2017 Financial Institution Payments Fraud Mitigation Survey Report of Results Amanda Dorphy and Heather Hultquist Payments, Standards, and Outreach Group Federal Reserve Bank of Minneapolis January 2018
Table of Contents Executive Summary
Payment Fraud Trends
Payments Fraud Mitigation
• • • • • • •
Account Application Processes Debit Card Credit Card Check ACH Wire Internal Procedures and Controls
20 23 28 34 41 47 52
Barriers and Opportunities
The authors thank colleagues at the Federal Reserve Banks of Minneapolis and Chicago for their assistance in preparing the survey and this report. The views expressed in this report are those of the authors and are not necessarily those of the Federal Reserve Bank of Minneapolis or any other component of the Federal Reserve System. The information in this report is intended for educational purposes and the description of survey results, or the mention or display of a trademark, proprietary product, or firm in this report does not constitute an endorsement or criticism and does not imply approval to the exclusion of other suitable products or firms. ©2018 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent.
Executive Summary Staff at the Federal Reserve Bank of Minneapolis have conducted research on payments fraud mitigation since 2007. During July and August 2017, the Federal Reserve Bank of Minneapolis’ Payments, Standards, and Outreach Group fielded a qualitative, online survey of financial institutions (FIs) from across the U.S. on payments fraud mitigation. There are 283 respondents, representing about a 5.8% response rate. The survey report contains information about the most frequent fraud attacks by payment type – debit card, credit card, check, ACH, and wire – that FIs are experiencing and the usage and relative effectiveness of payments fraud mitigation methods. Risk mitigation methods for each payment type are grouped into three categories: 1. transaction screening/scoring, 2. authentication methods, and 3. other reporting and risk management methods. Aggregate results are presented in the first half of this report. On each page, summary remarks, the question posed in the survey, and a chart reflecting results are provided. Data tables shown in the second half of the report provide results by financial institution size. A copy of this report and definition of terms used in the survey may be found on the Federal Reserve Bank of Minneapolis’ Payments, Standards, and Outreach Group website. Key Findings General • Payment fraud losses continue to be a problem for FIs: three out of four survey respondents report incurring fraud losses. • Nearly all FIs provide customers access to online information services to view transactions, statements, etc. The effectiveness rating of online information services in mitigating fraud is somewhat high. About half of the FIs rate it as very effective. This rating applies to all payment types, even wire transfers where speed and finality are a core feature. This finding seems to indicate that when other methods fail, the customer is relied on to identify fraudulent transactions. At the same time many FIs provide customer education on fraud mitigation; however, this is rated low in effectiveness.
©2018 Federal Reserve Bank of Minneapolis. Materials are not to be used without consent.
Executive Summary Cards • Ninety-six percent of the respondents that are debit card issuers and 77% of credit card issuers experienced card fraud losses in 2016. Increases in losses are more prevalent on debit and credit cards compared to other payment types. Fraud losses increased in 2016 compared to 2015 on debit cards (63% of FIs) and credit cards (41% of FIs). • The most frequent card fraud attacks are count