Behind the Fed's effort to squeeze out payments fraud
Last week the Federal Reserve announced plans for a major new study of payment fraud, the latest step in its push to modernize the fragmented and in some ways antiquated system that enables U.S. commerce.
The study, which will be conducted by a consulting firm, is aimed at measuring the extent of fraud across a range of payment methods. The results are expected to provide insight into vulnerabilities and help inform the Fed’s ongoing efforts, in collaboration with banks and other payment firms, to improve security.
The fraud study is the latest example of the Fed asserting its centrality in the U.S. payment system. In 2015, the Fed convened a pair of task forces to study how the nation’s payments can be sped up and made more secure.
Last July, one of those panels established the goal that by 2020, anyone with a U.S. bank account should be able to receive payments that are both highly secure and delivered in something close to real time.
Ken Montgomery, the chief operating officer at the Federal Reserve Bank of Boston, is leading the central bank’s strategy on payment security. On Monday, American Banker spoke to him about what the Fed hopes to accomplish with the study, which is expected to be completed by October.
What follows is an edited and condensed transcript of the interview.
Do you see this as a more extensive effort to measure payment fraud than has been done previously?
KEN MONTGOMERY: We think there have been gaps in the amount of payment security data available within the payment industry.
The work we're going to do here is to go out into the landscape of secondary research that has been performed related to fraud. And then, when we see that there are gaps in the information that we're collecting, part of this process will be to see, how can we fill in those gaps?
The other thing is, we want to see what information we can receive from some payment system participants that has not been published at this point.
I know that this work grew out of the secure payments task force. Was this just kind of a logical next step?
It was a logical next step. As we look at this, one of the things you've probably heard the Fed say is that we really believe that security is the foundation of the payments system, and we wanted to continue to work with stakeholders to promote a safe and secure environment on an end-to-end basis.
I think we're at a point where it was the time for us to do this study. And then based on the output of the study, identify where we would want to focus efforts relative to payment systems security going forward.
Isn't there already a lot of collaboration happening in fraud prevention?
There is a lot of collaboration that already occurs in terms of sharing some level of information. Are there opportunities to do things like standard fraud reporting?
I would also say we're not just talking about the card networks here. We're talking about the entire payments ecosystem when we're talking about fraud and potential cyber issues.
My impression is that payments fraud has actually become a smaller problem for banks over the last few decades, as the industry has gotten much more sophisticated at detecting it.
What we're seeing is [when] one area of fraud is addressed, that fraud shifts to another area. So this is a constantly moving target. I think we want to look at where is it occurring and where potentially could it move to.
I don't see this as, we do a study, we identify some priorities, and then we're done. This is something that I think will continue to evolve. We'll look to see, how do we address where that fraud is shifting to?
How do you see faster payments tying in to this study? I presume that when you talk about the evolving threats that financial institutions face from fraud, faster payments can be expected to be an example of that.
Yeah, I think you're on target here. We very much see that the work that we're doing with secure [payments] being connected to the faster [payments] work. As those environments continue to get fleshed out, questions are around the whole issue of, how do we secure this environment? Where might be the potential areas for fraud to occur?
One of the concerns about faster payments that some folks have voiced is that if you have a payment that's extremely rapid and irreversible, you don't have as much of a buffer or window to detect a problem as you do in the current system. Do you think that's a well-founded concern?
It is a well-founded concern. People have talked about: faster payment, faster fraud. And so what we've got to consider as part of that is, what would be the mechanisms for tracking that? And then from a consumer perspective, what does it mean to them, relative to reversing payments?