Assessment and Checking of SQL: Detecting and Preventing Plagiarism
From Gateway to Gatekeeper: The Role of Private Industry Players in Detecting and Preventing Fraud
31
From Gateway to Gatekeeper: The Role of Private Industry Players in Detecting and Preventing Fraud Moderator : Tracey Thomas, Staff Attorney, Division of Marketing Practices, FTC Panelists : Jack Christin, Senior Regulatory Counsel, eBay/PayPal Jane Larimer, General Counsel, NACHA – The Electronic Payments Association Clifford Stanford, Assistant Vice President & Director, Retail Payments Risk Forum, Federal Reserve Bank of Atlanta James Paravecchio, Group Manager, Fraud Risk Management Operations, Verizon Tim Cranton, Associate General Counsel, Microsoft Corporation Panel 3: 1:30 – 3:00 pm
-
Upload
wyoming-bean -
Category
Documents
-
view
51 -
download
1
description
From Gateway to Gatekeeper: The Role of Private Industry Players in Detecting and Preventing Fraud Moderator : Tracey Thomas , Staff Attorney, Division of Marketing Practices, FTC Panelists : Jack Christin , Senior Regulatory Counsel, eBay/PayPal - PowerPoint PPT Presentation
Transcript of From Gateway to Gatekeeper: The Role of Private Industry Players in Detecting and Preventing Fraud
From Gateway to Gatekeeper: The Role of Private Industry Players in Detecting and Preventing Fraud
Moderator: Tracey Thomas, Staff Attorney, Division of Marketing Practices, FTC
Panelists:Jack Christin, Senior Regulatory Counsel, eBay/PayPalJane Larimer, General Counsel, NACHA – The Electronic Payments AssociationClifford Stanford, Assistant Vice President & Director, Retail Payments Risk Forum, Federal
Reserve Bank of AtlantaJames Paravecchio, Group Manager, Fraud Risk Management Operations, VerizonTim Cranton, Associate General Counsel, Microsoft Corporation
Panel 3: 1:30 – 3:00 pm
Jack Christin
Senior Regulatory Counsel eBay/PayPal, Inc.
San Jose, CA
ACH Network ACH Network Detecting and Preventing FraudDetecting and Preventing FraudFebruary 25, 2009Jane LarimerEVP ACH Network ServicesGeneral CounselNACHA -The Electronic Payments Association
• NACHA is the administrator of the ACH Network, responsible for:• Developing and maintaining the NACHA Operating Rules • Performing Network risk management• Administering the National System of Fines to enforce the Rules• Educating payment system participants
• Risk events are addressed proactively when they occur• Risk events are managed to minimize the long-term effect on consumers and financial
institutions. • Implementing NACHA’s risk strategy includes amending the NACHA Operating Rules,
disseminating best practices and developing tools to manage the risk profile of the Network on an ongoing basis.
• Risk trends look positive for the ACH Network.• As the ACH Network’s utility has been expanded, there has been great attention to risk
and fraud mitigation. The ACH Network has experienced lower rates of return for unauthorized entries and other returns indicative of fraud.
• The ACH has gained visibility from a regulatory perspective. Since 2006, the OCC has issued guidance on managing risk related to ACH activity twice (2006-39 and 2008-12)
• Since 2001, debit unauthorized return rates reduced from .09% to .04%.
The ACH Network …Risk Management is a Priority
ACH Network Unauthorized Debit Rate – 2001-2008… Continuing To Decline
The rate of unauthorized transactions in the ACH Network has been historically low. The peak for unauthorized transactions in the Network was realized in 2002 with telemarketing abuse of the TEL application. Since than, NACHA and the Operators’ attention to Network risk management shows in a consistently declining return rate for transactions returned as unauthorized.
