Understanding Today's Wire Transfer Risks
While the rise of wire transfer and ACH (automated clearing houses) fraud is not news, the pure acceleration rate, scale and sophistication of corporate wire and ACH fraud is alarming. For example, the FBI recently took the step of issuing a cyber security advisory in response to the growth of unauthorized and fraudulent multi-million dollar wire transfers from business and government entities to overseas locations.
Wire transfers, previously one of the more secure environments within a financial institution’s operations, pose the greatest risk of loss to a financial institution.
The transfer speed, potential size of such losses and the inability to recover funds once they are transferred to the destination institution all leave financial institutions vulnerable to significant risk.
To fully understand wire transfer risk, it is important to analyze the origin and the destination of the wire transfer. Many financial institutions allow business and consumer customers to initiate wire transfers in-branch, over the phone or online.
In general, wire transfers originating from branch locations are the least risky as fraudsters are generally reluctant to put in a personal appearance. Despite this, it is important that branches have a documented authentication process, including requirements for multiple forms of ID or signature verification.
Financial institutions usually require individuals initiating a wire transfer request over the telephone - typically corporate customers - to be authorized to initiate wires on behalf of the company for the particular accounts. These individuals must be able to provide appropriate security codes or correctly answer previously established security questions.
Yet, internal employees, both within the bank and the corporation, may gain access to account information and passwords to overcome such security barriers.
Similarly, financial institutions that allow customers to initiate wire transfers online open themselves to risk by fraudsters who are able to circumvent online authentication measures.
Many banks are turning to multi-factor authentication techniques such as “something you have” (e.g. a token), “something you are” (e.g biometrics) as well as “something you know” (e.g. a password) to help prevent fraud of this type.
They also are using techniques such as IP profiling to identify fraudulent access. In fact, multi-factor authentication becomes a critical weapon in a bank’s arsenal as criminals continue to develop increasingly sophisticated techniques to conduct fraud.
Criminals have figured out ways to bypass the need to “break” a user’s authentication, such as deploying a Trojan or some other type of malware to perform man-in-the-browser attacks.
These can be completely invisible to the user, who accesses the online bank account and makes a payment as they normally would, but behind the scenes the fraudster can redirect the funds to their own account and even change the amount of money being transferred.
So how can banks best protect their customers from the multiple entry points of today’s wire transfer risks?
The key is an enterprise risk management system that tracks customer behavior patterns such as time, frequency, amounts and destinations of activity. Then when customer activities show variances or anomalies, the system can issue an alert to stop the suspicious transaction in its tracks.
Such a strategy delivers an optimum detection rate and minimum false positive ratio.
Financial institutions face a growing burden to protect their customers from fraud, protect themselves from fraud losses and comply with mounting national and international regulations.
Ironically, while combating fraud, financial institutions are also being pressured by customers and regulators to improve the speed at which payments and transfers reach beneficiaries’ accounts, with many countries now at a near- or real-time process.
This rapid availability and transfer of funds creates additional challenges in terms of recognizing and shutting down fraud before it is too late. Are you prepared to guard against today’s wire transfer risks?
Related Blog Posts
Success Speaks: Surprising New Ways Students Want to Pay
Colleges and universities are facing the dual tasks of accommodating not only new payment methods, but also a new generation of students, Gen Z, whose expectations differ greatly from even millennials. How can higher education institutions meet these demands?
In our latest Success Speaks webinar, experts from Temple University, FutureCast, ACI and MTFX Group of Companies explored today’s payments landscape for colleges and universities, payment desires of Gen Z, innovations the higher education sector is already implementing and how schools can better assist with international payments.
Women Must Choose to Rise Up Despite Past, Current and Future Circumstances
Money20/20, Europe’s biggest payments and fintech event, was recently held in Amsterdam and featured Rise Up Money20/20, a global program designed to address the gender imbalance in leadership positions within the financial services and fintech industries. A cohort of 30 female professionals was selected to take part in an exclusive curated agenda, complete with a series of bespoke content sessions, one-to-one mentoring and unique networking opportunities.
Beyond Borders: Navigating the Challenges of eCommerce Expansion
eCommerce continues to flourish, with impressive growth figures year after year. In 2018, global online sales reached almost $3 trillion, and are expected to hit $4 trillion by the end of 2020.
Despite eCommerce taking an increasing slice of the retail pie (which could now be as high as 15 percent according to recent figures), it is increasingly challenging, with competition and cost pressures creating significant issues for merchants of all sizes.
How Italian Banks and Processors Can Capitalize on Digital Transformation
The European payments landscape is in an era of significant change thanks to PSD2 and other macro factors, but there is more than one way to deliver real-time and open payments to meet PSD2 requirements and its technical standards. Banks and processors must manage this alongside their own set of domestic challenges and opportunities.
Overcoming Cyber Threats to Payments Security
Recently, Gene Scriven, chief information security officer at ACI, spoke at NACHA Payments 2019 on the ever-changing landscape of cybersecurity. Here are a few highlights from his session, including the impacts of cybersecurity breaches, today’s emerging threats and the new strategies to keep your organization safe.
Removing Gender Bias and Enabling Women to Succeed in Leadership Roles
The recent UK Women in Payments (WIP) Symposium 2019 took place in London, recognizing unique leaders who help uplift women in the payments industry. Among those recognized was ACI’s Melissa McKendry, vice president, Retail Banking Implementation Services, who was honored by WIP as the 2019 Advocate for Women.
Why Banks Must Democratize Machine Learning for Fraud Prevention and Payments Intelligence
Banks are already actively on the path to digital transformation, considering new technologies, new customer experiences and new business models. A critical piece of this digital transformation centers on better understanding the wealth of data within the banks’ systems and mining it for improved customer insight. In the New Payments Ecosystem, data is as valuable to the bank and its customers as the deposits held in their accounts, and it should be protected, and leveraged for the benefit of the customer.
Regulating for Real-Time: The Role of Government in Payments Modernization
Dr. Leo Lipis and Craig Ramsey, Head of Real-Time Payments for ACI Worldwide, continue their discussion on real-time payments and the findings of the new white paper, Get More from Real-Time.
Payments and Fraud: The Paradox Twins
Digital commerce through web and mobile is where merchants predominantly experience shopper growth today. This has become a hugely important domain for their focus. It offers a means for international growth, new market penetration and a way to engage with shopper-hungry Millennials in their culture. Merchants frequently adopt a Digital-First, eCommerce-First or Mobile-First strategy to ensure full corporate buy-in to this strategy.
Open Payments Systems for Merchants: Don't Close Down Your Options
Remember “Open Systems”?
It was a big industry nom du jour in the 80s and 90s. Every IT system had to be open and therefore flexible and future-proof. Nobody can argue with the logic behind this; making systems easy to integrate with other systems, ensuring vendors could cooperate with one another; creating agility to improve time to market and drive down costs.