Fact vs Fiction: Debunking fraud and faster payments myths

The world of real-time payments is rapidly evolving, and with this evolution comes a lot of questions and misconceptions, especially as it relates to fraud.    

Mark Majeske of Alacriti joins the BAI Banking Strategies podcast to dissect and debunk some of the top myths regarding fraud and faster payments.   

A few takeaways from the conversation: 

• As financial institutions continue to evolve, so should their fraud prevention and instant payments technology. With that comes the consideration of adopting AI or machine learning to adequately predict fraud activity, as AI is able to recognize changes in fraudulent activity and to compensate for those changes quickly and effectively, before humans can.

• Cloud-based fraud solutions are also important. They help to require less resources to implement, utilize, and manage systems; enable the use of consortium data and models to better utilize AI and machine learning models, help to be able to respond quickly to fraud activity changes; and lastly, provide faster analysis and transaction decisioning. 

• Modern instant payment fraud solutions need to be proactive, operate 24/7/365, and have the ability to apply filters or customized tolerance settings. Because there are only seconds to safely analyze and decision the transactions, banks and credit unions must have the opportunity to customize and influence their analysis and decisioning outcome on an individual basis; it’s not a one-size-fits-all approach. This can enable them to quickly adjust decisioning based on current issues and circumstances. 

INTERVIEW TRANSCRIPT 

The world of real-time payments is rapidly evolving, and with this evolution, comes a lot of questions and misconceptions, especially as it relates to fraud. Joining us today is Mark Majeske, SVP of Faster Payments at Alacriti, who will dissect and debunk some of the top myths regarding fraud and faster payments. Mark, welcome to the BAI podcast. 

Thank you, Holly. Great to be here. 

Great to have you with us. Mark, you’ve had a really interesting career, including working at a number of banks. Can you briefly share a little bit more about your background? 

I started my career in banking in digital payments product development, and that was at JPMC, Citibank, then moved to SunTrust and TD in both Canada and the US. After my stint at banks, I moved to The Clearing House where I was part of the team that designed and launched the RTP network. After that, I went to FIS where I head up product development for internet payments, ACH and bill pay. Also, involved directly with the Fed as the SME for the design of FedNow. 

You’ve had a lot of diverse experiences, so I think it will really help with our conversation today. And there’s definitely a lot of information and misinformation out there about real-time payments and fraud, and it can be challenging to know what’s true and what’s not. So, for this podcast, we’re going to do things a little differently, have a little fun. 

I’m going to read a series of statements. And Mark, I want you to shed some light on whether they’re a myth or a reality. And before we jump into myth versus reality, I thought it would be helpful for us to talk about FedNow as it ties in perfectly with our discussion regarding faster payments. So, Mark with FedNow launching in July, would love for you to share your thoughts about the program and how it impacts the faster payment space. 

I think it’s going to impact it heavily. I believe in terms of what I’m seeing in the market, lots of banks and credit unions are interested in participating in FedNow. It is working as designed. I think we have about five customers on it, with about 12 in the queue ready to sign up and move forward on the network. So, I think it will help the industry overall to expand the usage of instant payments in the U.S. 

Thanks for sharing that perspective. I think that gives us a good foundation to have our conversation today. So, let’s go ahead and jump into our myth versus reality portion of the podcast. Number one, faster payments equals faster fraud, myth or reality? 

I would say that is the reality and not in a bad way. And I’ll give an example. In the UK about 10 years ago when they launched their version of faster payments, they did an analysis on the fraud that they were experiencing in the system. And what they found was a fraudulent transaction moves eight times in the first hour. So literally as the funds come into the original bank, it’s being dispersed out to other banks immediately. So, in essence, fraudsters are using the faster payment network for their betterment. The good news is as we move forward to today, I think fraud solutions are more focused on fraud prevention, using real time decisioning based on consortium data, which is extremely important, and AI and ML driven models, using those to analyze and decision transactions in milliseconds. So, the focus is more on preventing fraudulent transaction as well, and it’s terribly effective. So as a result of that, I’m not necessarily saying that there’s more fraud in faster payments, but it is faster. 

