Instant Payments Fraud

By Rebecca Kruse

Instant, faster, real-time: no matter how you describe the newest sets of payment rails, there are many questions as to how those payments may be protected. (For the purpose of this article the term “instant payments” will refer to transactions conducted through The Clearing House’s RTP network and the upcoming FedNow network.)

Community banks know that payments fraud is a cost of doing business and take measures to protect their customers and their banks’ bottom line. From monitoring check kiting reports to establishing card fraud rules to “know your customer” protocols, there are a slew of fraud prevention and detection solutions available. But what about fraud detection for instant payments?

Instant payments use a good funds model, and the transactions are “credit push” only, meaning the sending party must initiate transactions. Built into the check, card, and ACH channels are inherent methods to reimburse fraudulent payments, such as returns and chargebacks. As of now, there are no channels built into the instant payments networks with the requirement to return payments.

Banks may ask a receiving bank to return funds sent in error, but there is no obligation for the receiving bank to comply. When an instant payment is conducted, it is settled immediately and irrevocably, so it is absolutely necessary for banks that want to offer instant payments “send” capabilities to carefully evaluate each transaction before it is introduced to the instant payments network.

These methods should:

  • Require strong, multi-factor authentication. This confirms the sender’s identity before logging into the payments application.

  • Verify new payees. Put measures in place to require a sender to prevent mistakes when creating a new payee, such as re-entering account or contact information.

  • Implement holistic, cross-channel fraud detection. Many banks view fraud through a siloed lens, such as identifying check fraud by comparing check transactions, or ACH fraud by comparing ACH transactions. While it is possible to approach instant payments fraud in a similar fashion, community banks should consider investing in a cross-channel fraud prevention system to determine if each transaction fits a customer’s behavior pattern. Not only will this help detect and prevent instant payments fraud, but it will improve fraud detection in other channels as well.

  • Educate clients and employees. Social engineering is still the biggest source of instant payments fraud globally. Community banks should continuously educate employees and customers on how to identify and detect scams that lead them to initiate payments or change payment instructions.

Rebecca Kruse is executive vice president and chief operating officer at ICBA Bancard and can be reached at [email protected] or 202.821.4316

Twitter: @RebeccaKruse11 • LinkedIn: www.linkedin.com/in/rkruse41/