Unauthorized Debit Return Rate
0.00%
0.02%
0.04%
0.06%
0.08%
0.10%
0.12%
2001 2002 2003 2004 2005 2006 2007 2008
Unau
thor
ized
Deb
its
Unauthorized Return Rate
NACHA Risk Management Initiatives …Significant progress has been made along a
Risk – Quality Continuum
The ACH Network is safe and secure. Proactive work on initiatives outlined on the risk quality continuum include developing rules and managing risk at NACHA and across all network participants to result in a low risk payment network.
• “Traditional” fraud included telemarketing fraud, credit repair, and membership clubs.
• The Internet provided a new vehicle for companies who would perpetrate fraud and could use the anonymity provided by the Internet. The traditional frauds are present, plus key logging and phishing attacks were added to the arsenal.
• OCC 2006-39: list of high risk originators include:– Online payment processors– Credit repair services– MOTO companies– Internet gambling– Offshore businesses– Adult entertainment
Fraud Trends
• September 2007, Capital Credit Alliance, Inc. and Consumer Credit Services, Inc. (CCA/CCS) filed suit against NACHA.
• CCA/CCS sought:– Temporary restraining order (TRO) against NACHA due to
“NACHA’s arbitrary, capricious, and unwarranted imposition of monetary fines” against CCA/CCS.
– Declaratory judgment that they are not and have never been in violation of the NACHA Operating Rules.
– Reimbursement for fines assessed.
Litigation
• Nevada Attorney General filed an amicus brief in support of NACHA’s opposition to the TRO.
• January 2008, the US District Court of Nevada denied CCA/CCS’ Motion for Preliminary Injunction and TRO.
• The Court found that CCA/CCS failed to demonstrate a likelihood of success on the merits. In assessing this the Court stated:– even a cursory review of the transcripts and authorization
forms…demonstrate that Plaintiff’s method of attaining authorization for debit transactions is deceptive, and in violation of the NACHA Operating Rules.
Litigation
Litigation
• The Court stated further:– the public has a strong public interest in the enforcement of the
NACHA Operating Rules, as unauthorized transactions create significant problems for consumers whose bank accounts are improperly debited, and for financial institutions forced to incur the expense of investigating and correcting unauthorized transactions.
• February, 2008 CCA/CCS voluntarily dismissed their lawsuit against NACHA.
Clifford Stanford
Assistant Vice President & Director Retail Payments Risk Forum
Federal Reserve Bank of Atlanta Atlanta, GA
A Catalyst for Collaboration
• The views expressed in this presentation are those of the presenter and do not necessarily reflect the views of the Federal Reserve Bank of Atlanta or the Federal Reserve System.
The Environment: Some Key Challenges
– Check payments still highest driver of fraud despite volume decline– Potential movement of fraud from checks to ACH– Ever increasing occurrence of ecommerce
• Consumer personal and financial information more vulnerable• More transactions processed without customer and merchant
physical interaction– Increased interest in protection of consumer information
• Reputation risk of possible data breach– Slow to implement cross channel fraud monitoring– Proliferation of prepaid cards with fraud vulnerabilities
» Source: “A summary of the roundtable discussion on retail payments fraud”, Federal Reserve Payments System Policy Advisory Committee, March 2007
Noncash Payments Increased at Annual Rate of 4.6% from 2003 to
2006
*CAGR is compound annual growth rate. Source: Federal Reserve Bank of Boston [2007 Federal Reserve Payments Study]
Distribution of Noncash Payments – Value vs. Number (2006)
Payment TypePercentage (Number)
Percentage (Value)
Checks paid 33% 55%
ACH 16% 41%
EBT 1% 0%
Debit card 27% 1%Credit card 23% 3%
Source: The 2007 Federal Reserve Payments Study
Check Fraud Increasing Despite Decrease in Check Volume
• Check Volume– 30.6 billion checks paid in 2006 (down 6.4% since 2003)1
• Check Fraud– Counterfeit checks resulted in loss of $271 million for banks in
20062
• 160% increase from 3 years prior– Check-related fraud overall – $969 million in 20062
» Source: 1The 2007 Federal Reserve Payments Study; 22007 ABA Deposit Account Fraud Survey Report
2007 ABA Deposit Account Fraud Survey
• CHECK FRAUD AGAINST BANK DEPOSIT ACCOUNTS (Industry Estimates)
Source: American Bankers Association
Highlights from AFP Fraud Survey (2008)– corporate perspective
• 71% of organizations were victims of actual or attempted payments fraud (check, ACH, cards, or wire) in 2007.