Number two, instant payments are safer than other payment types, myth or reality? 

I would say that’s a reality, and partially because of the fact that instant payments are credit push only, so that reduces fraud opportunities and also are irrevocable. So that avoids a lot of the debit issues that we have on other transactions. New fraud systems, again, are engineered to analyze and accurately predict fraud before the transaction occurs. And I think that’s important. 

And Mark, a follow-up question there, which payment types would you deem as not as safe as instant payments? 

That’s a tough question because they’re all different, right? If you have ACH or you have wire, there’s fraud in those, right? But it’s a different type of fraud and a different type of situation than an instant payment. Obviously if my fraud detection system for ACH or wire shows an issue, I have time to go back and investigate that transaction before I release it. So, a little different there. And fraud systems are built a little differently for ACH and wire. 

Where we get into the instant payments piece, we don’t have the luxury of that time to go back and investigate. And so, I’m not going to say that one is more fraudulent than the other, because also, you have to look at the usage of it. So, the more usage you have, usually the more fraud you have as well. And since instant payments is still growing in the United States, that’s probably be an unfair statement to make in comparison at this point. 

And number three, for instant payments, a fraud detection solution must be proactive, operate 24/7/365, and have the ability to apply filters or customized tolerance settings, myth or reality? 

Yeah, I would say that’s reality. Modern instant payment fraud solutions must contain all of those elements to be successful, as you only have seconds to safely analyze and decision those transactions. I feel FIs must have the option to customize and influence their analysis and decisioning outcome as well on an individual basis. That enables them to quickly adjust decisioning based on current issues and circumstances. 

Mark, could you share an example of the filters and customized tolerance settings? 

Sure. So, if we have a model and we have a score on each transaction and the bank is under attack on a weekend, you may want to tighten up. So, for instance, if the rating or the scoring is zero to one, one being most likely fraudulent, you may want to tighten up on your acceptance level. So instead of accepting a 0.6, you may want to only accept at 0.5. So, by ratcheting down that acceptance level, you’re protecting the financial institution over that weekend when maybe there was a weekend attack. What a lot of banks are doing is creating levels or scenarios where they would automatically shift to a different level of acceptance based on circumstances, and that’s the right way to do it. 

Number four, having a cloud-based fraud solution is more efficient and effective, myth or reality? 

I would say that’s a reality. Cloud-based fraud solutions help achieve the following. One is it requires less of an FI resource to implement, utilize, and manage the fraud solution. So effectively, you’re taking it off the burden of the system, off of the FI and bringing it into the cloud with your fraud provider, it’s much easier to manage, much less expensive to manage on a regular basis. 

It also enables consortium data and models to better utilize AI and ML model, and to respond quickly to fraud activity changes. And lastly, provides faster analysis and transaction decisioning, which is required. So instead of going back and forth from system to system to get a final score, you’re doing it all in one place in the cloud, which is a scalable environment, which is important. 

And in terms of the fraud detection time being reduced, can you share a little bit more about how much it is reduced by? 

It’s reduced greatly. In instant payments, most fraud systems are decisioning in milliseconds. There’s two reasons for that. When a sender creates the transaction, it hasn’t really gone to the network yet. Network’s not sitting there waiting for their SLA to be met. But the fact is, you still have a perceived customer experience that if I’m placing a transaction, I expect to hear back from it in seconds that it’s gone or it hasn’t gone. And so there’s two things that we’re trying to balance out, is the ability to effectively scan and analyze transactions and give a good result for the transaction, but also keeping the customer happy, not sitting there watching a clock turn. 

Number five, automated instant transaction decisioning is important for the success of instant payments, myth or reality? 

Yeah, I think that’s reality. Due to the speed of the transactions and instant payments, it’s important to be in the position to instantly access and decision transactions before it occurs. This powerful attribute protects both the financial institution and its customers and members. There is a misconception floating around in the marketplace that FIs need to make fraud and risk staff available 24/7. In reality, this rarely takes place. By being able to devise preconceived rule changes on a weekend or if there’s a decision, you do not have to staff on the weekends, this system actually adjusts accordingly, and that’s important to know. 

