Consumer & Mobile RDC Risk Management - Remote deposit · Consumer and Mobile RDC Risk Management ....
Transcript of Consumer & Mobile RDC Risk Management - Remote deposit · Consumer and Mobile RDC Risk Management ....
Consumer and Mobile RDC Risk Management
Floyd Matsuda Chief Information Officer
September 28, 2012
Steven Vaglio, AAP SVP, Payments Advisory
Services & Marketing
Disclaimer
2 Copyright 2012, RemoteDepositCapture.com
• This presentation and applicable materials are intended for general education purposes and nothing in this presentation should be considered to be legal, accounting or tax advice.
• You should contact your own attorney, accountant or tax professional with any specific questions you might have related to this presentation that are of a legal, accounting or tax nature.
• Image source: Thinkstock
2
Corporate, Consumer & Mobile Capture
3 Copyright 2012, RemoteDepositCapture.com 3
What’s the “Difference”?
1. Corporate Capture • Customer Selection • Solution Requirements • Check MICR Scanner
2. Basis for Interest • Competition,
Opportunity 3. Operational Results
• High Volume/$$$ 4. What to Expect
• Business, Treasury Customers
1. Consumer Capture • Customer Selection • Solution Requirements • TWAIN/WIA Scanner
2. Basis for Interest • Cool Factor,
Convenience 3. Operational Results
• Limited Adoption 4. What to Expect
• Small & Micro Business • Consumer
1. Mobile Capture • Customer Selection • Solution Requirements • Smartphone
2. Basis for Interest • Cool factor,
Convenience, Competition
3. Operational Results • Mass Adoption, Low
Volume 4. What to Expect
• Big, Small & Micro Business
• Consumer
Risk Identification & Management • Check images from ATMs, My Deposit (scanner),
and mobile RDC (smartphone app) are routed through a central admin console and viewed by the Deposit & Check Operations staff.
• Check images/information not meeting requirements are queued for review.
4 Copyright 2012, RemoteDepositCapture.com
Client Selection & Qualification • QuikPost Members
– A member for one year or longer and at least 18 years old. – Must have direct deposit and enrolled in online banking. – No NSFs in the past two years and no negative balance in the last
six months. – Have a checking account open for 90 days or longer with no
account warnings. • My Deposit members
– Original (grandfathered) QuikPost members – No NSFs during the last 6 months, member in good standing. – Have a checking account open for 90 days or longer, waived after
receiving first direct deposit.
–
5 Copyright 2012, RemoteDepositCapture.com
Client Selection & Qualification • Mobile RDC
– Account open for 30 days or longer – Account in good standing – Have direct deposit or a loan history – At least 18 years of age – Enrolled in SDFCU Online Banking with an iPhone or
Android smartphone app.
6 Copyright 2012, RemoteDepositCapture.com
Thresholds, Limits and Exception Handling
• Two-day hold on all checks $1,000 or more • A $5,000 auto review threshold with no daily limit
7 Copyright 2012, RemoteDepositCapture.com
• Existing customer • Use existing services • Owner/Principal of Merchant Capture Service • 3 to12 months of deposit activity and returns • Account in “good” standing (no NSFs over a
period) • Minimum credit score • Other components:
– Fees – Limits – Availability schedule
8 Copyright 2012, RemoteDepositCapture.com
Consumer Selection Criteria
• Some FI’s follow processes similar to their Merchant Capture offering
9 Copyright 2012, RemoteDepositCapture.com
RDC Segment Credit Criteria Rating/Score
Business/Merchant Credit Risk Rating • Rating 1-4 • Over 5 needs Sr.
Mgt. Approval
Consumer Credit Score • Over 650
Consumer Selection Criteria
10 Copyright 2012, RemoteDepositCapture.com
Volumes, Values, Loss Ratios and Experience
11 Copyright 2012, RemoteDepositCapture.com
Jan-12 Feb-12 Mar-12 Apr-12 May-12 Jun-12 Jul-12 Aug-12
My Deposit Trans
702 605 581 600 531 539 625 546
My Deposit Users
267 238 267 269 247 256 244 237
Mobile RDC Trans
N/A 9 47 306 390 426 607 972
Mobile RDC Users
N/A 16 51 201 212 237 355 455
Volumes, Values, Loss Ratios and Experience
• SDFCU has not had any cases of RDC-related fraud thus far.
• There are some reported cases of members depositing checks twice (honest errors) with mobile RDC.
