Dig Deep into the Root Causes of Fraud to Prevent Future Attacks Presented by: Ann Davidson, VP of Risk Consulting at Allied Solutions & Tammy Behnke, Credit Union Program Director at ProSight Specialty
How can your credit union more effectively keep the bad guys from coming back for more in the world of fraud exposure?
Agenda How to dig into the top fraud risks happening right now Understand the cause of these attacks Address strong fraud prevention and mitigation strategies Understanding the right questions to proactively ask to combat fraud and minimize fraud exposure Understand what critical information to include when performing risk assessments Q & A
Polling Question Are you doing a deep dive to get to the root causation of your fraud today? Yes No Not Sure
Polling Question Do you share the causation of the fraud attack internally and externally to help prevent future attacks of the same nature? Yes No Not Sure
Deep Dive into Payment Fraud What type of fraud is my credit union experiencing? Pull all the material associated with the fraud. For example, if it s card fraud, what type? Debit or credit cards card present or card not present? Is it PIN/signature fraud or both? How many card transactions were able to get authorized? Is the dollar limit of each fraud authorization below the daily dollar limit? What is the point of sale entry mode? Or electronic commerce indicator code? Why did our fraud tools and solutions allow the fraud to get through?
The Many Arms of Card Fraud Address Verification (AVS) fraud PINless fraud Credit card payment fraud Online fraud Non CHIP (EMV) card fraud Chip fallback fraud Cash disbursement (Advance) at the teller counter Lost/stolen fraud Magnetic stripe - PIN fraud or non-pin (signature) fraud Online fraud - Verified by Visa or MasterCard SecureCode fraud Authentication fraud Skimming ATMs Recruitment fraud Skimming point-ofsale (Pay at the pump) Card Not Received fraud (NRI) Card or Card Number PIN Change fraud CVV2/CVC2 fraud Account takeover fraud Key entered - card present or card not present fraud New account fraud Travel alert fraud
Understand the Cause of the Attack Looking at the fraud: Is it just one fraud cause or are there multiple fraud cases of the same type? Get in when the first case happens and track if you see a second case of the same nature Plug the hole before the bad guy keeps coming back for more Are you tracking the cause of the attack? i.e. is it all VBV or MCSC fraud attack and you have no chargeback rights? WHY?
Fraud Prevention Strategies Are you using the following loss prevention and mitigation solutions across ALL types of fraud? Daily $ limits Fraud monitoring tool early notification solution(s) Tracking types of fraud impacting an individual member or credit union account(s) Sample: Corporate or cashier checks Utilize positive pay or payee positive pay Sample: Chip Fallback authorization Block key entered chip fallback Require the PIN to be used for all chip fallback authorizations Set a dollar limit (no more than $50 or $100) and allow one chip fallback Track and analyze all chip fallback fraud to dig deep and find out why it is happening
Questions to Ask to Combat Fraud Why is our credit union experiencing the fraud? What type of fraud are we experiencing? Why is the fraud happening? Do we have a weak link that the bad guys are continuing to attack? Map out the process from beginning to end - will help identify the weak link. Discuss with risk consulting to help get to the root cause. Sample: Card PIN fraud Are we allowing a VRU change? What type of authentication layers are being used to allow the PIN change? Understand how your credit union allows PIN changes. Ask internal and ask your 3 rd party card processor or core data processor.
Risk Assessment Example: Card Fraud 1. Uncover immediate opportunities to help address ongoing card fraud Setting daily dollar limits for credit and debit card transactions Research Multiple Transactions on a Fraudulent Cardholder Account Real Time Authorizations Deploy EMV (Chip-and-PIN) on All Card BINs Country Code Blocks Credit and Debit card fraud cases Cardholder education to help ID Fraud and Report It Early On Name Matching for Track 1 Fraud Review Card Program Parameters on Each BIN Card Security Layers
Risk Assessment Example: Card Fraud 2. Uncover Future Opportunities to Help Address Ongoing Card Fraud Centralize Card Processing for both Credit Cards and Debit Cards to One Card Processor Use Instant Issue Proper Fraud Reporting Enforce Sound Cash Advance (Disbursement) Procedures for the Tellers Monitor the ATM Network Card Program Gift Card Merchant Category Code Verified by Visa and MasterCard SecureCode risk Robust Card Security Tools in 2017
Auto Loan Fraud Deep Dive We have all seen the headlines: Auto Loan Fraud Accelerating at Credit Unions Prolific Con Artists Indicted in Alleged $500,000 Car Loan Fraud Scheme Credit Unions Face an Uptick in Auto Loan Fraud
Auto Loan Fraud Big increase in auto loan fraud claims (almost daily!) Story seems to be the same: New member joins credit union New member applies for an auto loan New member never makes a payment on the auto loan Later discovered that the new member is not who they say they are
Auto Loan Fraud On the Rise So what is happening and why credit unions? Fraud in the U.S. is moving to easier targets Application fraud is an easier target due to identity data that s available for purchase Auto finance is a prime target lower level of control
Auto Loan Fraud Claims So are these claims covered by your Fidelity Bond? In many cases no. Losses directly or indirectly from the complete or partial nonpayment of or default on a loan transaction are excluded. Forgeries may be covered but the definition of instrument must be met. In general, loan documents such as an application for auto loans do not meet the definition of instrument. A forged document of title does meet the definition but it has to be an original. What this means: these losses must be borne by the credit union and affect your bottom line! Growing your top line at the expense of the bottom line is costing credit unions money and hurting your membership.
