The recent rash of high-profile data compromises serves as a reminder that today's fraud perpetrators are sophisticated, relentless and ever-evolving. Unfortunately, when it comes to fraud prevention, too many CUs take a set-it-and-forget-it approach that doesn't match the evolution of contemporary fraud.
It's not uncommon for fraud specialists to come across a financial institution that hasn't modified their fraud prevention strategies for months — and in some cases, years. What's more, many credit unions are using one-size-fits-all strategies. And one size does not fit every credit union.
Keeping After the Fraudsters
The four most common shared strategies — Lost/Stolen, Counterfeit, Non-Receipt and Kiting — are the ones typically left unexamined. But for a credit union to rely on these strategies, they must be analyzed at least quarterly. When spikes in activity occur, examinations as frequently as daily may be appropriate. Many CUs utilize up to 10 different strategies to watch for specific fraud trends and prevention elements.
For instance, during a recent data compromise, one client acted aggressively, blocking transactions from an entire state where the threat was most immanent.
A second client was lowering accepted dollar amounts on a daily basis during a threat in its area. Beginning by blocking discount-store transactions over a specific dollar amount, the credit union watched as the fraudsters learned their strategy and began purchasing items under the limit. This continued until the dollar amount was low enough to deter any further attempts. Because it was monitoring strategies in real time, this CU was able to stop fraud right as it was happening.
Vermont State Employees CU is a great example of a credit union that modifies its strategies at regular intervals. Alerted to new fraudsters every day in the form of merchant probes, new merchant numbers are provided for VSECU's existing merchant block strategy, which the CU adds to its strategy on a weekly basis.
Tailoring Strategies to Unique Memberships
In addition to monitoring and modifying current strategies, consider customizing strategies to fit your individual membership. Based on an in-depth analysis of a credit union's fraud risk and membership qualities, custom fraud strategies keep credit unions one step ahead of those perpetrators targeting their members specifically.
These exclusive strategies are not only designed to spotlight fraudulent transactions. They are also built to keep unique, yet authorized, transactions moving through the system. Fewer stopped transactions means less lost income for the credit union, and of course, happier members. This is particularly helpful to CUs with members who frequently travel, are international or high-income.
Sadly, it's not only the cunning fraudsters credit unions need to keep an eye on these days. Custom strategies and various report monitoring can help a credit union watch for red flags from within its staff and cardholding membership, as well.
Putting Custom Strategies in Place
Setting up a fraud prevention program with custom strategies requires analysis, forethought and active participation. Start with questions such as:
- Which transactions are most common within your cardholding membership (travel and entertainment, professional services, grocery stores/supermarkets, etc)?
- How frequent are international transactions?
- Are your members located in one geographical area or are they scattered?
Member education and engagement is vital. Cardholding members should be encouraged to contact their CU with changes in income, location, purchase or travel plans. Understanding a credit union's membership is important. But considering the CU's general philosophies, promises and objectives are vital to creating the right custom fraud prevention program.
As members are inundated with negative messages, worrisome headlines about financial institutions, credit unions have a unique opportunity to stand out. A dynamic fraud prevention program that has the backs of both members and the CU itself is a responsible way to demonstrate the CU difference.
Karen Postma is Cards Risk Senior Manager for TMG (The Members Group). She can be reached at email@example.com.