1. BLOG
Key Risks to Consider When
Implementing Real-Time
Payments
December 18, 2023
Share:
Facilitating real-time payments exposes your organization to multiple risks,
not the least of which is fraud. Learn how to manage such risks.
Real-time payment (RTP) has significantly transformed the way consumers, businesses, and governments conduct financial
affairs. And this has fueled large-scale adoption of instant payments. The number of real-time transactions worldwide is
projected to reach 511.7 billion, growing at a CAGR of 21.3% between 2022 and 2027. While favorable regulations and
concerted industry collaborations are facilitating widespread merchant adoption, strong marketing to enhance visibility is
driving revenues.
But the rising sophistication of threats and complexities of the digital ecosystem are leading to a rise in risks for financial
institutions that enable RTP. Therefore, risk management needs to be a part of DevOps to bolster risk management while
implementing real-time payments. Here’s a look at the various types of risks and the solution.
Risk of Fraud
“The faster that payments are, the faster the fraud.”
~ Paul Tombleson, KPMG
Source: Fenergo
Threats to an industry evolve with the evolution of the industry itself, especially in the digital world where technology is
accessible to everyone equally. Fraud is one of the most pronounced risks in the payments industry. The number of confidence
tricks is growing while there seems to end to identity and card detail theft. Since the RTP function is operational 24×7, fraud
prevention measures need to be reinforced.
Speed is a double-edged sword – it is driving adoption but also making incident detection more difficult. Additionally, over-
simplifying user journeys with insufficient authentication methods opens more channels of vulnerability. Finally, increasing
randomness of user behavior, due to uncertainty in the financial systems, could fool anomaly detection systems.
Rising Fraud Incidence Rates
Type Global Average
Confidence tricks 26.9%
Identity theft 11.6%
Card details theft 26.3%
Privacy - Terms
[ditty_news_ticker id="21083"]
Industry Segment
Strategic Services
Resources
Partners
Who We are
We’re Hiring
Contact Our Experts
Industry Segment Strategic Services Resources Partners Who We Are
Careers Contact Our Experts
Careers Contact Our Experts
2. The only way to mitigate fraud is to stay a step ahead of the fraudsters. Adopting innovative fraud detection and prevention
tools, powered by advanced analytics and Artificial Intelligence, is only the initial step. Conducting regular audits and stress
tests is essential to discovering vulnerabilities. Further, payment enablers must refine and test fraud alert mechanisms to
identify and bridge any gaps between expected and actual consumer activity across the RTP network. Additionally, educating
customers about fraud prevention best practices is critical.
Compliance Risk
Payment systems in America need to comply with the Electronic Fund Transfer Act and the corresponding implementation
regulation in the Uniform Commercial Code. ISO 20022 is the latest standard for enabling global digital payments domestically
and internationally, and complying with this standard will increasingly become critical as RTP penetration deepens. However,
there are many more guidelines that online global systems must comply with. Also, handling cross-border transactions makes
the regulatory arena even more complex, adding to the difficulties of payments providers.
Fortified regulatory oversight and reinforced regulations are critical to maintaining the sanctity of the real-time payments
ecosystem. Compliance can help avoid fines or penalties while strengthening the organization’s capabilities to mitigate
incidents. Embedding compliance checks within processes and consistently updating them to maintain compliance with the
help of technology solutions can simplify the task.
Third-Party Risks
Financial institutions form multiple collaborations with diverse providers to deliver RTP services seamlessly to customers
across the business landscape. These providers might offer technology, data management, point-of-sale equipment, APIs, and
much more. These help FinTechs in integrating transaction processing and settlements for faster turn-around times. Since the
third-party facilities permeate the entire ecosystem, they become key points of exploitation for cybercriminals and a primary
concern for supervisory teams.
Financial organizations must establish controls and oversight to adequately measure, monitor, and mitigate any risks
associated with third-party integrations. Ensuring that they follow the highest standards of compliance, AML (anti-money
laundering) measures, and incidence handling processes strengthens the security of the payment network. A financial
institution must establish initial, ongoing, and occasional processes to vet all vendors and third-party touchpoints to ensure
the highest levels of security and protection.
Liquidity Risk
This is especially important for banks and credit unions. The Federal Reserve discount window (and those of most central
banks) is operational for a limited time. But real-time transactions take place 24×7 and are settled individually and
continuously. This emphasizes the need for financial organizations to maintain adequate checks and balances to settle
transactions even during hours when funds become inaccessible.
Banks and other payment providers planning to offer RTP must create strategies that help them maintain and manage
liquidity within their risk appetite. Monitoring transaction volumes and sizes is one way to assess liquidity requirements.
Managing Risks
Sitting at the heart of the ultra-modern FinTech ecosystem, RTP has reached ubiquity, strengthening customer stickiness and
competitiveness of the financial sector. Notably, fraud does not begin when a transaction is initiated. It starts when a
fraudulent text message is sent, or a call is answered. Therefore, the financial industry lacks end-to-end visibility of a malicious
event. FinTech needs to focus on solutions that bring agility in the detection and prevention of incidents before they can do
any damage. Further, as cryptocurrencies emerge and overlap with the mainstream, they will make the system more complex
and may completely change the threat landscape, multiplying the risks to the financial ecosystem.
Behavioral analysis and transaction data can be used to train machine learning-based anomaly detection algorithms. Using
API-based architecture helps eliminate siloes, facilitates information sharing, and helps optimize fraud management through
[ditty_news_ticker id="21083"]
Industry Segment
Strategic Services
Resources
Partners
Who We are
We’re Hiring
Contact Our Experts
Industry Segment Strategic Services Resources Partners Who We Are
Careers Contact Our Experts
Careers Contact Our Experts