Breaking Up Silos Could Help Banks Thwart Identity Theft

020811javelin.jpg

Technology is driving down the rate of fraud for banks, though the cost to consumers for identity theft crimes is going up.

Banks are finding it easier to block fraud attempts if they have invested in systems that show all customer relationships at once, analysts say. At the same time, more banks are shifting costs to consumers by not covering as many expenses related to identity theft on debit cards.

"While a zero-liability policy is in place at most banks for credit card transactions, only 44% of the top 26 [U.S.] banks we surveyed had a zero-liability policy in place for PIN debit purchases," said James Van Dyke, the president and founder of Javelin Strategy and Research, and one of the report's contributors. Javelin is expected to publish its 2011 Identity Fraud Survey Report on Tuesday.

There were 8.1 million adult victims of identity fraud in 2010, a decline of about 27% from 2009. Identity theft affected about 3.5% of the population last year, compared with nearly 5% in 2009, and the cost to consumers rose 63%, to $631.

By dollar volume, identity theft fraud amounted to $37 billion, down from $56 billion. The average fraud amount per victim was $4,607, down from $4,991.

"The incidence of identity theft and total loss to customers and time to resolution is all down for Bank of America, for all products, across all silos," said Bob Shiflet, that company's global fraud prevention executive.

Bank of America takes a horizontal approach to cutting fraud, sharing information across three categories: detection, prevention and recovery.

"This allows us to see those things that are attacking the relationship, not just the product or transaction," Shiflet said. "It is an end-to-end process."

Some industry experts disagreed with Javelin's findings. "I don't see the [fraud] numbers going down in account takeover, the numbers are going up," said Avivah Litan, a vice president and distinguished analyst at Gartner Inc. She said the exception to that was new account fraud, where rates were going down.

"It is easier for thieves to get payment through account takeover," she said.

The technology that banks are using to enable an enterprisewide view of fraud is expensive, and so far is used primarily by the biggest banks.

The top banks, including Bank of America, Citigroup Inc. and HSBC Holdings PLC, are developing their own technology to track crime across product silos, Litan said. "The average price of the project is between $12 million and $20 million, over three years," she said.

Wells Fargo said it has designed its fraud prevention tactics to closely tie together the various units of the bank. Its branches, call centers and online banking "alert each other in the case of something going on, and they share information with each other," said Secil Watson, senior vice president for online fraud prevention and authentication at Wells.

Some small community banks say enterprise-level technology does not really exist for them — or if it does it is out of their reach.

Sam Vallandingham, chief information officer and vice president for First State Bank in Barboursville, W.Va., said that for community banks fraud detection "is silo-driven, and there is not a global, enterprise-based technology to support a holistic view of our customers."

Vallandingham said fraud is up at First State, driven by the bad economy.

"People are in dire straits, and they are more easily duped," he said. This trend also affects customers holding corporate accounts.

Still, over the past few years First State has invested hundreds of thousands of dollars on more disparate fraud technology to enable such things as out-of-band authentication, Vallandingham said. And it has increased manual efforts, using closer scrutiny, for instance, when customers set up new payees online.

"We are working with our online provider to do additional authentication," Vallandingham said, including examining Internet Protocol addresses when requests come in for online banking sessions. The bank's provider is Q2 Software Inc. of Austin, Texas.

Julie Conroy McNelley, senior risk and fraud analyst for Aite Group in Boston, said core systems providers were increasingly including components capable of an enterprisewide view of fraud, and such systems were increasingly within reach for midtier and smaller banks.

Cost is "coming down, especially as smaller banks look at leveraging this for both anti-money laundering and fraud," she said.

For example, Erik Stein, vice president of product portfolio management in the risk and compliance group for Fiserv, said the company's Fraudnet software, which is a component of its online banking platform, provides an enterprise-level view.

"It has significantly reduced the fraud sustained in the bill-payment space," Stein said. Fraud represented .0006% of the 1.3 billion online bill-payment transactions handled by Fiserv systems in 2010, he said, and it was slightly higher in 2009.

"Banks have a lot of different systems and solutions around fraud detection, and evolutionarily, they are pulling these together to get a more holistic view of their customers," Stein said.

Bankers from the larger banks disputed the finding that consumer costs for fraud are going up. "We offer zero-liability" for credit and debit charges, as well as automated teller machine transactions, Shiflet said. "We have invested on the detection side, so the average loss per account is coming down, and we are getting to fraud quicker." Shiflet said customer accounts are generally refunded, provisionally, within 24 hours, and consumers are simultaneously referred to the Identity Theft Assistance Center for further help. Wells Fargo said it had a comparable zero-liability policy.

By contrast, Vallandingham said, banks may find themselves forced to shift some of the costs to consumers as a result of increased regulatory demands and pressure on fees.

"It used to be we would make the customer whole, but we won't be able to do that and absorb some of the costs," Vallandingham said. "We will have to attach more fees and close accounts, and there will be a lot more costs passed on to customers."

But increasingly, banks and industry observers said, customers are critical partners in fraud prevention.

"There is a lot more education than there used to be just three years ago," Litan said. "Banks are promoting awareness and sending out information … to educate customers."

Shiflet agreed. "Customers are concerned about protection of their information as an asset," he said. "Consumers want to be involved and they want to be able to protect themselves."

For reprint and licensing requests for this article, click here.
Bank technology
MORE FROM AMERICAN BANKER