Even with the acute industry focus on emerging electronic payments, one thing everybody agrees on: old-fashioned paper checks, though fading, are not going completely away any time soon.
That means, says Fiserv's Mike Urban, director of financial crimes solutions, check fraud will remain. In fact, in some ways, such fraud will only intensify.
"The indications are that check fraud is lessening. However, it's still a multi-billion dollar problem in the United States. The way that I would characterize it is that check fraud is not decreasing at the same rate that check usage is decreasing," Urban says in an interview with Tech Topics.
Urban cited the 2011 ABA Deposit Account Fraud Survey which found that industry-related losses amount to an estimated $893 million in 2010, down slightly from the estimated $1 billion in 2008. More than seven in ten banks reported having check fraud losses in 2010.
But there's more to consider, he says, since these numbers don't include losses to merchants and consumers. The U.S. Secret Service estimated total fraud losses amounted to $5 billion in 2007. Since then it may have dropped some, Urban says, but not dramatically.
Counterfeit checks, fake signatures on real checks, and returned deposit items which are then recashed are the top three methods of check fraud he says.
Related to check fraud is debit card fraud, which is on the rise. The ABA study found industry losses reached $955 million in 2010, up from $788 million in 2008. In this area, though, Urban expects the oncoming adoption of EMV, or chip-and-PIN debit, with its transfer of liability to nonEMV-equipped merchants, will stem that trend.
Even then, though, the fraudsters will adopt their own sophisticated tools, and that likely will circle back to checks, particularly targeting online check image databases, Urban says.
"As the criminals are getting more savvy and exploiting more and more sophisticated technology, I'm expecting that that level of exploitation will continue to grow...That image data gives the criminals a leg up on compromising online banking information," he says. Specifically, the crooks likely will use the online image to cross reference to other parts of the victim's account, and allow them to take advantage of vulnerabilities.
Related to this, Urban says, banks need to apply the FFIEC's guidance on protecting accounts not only on the electronic side, but how every account needs to be protected.
"A lot of that [guidance] speaks to online banking and implies mobile banking. But they also say that you really need to look across the activity on the account and that really reflects the level of risk that may happen when someone has access," Urban says. "The criminals are looking for the point of least resistance."
So what should banks do to counter the crooks? Urban suggests these actions:
Use formalized customer onboarding procedures to establish baseline characteristics of each individual and determine appropriate risk levels, such as credit limits on different types of transactions.
Use analytics to track anomalous transaction events, particularly across channels, to determine what might be suspicious behavior worthy of further investigation.
Participate in consortiums of other banks and law enforcement agencies, such as FS-ISAC (in which ABA is a member) in order to understand ongoing fraud trends.
Establish relationships with area electronic crime task forces so that when fraud actually occurs, the authorities might assign it higher priority.
"Just remember," Urban says, "Fraud schemes never disappear completely. There are still situations where people and businesses are going to use checks."