Now, there’s certainly a lot of conversation around AI, so let’s introduce that into our list here. Number six, financial institutions do not need AI or machine learning to adequately predict fraud and instant payments. 

Yeah, that would be a myth. I think AI and machine learning is what enables fraud solutions to recognize changes in fraud dealing and activity and to compensate for those changes quickly and effectively. What AI does is it analyzes or is able to pick up and analyze change in fraudulent activity before humans can. So, what it does is it helps adjust the model adjusting for those new trends before they even become a problem. So that’s why AI and machine learning is so important. 

And Mark, can you talk a little bit more about how AI is being used to identify suspicious patterns? 

Yeah. Basically, it’s looking at transactions. It looks at self-reported fraudulent activity, which a lot of the networks are asking banks to do in their rules. So, what we’ll do is look at what a fraudulent transaction looks like in that particular network, and then notices that the circumstances around the transactions are shifting a bit, but still fraudulent. And so it’s able to pick that up early enough so that it can then put it in as part of the model. 

So, let’s talk about that human side of all of this. Number seven, staff should be hired to support instant payments during off hours, myth or reality? 

This is a misconception, I think a myth. The real fact of the matter is that most people do not hire people to sit there 24/7 and watch the fraud system. You don’t really need to. If you do a lot of work upfront in determining what you would do in a what if scenario, then you can preset a lot of those changes that you would have to make and actually automate them. And most fraud systems being built today, if you’re looking for one, should offer that. 

I’ve had situations at banks where I’ve had a bad weekend. We offered a new product and we had a lot of fraud, but we predetermined what these levels or these tolerance levels would be shifted to. And it was really a non-event and we severely limited our fraud as a result. So a little bit of homework upfront will make it easier for you in terms of staffing 24/7. I’ve launched a number of banks in RTP and FedNow, and I have not seen one who were actually hiring someone 24/7. 

I’ve got two more for you here, Mark. Number eight, banks can just use the fraud prevention that is built into the real-time payments rail as an effective tool to reduce fraud, myth or reality? 

I would say that’s a myth. Because of their access to rich transaction and transaction outcome data, instant payment networks like RTP and FedNow are well-poised to contribute to the reduction of fraud within their networks. Both RTP and FedNow are investigating and developing tools which will assist FIs in identifying fraud, but they’re not there yet. So as a result, and I’ll just share some examples. Fed now is initially offering a negative list to FIs based on network activity. TCH will be expanding its options for FIs to report fraudulent transactions. And what I mean by that is offering more reasons so they could get deeper in terms of what’s happening in the system. 

Also, they’re providing and working towards providing a feed to the banks on recipient data for FIs. That’s new and I expect that to come out maybe by the end of the year. That’s all good, except for one thing, it really is just providing input to your fraud system. So do you need a fraud system? Yes, you still need a fraud system, because the fact that you’re getting input from the network doesn’t necessarily mean that you have a clean decision either, but it’s all helpful. 

And last one, number nine, fraud prevention rests solely with financial institutions. Would you say that’s a myth or reality, Mark? 

I would say that’s a myth. I think ACH and wire transactions are inherently different from instant payments. With ACH and wire, an FI has time to investigate decisions and to release those transactions. With instant payments, you only have seconds to accurately make a decision, and this must be done 24/7. Fraud solutions for instant payments are the most effective way for detecting fraud and protecting the FI and their customers. 

Instant payment fraud systems can also be used for ACH and wires as well. So, I’ve actually done that at a bank where I’ve used an instant payment system to also look at ACH and wire transactions. What this did for me is that it severely reduced the number of investigations that we had to do, so it really lessened our queue and enabled us to use our resources more wisely. 

That’s a fantastic outcome. Mark Majeske from Alacriti. Thank you so much for joining us on the BAI Banking Strategies Podcast. You validated facts and set the record straight on a number of myths about faster payments and fraud. I really appreciate your valuable perspectives. 

Great, thank you.