More Fraud-Prevention Spending

CU360
January 7, 2009 | COMMENTS

Financial institution spending on fraud prevention and customer authentication is increasing in 2008 and 2009, according to Gartner. This spending is needed as fraud rates continue to rise in the areas of payment cards, money transfers, online banking, checks, and call centers. Fraud schemes are moving across channels, products, and enterprises.

Gartner surveyed 50 financial institutions to understand how they assess security threats across channels and how they deal with fraud and customer authentication. Due to the small sample size, however, the survey helps highlight trends rather than drawing statistically valid conclusions.

Financial institutions expect to spend even more on fraud detection and customer authentication in 2009 than in 2008, and spending generally will be higher among the largest institutions. Overall, about 60% of institutions expect to spend more on these programs in 2009. This number rises to 71% among large institutions with consumer deposits of more than $150 billion. About 20% of these (all banks) expect spending to rise significantly.

On a scale of 1 to 7 (7 being “extremely important” and 1 being “not at all important”), compliance with relevant regulations scored 6.6 as a driver among respondents, improving fraud prevention scored 6.3, and increasing consumer confidence scored 6.2. The largest banks surveyed ranked compliance at 6.8, improving fraud prevention at 6.7, and increasing customer confidence at 6.4.

“Compliance is still the main driver for fraud prevention and customer authentication projects, but 60% of surveyed institutions already consider themselves to be compliant with the Red Flag regulations of the U.S. Fair and Accurate Credit Transactions Act of 2003,” said Avivah Litan, vice president at Gartner.

The Red Flag rules generally require that creditors check for identity theft before they issue credit to consumers or businesses. The rules must be implemented by financial institutions and other creditors by November 2008. But the general thinking in the industry is that institutions must only formalize and document procedures they already have in place to prevent identity-theft-related fraud.

Online banking fraud detection is the most widely implemented fraud-management system, according to the survey, followed closely by stronger consumer authentication at institutions' Web sites. Over the next two years, the most pervasive plans for new fraud prevention and customer-security-related projects include stronger caller authentication for consumers who telephone call centers, enterprise fraud detection that manages fraud across customer channels and accounts, and a case-management system for managing fraud.

Financial institutions tend to consider their Web channels more secure than their phone channels, said Litan. Nevertheless, in 2008, most say they'll spend more money on Web fraud detection than on call center fraud detection, which acknowledges that the Web channel is generally more vulnerable when it comes to outright monetary theft or account surveillance.