Should US Banks Do More to Reduce APP Fraud?Ken Palla Discusses New Guidance From the Bureau of Consumer Financial Protection
The U.S. Consumer Financial Protection Bureau reportedly plans to release new guidance requiring banks to compensate consumers for certain money-transfer service scams. Ken Palla, former director at MUFG Union Bank, shares his views. MUFG Union Bank has nearly 300 retail branches in California, Washington and Oregon.
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
Palla says banks could look to the United Kingdom for examples of how banks manage authorized push payment, or APP, fraud, in which fraudsters dupe victims into authorizing a money transfer. Large British financial institutions in 2019 agreed to reimburse victims. Banks implemented a number of fraud detection measures including confirming the real identity of new payees, anomaly detection and delayed payment processing.
"You also have behavioral biometrics. What you can see is that when these people are being directed on the phone to do online transactions, their behavior is slower than normal" since they're waiting for the fraudster to issue instructions, says Palla.
In a video interview with Information Security Media Group, Palla discusses:
- Authorized push payment fraud and how to detect it;
- The different measures banks can take to mitigate risks from scams;
- What the CFPB can do to stymie authorized payment fraud.
Palla is the former director at MUFG Union Bank. He helped shape the initial responses to the U.S. 2005 and 2011 FFIEC Regulatory Guidance to improve online security for U.S. banks and was an advisor to the RSA Conference eFraud Global Forum. He is currently a member of the Program Committee for the annual RSA Conference in San Francisco.