Previous Page  14 / 32 Next Page
Information
Show Menu
Previous Page 14 / 32 Next Page
Page Background

Call KBS (785) 228- 0000 to discuss this

article and other loss prevention topics or

products to help protect your bottom line.

twitter.com/kbsforbanks linkedin.com/company/kbsforbanks

Subscribe at

http://tinyurl.com/kbssubscribe

The simplification of the wire transfer process is great for your customers… until criminals take advantage of that ease of use to steal money.

Because of insurance deductibles, banks often bear a significant portion of the loss. They can even bear the full extent of the loss as a result of

failure to follow required procedures. Fortunately, your bank can take steps to prevent these losses. Call-back procedures, maintenance of

verified contact information, and behavior based anomaly monitoring are strategies that can protect your bank and benefit your customers.

Call-Back Procedures

: The purpose of a call-back procedure is to ensure that the information shown on the transfer request actually originated

with the customer. First, the bank employee should call the customer’s pre-verified phone number and speak with someone who is authorized

by the customer to confirm transactions. That person confirms both the amount and the recipient information for the transfer. As a condition of

many insurance contracts, the bank should maintain a contemporaneous record of the call-back verification. Banks can do so by noting on the

request document which phone number they called, with whom they spoke, and the information they verified. Many banks save time by requir-

ing this procedure only when the transaction is over a certain dollar amount.

Some customers may wish to save time by requesting that the bank not perform a call-back procedure. The Uniform Commercial Code 4A-202,

combined with a well-written wire transfer agreement, provides protection to banks in this situation. UCC 4A-202 states that if a bank offers a

reasonable security procedure but the customer chooses a less secure procedure, the customer assumes the risk. The contract between the

customer and bank must specify that the customer is bound by a transaction, whether or not actually authorized by the customer, if the bank

complied with the alternative security procedures chosen by the customer. (This is a simplification of the actual law; you should read UCC

4A-202 and the exceptions in UCC 4A-203 and obtain legal advice from an attorney when drafting any customer contract.) Make sure your

customer understands the need for procedures, and your staff understands the importance of following the procedures without exception.

Verified Contact Number:

A pre-verified phone number is a number that: 1) the customer provided when opening the account, or 2) is includ-

ed in the signed written wire transfer agreement, or 3) was provided in person with a valid ID, or 4) was verified by mailing a change of phone

number confirmation to the customer at the customer’s known address at least 30 days before using the number to verify a transaction. It is

necessary to use a pre-verified number on record because the phone number on a fraudulent request document likely will not be the custom-

er’s valid phone number. Any recent changes could have been made by a well-prepared impostor. By using the verified contact number for the

call-back, you are making your best effort to ensure that you are communicating directly with your customer and no one else.

Behavior Based Anomaly Monitoring

: This control is simpler than it sounds. For example, if an eighty-year-old customer requests a large

one-time wire transfer from his cattle operations account to a South Korean bank, the employees processing the transaction should question it.

Bank staff should feel empowered to discuss their concerns with management, and management should take these situations seriously. By

further investigating the transaction, the bank may be able to save a loss to the customer while providing great customer service. The above

scenario may sound obvious, but it happens all the time. The good news is that you can protect yourself and your customers by questioning and

verifying any odd or out of the ordinary requests.

Conclusion

: Even the most well-controlled wire transfer process is vulnerable, but implementing controls such as those described above can

help prevent losses due to wire transfer fraud. Purchasing insurance from a secure and experienced insurance carrier is the final component to

a successful risk management process. By reducing your exposure to these risks, you are keeping yourself—and your customers—a little safer.

TURNING STRONG CONTROLS INTO

STRONG CUSTOMER SERVICE

Depository Institutions reported

wire fraud incidents in 2014.

Connect with us on social media:

Gain access to enhanced KBS content:

22

,

406

Department of the Treasury Financial

Crimes Enforcement Network