PHOENIX–Credit and debit card fraud leads all other types of fraud at most U.S. banks and credit unions, but most institutions are fighting illegal account access with constrained budgets and relatively small teams averaging one to five workers, regardless of institution size, new survey data from ISMG Corp.’s BankInfoSecurity.com suggest.
The company released the survey results here March 7 at BAI Payments Connect in Phoenix.
Seventy-two percent of the 255 financial institutions of varying size the firm surveyed online in October said they had been victimized by credit or debit card fraud within the previous 12 months, followed by ATM fraud (41%), fraud conducted through automated clearinghouse channels (30%), and fraud initiated from insiders or employees 20%), other types of payment-fraud (20%) and wire fraud (20%).
The majority of respondents, 66%, said their institution has one to five workers assigned to fight fraud. Fifteen percent of respondents said they have six to 25 employees on their fraud-fighting team, followed by 5% with teams numbering 26 to 100, 1% with 100 or more and 6% with no dedicated full-time fraud-fighting employees.
The largest institutions typically have larger fraud-fighting teams, but “the interesting thing is that we found some big institutions that have very small teams,” says Tom Field, editorial director of BankInfoSecurity.com. “Across the board, we found that most institutions have relatively small teams fighting fraud.”
Overall card-fraud rates continue to rise, according to Field, but 44% of respondents said they plan no changes this year in their fraud-fighting budgets or personnel, while 34% plan to boost fraud-prevention spending, 15% said they will decrease spending, and 1% said they plan to cut spending on fraud-prevention.
Asked which types of fraud for which respondents possess reliable tools and processes to prevent fraud, 28% cited wire-fraud, followed by credit and debit card fraud (21%), insider fraud (16%), ACH and other types of general-payment fraud (10% each), and ATM fraud (5%).
Seventy-six percent of respondents said they learned about all types of fraud incidents first from customers, while 48% said fraud first surfaced at the point of transaction, 41% learned of fraud through a third party, and 23% learned about it during an account audit.
Regarding the technologies institutions plan to use his year to detect fraud, 55% said they would use various forms of authentication, followed by intrusion-prevention technologies (44%), fraud case-management systems (38%), point-to-point data-encryption systems (35%), and “neural network” fraud-detection technologies (33%).
Conference panelist Matthew Speare, senior vice president at Buffalo-based M&T Bank Corp., a 725-branch bank, told attendees M&T is seeing many of the same trends the survey report reveals, with credit and debit fraud prominent among other types of fraud.
The biggest challenge in battling fraud this year is that banks’ budgets are constrained by declining revenues and new regulations that urgently demand institutions’ attention, Speare said.
“I see organizations putting more resources into fraud this year, but we’re also finding that with regulatory changes like those from (the Dodd-Frank Act) and the Durbin amendment, that we’re putting so many resources into finding out what these regulations mean for us, and what to do about them, that we have less and less resources to put into battling fraud,” Speare said.
What do you think about this? Send us your feedback.
