In today’s world, real-time payments are on steroids.
Zelle®, TCH’s RTP®, and now FedNow® are all recently coming into the market. Real-time transaction volumes around the world grew 63.2% last year. And by 2027, real-time payments are expected to account for 27.8% of all electronic payments globally.
You also have financial institutions (FIs) moving to real-time availability regardless of channel.
So if all payments are going real-time, it’s only natural to move your fraud detection to real-time as well. You do not want to be in a situation where the FI sends a payment when the funds have not been officially collected at the time. This can cause some major heartburn depending on the amount of the payment and the exposure to the FI. The move to having real-time fraud extends far beyond the fraud team and involves the entire FI and most departments.
I know that every FI is set up differently, and there are a lot of nuances between FIs and their processes. For this blog post, we are going to assume what is considered the most common set up (understanding that there will be some nuances to what you might have).
The most common setup involves multiple fraud teams (yes plural), and many times not reporting up to the same person. These teams are:
If I had to guess, more than 80% of the Jack Henry™ clients I talk to are set up with a minimum of four of these teams. These teams could consist sometimes of just one person, and more times than not, that person has other duties as well.
Card Fraud team: This team is accustomed to real-time by now. They are either handling their detection models directly and working those alerts or have outsourced the alerts to some provider to work and then send the cases along to investigate. These processes are already known in the real-time world. If a card is blocked, the accountholder calls the call center. The accountholder typically makes it over to the fraud team to discuss why their card is blocked and see if there really was fraud on their account. If it’s a good charge, this team instructs the accountholder to try the card again, hopefully this time with successful results. Understanding with cards the decision is already made – the card was approved or declined. This is the one team that has made the transition at most FIs to real-time. Does this sound normal for you? Hopefully it does.
Digital Fraud team: This is another easier one because these channels started out on real-time. The processes here are well documented. Typically, how it is set up is that when a transaction is created, it runs through some type of decisioning engine, and the transaction is either approved or declined. Very much the same type of model as cards. The accountholder who was declined can call in and validate the transaction and then send the payment out again. If it’s fraud, the fraud team would reach out to the person and confirm. Again, a very straightforward process because the decision has already been made. “Approve or decline” – same as card.
Application Fraud team. This is a group that should be changing and expanding ASAP. If it’s not already a coordinated and joint group between accountholders, DDA accounts, and loans, it’s something you need to start looking at. With synthetic IDs starting to really take shape, and the number of phony accounts already on the books at most if not all FIs, this should be made a priority.
Here is where the rubber will meet the road most often. You offer financial enticements for CSRs to open accounts. Accounts mean deposits, and deposits mean more lending, so the FI continues to grow. The good thing is “some” of this is mitigated on the loans side through underwriting. At least hopefully, if you have a well-built underwriting team, and they are looking for red flags for synthetic IDs. For clients and accounts, most systems and services are still in the early days of finding and detecting synthetic IDs. Most synthetic IDs are found months later. So here comes the rub when you move detecting synthetic ID to real time: competing priorities.
CSRs are incented to open accounts and loans, but you build real-time processes to detect and stop new accounts and loans from opening, instantly in real-time. How do you deal with that? Two different groups with two different purposes? One job to open as many as you can, and one job to stop some of those from opening. I have seen literal fights in board rooms about these competing priorities. It’s something you need to be aware of and resolve upfront before tensions build between teams. I have seen things like no more individual incentives but build an overall region or district goal instead. New incentive structures like CSRs’ incentive to open new accounts, but a separate incentive if they prevented a synthetic ID.
Another example is one that created partial incentives for CSRs. A new client and account is then counted as one, but if it was stopped by the fraud team, it counted only as .25 of a client and account. So the CSR still gets some credit for their work. These are just a few examples, and the purpose is to think through and prevent friction between the teams because of the competing priorities.
Deposit and EFT Fraud teams. It’s crucial to think through the overlaps. This is probably the most impactful change to processes. Card and digital fraud processes we already have in place. Application fraud is about incentives and tension/friction. This is now about time and importance. Most of what the fraud team deals with today is when the check comes in and posts. I have until 12 p.m. the next day to return that check. If I think the deposit is bad, I can place a hold on those funds. If I think an ACH or wire looks wrong, I can control both creating and sending or stopping that wire manually. These processes are tried and true in most organizations. This is how fraud is perpetrated today. I make a deposit of a bad check, the funds are immediately available and I withdraw the money in cash. Sound familiar? It should. This happens every second at an FI somewhere in the country. Check fraud is up 188%, and that is a hard sobering truth. This is a medium that is easily manipulated, and with real-time availability, it’s an easy way for a fraudster to get paid. If you move to a real-time fraud detection, you are stopping these events in real time. The first impacted is the front line, tellers, CSRs, call center agents, and ITM agents. If a real-time system rejects transactions, how are these individuals going to deal with it? Are you directing the client/fraudster to the fraud department? Don’t get me wrong – it’s the right thing to do in the attack against fraudsters by moving to real time. It protects the FI, and it protects the real accountholder if you prevent fraud on their account.
The first thing you need to do in implementing a real-time system is bring in your operations team. Let them be part of this real-time fraud detection journey. Let them understand why decisions are being made and listen to their feedback. There will definitely need to be give and take.
The second is to make sure you have contingency plans on when and how to release transactions if the fraud team doesn’t get to it. Let’s say you have five wires that need to go out, and it’s 4:45 p.m. Your wire cut off is at 5 p.m. The fraud team has not yet cleared the transactions yet for whatever reason. It’s not like the old fraud days when you’d be looking at these transactions in arears. Instead you’re going to be looking at them in real time. Therefore, they need a decision to either post the transaction on the account or send the payment. Understand that the time restraints on working alerts have a direct effect on daily processing and what gets cleared or sent. This should also mean a conversation takes place between the front office, back office, and fraud teams. These decisions cannot be made in silos, and all sides must work to agree on what to do in situations like that to both protect the FI and accountholders.
This by no means is an exhaustive list of things to think about. Is getting to real-time fraud detection important? Yes. Will it be easy? No. Will it change how the FI operates? More than likely.
My advice to anyone who has asked me about getting to a full real-time fraud detections methodology is to be inclusive. Be open, be understanding, and be firm in the direction. Do not make decisions by yourself, but at the same time make sure it is understood that your FI is moving in that direction. All payments will be real-time in the future, so start planning and executing now. This is something that not only helps with your FI’s bottom line, it helps with identifying fraud across our financial sector. Ultimately, it helps valuable accountholders who you don’t want to see leave your FI over fraud.
What do you think could happen if all those fraud groups became one and in one system 100% integrated with the core provider to alleviate some of these headaches and hurdles? The answer might be closer than you think!
Are you prepared to combat fraud in the real-time digital world? Learn more. Check out a short video below about Jack Henry Financial Crimes Defender™, here to change the game!
Who We Serve
What We Offer