Not My Credit Union: 6 Ways to Fight Back

The financial services industry took a big hit in the past 18 months – $76 billion lost in Paycheck Protection Program (PPP) fraud, over $300 million lost in stimulus check scams, and a significant increase in credit card and check fraud. Overall, financial crime attempts increased by 109%. But rather than targeting institutions directly, fraudsters are going after the path of least resistance, which often is individual members. Their methods vary but include: IRS scams, romance scams or even sly account takeovers during P2P, where a hacker may impersonate a credit union employee as they help a new member open an account, ultimately stealing the account login information and transferring funds to their own account.

As much as we would love to rid the world of fraudsters, it is impossible. As new technologies emerge and the financial services industry becomes increasingly digitalized, fraudsters are also evolving and updating their strategies. And as we head into a post-pandemic environment and the government loans and relief programs dry up, fraudsters will begin to direct their attention back to traditional financial crimes. In 2021, we’ve already seen an uptick in traditional crimes such as ransomware, social engineering, identity fraud and money laundering. It’s safe to say the industry can use a refresh on how to fight back.

So, what can credit unions do to protect themselves against fraud?

• Start with education. The industry is collaborating better than ever, sharing resources and stories to help financial institutions defend themselves against fraud. It is paramount that credit unions take advantage of the many community-wide resources at hand to build their own prevention strategies.
• Employees are the first line of defense. Installing training programs within organizations and educating employees about different types of financial crimes and detection mechanisms will prepare staff to detect and report suspicious activity. Your people are your first line of defense and making sure they are trained and prepared is essential to keeping your data and business safe.
• Spread awareness in your community. Heightened awareness of fraud trends within your community through campaigns and educational programs will help your members realize when they’ve been targeted and know how to react. Highlighting the reality of fraud puts your brand in a position of advocacy, strengthening the connection between your credit union and your members and reducing the risk of members taking the bait.

Credit unions must understand their client base prior to sharing personalized educational content. For example, millennials, known as the tech-savvy generation, may have a deeper understanding of how security works but could still use information to help securely guide them through new purchases as they begin to apply for personal loans, credit cards and mortgages. Boomers on the other hand, are used to coming into the branch and feel a sense of security in knowing that their financial needs will be attended to in person. They, like the rest of the world, were plunged into this highly digitalized environment, and may not feel confident in the security of their money. This is an opportunity for credit unions to strengthen member relationships, reinstating your commitment to promoting a safe environment and educating on the steps you are taking in that direction.

• Build your financial crime program. Start by identifying, evaluating and classifying your assets and risks, and then tailor financial crimes and cybersecurity tools accordingly. Many credit unions are starting to build comprehensive programs as part of their long-term business plans, rather than looking at separate disconnected components.
• Leverage modern technologies. Once your financial crime and cybersecurity programs are set up, implement defense technologies such as encryptions, patching software, firewalls, multi-factor authentication and real-time monitoring systems to reduce the probability of an attack. Early breach detection mechanisms that send alerts once the fraudster has entered the system is crucial as well, as it will allow you to react fast and minimize damage. Lastly, having backup and recovery programs will help you recover your data quickly in case of an attack. Regularly monitoring and evaluating these technologies along with your institution’s financial crimes and cybersecurity risk plans will help maintain a strong defense program, making it increasingly difficult for fraudsters to break through.
• AI is the future. Innovative credit unions that are already ahead of the curve with their financial crime and cybersecurity programs can increase their resilience by using AI and machine learning technologies that analyze member behaviors, track transactions and report on any deviations from usual behavior in real-time. Fully automating fraud-detection processes will help your credit union quickly identify suspicious activity and challenge it by informing accountholders directly, reducing the risk for errors down the line, saving costs and boosting efficiencies across the organization.

Educating members on the reality of financial crimes, along with fraud prevention best practices, creates the right balance to help mitigate losses while keeping members safe and comfortable in their new digital banking experiences. Credit unions that take this into consideration will not only have a stronger line of defense as we head into this post-pandemic environment but will maintain their central role in their communities, guarding their members’ interests and increasing the trust that members have instilled in them.

Rene Perez is a financial crimes consultant at Jack Henry & Associates, a Monett, Mo.-based SaaS provider primarily for the financial services industry. He also contributes to the Federal Reserve Bank Payments Improvement Fraud work group.