusted relationship, and the victims are left with emotional and psychological scars that leave them feeling even more vulnerable.
Older Americans at risk of telemarketing fraud
MetLife also conducted a literature review and victim interviews to determine why the elderly are particularly vulnerable to financial abuse. Factors include poor physical health and limited mobility, mental health weaknesses related to the onset of dementia or Alzheimer's, and social isolation. Those who are isolated may be particularly susceptible to manipulation by con artists, for example.
Older Americans disproportionately suffer from telemarketing fraud, a scam where the victim is tricked into agreeing to electronic payments for fraudulent transactions. The criminals on the other end of the line are completely shameless in their techniques to gain the victim's trust. Con artists have targeted victims by searching for surviving spouses in local obituary notices or by purchasing lists of contact information for those who have been previously victimized in similar attacks. Banks can also become entangled in this financial abuse if they are not vigilant. In 2008, Wachovia was forced to pay out $125 million to the victims of fraudulent telemarketing businesses.
Consumer education the best defense
Combating elder financial abuse requires educating potential victims about the risks. Part of Wachovia's settlement included funding for financial literacy programs aimed at seniors. However, it is clear from rising crime rates that education alone is not a cure-all. Regulators, law enforcement, and financial institutions must collaborate to create more effective preventative measures. As a starting point, MetLife has published some consumer tips for prevention, and I have consolidated the recommendations of several of the sources cited above:
- Review financial statements and bills for unauthorized transactions.
- Use direct deposit and online banking to prevent mail theft.
- Sign your own checks.
- Keep passwords and ATM/debit card PINs secret.
- Review important documents like wills and insurance policies annually.
- Do not send money to strangers contacting you over the phone or internet: if an offer sounds too good to be true, it probably is.
- Be aware that abusers may be charismatic individuals or even someone you trust.
- Do not be afraid or embarrassed to seek help if you've been the victim of financial abuse. The longer you wait, the worse the situation can become.
By Jennifer C. Windh, a payments risk analyst in the Retail Payments Risk Forum at the Atlanta Fed
August 3, 2011 in consumer fraud, consumer protection, crime | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c01539065eb06970b
Listed below are links to blogs that reference Fighting the rising tide of elder financial abuse:
Comments
March 28, 2011
The nitty gritty of money transfer operators (MTOs)
When a friend of mine was travelling across Cambodia last year, he had a common, yet frightening, experience of the solo voyager: his wallet was stolen. Luckily, despite the seeming remoteness of his beach vacation, there were several Western Union agents in Sihanouk Ville. His parents were able to send him enough cash to finish out his trip. While losing his identification was still stomach-gnawing, he at least had the money to pay for lodging, food, and transportation. The global reach of money transmitters offers a clear value to travelers and migrants, but may also be valued by those wishing to exploit the companies for more nefarious purposes.
The reach of MTOs across the globe is a remarkable business accomplishment. Western Union or MoneyGram agents can be in from the smallest American town to the remotest corners of the globe. Western Union currently boasts 445,000 locations worldwide, and MoneyGram offers another 227,000. This already expansive agent network is quickly growing, with Western Union adding 150,000 locations since 2007. These MTOs serve the financial needs primarily of migrants—a significant portion of the worldwide population—offering not only money transfers but also ancillary services like prepaid cards, money orders, and walk-in bill payment. Immigrants in any given country are often unbanked or underbanked, yet often need to send cash remittances to family back home. MTOs are able to charge a premium for services that customers see as reliable, fast, and private.
But how exactly are these international money transfers executed? In Western Union's case, agents take cash from remitters and enter confirmation of cash receipt into Western Union's messaging system. The agents also collect data on both the sender and recipient. On the receiving end, the recipient in most cases presents photo identification at his or her local agent to pick up the cash. Western Union net settles with agents at the end of the day via ACH, if that service is available in the country, or by wire otherwise. Western Union has some intraday credit exposure to the transaction, as they commit to reimbursing the receiving agent regardless of the sender's solvency at the end of the day. Therefore, a Western Union transfer consists of three different streams: the flow of information between the sending and receiving agents via their messaging system, the separate communication between sending and receiving customers, and the final flow of funds between Western Union and the agents. MoneyGram's system operates similarly, but typically at a somewhat lower price point.
What are the risks?
The primary concern of regulators and law enforcement vis-à-vis MTOs is the risk of illicit use—bad actors taking advantage of these global networks to launder money and finance terrorism. Unlike banks that establish long-term account relationships with their clients, MTOs offer one-off transactions with more limited customer data. Consequently, MTOs may lack the relationship-level depth of customer data that banks have access to for risk mitigation purposes. Western Union has proactively led anti-money laundering (AML) compliance efforts in response to such fears. In 2010 testimony to Congress, Western Union reported spending more than $35 million annually on AML compliance. Although MTOs are global in scope, regulatory oversight is inherently limited to specific jurisdictions, and therefore the firms must interact with many different regulators and law enforcement agencies. MTOs currently operate under a complex structure of state, federal, and foreign regulation. Western Union has advocated for more consolidated regulation at the federal level, which may be in the cards, as the new Consumer Financial Protection Bureau (CFPB) will have jurisdiction over MTOs. Of greater concern may be unregistered MTOs, which operate outside the rule of law, and against whom FinCEN regularly brings enforcement.
