Desperate Times, Desperate Measures

  • Published on
    09-Apr-2018

  • View
    216

  • Download
    0

Embed Size (px)

Transcript

  • 8/8/2019 Desperate Times, Desperate Measures

    1/5C a r d P r o c e s s i n g . P a y m e n t S o l u t i o n s . P r e p a i d C a r d s . C u s t o m i z e d S o l u t i o n s . C o n s u l t i n g S e r v i c e s

    Desperate Times,Desperate Measures

    Strategies or preventing and detecting economic-hardship

    raud at your fnancial institution

    By Karen Postma

    TMG Card Risk Senior Manager

    An overwhelming nancial problem

    can push a normally law-abiding

    person toward a criminal solution even

    in the best o economic times. However,

    during a down economy, the sheer

    number o people experiencing these

    burdens puts the risk o economic-

    hardship raud aced by a nancial

    institution at dangerous levels.

  • 8/8/2019 Desperate Times, Desperate Measures

    2/5

    P A G E 2

    The Members Group . 1500 NW 118th Street . Des Moines, Iowa 50325 . 800.268.1884 . www.TheMembersGroup.com

    Amid one o the lowest employment rates in U.S. history, American nancial institutions

    (FIs) today ace the threat o economic-hardship raud rom two potentially criminal groups:

    cardholders and employees.

    CArd-CArryinG MEMbErs of thE first-tiME CriMinAls Club

    FIs invest a great deal o time and eort attempting to keep their cardholders sae rom

    card raudsters, and rightly so. What many do not consider, however, is the possibility o a

    cardholder and a raudster being one and the same.

    Even cardholders in good standing can all victim to the temptations o todays card-raud

    schemes particularly i their card-issuing FI is not properly set up to detect the scams.

    Three popular orms o cardholder-initiated raud are payment kiting, alse account set-up

    and riendly perpetrator raud.

    Payment Kiting The cardholder makes a large payment with insucient or alse unds

    (typically a bad check). He then withdraws the unds rom an ATM beore the issuer detects

    the raud.

    False Account Set-Up A raudster uses a alse or stolen identity to open a new account.

    Or more sophisticated yet, an applicant uses a legitimate identity but opens the account

    specically with the intent to commit raud.

    Friendly Perpetrator Fraud A cardholder reports his legitimate transactions as raud to

    receive compensation. Or, he shares his card and/or PIN with a riend, who then acts as the

    thie, stealing money on the cardholders behal. The cardholder reports this transaction asraudulent and is reimbursed both by his riend and by the issuer or the raud.

    Fortunately, there are raud strategies an FI can establish to help guard against these

    sneak attacks.

    1) Place tighter restrictions on payment processes. For example,

    set limits or the number or amounts o payments that can be

    may be made within 30 days.

    2) Set available unds limits allowing time or a payment to beveried beore a cardholder can request a cash advance.

    Even cardholders

    in good standing

    can fall victim to the

    temptations of todays

    card-fraud schemes.

  • 8/8/2019 Desperate Times, Desperate Measures

    3/5

    P A G E 3

    3) Congure your system to queue large payments originating rom accounts held

    at other FIs.

    4) Place tighter restrictions on account opening procedures, even or current

    customers. Fully examine credit scores, veriy residency or at a minimum, a tie to

    the community.

    6) Watch or critical non-monetary transactions, such as the addition o authorized

    users or a change o address ollowed by a request or new plastic.

    The Members Group . 1500 NW 118th Street . Des Moines, Iowa 50325 . 800.268.1884 . www.TheMembersGroup.com

    Even the most

    well-managed

    workforce can

    hold a bad seed.

    thE frAuds CoMinG froM insidE thE brAnCh

    Most FIs like to think the best o their employees. Credit union

    and community bank executives work hard to keep their stas

    satised, educated and rewarded or hard work. But even the most

    well-managed workorce can hold a bad seed.

    FI personnel orced to call the authorities on a longtime, once-loyal employee are oten

    shocked by the circumstances. Regardless o the motivation behind his crime perhaps he

    grew disgruntled; maybe he simply succumbed to the siren call o easy money a criminal

    employee oten blindsides an FI, particularly one ocused on external threats.

    Risks posed by outside raudsters require signicant time and nancial investment, which

    when combined with an innate trust o ones employees, leaves little drive or internal

    control eorts. Ironically, however, raud committed by internal sources are oten much morecostly than that perpetrated by outside criminals.

    Three common orms o insider raud are identity thet, stolen plastics and account crediting.

    Identity Theft Your employees, i given unlimited access to cardholder identity

    inormation, are sitting on a virtual goldmine. Fraud rings are standing by to compensate

    them well or stolen downloads o your cardholder data.

    Stolen Plastics This occurs even when plastic inventory is not kept at the branch.

    Whether brought back by a cardholder or the postal service, a returned credit card is simple

    or an employee to access, activate and use or his own purchases.

  • 8/8/2019 Desperate Times, Desperate Measures

    4/5

    P A G E 4

    Account Crediting Customer service representatives raise limits, apply credits or make

    adjustments to the transactions on their own accounts or those o riends, amily members

    or even a persuasive acquaintance.

    First and oremost, FI managers must understand that a happy employee is less apt to give

    in to the temptations that surround him each day. Practicing good management skills that

    ensure employees are treated airly is the rst in a series o steps FIs can take to minimize the

    risk o employee raud.

    Others include:

    1) Tracking employee access. Know who is downloading cardholder data, when they

    are accessing it and why they need it. In addition, limit the data to which your

    service representatives have access. Rarely do they need an entire social security

    number or CV2 number, or instance.

    2) Create a diligent destroy process or excess, outdated or returned plastic, andbe sure to keep restrictions tight or an accounts rst 30 days to avoid raud

    originating rom an intercepted card.

    3) Track the number and amount o credits typically applied to your accounts on

    a daily basis. Compare all uture activity to this base, conguring your system to

    populate a report with any credits exceeding normal levels.

    4) Continue with background checks or new employees.

    5) Establish multiple layers o security. While you may have limited the identity

    data available to service representatives, systems should be in place to continuemonitoring these employees behavior and work history.

    While a turbulent economy certainly does not provide an excuse or cardholder- and

    employee raud, it denitely gives us in the raud industry a red fag. When people are under

    stress particularly nancial in nature they are oten pressured into uncharacteristic acts

    that make them dicult to detect.

    But with the right mixture o education and preventative measures, your FI can be ready or

    these attacks, both in good times and in bad.

    The Members Group . 1500 NW 118th Street . Des Moines, Iowa 50325 . 800.268.1884 . www.TheMembersGroup.com

  • 8/8/2019 Desperate Times, Desperate Measures

    5/5

    P A G E 5

    About KArEn PostMA

    Kae has been involved in the payment card industry or more than 12 years and has been with TMG

    since 2006. Her responsibilities include compromised accounts, raud detection and dispute management.

    She has recently worked to bring TMGs Fraud Detection department in-house, allowing increased fexibility

    and customization or TMGs clients. Karen is a member o the First Data Risk Council, which reviews raud

    trends, new technologies and regulations related to raud and raud prevention rom a global perspective.

    The Members Group . 1500 NW 118th Street . Des Moines, Iowa 50325 . 800.268.1884 . www.TheMembersGroup.com

Recommended

View more >