Consumer & Mobile RDC Risk Management - Remote deposit · Consumer and Mobile RDC Risk Management ....

Consumer and Mobile RDC Risk Management

Floyd Matsuda Chief Information Officer

September 28, 2012

Steven Vaglio, AAP SVP, Payments Advisory

Services & Marketing

Disclaimer

2 Copyright 2012, RemoteDepositCapture.com

• This presentation and applicable materials are intended for general education purposes and nothing in this presentation should be considered to be legal, accounting or tax advice.

• You should contact your own attorney, accountant or tax professional with any specific questions you might have related to this presentation that are of a legal, accounting or tax nature.

• Image source: Thinkstock

2

Corporate, Consumer & Mobile Capture

3 Copyright 2012, RemoteDepositCapture.com 3

What’s the “Difference”?

1. Corporate Capture • Customer Selection • Solution Requirements • Check MICR Scanner

2. Basis for Interest • Competition,

Opportunity 3. Operational Results

• High Volume/$$$ 4. What to Expect

• Business, Treasury Customers

1. Consumer Capture • Customer Selection • Solution Requirements • TWAIN/WIA Scanner

2. Basis for Interest • Cool Factor,

Convenience 3. Operational Results

• Limited Adoption 4. What to Expect

• Small & Micro Business • Consumer

1. Mobile Capture • Customer Selection • Solution Requirements • Smartphone

2. Basis for Interest • Cool factor,

Convenience, Competition

3. Operational Results • Mass Adoption, Low

Volume 4. What to Expect

• Big, Small & Micro Business

• Consumer

Risk Identification & Management • Check images from ATMs, My Deposit (scanner),

and mobile RDC (smartphone app) are routed through a central admin console and viewed by the Deposit & Check Operations staff.

• Check images/information not meeting requirements are queued for review.


Client Selection & Qualification • QuikPost Members

– A member for one year or longer and at least 18 years old. – Must have direct deposit and enrolled in online banking. – No NSFs in the past two years and no negative balance in the last

six months. – Have a checking account open for 90 days or longer with no

account warnings. • My Deposit members

– Original (grandfathered) QuikPost members – No NSFs during the last 6 months, member in good standing. – Have a checking account open for 90 days or longer, waived after

receiving first direct deposit.

–


Client Selection & Qualification • Mobile RDC

– Account open for 30 days or longer – Account in good standing – Have direct deposit or a loan history – At least 18 years of age – Enrolled in SDFCU Online Banking with an iPhone or

Android smartphone app.


Thresholds, Limits and Exception Handling

• Two-day hold on all checks $1,000 or more • A $5,000 auto review threshold with no daily limit


• Existing customer • Use existing services • Owner/Principal of Merchant Capture Service • 3 to12 months of deposit activity and returns • Account in “good” standing (no NSFs over a

period) • Minimum credit score • Other components:

– Fees – Limits – Availability schedule


Consumer Selection Criteria

• Some FI’s follow processes similar to their Merchant Capture offering


RDC Segment Credit Criteria Rating/Score

Business/Merchant Credit Risk Rating • Rating 1-4 • Over 5 needs Sr.

Mgt. Approval

Consumer Credit Score • Over 650

Consumer Selection Criteria

Volumes, Values, Loss Ratios and Experience


Jan-12 Feb-12 Mar-12 Apr-12 May-12 Jun-12 Jul-12 Aug-12

My Deposit Trans

702 605 581 600 531 539 625 546

My Deposit Users

267 238 267 269 247 256 244 237

Mobile RDC Trans

N/A 9 47 306 390 426 607 972

Mobile RDC Users

N/A 16 51 201 212 237 355 455

Volumes, Values, Loss Ratios and Experience

• SDFCU has not had any cases of RDC-related fraud thus far.

• There are some reported cases of members depositing checks twice (honest errors) with mobile RDC.