Another concern facing MTO regulators is fraud. Social engineers sometimes use MTOs to try to part victims from their money. For example, a scam artist might convince a victim that he or she has won a cash prize but must first send a money transfer to cover the taxes before collecting the winnings. Of course, after the target sends the irreversible transfer, he or she never sees any winnings. We have previously covered MoneyGram's remedial efforts in this area, and Western Union calls out this risk as a special concern in their annual report:
The remittance industry has come under increasing scrutiny from government regulators and others in connection with its ability to prevent its services from being abused by people seeking to defraud others.... [T]he ingenuity of criminal fraudsters, combined with the potential susceptibility to fraud by consumers during economically difficult times, make the prevention of consumer fraud a significant and challenging problem. (p. 27)
The global ubiquity that lies at the heart of MTOs' value proposition is also a key risk factor for illicit use and fraud, as criminals may leverage the systems to divert illicit gains outside the jurisdiction of their crimes. While some companies have recognized this risk and actively worked to mitigate it, others may need regulatory encouragement. How can we most effectively monitor such expansive entities? How can industry and regulators better collaborate to bring unregistered MTOs into compliance with existing laws? These questions will be increasingly important as the CFPB moves to more rationally and comprehensively supervise this dynamic industry.
By Jennifer C. Windh, a payments risk analyst in the Retail Payments Risk Forum at the Atlanta Fed
March 28, 2011 in crime, money services business (MSB), wire transfer fraud | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c014e86f60b21970d
Listed below are links to blogs that reference The nitty gritty of money transfer operators (MTOs):
Comments
March 21, 2011
FinCEN proposed new rule addresses money-laundering risks in prepaid products
While prepaid payment products still represent a small percentage of today's electronic payments, their use is rapidly growing. According to the 2010 Federal Reserve Payments Study, the number of prepaid card transactions increased 21.5 percent each year from 2006 to 2009. Most prepaid payments are enabled by plastic cards, but today's technology can enable the same payment functionality in other form factors, including mobile phones.
As the market for these prepaid products continues to develop and grow, the Financial Crimes Enforcement Network (FinCEN) has been watchful of their potential money-laundering risk exposure and issued a proposed rule addressing various kinds of prepaid access devices. In its proposed rulemaking notice, FinCEN announced that the rule would cover not only cards but also such access devices as mobile phones, key fobs, and any other device that can serve as a portal to funds paid for in advance and allow a consumer to retrieve or transfer these funds.
Prepaid access devices and money laundering risks
Many of the same factors that make prepaid access devices attractive to consumers can make them vulnerable to criminal activity. For instance, the ease with which these devices can be obtained along with the potential for anonymity—which is the case with nonreloadable open-loop cards, for example—as well as the ease with which money can be loaded onto them can make them potential money-laundering vehicles.
To help identify potential risks related to prepaid access devices, FinCEN formed a subcommittee within their Bank Secrecy Act Advisory Group (BSAAG). The subcommittee has identified numerous risks, such as funding with cash from stolen credit cards and virtual money cards that allow individuals without a bank account to access illicit cash via ATMs globally. Some high-profile criminal activities have also surfaced, exposing some of these potential risks.
Because some products are perceived to be less likely than others to be used for money laundering, FinCEN has excluded certain prepaid access devices from its rulemaking, including payroll cards, government benefit cards, heath care access cards, closed-loop cards, and products that allow access amounts less than $1,000.
Disrupting, detecting, and deterring the illicit flow of funds
Disrupting the flow of funds can create a less-than-ideal environment for criminals attempting to conceal the sources of their illicit funds. FinCEN's proposed rule is one way to accomplish this disruption. By implementing additional systemic safeguards and filling gaps in the prepaid environment with stronger regulatory controls, the agency hopes to make it more difficult for criminals to use prepaid payments products for illicit purposes.
Ultimately, the goal of the proposed rule is to enhance the regulatory framework for prepaid access devices while finding ways to promote development and growth in the prepaid industry and discourage wrongdoers from misusing prepaid products. For now, FinCEN's final rule is pending release, but if it is adopted as proposed, it would expand Bank Secrecy Act compliance obligations to prepaid access devices beyond plastic prepaid cards to include emerging prepaid products.
