FFIEC Authentication Guidance Compliance: Detecting and Responding to Suspicious Activities
Since the summer of 2009, financial institutions and their corporate customers have been defrauded by increased incidents of account takeover. These incidents have pitted banks and customers against one another in court, and they were a key impetus behind the release of the new FFIEC Authentication Guidance. So, how can institutions improve their abilities to detect and respond to suspicious activities before fraud is committed? Join a panel of distinguished experts for new insights on:
- Today's most common fraud schemes preying upon institutions and their commercial customers;
- Strategies for improving early detection of account takeover attempts, as well as emerging methods of multifactor authentication;
- How to ensure conformance with this aspect of the FFIEC Authentication Guidance before your next examination.
See Also: 2016 IAM Research: Where Financial Institutions' PAM Programs Are Falling Short
To view the webinar Q&A transcript, click here.
Since the summer of 2009, financial institutions and their corporate customers have been plagued by a string of ACH and wire fraud incidents that have led to the theft of millions of dollars.
These incidents also have led to a series of high-profile lawsuits between institutions and customers, including the PATCO Construction/Ocean Bank case, which was decided in favor of the bank, and the Experi-Metal/Comerica case, which was decided in favor of the customer.
In preparing the new FFIEC Authentication Guidance, banking regulators point a finger at banks for not detecting and preventing these incidents. "Manual or automated transaction monitoring or anomaly detection and response could have prevented many of the frauds," the guidance says, "since the ACH/wire transfers being originated by the fraudsters were anomalous when compared with the customer's established patterns of behavior."
In discussing how to improve fraud detection and response, the FFIEC Authentication Guidance calls for layered security controls that include processes designed to detect and react quickly to anomalous activity related to:
In this panel discussion, a distinguished thought leader on financial fraud will discuss current trends in fraud detection and response. He then will lead a panel of industry experts who will delve deeper into topics such as transaction monitoring to improve early detection of account takeover, as well as the use of emerging multifactor authentication methods such as the use of out-of-wallet questions, device identification and geo-location to help prevent identity fraud.
- Initial login and authentication of customers requesting access to the institution's electronic banking system; and
- Initiation of electronic transactions involving the transfer of funds to other parties.
Learn what you can do to improve fraud detection and response and conform with the FFIEC Authentication Guidance prior to your next examination.
You might also be interested in …