Digital transactions upended how payments were processed several years ago with next-business-day settlement. Now that instant payments have arrived, the transformation of how companies and consumers move money is changing how fraud and risk are assessed by compliance officers.
In the United States, the Clearing House RTP network was the first widespread instant payments solution available until the recent introduction of FedNow. Compliance officers will appreciate that FedNow is backed by the Federal Reserve for facilitating easier and faster instant money flow for customers. This will also be better for the U.S. economy. On the flip side, it means there will no longer be that precious waiting period that financial institutions have relied on, giving anti-fraud mechanisms more time to catch fraud activity.
While there will still be other money transfer options like Venmo or Zelle, services like FedNow are the only ones to transfer larger amounts of money at one time (up to $500,000 for FedNow and $1 million for RTP).
Financial institutions should now expect a rapid evolution of this service. Additional anti-fraud features for FedNow are expected in mid- to late 2024. Anti-fraud solution providers realize that they need to be in-step with this rapid transformation to safeguard their banking and financial customers. They should fill in the gaps where FedNow lacks. The Fed is a few generations behind many of the anti-fraud solutions on the market today. They acknowledge that anti-fraud strategies need to be in place along with a continuous adoption of next-generation anti-fraud strategies to ensure not only a safe and secure rollout, but also to mitigate future fraud risk.
Any new technical service is going to have post-release patches, but the costs of fraud — in dollars, reputation or market share — can be too great to take any chances. According to Huron Consulting Group, there is no way to comb through the huge volume of data and conduct real-time transaction analysis without the use of automated intelligence to mitigate fraud risk, especially during the lightning-speed conditions of instant payment services. Rather than relying only on data-driven machine learning methods, a multi-faceted approach combining machine learning with knowledge-driven techniques like fuzzy logic-based scorecards, dynamic profiling and watch lists is recommended.
As payments get faster, so does fraud
There are definite ways to improve FedNow, such as triggering automatic control settings to flag any payments with an unusual frequency pattern or cumulative value over a specific time period. Such a feature could throw off a fraudster’s efforts to break through transaction limits by originating a vast range of low-value payments in a short timeframe. Fine-tuning control capabilities take into account different kinds of customers.
The industry as a whole has admittedly been behind the times in terms of adoption of real-time anti-fraud solutions. A KPMG survey revealed that more than half of financial institutions surveyed recouped less than 25 percent of their losses from fraud. Due to the high volume of transactions, an anti-fraud solution focused solely on combating fraud — also known as pure play — is a better choice versus a payments platform that has tacked on anti-fraud capabilities. Fraudsters are looking for the low-hanging fruit, which typically involves finding out what systems banks have deployed to get a sense of vulnerabilities to find a backdoor entry. Hence why solutions focused purely on compliance and fighting fraud are often the safest bet.
The Federal Reserve is currently looking to update how to supervise aggregated concentrations of inbound and outbound activity, a sign of potential mule activity. They need to add new features to combat phishing and spear phishing, which are already available in real-time anti-fraud solutions. Such features are critical because of how increasingly crafty attackers have become in attaining dynamic information on their victims.
Because the scenarios and processes are complicated, the Fed provides online FedNow resources to help with education. However, the Fed is still moving from a reactive standpoint at this stage. As the payment system gets faster, the schemes are mutating just as quickly, making it critical for stakeholders to work together with pure-play anti-fraud partners who will take a proactive approach to combating all kinds of fraudulent activity.
What to expect
FedNow is already becoming a key target for bad actors. Updating legacy systems is no longer optional. As banks adopt new business models, they should modernize and eliminate older, siloed systems that don’t communicate with other departments. Those systems are unable to integrate multiple data sources from all internal and external channels to achieve a proper risk assessment. New technology investments are extending to cybersecurity resources to mitigate threats relative to the migration path to new systems.
As part of this process, the Feds say that consumer education will be critical, especially in the fight against cybercrime. Banks will need to leverage their knowledge of customer behavior. They can create and easily update KYC verification flows to make sure their customers are who they say they are and identify unusual behavior. Regulatory and cybersecurity risks will continue to rise as data has become an essential asset and frequent competitive differentiator.
Currently the most immediate use cases are focused on account-to-account (A2A) transactions and bill pay. Since they don’t require intermediaries or payment instruments, A2A payments can fall victim to such scam tactics as impersonation of the financial institution. Each fraud incident loss averages $50,000, according to SWIFT. Bank accounts have continued to be fraudsters’ key targets, and they’re increasingly crafty in attaining vital information from victims.
In this new era of instant banking, the industry is expecting:
- Rising instant payments to create global transactions in excess of $376 billion by 2027.
- More industry collaboration among all stakeholders to solve real-time fraud risks.
