The United States ACH network, moving $43 trillion a year through 25 billion transactions, is now heading towards the biggest transition in its payment history.

Faster payments are soon becoming a reality. NACHA’s September 15, 2017 Phase 2 milestone has just gone into effect, introducing the faster processing of debit transactions. Close on its heels is the Phase 3 milestone on March 16, 2018.

Same Day ACH poses substantial risks for financial institutions, which will be faced with a shorter window— as narrow as two hours—within which to detect and prevent fraud. With the Phase 2 debit rollout, the volume of same-day ACH transactions will balloon exponentially as the settlement window shrinks. These changes represent a golden opportunity for fraudsters, who love speed and convenience as much as consumers.

Offering a possible preview of things to come, online banking losses in the UK doubled immediately after switching to Faster Payments (and remain significantly higher than pre-faster pay levels).

Fraudsters will be eager to target legacy validation systems and exploit the vulnerabilities of traditional fraud prevention systems and processes, which were not designed to defend against same day processing.

Areas of risk include: online banking account takeover; bill pay-related fraud; corporate account takeover; batch ACH file manipulation; and money mule stockpiling.

Fraudsters can exploit the shorter window by submitting a large volume of payments just before the cut-off time or submit payments just under the FI’s review threshold. They might also add recipients to payroll files, change account information for existing payroll recipients, or compromise third-party senders by submitting payments into which ODFIs have no visibility.

To address these risks, FIs need to leverage automation and machine learning to have any chance of meeting the Herculean challenge posed by the flood of transactions and narrow settlement window. Hiring more fraud analysts is simply not an affordable, scalable or sustainable option. In addition to the prohibitive staff costs, relying on manual review leaves other areas understaffed and exposed. With an automated solution, FIs can quickly triage risk across channels by automatically holding and flagging high risk payments before any money is transferred.

Similarly, combining machine learning with behavioral analytics is the most effective way to keep pace with fraudsters and dynamically adapt no matter how their tactics metastasize in the future. Fraudsters are continually experimenting and evolving their tactics, rendering rule-based fraud systems and point solutions much less effective. Behavioral analytics monitors a wide range of behavioral changes for anomalous activity. This provides a rich behavioral history that rapidly adapts to new threats to enable holistic, omni-channel protection.
Real time integration to enable rapid investigation is also critically important to defend against Same Day ACH fraud. Combined with automation and behavioral analytics, this approach enables FIs to calculate a real time risk score for every transaction. In turn, this enables them to automatically quarantine high risk transactions while alerting analysts and providing them with the right context from which they can rapidily take intelligent action. At the same time, the accuracy and lower false positive rates demonstrated with this approach enables lower risk transactions to be expedited in order to minimize operational friction and boost the customer experience.
Unfortunately, time is not on your side. Guardian Analytics urges FIs to get serious about evaluating and rethinking their fraud strategies, processes, and technology tools in order to mitigate the very real risks that are coming around the corner.

To learn more about our powerful analytics technology and how it can effectively solve this emerging fraud problem, contact us at success@guardiananalytics.com.