“Nearly 80% of the time, the bank does not do anything to detect the fraud before the money has actually left the institution, which we find alarming”, said Terry Austin, chief executive officer of Guardian Analytics. “The banks don’t have the tools and technology…deployed to proactively monitor and detect fraud”, he added.
The survey of 533 executives at small and medium-sized businesses conducted by the Ponemon Institute for Guardian Analytics found that 56% of businesses experienced banking fraud in the last 12 months. Of those that experienced fraud, 61% were victimized more than once.
“Despite that fact that fraud has increased dramatically…the banking industry has not moved the needle at all in terms of addressing the problem”, Austin told Infosecurity. “There has been very little improvement in the banking community’s ability to stop fraud”, he added.
“There were some disturbing messages that come out of the survey. It is a wakeup call for the banking community to step up and do more to prevent online cyber fraud”, Austin said.
In addition, 75% of the businesses participating in the study experienced online account takeover and/or online fraud. These figures are nearly the same as those in the previous year’s study, indicating banks and businesses are struggling to make progress on the issue.
“A very high percentage of fraud events are associated with the online banking system”, Austin observed.
Banks were able to keep money from leaving the bank in only 22% of cases and fully recover fraudulently transferred funds for only 10% of businesses, according to the survey. Banks were unable to recover funds in 68% of cases; banks took losses in 37% of cases by reimbursing businesses for unrecovered funds, and businesses took losses in 60% of cases.
In response to a banking fraud incident, 43% of businesses said they have moved their banking activities elsewhere, 10% have ended their banking relationship following fraud attacks, and additional 33% have moved their primary cash management services to another institution.
“So not only are the banks losing money and spending all this time and money to react to fraud, they are also potentially losing a lot of customers over this. In this constrained financial environment, the last thing they need is to lose money and customers”, Austin said.
On the mobile banking front, 38% of respondents said they access their company’s banking accounts from mobile devices, including smartphones and tablet PCs like the iPad, compared to only 23% in 2010. “The fraud rate in mobile banking is equal to or greater than the fraud rate in computer-access to online banking”, he related.
Austin said that banks can do a lot more to proactively monitor and detect fraudulent activity before funds get moved out. Guardian Analytics offers tools that create behavioral models of users that enable banks and credit unions to spot fraudulent activity before money leaves the bank.
“The good news in this study is that there are banks that are doing more, there are banks that are being successful. The technology is available and affordable, so there is really no reason for more institutions to not adopt this technique”, he concluded.