- Increased adoption of hybrid human-AI technology to solve complex challenges with fraud.
- Greater real-time transactional data analysis, with the financial analytics market projected at $28.11 billion by 2031.
- Growth in pure-play anti-fraud solutions due to emerging complexities in fraud activity.
The multi-channel loophole
Multi-channel fraud is turning into one of the most widespread kinds of fraud. When attacks occur across common channels, traditional fraud detection mechanisms that aren’t utilizing AI are struggling to keep up with identifying complex patterns. This is because traditional systems typically focus on the user behavior of a single channel. Payment monitoring platforms are thus ill-equipped to detect multi-channel fraud attacks, especially as instant payments come to the fore. As compliance officers realize the risk of instant payments, those anti-fraud solutions which incorporate hybrid AI will not only handle the most devious attacks more effectively, but will be in a better position to integrate with newer AI technologies as they arise.
This is another way to stay ahead of fraudsters, as AI is delivering not only faster but more thorough detection. Hybrid AI, with its powerful detection engine and comprehensive approach, can work with FedNow and all multi-channel transactions for solving many of its fraud challenges.
On the downside, classical, self-learning AI — where human expertise plays no role — has the potential to perpetuate discrimination and exclusion due to biases held by its developers, implementers and others. To avoid this, the approach of so-called hybrid AI includes humans in the loop and can dynamically and easily intervene in the established rules at any time without any programming effort.
The role of hybrid AI
When it comes to technology and security, there will never be a single magic bullet, but hybrid AI is the next best thing because it delivers multiple intelligent layers of defense. From an IT perspective, everyone knows that the best-secured networks are the ones that provide multiple points of failure and redundancy. If one layer of defense within such a system fails to detect any threat, the next layer will. Many compliance and fraud prevention professionals put too many eggs in one security basket, such as relying on FedNow or another payments platform to perform all anti-fraud measures.
Of course, the use of real-time monitoring solutions is a no-brainer. Today there is the need for more. To counteract the many forms of fraud without impeding the speed of transactions — while ensuring there is no potential financial loss for the bank — a hybrid AI fraud detection solution checks all of the boxes and even those boxes yet to be defined. The AI layer will intelligently adapt to emerging threats that may not yet be in existence. The use of advanced fuzzy logic and intelligent profiling for a human-like approach in conducting data analysis has been able to capture suspicious activity in milliseconds. Additionally, with AI integration, the hybrid approach adds another layer of security because it can customize fraud detection rules and run simulations to conduct extensive testing before deployment.
Due to the speed of FedNow, advanced analytical and reporting dashboards are instrumental in providing a quick overview and analysis. Hybrid AI systems continuously track real-time user behavior and analyze it for any irregularities, with machine learning mechanisms troubleshooting in the background. The effectiveness of such solutions, however, is for the most part dependent on the maturity of the machine learning models being used.
While hybrid AI technology provides a very high degree of automation, it’s still always working very closely with humans. Compliance officers are informed about suspicious cases, and the automation filters out huge amounts of false positives. Complex rules can be changed or set up again at any time and immediately put into live operation. You don’t have to wait for the AI to learn something itself, as is the case with pure machine learning.
This comprehensive approach enables a more profound, real-time analysis of transactional data, mitigating risk during the high-speed conditions of instant payment systems. Instead of relying solely on data-driven machine learning methods, hybrid AI technology employs a multi-faceted approach by blending machine learning with knowledge-driven techniques like fuzzy-logic-based scorecards and watchlists as well as dynamic profiling. This combination allows for effective fraud detection even when data is complex or imprecise. Thus, the solution can be effectively deployed practically from the very beginning.
New tech, new tools
With instant payments comes stronger liquidity management. Businesses can mitigate uncertainty from payment delays and increase working capital while helping to strengthen their liquidity management. It also reduces the need for excess cash on hand to cover emergencies. By reducing the time and effort it takes to receive funds, businesses will achieve a much better customer and supplier experience.
No matter how you look at it, reducing the time and effort it takes to receive funds is beneficial. For example, paying time-sensitive contracts or insurance claims with instant transaction capabilities can improve the customer’s experience and be a competitive differentiator. It also reduces friction across the payment process.
As instant payments settle faster, they make all accounting activities easier to manage as well as limiting the need for data entry or research required for payments. In some instances, such functionality as “request for payment” can even eliminate the need for invoicing.
However, with all these exciting advantages, the strength of your anti-fraud strategic plan and system deployment must become top priority, especially in these early launch years of instant payments.
Roy Prayikulam is SVP Risk & Fraud at the internationally active AI and optimization software provider INFORM. He has extensive experience in complex IT integration projects for the financial sector such as acquiring, card issuing, internet banking, fraud prevention and AML compliance.