Welcome to the holiday season or should we say fraud season 2017. With the traditional peak period of fraud volumes right around the corner, I’d like to take inventory in the face of the ACFE’s International Fraud Awareness Week to provide a view from the trenches.
Certainly, we have seen enough innovation in recent years to consider this as the beginning of a new era in payments. Of course, this welcomes the potential for increased financial crime. Clearly, financial crime syndicates are innovating as well, typically in many capacities, and they are fully aware of the pioneering mechanisms and frameworks emerging in payments.
Which pathways are fraudsters most likely to exploit?
Person to person payments continue to show a significant amount of growth, with Facebook leading the effort to take on international social payments at scale. Zelle is also working hard to gain adoption and integrate more tiers of institutions into the network. And mobile wallets, supported by the device manufacturers, are really starting to gain the ubiquity that makes them convenient and preferable to consumers.
However, Provisioning, the act of bringing in new channels to existing products that are integrating with new rails, continues to present new risks as we grapple with the weaknesses of authentication risks.
Yet not all is so grim. There is hope thanks to the efforts being made by the bodies, networks and entities who are influencing payments security for the better.
This week the American bank-owned ACH The Clearing House (TCH) has launched its real-time payments system (RTP) which will significantly transform the landscape in the US. The UK, one of the first countries to introduce Faster Payments ten years ago, shows us how successful instant payment schemes can be, with Faster Payments in the UK driving both changes in consumer behaviour and the introduction of innovative solutions such as contactless payments for travel. Yet it is the implementation of PSD2 that will completely modernise the European landscape, and with that move, the business of security will surely and massively shift as well.
Why PSD2 has the potential to distribute fraud globally
PSD2 is set to remake the EU payments marketplace. This deliberate public policy exercise is going to regulate and demonstrate what next generation financial crime competencies must be and cement the standard going forward.
The industry continues to add more channels, opening and expanding the capabilities with the target of real-time, borderless, any-to-any payments. Recognising that, and seeing how some regions are making innovative plans to demonstrate their competence to manage financial crime, now is the time to start taking that inventory, putting customers’ security first and recognising that PSD2 also has the potential to distribute fraud globally. It will reveal those who are underprepared to absorb the fallout; significant financial losses, customer friction and systemic abuses.
Today’s financial crime issues will be magnified in this new environment, as entrenched criminal syndicates continue to grow in sophistication. The invitation that International Fraud Awareness Week suggests to us is that in the future of payments, we should anticipate not just more of the same, but that all the complexity that we layer into tomorrow’s payments infrastructure will result in greater opportunity for exploits as well.
Europe’s introduction of the General Data Protection Regulation (GDPR) next May will have implications for businesses around the world and US corporates should start getting ready if they haven’t already done so.
The recent NotPetya cyberattack underlined the need for organisations to address their exposure and how to mitigate the risk.
Accidental data breaches are causing almost as much concern as the steady rise in ransomware attacks, reports insurer Beazley.
The statement issued by the bank also suggests that fiat currencies are superior, due to their price stability.