Companies are constantly looking for ways to streamline their business processes and ensure that legitimate customer activity is kept safe. But figuring out which transactions are genuine compared to those that are fraudulent can be both labor-intensive and costly.
Banks, credit unions, credit card issuers and insurance companies find themselves under pressure to reduce costs and have thus been the most enthusiastic about adopting more automated processes. After moving away from physical locations toward digital and mobile banking platforms, automation is a logical next step for financial institutions that want to reduce the costs and delays associated with investigating risky activities, while at the same time making transactions more secure and efficient.
This is more pressing than ever as the number of attacks against digital channels increases with each passing year, which in turn increases the number of transactions that require validation from an organization’s fraud department. In many cases, these departments are not able to keep pace with the sheer volume of suspicious transactions and fraud attacks.
“Automation is empowering businesses to work smarter” read a report by Cognizant, an IT consultancy, which surveyed 537 banks, insurers and other firms. It also noted that 26 percent of banking respondents said they saw cost savings of around 15 percent from employing automated systems in their front offices and customer-facing functions, and another 55 percent of bankers expect to see those same levels of savings within three to five years.
Creating efficiencies through automation is being applied to a wide range of financial processes. Gartner, the tech industry analyst, referring to banking and insurance as an example, stated: “Due to the major cost reduction pressures in these industries, these organizations have been the highest adopters of Robotic Process Automation (RPA) tools to date. Examples of uses include moving data for claims processing, predominantly from customer-facing websites; card management for issuing replacements for lost or stolen cards, and reversal of card charges; and mortgage processing, with the resubmission of failed payments.” Gartner, Use Cases for Robotic Process Automation: Providing a Team of 'Virtual Workers,’ Cathy Tornbohm, 26 October 2015.
Fraud Case Management: An Expensive Burden
One of the most costly and time-consuming processes that banks undertake are the manual investigations conducted by their fraud agents when a transaction is flagged as risky or potentially fraudulent. The current method of keeping customer banking safe can cost a financial institution upwards of several hundred thousand dollars annually.
An internal study done by a financial institution in Switzerland over an 18-month period looked at the number of fraud cases their agents investigated versus the number of transactions that were actually found to be fraudulent. It also worked out the cost of one fraud investigation. The institution determined that 20 percent of all investigated fraud cases – or around 40,000 – were real cases of fraud, and that each fraud investigation cost them 2.50 euros. Broken down for all fraud investigations, the institution calculated that it spends an average of 3,703 euros a day investigating fraud cases.
Most banks, credit card companies, e-commerce retailers and payment processing firms are literally throwing money at the problem of fraud investigation and case management, and they are looking for ways to cut costs without compromising security.
Financial institutions with large fraud security departments are feeling an urgency to better handle the “avalanche of fraud attacks” – and associated examination costs – that are being made over Internet and mobile channels by automating these processes. Better case management comes by reducing the human intervention as much as possible. It also comes from not relying on broad-sweeping and largely undefined risk-based variables that are likely to regard nearly all transactions as potentially fraudulent, generating dozens or even thousands of false positives in the process. This counter-productive strategy can also have the nasty side-effect of putting a strain on customer loyalty: who wants to be treated like a fraudster for trying to make a legitimate money transfer, and having it blocked by your bank?
Moving Towards Fraud Case Automation
Identifying risk while simultaneously controlling event volume can come about in a number of ways that don’t cause customer friction. First, a financial institution, credit card firm or online retailer can automate the transfer verification on the client side by having their fraud detection systems work harmoniously with authentication platforms to validate transactions with little-to-no human involvement.
So instead of a fraud agent making the decision to block a potentially risky transfer while he or she looks into its merit – a ‘Push’ authentication notice could be sent to the customer’s smartphone. A message stating something like “Are you sure you want to execute transfer X to Bank Y?” with a Yes/No Push authentication would eliminate the need for manual investigations. Verifying that the seemingly risky transaction is genuine is literally taken care of with a push of a button, meaning fewer false positives and fewer actions that cast your customers in the same light as criminals.
Analyzing the ocean of data that can be collected from customer devices allows institutions to transparently detect which customers have traveled abroad and avoid flagging their transactions as fraudulent. Rather than freezing a money transfer made from a location that falls outside of a user’s normal behavior, a bank can quickly verify that the user is in fact making the transaction. Automated fraud security ensures that there is no friction and the normal flow of business is not interrupted, no matter where the customers may find themselves.
Then there is what we might call inter-organizational automation. In cases of third-party payments, when customers make risky payments via their bank-issued credit card, separating fraudulent transactions from real ones becomes even more burdensome and costly. For a bank’s fraud security agent who has discovered a potentially fraudulent credit card transaction, they often need to get up from their computer and use another console to report it to the credit card firm’s fraud security people. This may take them minutes to perform, but by then the attackers might already have cashed out, or the customer is left upset and wondering why their online payment won’t go through.
Oftentimes, fraud agents need to communicate with customers in person in order to verify what has been deemed a risky transaction. Let’s say that a bank customer wants to move a large sum of money to a bank in China. The account-holder has never performed a transaction of this quantity or to this geolocation before. The bank’s fraud agent might need to call the client directly to ensure that it’s not a fraudulent transfer. In this case, the process could be automated by sending an Interactive Voice Response (IVR) recording, only requiring the agent to interact after the client has been reached.
Banks and credit card companies will benefit from streamlining these processes by upgrading and working together to integrate their anti-fraud protocols, meaning the work of fraud investigators on both ends should be automated as much as possible. Streamlining in this manner can take a case management procedure that currently takes about 20 minutes and reduce it to about 20 seconds.
Benefits of Automating Monitoring, Authentication
- Less Human Error: Users themselves can validate transactions that deviate from their regular behavior, instead of leaving the decision to block or authorize transactions up to a fraud agent who may not be able to reach users in time. The safeguard of strong end-user verification means that the free flow of money and commerce won’t be needlessly interrupted.
- Greater Efficiency: An intuitive fraud monitoring platform, coupled with automatic and frictionless user authentication, means: 1) substantial savings from fewer fraud investigations and a reduction in fraud losses, 2) the ability to manage additional cases without hiring additional staff, 3) improved investigative support and timely decision-making, 4) moving from a reactive investigation model to a proactive one, and 5) the automated collection of data and reporting.
- Real-Time and Multi-Channel User Verification: Push authentication – along with other strong authentication factors such as biometrics or one-time-passwords – can be used to automatically validate transactions made over multiple channels. Some of these channels include card-not-present e-commerce environments, cardless cash withdrawals, payments or transfers made over mobile devices, laptops or desktops, ATM withdrawals, interactive voice response systems (IVRs), and point of sale terminals.
- Reduced Fraud Risk: The harmonizing effect that comes with automating the connection between an intelligent fraud detection platform and real-time user authentication means that sophisticated new kinds of fraud is less likely to be successful. In short – automation equals greatly reduced fraud losses.
- Increased Security Perception and Customer Satisfaction: Customers who don’t have their transactions blocked, but know their financial institutions still have their security in mind, are happy customers. Empowering them to authenticate those transactions themselves increases the perception of security, and as a result, customer satisfaction grows, as does customer loyalty.
After the mobile revolution brought on in large part by the Millennial generation, automation is the next big trend in banking. Financial institutions that take the lead in not only automating internal processes but also between one another will be perceived as visionaries by customers, and have the upper hand in fighting in the highly competitive FinTech environment.
Learn more about how to reduce the burden of alert management.