“ The App Store is the greatest malware

distribution platform ever invented”

Consumer and Mobile Risks


Consumers Still Do Not Treat Their Smartphones Like

Computers

More Players, More Risks


• The mobile system depends on a number of players, many of which fall outside the scope of core financial services

• Device manufacturers, operating systems, network operators, application developers and others all are involved

• And they all need to address security



• 100% of new mobile malware strains detected in 3Q 2011 were on Android OS – Source: McAfee Threat Report 3Q 2011

Android is the Criminals’ New Favorite Playground



Online Threats Still Far Outweigh Mobile Risks

• That will change as mobile transaction volume increases

FFIEC Guidance


• Supplemental guidance released June 28, 2011 emphasizes: – Need for layered security – Periodic risk assessments and adjustments – In wholesale banking, requirement for layered security for

both login and electronic transaction initiation • Highlights value of behavior analytics in preventing fraud • Requirement of enhanced controls for users with admin

rights – Simple device authentication and challenge questions are

not sufficient • Mobile channel not exempt • Regulators began assessing FIs using new guidance

in January 2012

Role of Consumers


• Financial institutions must develop strategies to educate their customers and members about actively managing their own mobile-device security

Third Party Solutions


• Solution providers like Guardian Analytics, Trusteer, iovations, Q2ebanking, Verisign, and more have mobile fraud prevention solutions

• Do your solutions for online and mobile need to work together?

Anticipating Risk


• As more mobile services hit the market, banks and credit unions must balance innovation with fraud protection and compliance

• More threats will emerge as adoption grows • Anticipating new risks will be paramount

One fact is clear… Mobile is here!

Questions?


Additional Takeaways • Phased approach

I. Started with QuikPost, a online app to allow mail-in deposits with instant credit.

II. Merchant capture, a scanner-based RDC app for organizational accounts.

III. My Deposit, a scanner-based RDC app for consumer accounts.

IV. Mobile RDC, a smartphone RDC app for mobile banking.

• Start with a highly selective criteria and monitor member activity. Remove or relax the criteria as appropriate.


About The Presenters Floyd M. Matsuda • State Department Federal Credit Union • Contact Info : [email protected], 703-739-3159

Steven P. Vaglio, AAP • EastPay, Inc. (Regional Payments Association) • Contact Info : [email protected] , 800-681- 4224 Ext. 202


mailto:[email protected]

mailto:[email protected]


QUIZ TIME!

What financial institution was the first to offer mobile RDC?


A. Bank of America B. JP Morgan Chase C. PayPal D. WV United Federal Credit Union E. USAA

Bank of America


Mobile RDC solution available as of June 26th 2012

Source: http://www.mobilecommercedaily.com/2012/07/26/bank-of-america-extends-mobile-strategy-via-remote-deposits/

JP Morgan Chase


• Released a mobile RDC option July 2010 • Excellent marketing of consumer and mobile

RDC

http://www.maclife.com/article/news/chase_mobile_update_brings_iphone_check_deposit

PayPal


Open a PayPal account Download the App

http://news.cnet.com/8301-13506_3-20019027-17.html

WV United Federal Credit Union


Released mobile RDC on July 4, 2009

Source:Http://www.netbanker.com/2009/07/wv_united_federal_credit_union_is_first_with_iphone-based_remote_check_scan_deposit.html

WV United Federal Credit Union


They have just six employees, $11 million in assets, and 3,000 members

WV United uses the member's mobile phone number to apply it to the correct account

Source:Http://www.netbanker.com/2009/07/wv_united_federal_credit_union_is_first_with_iphone-based_remote_check_scan_deposit.html

USAA Savings Bank


USAA’s Deposit@Mobile August 2009

http://www.nytimes.com/2009/08/10/technology/10check.html

USAA Savings Bank


More than $8,000 is deposited every minute by USAA members using Deposit@Mobile (June 2011)

Members log on to the USAA Mobile App or on mobileusaa.com nearly 20,000 times each hour (June 2011)

Consumer & Mobile RDC Risk Management - Remote deposit · Consumer and Mobile RDC Risk Management ....

Documents

Transcript of Consumer & Mobile RDC Risk Management - Remote deposit · Consumer and Mobile RDC Risk Management ....