Since funds transfer fraud is such a specific type of fraud, there are limited ways of combating it. It’s important to consider how this type of fraud is conducted: what loopholes do these fraudsters exploit? At what point in the customer journey do they intercept or engage in fraud?
By understanding how fraudsters perform this fraud, teams can develop specific strategies to combat it. Let’s take a look at the most effective strategies:
1. Identity Verification During Onboarding
Verifying customers are who they say they are is often the first step in fighting fraud. If possible, it’s best to keep bad actors off your platform altogether.
Use customer onboarding tools that adhere to all KYC requirements, performing adequate Customer Due Diligence checks and Enhanced Due Diligence (when needed). Ensuring that all users on your platform are legitimate users and that they are who they say they are is integral to preventing fraud from occurring.
Unfortunately, for funds transfer fraud, this isn’t the only solution. Fraudsters can still find loopholes to get around this, so you’ll want to use some of the other solutions below as well.
2. User Authentication at Point of Purchase
While it’s always good to control who has access to your platform, the next step is controlling purchases. User authentication tools allow you to verify the person requesting the transfer is the actual account holder.
With proper user authentication checks, fraudsters will struggle to submit illegitimate funds transfer requests to financial institutions, as they won’t be able to authorize the transfer. Beyond this, organizations can use this to check whether a purchase was authenticated; and potentially integrate more validation checks for cases where a user has not authenticated their identity.
Leverage multi-factor authentication, biometric verification, facial recognition, and other user authentication tools to ensure the payer is the account holder.
Again, there will still be criminals that can get around this. By nature, fund transfer fraud involves sending illegitimate instructions to the FI, and these types of fraudsters are skilled at deception. Since funds are sometimes hacked after the transfer has been initiated, authentication is not always foolproof for stopping funds transfer fraud.
3. Transaction - and Activity - Monitoring and Analysis
Despite your best efforts at verifying users when they are onboarding and authenticating them at the time of purchase, some criminals will still find a way. It’s true that after these steps, the fraud has started; but it can still be detected and stopped.
The next place to look is at the transaction itself - and any user activity related to that transaction. This will definitely include analyzing the transaction, but other user activity as well - such as logins, account changes, and transaction modifications.
Transaction monitoring - or even better, event or activity monitoring - is one of the best ways to detect funds transfer fraud. By monitoring user behavior, teams can identify suspicious activity after, during, and even before it occurs. Teams can set up automated alerts that warn them when suspicious activity is occurring - giving teams the chance to stop it in its tracks.
With a system designed to look for suspicious patterns, risk teams can flag funds transfer fraud in the process. For example, teams can create a rule that looks for cases where (1) a transfer is initiated, (2) the user logs in from a different IP address, device, or geolocation, and (3) the user redirects the transfer. Any time the system detects this series of actions, it can pause the transaction and escalate the case for further investigation.
4. Protect Against Account Takeover (ATO) Fraud
Many of these criminals get around ID verification and user authentication by hacking into an existing user’s account, sometimes even intercepting (and redirecting) a transfer in progress. To do this, fraudsters typically perform account takeover fraud, gaining access to other users' accounts and transactions.
Having strong protections against account takeover (ATO) fraud is essential to keep users' accounts and transactions safe from bad actors.
