With wire fraud increasing, banks are using a new generation of real-time antifraud applications to stem their losses.
Just how big a problem wire fraud has become is a matter of some debate, fueled in part by banks' and businesses' historical reluctance to speak openly about it. But an alert sent in August by the Financial Services Information Sharing and Analysis Center indicates the problem might be worse than people think.
According to The Washington Post's Security Fix blog, the confidential alert warns that Eastern European cyber gangs are stealing millions of dollars from small to midsize businesses through online banking fraud by planting malicious software on Microsoft Windows personal computers and then wiring money to fraudsters.
Wire fraud differs from other sorts of payment fraud because the transactions happen much faster, giving banks little time to catch a suspicious transaction.
Few wire payments are actually done in real time; there's usually a 20- to 60-minute delay, but that's still much faster than automated clearing house transactions or checks.
According to a report released this year by the Association of Financial Professionals, 6% of companies experienced wire fraud, less than other payment types though still double the rate from two years ago.
Yet banks including Citigroup Inc.'s Citibank, ING Group NV's ING Bank and Bank of America Corp. are making it easier for customers to initiate wire transfers
Banks are seeking out next-generation tools to monitor real-time wire payments more closely. Avivah Litan, a vice president and analyst at the market research company Gartner Inc., said there are only a handful of vendors currently capable of this kind of real-time monitoring, including Actimize, Norkom Group PLC and ACI Worldwide Inc.
Actimize, a New York unit of Nice Systems of Israel, recently announced that a top-five U.S. bank has implemented its fraud prevention application, which worked so well that the bank recouped its seven-digit investment in just six weeks. Paul Henninger, Actimize's director of product management, financial crimes solutions, said that banks typically see a four- to fivefold improvement in lowering false positives — a key metric for increasing return on investment — after implementing the software. In this bank's case, Actimize detected 73% of wire fraud while reducing the false positive ratio to 1:15 compared with the industry average of 1 out of 50.
Actimize offers a payments risk management framework that combines real-time wire and ACH fraud prevention and message filtering with compliance monitoring capabilities for anti-money laundering, sanctions and watch list filtering. Prior to implementing the Actimize software, the bank used a rule-based review of wire transactions as part of its core system. The legacy system did not provide the bank with an easy way to investigate suspicious transactions and had limited ability to stop transactions in real time.
Actimize said the bank spotted multiple attacks tied to Trojan and man-in-the-middle attacks. Perhaps most worrisome, some attacks bypassed physical hardware security layers such as tokens.
Given this pattern, Litan suggests using a three-pronged approach: strong user authentication, fraud detections and out-of-band transaction verification. She also said banks should consider offering customers tools that safeguard a user's session by creating virtual locked environments.
Litan recently evaluated the vendors that provide real-time verification in a research report. She wrote that the optimal use for Actimize's software is for "large global banks that want one vendor to supply" most of their fraud detection technology."
She also wrote that ACI Worldwide "is best suited for banks that already use ACI for debit card payment." Norkom Technologies "is best suited for large to midsize financial institutions that want an" antifraud "system with broad analytical and fraud detection capabilities that require batch and near real-time fraud detection and transaction blocking capabilities."