The New Payments Platform has financial institutions divided on fraud risk management
To prepare or not to prepare…?
If the answer is yes, then how and to what degree?
With the New Payments Platform (NPP) getting closer to launch, we’ve been asking our clients how prepared they are for fraud prevention once the platform is live.
A bit of background
After exploratory conversations with a diverse set of parties in the market, we decided to look into the “fraud readiness” of the NPP. We ran an innovation SPRINT, speaking to experts from different fields, followed by clients who will be part of the tranche 1 and 2 rollout.
Experts ranged from the KPMG NPP project team and payments practice and technical vendors to global contacts versed in the 2008 roll out in the UK when they transitioned to fast payments.
And clients involved in Group Security and Financial Crime in the Big 4 banks, international banks and local credit unions to payment solution providers.
The experts’ view on real time fraud
The experts agree an increase in fraud is expected, due to the vast pick up in pace in payment processing with the new infrastructure. Criminals will see this as an opportunity.
A 132 percent increase in fraud was recorded in the UK’s move to fast payments, however there are differing opinions on the extent to which 2017 in Australia is comparable with the UK in 2008. There is uncertainty as to what shape or form the increased fraud will take.
What about fraud prevention and detection?
Although NPP does require fraud monitoring to be in place, there is no guidance as to what this should look like. This was a conscious decision to enable financial institutions to develop their own monitoring frameworks.
Market participant perspectives
The final day of an innovation SPRINT is always spent talking to clients.
Where the experts differed in opinion about certain things, clients had a different view on everything. Some see the NPP as “just another channel”, not worthy of any specific thinking around increased fraud risk, whilst others are going out of their way to update legacy systems or are implementing new systems to monitor transactions using machine learning algorithms to be ahead of the curve in fraud detection. And then there is everything in between.
Biometrics was a theme during our client interviews, and some clients saw their potential use. The vast majority however, had not considered, or were not ready to implement and operationalise, behavioural biometric continuous authentication which is used by the major UK banks to prevent fraud. In fact, in the majority of cases, banks are not changing authentication methods at all in response to the introduction of the NPP.
This is an interesting market insight. It is in line with what we often observe when big changes are on the horizon. There is a continuum of preparation and planning, ranging from doing nothing to everything. Some clients take action to address the new fraud risks associated with NPP and will take action to be on the front foot. Others will do anything to rationalise a “nothing needs to be done” attitude until something goes terribly wrong. The majority are in the middle, between hope and fear, waiting to see where the market and criminals will go.
We will be ready to respond if and when the experts are right.
How about you? Where are you on the continuum? And is that where you want to be?