FFIEC Authentication Guidance Compliance: Detecting and Responding to Suspicious Activities
- Today's most common fraud schemes preying upon institutions and their commercial customers;
- Strategies for improving early detection of account takeover attempts, as well as emerging methods of multifactor authentication;
- How to ensure conformance with this aspect of the FFIEC Authentication Guidance before your next examination.
To view the webinar Q&A transcript, click here.
Since the summer of 2009, financial institutions and their corporate customers have been plagued by a string of ACH and wire fraud incidents that have led to the theft of millions of dollars.
These incidents also have led to a series of high-profile lawsuits between institutions and customers, including the PATCO Construction/Ocean Bank case, which was decided in favor of the bank, and the Experi-Metal/Comerica case, which was decided in favor of the customer.
In preparing the new FFIEC Authentication Guidance, banking regulators point a finger at banks for not detecting and preventing these incidents. "Manual or automated transaction monitoring or anomaly detection and response could have prevented many of the frauds," the guidance says, "since the ACH/wire transfers being originated by the fraudsters were anomalous when compared with the customer's established patterns of behavior."
In discussing how to improve fraud detection and response, the FFIEC Authentication Guidance calls for layered security controls that include processes designed to detect and react quickly to anomalous activity related to:
- Initial login and authentication of customers requesting access to the institution's electronic banking system; and
- Initiation of electronic transactions involving the transfer of funds to other parties.
Learn what you can do to improve fraud detection and response and conform with the FFIEC Authentication Guidance prior to your next examination.
Premium Members Only
all Fraud Summit course recordings,
& 300+ other courses OnDemand.