• 37% of organizations experienced some financial loss as a result of attempted payments fraud– median loss was only $13,900
• Almost all organizations (94 percent) that experienced attempted or actual payments fraud in 2007 were victims of check fraud.– 17% reported a financial loss from check fraud– Organizations were much less likely to be subject to
fraud from electronic payments than from checks
A Closer Look at ACH Payments
Number of ACH payments billions
0.3
8.4
8.8
2003
2.6
12.0
14.6
2006
CAGR(2003-06)
Total change(billions)
ACH payments
18.6% 5.8
Converted checks
98.7% 2.2
Other ACH 12.6% 3.6
Source: The 2007 Federal Reserve Payments Study
Fraud in ACH
• Internal ACH fraud• Internet-based fraud• Telemarketing fraud• “Bad” checks converted to ACH• Reverse phishing (altering ACH RT and a/c
data)• Keystroke logging• ACH kiting
“Emerging” Payments . . . • ACH eChecks for non-recurring payments• Remotely created “Non-Check eChecks”• Remote deposit capture (even consumer level)• Mobile banking • Decoupled debit cards• Prepaid cards• Payroll cards• Contactless cards• “PII portals”• Etc. etc.
Evolving Fraud Environment
• Fraudsters are well organized and structured
• Rings are global• Fraud perpetrated across payment types –
no longer specialized• Improved technology and communication• Active market for confidential information
So, what about the regulators and law enforcement?
• How savvy about retail payments systems? • Does the complexity of payments systems hinder
efforts?• Are consumer protections adequate?• Are private sector/self-regulatory efforts adequate? • Are there sufficient market incentives, or does more
need to be done by regulators and law enforcement? • Are adequate resources dedicated?• What are the gaps? • What collaborative mechanisms work/don’t work? • How do we break down the barriers among those with
common interests in mitigating risk and preventing fraud?
The Environment: Opportunities?
– Holistic solutions that look across all payment systems– Increased collaboration and information sharing across the
industry– Enhancements to authentication techniques– Implementation of standards– National fraud-notification systems– Fed-sponsored outreach events, research and analysis
» Source: “A summary of the roundtable discussion on retail payments fraud”, Federal Reserve Payments System Policy Advisory Committee, March 2007
Retail Payments Risk Forum• The Retail Payments Risk Forum is a catalyst for
collaboration among thought leaders in the retail payments risk management arena to:– convene interested parties,– promote actions to mitigate risk,– conduct research and analysis, and– provide education.
• Portals and Rails blog– portalsandrails.frbatlanta.org
James Paravecchio
Group Manager Fraud Risk Management
Operations, VerizonDenver, CO
Tim Cranton
Associate General Counsel Microsoft Corporation
Seattle, WA
Questions?
From Gateway to Gatekeeper: The Role of Private Industry Players in Detecting and Preventing Fraud
Moderator: Tracey Thomas, Staff Attorney, Division of Marketing Practices, FTC
Panelists:Jack Christin, Senior Regulatory Counsel, eBay/PayPalJane Larimer, General Counsel, NACHA – The Electronic Payments AssociationClifford Stanford, Assistant Vice President & Director, Retail Payments Risk Forum, Federal
Reserve Bank of AtlantaJames Paravecchio, Group Manager, Fraud Risk Management Operations, VerizonTim Cranton, Associate General Counsel, Microsoft Corporation
Panel 3: 1:30 – 3:00 pm
3:00 – 3:15 pm
