Financial Fraud: Prevention Better Than Detection

ReadiMinds has announced the results of its survey titled “State of Online Security in Financial Institutions-2010-11”. Given the highly dynamic nature of online security industry, in this year 2010-11 version of the survey, ReadiMinds decided to conduct one-point surveys at regular intervals, covering the most topical subject then, as opposed to taking a snap-shot approach once a year.

Clearly, both the financial institutions and the financial regulators have shown increased sophistication. There is a clear trend towards multi-factor layered authentication for Internet banking, as opposed to traditional single-layer two-factor authentication. There is also a clear move towards multi-factor authentication and transaction monitoring/fraud prevention on the same software platform.

There is also a clear trend towards an enterprise-wide financial crime management software platform, away from traditional “point” security approach. There is also increased sensitivity towards cost - and therefore the move away from expensive traditional datawarehouse based fraud management systems.

There is also clear realisation that one needs to use multi-layered security and cross-channel fraud prevention - as opposed to single-layer or single-channel traditional approaches. Move towards real-time fraud “prevention”, as opposed to post-facto fraud “detection” is kind of becoming mainstream too. Increasing real-time nature of financial business and regulatory guidelines to “commit” financial transaction in real-time also necessitates real-time fraud “prevention”.

Even in case of payment cards, now with the availability of cross-channel fraud “prevention” system - there is a high degree of realisation that one must use a real-time cross-channel fraud “prevention” system - as opposed to traditional post-facto detection approach, single-channel rule based approach, or a single-channel behaviour modelling approach of previous years.

All of these trends are being clearly driven by the rapidly increasing online financial business, increasing sophistication of fraudsters, increasing fraud losses, judiciary and client activism, regulatory guidelines and the market pressure.

Here is the result of ReadiMinds’ survey titled “State of Online Security in Financial Institutions-2010-11”:

1. What is the future of Online Security Solutions in the Financial Industry?
a. Dead-end point security solutions [votes: 20%]
b. Enterprise Financial Crime Management [votes: 80%]

2. What kind of Enterprise Fraud Management System would you prefer for Banking Industry?
a. Datawarehouse based fraud “detection” system [votes: 12%]
b. Real-time fraud “prevention” system [votes: 88%]

3. Online Banking: What would you prefer for identity protection as on today?
a. Single-layer two-factor authentication [votes: 31%]
b. Multi-factor layered authentication [votes: 69%]

[Please note that this point survey was conducted before FFIEC guidelines were announced in USA on June 28, 2011. FFIEC now mandates the use of multi-factor layered authentication for internet banking]

4. Payment card frauds: What kind of system would you prefer moving forward?
a. Traditional post-facto fraud detection system [votes: 0%]
b. Real-time fraud prevention system [votes: 100%]

5. Online Fraud Management System: What kind of real-time transaction monitoring system would you prefer?
a. Single channel fraud prevention system [votes: 7%]
b. Cross-channel fraud prevention system [votes: 93%]

6. Financial Crime Management: As a financial institution, what strategy would you adopt moving forward?
a. Continue to opt for “point” security solutions [votes: 8%]
b. Opt for Financial Crime Management “Platform” [votes: 92%]

7. Payment card frauds: As an issuer/acquirer financial institution, what strategy would you like to adopt moving forward?
a. Continue with fraud “detection” approach [votes: 22%]
b. Opt for cross-channel fraud “prevention” approach [votes: 78%]

8. New FFIEC USA Authentication Guidelines: What would you/banks opt?
a. Multi-factor authentication alone [votes: 8%]
b. Multi-factor authentication and Cross-Channel Fraud Prevention [votes: 92%]

9. What is your preference for online banking or payment cards fraud mitigation system?
a. Single-channel fraud prevention system [votes: 9%]
b. Cross-channel fraud prevention system [votes: 91%]