Dec 19, 2018 MicroBilt News
As mobile technology continues to grow increasingly omnipresent, businesses and consumers are embracing the convenience of new digital payment services. This shift away from paper-based transactions (like cash and checks) has created a pressing need for secure electronic processing systems, the most advanced of which still come with a great deal of risk. Organizations of all types - and within every sector - are constantly on the lookout for fraudulent activity within their financial networks, as even a single incident could lead to serious financial repercussions for businesses and their customers.
"The ACH Network is responsible for processing around $43 trillion each year."
In 1974, the National Automated Clearing House Association (NACHA) was established to help mitigate the fraud risks of online transaction systems by creating a uniform set of rules and standards. The goal of the organization is to provide a secure method of transferring payments between financial institutions that are part of the ACH Network, which is currently responsible for moving around $43 trillion each year. This collaborative nexus has championed a range of anti-fraud initiatives, but the procedure is not entirely infallible.
How the ACH works
According to the Consumer Financial Protection Bureau, an ACH is "an electronic fund transfer made between banks and credit unions across what is called the Automated Clearing House network." This system is used for a variety of credit and debit transactions, including:
- Payroll direct deposits
- Social Security benefits
- Tax refunds
- Loan payments
- Mortgage remittance
- Utility bills
Some online retailers and payment services allow customers to pay via ACH, most often through a user's checking account and bank routing numbers. Once an electronic transaction is initiated, the information is sent through the ACH Network to be reviewed, edited and sorted to ensure no fraudulent activities are taking place.
What is ACH fraud?
Fraud comes in many forms, yet the goal is always the same: To knowingly deceive an individual or business entity in an effort to access monetary funds or personal benefits that don't belong to a fraudster. A study from Javelin Strategy & Research found there were 16.7 million victims of identity fraud in 2017 alone, an increase of 8 percent over the previous year.
ACH fraud refers to the theft of funds passing through the Automated Clearing House payment network, whether via a direct attack on the computer system or an indirect compromising of its processes or procedures. Cybercriminals target the ACH transaction network because it serves as a central hub for the national banking system, opening up opportunities for improper payments, money laundering and even terrorist financing. Some of the common infiltration methods include:
- Compromising email security
- Account takeovers
- Social engineering (phishing)
- Vendor impersonation
By exploiting vulnerabilities in the system, fraudsters are able to gain access to critical financial information and payment histories, which can easily lead to identity theft if the breach goes unnoticed. While there are protections in place to address possible incidents of fraud, most come with a strict time-table. ACH transactions typically take about 3 to 5 days to process, which gives individuals and businesses a small window to stop payments before the funds leave their account. If processed, there is no guarantee the funds will still be in the ACH payment network by the time a reversal is submitted.
4 ways to protect against ACH fraud
A proactive approach is the best way to prevent electronic transaction fraud, both for consumers and businesses. Cybercriminals often take advantage of inactivity, as it allows them a few days' lead time before an organization has even noticed an incident has occurred. That's why ACH fraud detection starts with recognizing the risks and formulating an aggressive action plan. To that end, here are 4 ways to protect against ACH fraud:
1. Understand how ACH scams work: The first step to insulating an organization from the risk of electronic fraud is to understand what vulnerabilities exist and how they are commonly exploited. More often than not, a compromised computer terminal or inattentive employee will serve as a fraudster's access point. Always be on the lookout for phishing scams and signs of malware, as these more technical methods of intrusion can get around even the most secure networks.
2. Track your account activity: Keeping a close eye on your online accounts is a great way to catch ACH fraud before a payment is fully processed. In addition to checking your balances often, the FBI recommends using strong passwords that are frequently changed to minimize the chances of an account takeover. Also, make sure to restrict access to any computer used for submitting ACH transactions and keep anti-virus software updated at all times.
3. Use credit monitoring services: Fraudulent activity has a noticeable impact on credit score, which makes it an important metric to watch when monitoring for suspicious activity. Organizations that frequently check their credit histories are more prepared to spot irregular behavior, which should be reported to the appropriate banking institution or credit bureau as soon as possible. Most credit score monitoring tools offer alert features that can keep businesses updated about any substantial changes with their accounts.
4. Integrate digital alert tools: Online retailers need rigorous fraud detection tools to accurately assess the risks of consumer and vendor transactions. Signing up for email or text alert services can keep retailers notified when suspicious behavior occurs, such unusually high account payouts or unexpected low balances. Digital risk assessment tools utilize high-performance analytics and machine learning, offering predictive capabilities that allow businesses to quickly adapt to threats and take decisive action.
For over 35 years, Microbilt has worked with business owners, lenders and consumers to manage their financial risks and promote economic security. Our product and service offerings like the Adverse Action Notification and Risk Verification Database will keep you up-to-date with suspicious activity and able to quickly respond when incidents of ACH fraud occur.
Contact us today for more information about our fraud detection and recovery solutions.