Changing Dynamics of ACH Fraud

by Sarah Grotta 0

With the introduction of same day ACH, the industry knew that increased fraud would follow. With faster transactions there is less time for financial institutions to react to suspicious entries. A post in Banking Exchange written by Massy Najafi of Guardian Analytics provides some background on why and how fraud is emerging in the faster ACH environment.

First, faster ACH is attracting more criminal activity than ACH operating on the traditional timeframes:

It’s true that even with the introduction of Same Day ACH, ACH transfers will not be as fast as wire. However, the ACH network carries extremely high volume, and with Same Day ACH now available, there is a guarantee for transition completion within the same day. Based on the high volume network and cut-off time intervals, fraudsters can take advantage of these new time-sensitive windows by slipping in fraudulent ACH transfers.

Some of the types of fraud that financial institutions are seeing emerge with faster ACH are outlined in the article and include:

Payee Edit (PE) Fraud
In this scenario, fraudsters do not create a new batch or transaction but rather modify the recipient account number of an existing batch, one that is already scheduled to go out in the near future or periodically.
Payee edit fraud is usually caught by delay when the true recipient does not receive the expected money and then contacts the sender. At this point in time, the fraudster has most likely already accessed the money is focused on his next victim.

Small Transaction Fraud
Small transaction fraud is also rising. In the past, it was more common for fraudsters to target relatively large transaction amounts. However, with more verifications in place, and fraud analysts learning to outsmart criminals, fraudsters have started to decrease the transaction amounts, but increase the number of transactions.

Business Email Compromise (BEC) Fraud
With the introduction of Same Day ACH, we do expect to see BEC and social engineering related frauds to find their way into ACH world. Within the wire world, BEC frauds have mainly targeted CEOs, CFO, or executives with certain authorities.
The market should be mindful and prepared to hear stories of HR departments being the next target, as fraudsters fake being a legitimate employee with an email request to change account information for payroll deposits.

Overview by Sarah Grotta, Director, Debit Advisory Service at Mercator Advisory Group

Read the full story here