<img src="https://secure.hall3hook.com/198388.png" alt="" style="display:none;">

Feb. 26, 2013 - Eight Ways to Prevent Fraud

Sean Trundy

Identity Theft Fact

Fraud and data security breaches come in so many different forms and from so many different channels, that has become necessary for financial institutions (FI's) to gain a better understanding of how criminals operate and how risk management is changing. By achieving a higher level of comprehension of the fraudster, FI's will have a better chance of mitigating the risks and recognizing attacks before they do serious damage. FI's also need to adjust fraud detection and prevention strategies to keep up with the evolving trends. In some cases this might justify investing in new technologies, while in other circumstances, it could require restructuring of organizational "domains". In all cases, it means improving your odds of detecting a threat before it reaches the customer.

With this in mind,we have summarized 8 potential methods to improve data security and reduce fraud:

Compliance With Regulatory Requirements

Various federal laws and industry mandates designed to improve information security have been enacted over the past several years. Complying with these regulations—most notably the FACTA Red Flag Rules, Payment Card Industry Data Security Standard (PCI DSS) and Gramm Leach Bliley Act—enables institutions to avoid potential regulatory penalties and is a first step towards protecting sensitive cardholder data and reducing fraud. FIs should also keep abreast of pending legislation in order minimize surprises and disruptions associated with future regulations.

Download The Counterfeit Prevention White Paper

Keep Your Customer's Data Protected

Ensure that the appropriate controls are in place to protect customer data from external data breaches and employee theft. This should start with a comprehensive risk assessment to identify the information that needs to be protected and to assess potential vulnerabilities. Seek external advice, if necessary, to ensure that your firewall technology and data encryption standards are appropriate and up-to-date. Effective employee screening using background checks and shared negative files can help reduce the threat of internal fraud.

Tell Your Customers They Must Help You Protect Them

Let customers know what you are doing to prevent and detect fraud and data compromises. Encourage customers to take responsibility, as well. Educate them on emerging fraud threats and steps they should take if they believe fraud has occurred. Include communication to help them understand the benefits of opting-in to paperless statements, reviewing their account activity regularly in order to detect fraudulent activity, learning to use spot skimming devices, and securing their computers with up-to-date Internet security software. It is also important to provide guidance to them on the potential hazards of social media and the risks associated with using mobile devices.

Used properly, this strategy can have dual benefit, not only preventing fraud losses and costs, but also improving customer experience and differentiating your FI in the marketplace. Customers will appreciate overt message that you are working to protect their interests.

Deploy the Latest TechnologiesAdvanced Identity Authentication

Validating the identity of potential customers is an important first line of defense against account fraud. Consider deploying next-generation identity verification technology.  Because fraudsters follow the path of least resistance, institutions that lag the rest of the industry in implementing advanced detection solutions make themselves especially vulnerable. And fraud management doesn’t end with blocking the authorization: you also need automated back-end tools that allow you to communicate effectively with cardholders to notify them about fraudulent activity, reissue cards, and preserve account holders’ confidence in your institution.

Use a Layered Approach to Fraud Prevention

Layered SecurityDon’t rely on any single method for data security and fraud management. For example, in addition to deploying analytics solutions to flag or block potentially fraudulent activity, train employees to spot suspicious transactions, and offer email and text alerts to customers for particular transaction types like wire transfers and foreign purchases. To be proactive about fraud prevention, it’s important for financial institutions to understand the fraud that’s happening in their own portfolios and keep on top of what is happening in the industry, as well. Be diligent about adding to or updating the layers; this isn’t a one-time fix.  

Implement an Enterprise-Wide Fraud Management Strategy

Many banks and credit unions continue to manage fraud according to institutional silos, delegating this responsibility to individual business units and product types. Integration of fraud management into a centralized, cross-product function enables institutions to share resources and data, capitalize on economies of scale, and better coordinate tactical approaches—resulting in reduced fraud losses and a more consistent customer experience. A preliminary step toward implementing an enterprise fraud management strategy can be to establish a shared internal database of fraud events and perpetrators. In addition, all financial institution employees should be trained to detect and prevent fraud, both external and internal. Institutions should also have a clear process for reporting suspected fraudulent activity.

Don’t Overlook Simple Operational Controls

There are a variety of easy-to-implement operational policies and procedures that can significantly improve data security and reduce the risk of fraud:

• Don’t allow customers to use their Social Security number as an online banking username.

• Require additional authentication and positive confirmation for executing accountholder address, phone and email changes.

• Implement regular, systematic checks of ATMs for evidence of skimming devices, hidden cameras and other irregularities.

• Mandate that employee computer passwords be changed at regular intervals.

Be Prepared for the Worst

Careful operations planning and preparation can control costs, improve customer loyalty and preserve your reputation if the unlucky day arrives and your institution is affected by a data breach. Work with a risk management expert in advance to develop an effective response strategy that will mitigate the potentially disastrous effects of a data breach. The proper strategy should include forming a cross-functional event response team, creating a risk assessment and response matrix, and devising a post-event communication plan.

Leave a Comment

Blog posts

Related Articles.