12 Copyright 2012, RemoteDepositCapture.com
13 Copyright 2012, RemoteDepositCapture.com
“ The App Store is the greatest malware
distribution platform ever invented”
Consumer and Mobile Risks
14 Copyright 2012, RemoteDepositCapture.com
Consumers Still Do Not Treat Their Smartphones Like
Computers
More Players, More Risks
15 Copyright 2012, RemoteDepositCapture.com
• The mobile system depends on a number of players, many of which fall outside the scope of core financial services
• Device manufacturers, operating systems, network operators, application developers and others all are involved
• And they all need to address security
More Players, More Risks
16 Copyright 2012, RemoteDepositCapture.com
• 100% of new mobile malware strains detected in 3Q 2011 were on Android OS – Source: McAfee Threat Report 3Q 2011
Android is the Criminals’ New Favorite Playground
More Players, More Risks
17 Copyright 2012, RemoteDepositCapture.com
Online Threats Still Far Outweigh Mobile Risks
• That will change as mobile transaction volume increases
FFIEC Guidance
18 Copyright 2012, RemoteDepositCapture.com
• Supplemental guidance released June 28, 2011 emphasizes: – Need for layered security – Periodic risk assessments and adjustments – In wholesale banking, requirement for layered security for
both login and electronic transaction initiation • Highlights value of behavior analytics in preventing fraud • Requirement of enhanced controls for users with admin
rights – Simple device authentication and challenge questions are
not sufficient • Mobile channel not exempt • Regulators began assessing FIs using new guidance
in January 2012
Role of Consumers
19 Copyright 2012, RemoteDepositCapture.com
• Financial institutions must develop strategies to educate their customers and members about actively managing their own mobile-device security
Third Party Solutions
20 Copyright 2012, RemoteDepositCapture.com
• Solution providers like Guardian Analytics, Trusteer, iovations, Q2ebanking, Verisign, and more have mobile fraud prevention solutions
• Do your solutions for online and mobile need to work together?
Anticipating Risk
21 Copyright 2012, RemoteDepositCapture.com
• As more mobile services hit the market, banks and credit unions must balance innovation with fraud protection and compliance
• More threats will emerge as adoption grows • Anticipating new risks will be paramount
One fact is clear… Mobile is here!
Questions?
22 Copyright 2012, RemoteDepositCapture.com
Additional Takeaways • Phased approach
I. Started with QuikPost, a online app to allow mail-in deposits with instant credit.
II. Merchant capture, a scanner-based RDC app for organizational accounts.
III. My Deposit, a scanner-based RDC app for consumer accounts.
IV. Mobile RDC, a smartphone RDC app for mobile banking.
• Start with a highly selective criteria and monitor member activity. Remove or relax the criteria as appropriate.
23 Copyright 2012, RemoteDepositCapture.com
About The Presenters Floyd M. Matsuda • State Department Federal Credit Union • Contact Info : [email protected], 703-739-3159
Steven P. Vaglio, AAP • EastPay, Inc. (Regional Payments Association) • Contact Info : [email protected] , 800-681- 4224 Ext. 202
24 Copyright 2012, RemoteDepositCapture.com
25 Copyright 2012, RemoteDepositCapture.com
QUIZ TIME!
What financial institution was the first to offer mobile RDC?
26 Copyright 2012, RemoteDepositCapture.com
A. Bank of America B. JP Morgan Chase C. PayPal D. WV United Federal Credit Union E. USAA
Bank of America
27 Copyright 2012, RemoteDepositCapture.com
Mobile RDC solution available as of June 26th 2012
Source: http://www.mobilecommercedaily.com/2012/07/26/bank-of-america-extends-mobile-strategy-via-remote-deposits/
JP Morgan Chase
28 Copyright 2012, RemoteDepositCapture.com
• Released a mobile RDC option July 2010 • Excellent marketing of consumer and mobile
RDC
http://www.maclife.com/article/news/chase_mobile_update_brings_iphone_check_deposit
PayPal
29 Copyright 2012, RemoteDepositCapture.com
Open a PayPal account Download the App
http://news.cnet.com/8301-13506_3-20019027-17.html
WV United Federal Credit Union
30 Copyright 2012, RemoteDepositCapture.com
Released mobile RDC on July 4, 2009
Source:Http://www.netbanker.com/2009/07/wv_united_federal_credit_union_is_first_with_iphone-based_remote_check_scan_deposit.html
WV United Federal Credit Union
31 Copyright 2012, RemoteDepositCapture.com
They have just six employees, $11 million in assets, and 3,000 members
WV United uses the member's mobile phone number to apply it to the correct account
Source:Http://www.netbanker.com/2009/07/wv_united_federal_credit_union_is_first_with_iphone-based_remote_check_scan_deposit.html
USAA Savings Bank
32 Copyright 2012, RemoteDepositCapture.com
USAA’s Deposit@Mobile August 2009
http://www.nytimes.com/2009/08/10/technology/10check.html
USAA Savings Bank
33 Copyright 2012, RemoteDepositCapture.com
More than $8,000 is deposited every minute by USAA members using Deposit@Mobile (June 2011)
Members log on to the USAA Mobile App or on mobileusaa.com nearly 20,000 times each hour (June 2011)