By Ana Cavazos-Wright, senior payments risk analyst in the Retail Payments Risk Forum at the Atlanta Fed
March 21, 2011 in crime, fraud, money laundering, payments risk, prepaid | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c014e6003c61a970c
Listed below are links to blogs that reference FinCEN proposed new rule addresses money-laundering risks in prepaid products:
Comments
Posted by:
Timothy Sloane |
March 22, 2011 at 02:32 PM
February 07, 2011
Cash acceptance: A risky proposition for merchants
This blog frequently deals with the risks of electronic transactions—debit and credit card payments, mobile payments, international money transfers, etc. These modern instruments often replace cash, a payment method with its own, sometimes overlooked, risks. While new threats against electronic payments continue to emerge, the transition away from cash may drive down other important risks. Robbery, employee theft, and counterfeit currency are key threats facing merchants and others who accept cash for payment.
More robberies (lower tips)
Businesses dealing primarily in cash run increased risks of robbery. The Occupational Safety and Health Administration (OSHA) lists handling cash as a major risk factor in workplace violence, primarily due to the danger of violent robbery. The Centers for Disease Control and Prevention (CDC) recommends moving to cashless transactions when possible to decrease workplace violence, further supporting OSHA's assessment. Taxi driver, retail and convenience store worker, and restaurant delivery worker are all occupations vulnerable to violence because they exchange cash directly with the public. According to the Department of Justice, taxi drivers suffer the highest rate of robbery of any profession, along with a high rate of robbery-motivated assault and homicide. OSHA recommends that cab drivers shift to credit card payments to mitigate these risks. The Center for Problem-Oriented Policing also suggests that convenience stores limit cash in the till and taxis eliminate cash payments to deter robbery.
However, merchants have largely failed to implement these recommendations. The Police Chief Magazine found that while cash control is the most effective strategy in reducing robberies, it is also the least frequently implemented. Regulation seems to be the most effective way to discourage the acceptance of cash payments. In New York City and Philadelphia, for example, local authorities require taxis to accept credit and debit card payments. These cities met with stiff resistance from drivers at first, but the realization of other benefits, including higher tips, has led to broader acceptance of the mandate. Anecdotal evidence suggests that crime may already be decreasing as a result of the shift away from cash to credit and debit card payments in recent decades.
|
|
|
|
More employee theft
The 2009 National Retail Security Survey finds that employees were responsible for 43 percent of inventory shrinkage, or theft, resulting in an annual cost to retailers of $14.4 billion. Although this survey focuses on inventory losses, it also indicates that employees pose the single greatest threat of losses for retailers. Cash is more vulnerable to employee theft than electronic payment methods because unlike cards, cash does not leave an electronic audit trail. Card payments are also automatically deposited to merchant accounts, while cash must first pass through employee hands, where it can be pilfered.
More counterfeiting
Merchants that accept cash payments occasionally suffer losses from accepting a counterfeit note. The Federal Reserve Bank of Chicago found that there is a low incidence of counterfeits in U.S. currency: fewer one in 10,000 notes by both volume and value is counterfeit. Actual losses were lower still, as many low-quality notes can be detected with basic anti-counterfeit procedures. However, according to the Secret Service's Annual Report, the agency removed more than $182 million of counterfeit currency from circulation in 2009, more than double the amount recovered in 2008. Although these losses may be small relative to the entire economy, individual businesses can still experience nontrivial losses, like the bar in New York that received $700 in counterfeit bills in one night last year.
Cash acceptance entails risks distinct from those related to electronic payments. While it is unlikely that any merchant can eliminate all cash transactions, key questions have yet to be answered. Are merchants underestimating the risks posed by cash acceptance? How can the industry and regulators move to mitigate the risks posed by cash acceptance? While there are many possible responses, the most effect answer may lie in the adoption of technology emphasizing the use of debit, credit, and prepaid cards.
By Jennifer C. Windh, a payments risk analyst in the Retail Payments Risk Forum at the Atlanta Fed
February 7, 2011 in crime, payments, payments risk, workplace fraud | Permalink
TrackBack
TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a01053688c61a970c0147e2631320970b
Listed below are links to blogs that reference Cash acceptance: A risky proposition for merchants:
Ana,
My research suggests that these proposed rule changes will have a significant negative impact on the prepaid market and yet I am unable to find anyone in the prepaid industry that believes these proposed rules will prevent most of the crimes you identified. In particular the "high-profile criminal activity" you identified is explicitly not prevented by these proposed rules since payroll cards are excluded.
If FinCEN were to document how these proposed rules would prevent specific criminal activities, I think it is likely the prepaid industry could prove FinCEN wrong. More importantly, if FinCEN were to work directly with the industry, I am positive more effective solutions could be identified that would cause far less disruption to the prepaid market.
Preventing disruption is important because these prepaid products are the best hope for providing low cost access to financial services for the unbanked and under served. Even as the FDIC decries the lack of affordable financial services for Low & Moderate Income families, FinCEN proposes new rules that I believe will greatly increase the cost associated with delivering financial services to that same audience -- but likely with no benefit to law enforcement.