Hoosier Banker 27 Authored by Craig M. Collins, president of OneBeacon Financial Services, ccollins@onebeacon.com. • Has there been a recent transfer of funds into the account from a home equity line of credit? Fraudsters frequently target HELOCs, since customers are not as vigilant in checking the status of these accounts. Additionally, information on the existence of these accounts is publicly accessible. • Are the funds being transferred to a foreign account? • Does the customer seem to be in a great hurry to complete the transfer? • Is the request coming from a legitimate email address? Fraudsters often use email addresses that are very similar to a customer’s legitimate email address (e.g., using numeral “1” in place of the lower case letter “l”). Review email addresses closely. • Has the phone number on file for this customer recently been changed? • Has the receiving bank account information, or any other material detail of the request, recently been changed? Additional steps to help mitigate risk could include: - Updating customer files with alternate phone numbers, so that callbacks can be made to multiple phone lines. - Using a multifactor authentication method by working with your customers in advance to record at least three different security questions and answers that only they would know the answers to. When performing a callback during a transfer request, ask the customer each question. - Establishing alternate electronic verification methods, such as PINs or security tokens. - Executing a written agreement that details who is authorized to execute a transaction, which accounts are eligible for transfers, what security measures and verification steps are in place, which communication methods are used, and who is liable (and for what) if fraud were to occur. - Elevating all out-of-the ordinary requests, and encouraging employees to view every wire transfer request with a healthy dose of skepticism. While it is understandable that the bank would like to make the transfer process as easy as possible for its customers and others involved, it is important for the bank to recognize the risks and take the necessary steps – before and after receiving the request – to protect its customers’ money and its own money. Customers and others involved should understand that such measures are to their benefit, and they should appreciate the relatively minor inconveniences associated with verifying the legitimacy of the requests. With wire transfer fraud schemes becoming more frequent and complex, it is more important than ever for banks to protect themselves against this formidable risk. HB
RkJQdWJsaXNoZXIy MTg3NDExNQ==