Evolving your fraud strategy for the instant payments economy

The global rise of instant payments corresponds with the demand for “instant everything.” Customers want an economy that is like everything else in their lives: frictionless, on­ demand, and most important of all, fast.

To meet this demand, central banking authorities everywhere are enabling their member banks with new directives and guidelines to deliver real-­time, irrevocable transactions that occur in fractions of a second. Globally, there will be new dynamics in payments.

A global shift

Instant payments are hardly new. As this paper from the Federal Reserve Bank of Atlanta noted, “Japan’s Zengin moved first as early as 1973” to reduce intermediation time for retail payments. What is new is the aggressive global shift in this direction, with an “aggressive rollout of real-­time/instant payments initiatives… in 51 countries,” according to The Clearing House.

Instant payments infrastructure is providing the rails for new payment initiative services, and regulations like the second Payments Services Directive (PSD2) in Europe and the New Payments Platform (NPP) in Australia are providing frameworks for financial services companies to deliver new and innovative services to market.

Meanwhile, in the US, a shift to faster payments is well underway. The Clearing House has launched a real-time payments scheme that’s soon expected to be used by banks holding more than half of all deposits. Meanwhile, new P2P players are entering the scene to facilitate these real-­time transfers.

Underneath these various faster payments systems across the globe, the infrastructure varies. However, there is at least a trend towards industry standards like ISO 20022, and what all of the infrastructures have in common is the idea that risk and security are key components of the approach.

Managing risk has become a fundamental concern, and the amount of time that elapses between payment and settlement creates a risk trade ­off. The traditional approach where settlement takes hours or days provides a window for banks to assess risk, often utilising manual screening approaches. Now, however, schemes with instant or near-­instant settlement give banks less time to assess risk; and therefore, without a change in approach, the risk will increase.

If you’re a bank, this global shift to instant payments, with its range of underlying infrastructures, must fundamentally change the way you think about and manage your business.

The obvious and the not so obvious

It is generally perceived that instant payments may open up banks to fraud. Many banks fear they will lose their traditional processes of making decisions in batch, and of heavily relying on rules and manual review. Indeed, plenty of banks around the world have had to delay their participation in new instant payments infrastructures because they are not prepared with their risk controls.

It’s certainly true that when the UK introduced instant payments in 2008, online banking fraud losses increased before security measures forced the fraud rates to start dropping again. However, we all have the benefit of hindsight, and we should see the starting point for these new systems as well ahead of where that market was 10 years ago.

A true picture of market risk only comes from being able to see the whole market, not just senders and recipients. Similarly, true security in these instant payment solutions is intertwined not just with the payments themselves, but also with the registration processes and other systemic interactions. Risk systems that are able to cross siloed data within banks are the order of the day. These systems must also have multi­dimensional profiling capabilities to spot anomalies wherever they emerge, not just at the consumer level.

However, fraud is only part of the picture. In a real-time payments environment, compliance is potentially an even greater headache. Most AML and sanctions screening processes have been developed on previous generation systems that are unable to function, or at best are completely unscalable, in the new real-time payments reality.

The platforms in question here are enormous and protecting them at the level of access requires fraud and risk mitigation systems. These systems are architected from the ground up for handling huge volumes of transactions in extreme detail and reliability, all without adding friction to authentication processes. The only hope for effective fraud prevention at this scale is to combine advanced AI technology with a platform that is purpose-­built to fight new and evolving fraud.

A strategy to meet an instant payments world

Can your risk management solution look at all the details of vast quantities of transactions occurring in the thousands per second? Can you manage the potential losses and the compliance requirements at this velocity, and still sleep at night?

At Feedzai, we create hypergranular behavioral profiles of every entity in “segments of one,” and we create and update these benchmarks for normal behaviour for billions of entities in real time. We do this reliably, at high scale, in a fault tolerant way, with complete data assurance end-to-end.

We also provide a service called the OpenML Engine, the first­ ever of its kind in the fraud space, that allows in­house data science teams at banks to import their preferred machine learning tools, libraries, models and languages into the Feedzai Risk Engine.

These capabilities are critical for an organisation functioning as a true digital bank in these new environments.

The instant payments economy, with all its risks and all its opportunities, represents a moving target. Things are going to evolve rapidly and in ways we can’t predict. Your fraud prevention partner needs to be robust and flexible, so it can come along with you for the ride.

Related reading