Good Speed Vs. Bad Speed: Friction Tactics for CFIs

The fastest animal on Earth is the peregrine falcon, which can dive at speeds up to 242 miles per hour. On land, the cheetah holds the record, sprinting at up to 75 miles per hour. In the water, sailfish can swim at 68 miles per hour. Though financial institutions don’t move as fast as a falcon, cheetah, or sailfish, speed has long been the name of the game for banking services. Whatever customers want — lending, back-office functions, cash management, or other services — they want it quickly. Community financial institutions (CFIs) have worked to lessen whatever friction has stood between clients and banking services.Unfortunately, speed is a double-edged sword. In a world of increasingly digital services, payments happen in a blink, and new customers open accounts in a few minutes. But scammers can take advantage of the same speed to push through fraudulent transactions or customers. CFIs are in a tough spot. A zero-risk approach to cybercrime might mean limiting customers’ ability to open new accounts online or refusing to offer instant payments — both things that customers clearly want. As a result, financial institutions are working to balance convenience with safeguards that help reduce fraud.How Adding Friction Makes Customers SaferOne approach gaining attention is the idea of introducing targeted friction into the banking experience. Rather than eliminating every delay in the name of convenience, some financial institutions are intentionally adding safeguards that slow certain actions in order to reduce fraud risk. Financial institutions can also explain these safeguards to customers as part of their role in protecting accounts. “We’re going to ask you some questions that are going to slow the process down a little bit, but we are doing this because we care about your security, we care about your money, we care about your identity,” says Steve Sanders, chief risk officer and chief information security officer for CSI, a banking and risk management solutions provider.There are many different types of friction that you can introduce into the customer experience that can help add another layer of security for accounts and inconvenience for bad actors. They range from extra account verifications to something as simple as a banner fraud alert on a mobile app or online portal when a customer logs in. The bonus is that these methods can be combined to achieve whatever type of friction your customers need most to keep their accounts safe.

Source: The Financial BrandReal Examples of Friction for Safer BankingSome financial institutions are experimenting with account structures designed to add deliberate safeguards around large balances. For example, Austin Capital Bank offers a Fort Knox account intended to protect significant savings rather than serve as a primary checking account. Anyone with a Fort Knox account also needs a checking account with another bank. Meaning, funds can be transferred only to a linked external account at another bank, which limits the ability to move money quickly to an unknown destination – such as to a thief. It’s not meant as a primary checking account, but rather a place to safeguard life savings, a house down payment, or another considerable sum. The account also incorporates additional controls, including the ability to freeze funds, built-in delays on withdrawals, and biometric authentication. “If your bank is using a username, password, and one-time passcode delivered via text or app, it’s just not secure,” says Erik Beguin, founder and CEO of Austin Capital Bank, who argues that traditional authentication methods are increasingly vulnerable to compromise.The Fort Knox brand also uses the “.bank” suffix on its web address. The verified domain, which is specific to banks, helps prevent spoofing. Spoofing happens when a cybercriminal uses email, texts, phone calls, or website addresses that are close to — but not exactly — those of the business they are spoofing to gain a victim’s login credentials or other personal information, then clean out the account. The FBI logged 193,407 complaints tied to spoofing in 2024. Other financial technology providers are experimenting with similar ideas. A neobank called Charlie, intended for people over age 62, puts a six-hour hold on big transfers or payments going to new payees. During those six hours, the account owner gets alerts and anti-fraud education. The hope is that the feature, called “SpeedBump”, gives customers the time and insight they need to think twice about any payments to fraudsters. Its chief product officer, Tony Brancato, says SpeedBump has blocked more than $1MM in fraudulent activity.Balancing Customer Expectations with SafetyAs another alternative, CFIs can consider continuing to work toward minimizing fraud and maximizing customer convenience, weighing competitive concerns against risk appetite. Realistically, financial institutions will never completely root out fraud while giving customers perfect convenience. Some fraud will get through. Some customers will complain when a loan or account is delayed or denied.However, CFIs can set risk tolerances for approval rates, fraud rates, and dollars lost to fraud, then track and analyze those numbers. Look for ways to add a competitive advantage that won’t also increase fraud rates. This balance is known as friction-right user experience, and it means tailoring friction to the situation, introducing it at the right high-risk moments so that legitimate users aren’t prevented from completing their run-of-the-mill tasks, but feel protected by their CFI when they make a large transfer that they’re being asked to confirm.  Data is one of the main sources for basing friction-right strategies on. Group customers and transactions for further investigation through higher limits, longer holds, or manual review based on characteristics that make sense for your client base. Those might include how long a relationship they’ve had with your CFI or their transaction pattern. Technology partners and consortia are another source for information about clients and their previous activities. Taken together, all these tactics can help CFIs promote convenience while minimizing fraud.Speedy banking services are a competitive advantage, but scammers can take advantage of the same speed to push through fraudulent transactions or customers. Applying the right amount of friction in different situations can help mitigate cybercrime.