Advanced Transaction Monitoring Mitigates ACH Fraud Losses

Technology detects anomalies before ACH files are transferred to the Federal Reserve.

March 7, 2013

People increasingly are looking to the Internet to obtain information, communicate with others, and accomplish routine daily tasks such as paying bills.

To keep in step with accountholder needs and demands, most U.S. financial institutions now offer online banking. This creates an unprecedented level of convenience: Accountholders can complete all of their banking needs without ever having to walk into a branch or meet a teller face-to-face.

But with this increased convenience comes a down side: online banking fraud.

Sophisticated fraudsters are exploiting the growing reliance on Internet banking to steal and launder money, unbeknownst to the victims of their schemes.

The problem has reached such proportions that in June 2011, the Federal Financial Institutions Examination Council (FFIEC) issued a supplement to its 2005 guidance, “Authentication in an Internet Banking Environment.”

Jamie Rowsell
Jamie Rowsell

The supplement is a response to “an increasingly hostile online environment,” and makes clear that since the release of the original guidance, the threat landscape has shifted dramatically.

While it seems nobody is safe from cyber criminals, it is corporate accounts, particularly those of small and mid-sized businesses, that face some of the heaviest focus from cyber criminals.

A June 2012 Symantec Intelligence Report revealed that 36% of all targeted attacks since the start of that year were directed at businesses with 250 or fewer employees.

How damaging could all this be? A recent Federal Deposit Insurance Corp. study found that cyber criminals cost U.S. companies, including financial institutions, more than $15 billion over the past five years.

How exactly are they doing it? There are numerous ways.

One common method is account takeover. This involves the undetected installation of malicious software (malware) on a computer that accesses the member’s online bank account.

Unknowingly, once they log in to the online banking site, they have provided a means for the criminal to control their account.

Often, in the case of a corporate account takeover, the criminal will manipulate payment information (for example, adding new payees to the payroll or altering account numbers of payees). The money is then transferred via the automated clearing house (ACH) channel to the accounts of individuals who will then move the money to a place where the cyber criminals can safely access it.

How do we prevent the staggering losses that often result from online account takeovers? The answer is in a layered approach to security, with behavior-based transaction monitoring at its core.

This is a “defense-in-depth” approach, providing multiple layers of frustration for criminals with the greatest protection at its center. Behavior-based transaction monitoring helps institutions analyze accountholder activity in the context of the person’s (or business account’s) normal behavior, and highlights anomalies.

It is the early detection of anomalous transactions and the speed of response that offer the surest form of protection against ACH fraud.

Transaction-monitoring technology that allows an institution to detect anomalies before ACH files are transferred to the Federal Reserve for payment can have an enormous impact on preventing fraud loss—protecting member’s accounts and, in turn, preserving a high level of trust in the existing relationship between member and credit union.

To learn more about ACH fraud and the most effective ways of preventing it, you can download a free “Remote Banking Fraud Detection for Dummies” e-book here.

JAMIE ROWSELL is a researcher and writer at Verafin Inc., CUNA’s endorsed partner for BSA/AML compliance and fraud detection. Verafin is a provider of advanced, behavior-based fraud detection and anti-money laundering software used by financial institutions across North America.