Many readers have probably received emails from wealthy foreigners who need help moving millions of dollars from their homeland. You also may have gotten emails informing you you've won large sums of money in a foreign lottery, or perhaps you've been asked to serve as a mystery shopper or work at home for pay. Then there are the emails purporting to be from loved ones and friends who were mugged, unjustly jailed, or suffered some other misfortune and desperately need your help. These scams - all seemingly real - have all ensnared many a victim and are listed by Snopes.com as among the most pervasive email cons.
Banks, of course, are intimately familiar with fraud and are constantly on guard against new schemes. Banks hope to protect themselves and their customers from becoming victims. One question banks should be continually asking is this: are we spending our money and allocating resources wisely in this area? First some facts from the 2013 Federal Reserve Payments Study. There were an estimated 31.1mm unauthorized transactions in 2012, valued at $6.1B. Among the categories measured, 92% percent of the number and 65% of the value of total unauthorized transactions were made using general- purpose cards, which includes credit, debit and prepaid purchases (as well as ATM withdrawals).
Yet, it would seem from an earlier Fed study that the losses banks face from certain kinds of card fraud are more than they are spending to prevent it. Consider data from the Fed's 2012 Payments Fraud Survey that found 61% of institutions reported losses attributed to signature-based debit card fraud were greater than what they spent on preventing such fraud and about 45% reported the same for losses due to debit PIN and check fraud.
The 2012 survey results also show that, through various efforts, banks were able fight fraud successfully. Accordingly, we think it's time for banks to reexamine their priorities when it comes to data security and fraud prevention and determine whether and where changes are necessary. Our point isn't that you need to spend indiscriminately on fraud prevention. Rather, we want to drive home the importance of spending wisely.
Start by considering the industry statistics on fraud so you know where to block most bad-buy attacks. Then determine where payment fraud may be happening at your bank or in your market and take a look at your weakest links to see where you can tighten up. As you're going through the analysis, remember to factor in not only your actual losses, but potential legal expenses and the reputational costs as well. Taking all this into account will help you make informed decisions about where you should ramp up spending and where you might be able to cut back a bit.
Keep in mind that you may still need to maintain protection in certain areas even if you determine that actual losses from fraud are low, because you just never know what could happen. Target certainly didn't expect to be associated with one of the largest data breaches in U.S. corporate history and neither did T.J. Maxx and Marshalls several years back. Think about fraud prevention as you would life insurance. It is a way to protect your bank and your customers against the unexpected.
No efforts are full-proof. But to protect against fraud, banks need to do significantly more than press the delete key on pesky email scams.