Synthetic Identity Fraud Synthetic Identity Fraud is hitting the industry very hard Synthetic ID is created by using a SSN that may belong to a person without an established credit history, such as a minor Paired with a fake address and even fake utility bills After a credit history is established, credit cards are used for small purchases Many of these claims could be avoided by making sure you know who you are lending your money to - new members are not worth the potential losses.
Auto Loan Fraud Case Large $7 million auto loan fraud scheme how did it happen? Straw buyers were used False information on applications $7 million in loans on 200 cars Key to scheme as all borrowers and car dealers intentionally misled the lender about their intent The loans all went into default
Dealer Fraud Monitoring Tools What Should Be Monitored? Dealer Fraud Monitoring Tools need to be established Industry statistics tell us less than 10% of the dealers account for 100% of the fraud Using scorecards can show anomalies in employer information, unusual patterns of default loans, unusual patterns of income/straw borrowers across applications Implement An Application Fraud Score/Employment Validation These have been used by mortgage lenders for the past 10 years and fraud has been reduced by 50% over the course of 3 years
Dealer Fraud Monitoring Tools What Should Be Monitored? Implement Income Validation or Verification Income Fraud is prevalent in about 80% of fraud cases Three methods that can be used by auto lenders: Income Reasonability Model does the income match the rest of the information on the application? IRS Verification Use Form 4506T and go directly to the IRS to validate income Financial Institution Verification access financial institution accounts to validate income
Dealer Fraud Monitoring Tools - What Should Be Monitored? Implement Straw Borrower Identification Straw borrowers are used extensively in auto lending due to face to face lending nature and they are easy to recruit Straw borrowers can be detected by looking for these red flags: Thin credit bureau file High income with no trade lines on credit report Borrower appears coached with responses Assets don t match income Following up with a phone call to a home number may also raise a red flag
Actual Loan Fraud Claim Facts: Member committed fraud on VISA and vehicle loan. Vehicle loan was $34,326.32. Loan application received from indirect vendor CUDL from dealership. Assumption by CU that dealership has done their due diligence in verifying the identity of individual, per agreement with CUDL. CU and dealer were unable to agree to terms and no loan transaction was executed. 10 days later, member called CU directly, he had applied for a loan for a vehicle located at a dealership in Alabama. CU is located in a Midwestern state. Identifying documents and proof of income were provided, employment was verified.
Actual Loan Fraud Claim Loan was approved 2 days later, funds sent to the dealer. In addition, the member applied for and was approved for a VISA with a $10,000 limit. A month later, CU receives two more direct applications from out of state applicants, dealer in Alabama was the same as prior loan. Discrepancies were found in the documentation and the applications were denied. At this time, CU checked records and found they had not received title for loan that was approved from the dealer or the state - CU contacted member and dealer and was assured title was on its way. Title never received and loan has become delinquent.
Actual Loan Fraud Claim CU did track down the vehicle to another dealership, they were able to provide documentation that they had purchased the vehicle and subsequently sold it. In addition, member maxed out VISA card, made a large payment and maxed card again. Twenty days later, payment was charged back. Also should be noted, member resided in an Eastern state. So we have a member in one state, a car in one state and a credit union in another state. In addition, the member is employed by a firm in another state. Address on credit report does not match applicant on claim file. Credit report also states several inquiries and SSN issues. I did a quick Google search for the employer addresses didn t match and business had been closed, while the applicant indicated he had worked there for 7 years. Income was suspect as well for industry noted in application.
Top Fraud in 2017 Internal fraud (separation of duties) Cash (Advance) disbursement fraud Loan fraud Card fraud Credit card attacking the line of credit Debit card skimming and fallback chip fraud Remote Deposit capture fraud Wire and ACH fraud Authentication fraud Bad guys will continue to find the weakest link - are you digging deep to find out how the bad guys are breaking in?
Key Takeaways Better understanding of: Digging deep into ALL fraud is key to prevent the same type of fraud in the future Working together and sharing what you are doing with others to help get to the root causation Utilize all available tools and solutions to help manage ALL types of fraud risk Education, understanding, sharing and networking is key to help all of us work together in order to stay ahead of the fraudsters! Stay connected!
Time for Questions! If you have remaining questions that were not addressed today, please contact the presenter: ann.davidson@alliedsolutions.net To receive ongoing education on industry-related topics: Sign-up for our fraud education newsletter: http://tinyurl.com/yaayxv29 Sign-up for our corporate newsletter: http://tinyurl.com/yagc4rj7 Follow us on social media