The keys to fighting fraud?

September 8, 2016
/   Insights

We're constantly being warned that fraud is one of the biggest threats facing the banking industry, but the true scale of this was revealed by a recent survey that suggests it could make up...

Cause and Effect: If you build it, will they come?

July 23, 2014
/   Spotlight

Many financial institutions assume that digital banking is lucrative because the most valuable customers happen to bank online. While there is certainly a correlation between online bankers and higher profitability, quantitative evidence suggests that...

Intuit 2020 Report: The Future of Financial Services

April 11, 2011
/   Insights

Today, Intuit released the latest edition of the Intuit 2020 report, Intuit 2020 Report: The Future of Financial Services, which identifies and examines four key trend areas that will  transform the financial services industry...

Fast Facts: Student Loans

January 22, 2013
/   Insights

The Financial Services Roundtable recently released another iteration of its Fast Facts, reliable, bullet-point research about issues facing the financial services industry. Topics span TARP, Dodd-Frank, insurance, lending, retirement savings and more.  Below are some updated Fast...

The Top 10 Trends in the Digital Banking Industry

December 18, 2013
/   Spotlight

2014 is rapidly approaching and as the year wraps, the Digital Insight team has pulled together the top 10 trends in the digital banking industry based on data and trends from studying financial institutions....

Making Banking Fun: Gamification in Financial Services

August 5, 2013
/   Insights

Recently, the team sat in on American Banker’s webinar, “Gamification in Financial Services: Five Proven Ways to Get an Edge,” which shared how leading brands in financial services have applied gamification to reach...

Technology M&As: The Beats Go On

May 29, 2014
/   Insights

The ongoing fascination with Apple’s $3 billion purchase of Beats Electronics is entirely understandable, because it’s a cool story. However, it also says a lot about what’s going on between finance and tech.

What We’re Reading

May 5, 2011
/   Spotlight

Below are interesting stories the staff has been reading over the past week. What have you been reading? Let us know in the comments section below. Virtual Banking Worlds Provide Tangible Lessons American...

Small Business: Perception vs. Reality

November 21, 2012
/   Insights

In the most recent election cycle, like most others before it, the one sector of the economy that got the most attention was small business.  This is the future, we were told by every...

What We’re Reading: Thanksgiving Edition

November 22, 2012
/   Spotlight

Below are interesting stories the staff has been reading over the past week. What have you been reading? Let us know in the comments section below or Tweet @bankingdotcom. Mobile Thursday? Plans for Thanksgiving...

By Damien Hugoo, Director of Product Management, Easy Solutions

Protecting a financial services organization against fraud requires much more than a strong password policy and client education. The sophistication of cyber attacks and high risk of fraud necessitate a comprehensive anti-fraud program that includes policies, processes and technologies. While no two anti-fraud programs are identical, there are steps you can take to develop a program that will demonstrate a measurable return on investment (ROI) and minimize the risk of fraud.

The risk of fraud is high and so are the costs. According to the Association for Financial Professionals’ 2015 Payments Fraud and Control Survey, 62% of companies were targets of financial fraud in 2014. Twenty-eight percent of large organizations (those with over 100 payment accounts) report that the potential loss from fraud in 2014 was greater than $250,000.

But those aren’t the only costs financial services organizations have to consider in relation to fraud. Increasingly, fraud attacks are conducted online. In the 2014 Global Report on the Cost of Cyber Crime, the Ponemon Institute states that the average time to contain a cyber attack is 31 days. By the end of the 31-day period, the average cost to the organization is $639,462. Financial services organizations can’t afford not to develop an anti-fraud program.

Process for Developing an Anti-Fraud Program

The best anti-fraud programs not only reduce the risk of fraud but also show an immediate and measurable ROI. However, developing such a program requires organizations to take a strategic, step-by-step approach:

Step 1: Conduct a fraud gap analysis

The first and most important step in implementing an anti-fraud program is understanding the current state of fraud in the organization. This involves conducting a fraud gap analysis. To do so, analyze all financial operations exposed to clients and evaluate the fraud losses that have occurred. This analysis will provide metrics that will allow you to gauge the effectiveness of the current anti-fraud program.

Step 2: Perform a root cause analysis

A root cause analysis will shed light on how criminals are using the organization’s systems to commit fraud. This will help you understand what systems require protection and what to look for in the future. Together, the root cause analysis and fraud gap analysis should provide a clear understanding of the channels being leveraged for fraud, the processes that are most vulnerable and the losses in terms of cost.

Step 3: Conduct process modeling and analysis

Every process exposed to end users, whether it’s making a payment via a mobile app or opening a new account online, is a target for cyber criminals. Decisions about protecting each process should take into account possible exposure, probability and the ability to mitigate. To this end, the organization should model, analyze and secure each process with the goal of balancing security, functionality and ease of use. Keep in mind that strengthening any one of these elements is likely to have an adverse affect on the other two.

Step 4: Perform a fraud risk assessment

Financial services organizations should proactively protect customers against fraud regardless of whether or not they think it’s occurring. That’s where a fraud risk assessment comes in. A fraud risk assessment is intended to identify and measure fraud risks before they become a legitimate threat. The assessment should be customized to address the organization’s specific needs while covering all vulnerabilities that can lead to fraudulent activity. All existing policies and controls are examined, and possible fraud scenarios are created in order to identify, measure and mitigate electronic fraud.

Step 5: Implement program oversight

An oversight process governed by the board of directors and/or an audit committee is a crucial piece of any anti-fraud program. A well-designed oversight process helps further mitigate risks and reduce fraud. The process includes gathering fraud metrics to gauge program success, identifying and responding to fraud risks, and making improvements to the program.

Step 6:  Call in a specialist

Don’t assume that you have the skills on staff to select and deploy anti-fraud solutions. To be most effective, personnel require knowledge of complex financial transactions with an understanding of how and why fraud incidents occur. Organizations have several options when it comes to acquiring these skills: They can hire a Certified Fraud Specialist, procure the services of a consultant or pay for an existing staff member to be trained.

Implementing an anti-fraud program is a significant undertaking and, unfortunately, there is no off-the-shelf solution that can be applied to every organization. But its importance cannot be overstated. Given the high risk and costs associated with fraud, developing a measurable anti-fraud program should be a priority for every financial services organization.


Insights’s perspective on industry news and trends



Must-read news and insights from financial industry leaders



Compelling voices and contributed content from around the web

James W. Gabberty

Gabberty is a professor of information systems at Pace University in New York City. An alumnus of the Massachusetts Institute of Technology and New York University Polytechnic Institute, he has served as an expert witness in telecommunication and information security at the federal and state levels and holds numerous certifications from SANS & ISACA.

Zachary Ehrlich

25-year-old writer, and as a native San Franciscan, I am unreasonably loyal to Bank of America, if only for their superhero-like origin story, involving the 1906 earthquake and Italian fruit vendors.

Brad Strothkamp

Marisa Mann

Marisa Mann brings over 15 years of experience in consulting and financial services industries to the Solstice team, working on large scale enterprise initiatives across many technologies, including specializing in the digital space – Internet and mobile. Mann is passionate about mobile and the endless possibilities for the enterprise, delivering business value through strong brand recognition and driving to excellence in the consumer experience. Prior to Solstice, Mann worked at JP Morgan Chase, Diamond Management and Technology Consultants, Washington Mutual, Inc, and Accenture.