RDC Risk Management Update 2011

Similar documents
RDC Risk Management in 2013

RDC Risk Management & FFIEC Compliance May 2010 Update

RDC Risk Management in 2015

Electronic Banking Remote Deposit Capture Third Party Payment Processors Automated Monitoring Systems Staffing & Resources

Risk Management Technologies The Latest & Greatest from Throughout the Industry

Remote Deposit Capture An Overview of how Technology and Legislation changed core banking

RDC Risk Management and Compliance: Expert Update & Case Study

RDC Audit & Compliance: Lessons from the Battlefield

Ruth A. Harpool, AAP, CTP Director, Treasury Operations Indiana University

Expand Remote Deposit & Mitigate Risk:

Are You Sure You Have the Right RDC Solution

Testing and Reviews. Importance of BSA / AML Training Testing staff on their comprehension of the training

Consumer & Small Business RDC Opportunity & Case Study

Source Capture Solutions

X9 EXCEPTIONS MANAGER

TREASURY MANAGEMENT. Dynamic Solutions. Superior Results.

Mobile Remote Deposit Risks, Rewards, and Deposits Presented by Kevin Olsen, AAP NCP SVP, Payments Education

ACING YOUR REMOTE DEPOSIT CAPTURE AUDIT:

NCR APTRA PASSPORT An enterprise hub for remote deposit capture

REMOTE DEPOSIT CAPTURE SUITE

REMOTE DEPOSIT CAPTURE (RDC) CHECK IMAGING AT THE ATM

REMOTE DEPOSIT CAPTURE (RDC) CHEQUE IMAGING AT THE ATM PART OF NCR S ENTERPRISE HUB FOR REMOTE DEPOSIT CAPTURE

Image Exchange: Processes National Check Payments Certification. Image Exchange: Processes

The Changing Check Deposit Landscape: An Obstacle Course for Fraud Management. Copyright 2016 NICE Actimize. All rights reserved.

LESSONS LEARNED FROM BSA ENFORCEMENT ACTIONS

How does DEFT POS work?

Consumer and Mobile RDC Risk Management

NCR Passport for Commercial. Part of NCR s enterprise hub for remote deposit capture

Anti-Money Laundering and Sanctions Compliance. You Can t Afford the Risks

Compliance for the Digital Institution: Online Account Opening & Loan Application Considerations Louisiana Bankers Association Executive Management

Jen Wasmund, AAP, NCP Compliance Services Director

SMALL BUSINESS RDC: TAKING TRANSACTIONS OUT OF THE BRANCH

SMALL BUSINESS RDC: TAKING TRANSACTIONS OUT OF THE BRANCH WHITE PAPER

The Future of Check Handling: Creating a Better Experience

REGULATORY COMPLIANCE. Dynamic Solutions. Superior Results.

JOB TITLE: VP, BSA Officer REPORTS TO: SVP, Deposit Operations and Regulatory Compliance/CRA Officer DEPARTMENT: Compliance

HOW INTEGRATED RECEIVABLES OVERCOMES THE FOUR BIGGEST CHALLENGES IN ORDER-TO-CASH

Treasury Management Guide

Behind the Four Pillars: Is Your AML House Really Rock Solid?

Omni-Channel Capture: An Evolving Strategic Direction

Solutions. Cash & Logistics Intelligent and Integrated Solutions to Optimize Currency Levels, Reduce Expenses and Improve Control

Bank Secrecy Act Training: Who, What, When, How and Why? Presented by Lynn English Lafayette Federal Credit Union

Remote Deposit Capture Check Images or ACH?

Enterprise RDC Risk Management

Bank Secrecy Act Hot Topics May 15, Heather Johnson, CRCM Regulatory Compliance Senior

Products. Commercial Banking Attract, Retain and Grow Profitable Business Relationships in a Highly Competitive Environment

CORE BANK PROCESSING NUPOINT. Dynamic Solutions. Superior Results.

Auditing for Effective Training

Banking Money Services Business. Xenia Vieth, Esq. Banco Popular North America

BSA Hot Topics. Presented to: New York Bankers Association. May 2015

Enroll Today! Annual Member Package Price: $2, Founder s Message TERRI SANDS CAMS AUDIT, CFE, AAP, ACT SPECIALIST

RETHINKING WHAT RDC MEANS TO YOUR CUSTOMERS AND YOUR FINANCIAL INSTITUTION

Retail Payment Systems Internal Control Questionnaire

NCR APTRA PASSPORT FOR ATM Part of NCR s enterprise hub for remote deposit capture

User s Starter Kit. For Home or Small Office Use. fcbbanks.com

The New Rule on Customer Due Diligence Key Takeaways from Banker s Toolbox

RDC on Steroids: Integrated Receivables Roundtable

Customer Due Diligence Risk-Based Approach. Dan Soto CCO Ally Financial

PAYMENTS PROCESSING ITEM CAPTURE & PROCESSING. Dynamic Solutions. Superior Results.

RDC as a Receivables Platform

Banking Applications. Artificial Intelligence & Image Analysis

Positioning Your Business to Benefit from Emerging Technologies

Image Solutions General Session

Financing IBM Counter Fraud Management Solutions for Banking

Customer Due Diligence A Risk Based Approach. Dr Tony Wicks Director of AML Solutions NICE Actimize

BSA/AML Self-Assessment Tool. Overview and Instructions

Mobile Deposit. Options for Consumer, Small Business and Corporate Customers. Tim Wilcox April 12, 2017

List of Tables. General Information. Deposit Account Fraud Prevention. ABA Deposit Account Fraud Survey Report 2015 Edition. Table

WELCOME. 1

What s Going On With Customer Management? Marcia Corner, IBS Product Management April 19, 2017

ANTI-MONEY LAUNDERING SERVICES EXPERTS WITH IMPACT

Juan Carlos Ramirez, VP, AML/ATF & Sanctions Audit, Scotiabank. Compliance and Risk Management

Product. Corillian Business Online Business Banking Solutions on the Industry s Leading Online Banking Platform

CORE BANK PROCESSING MERIDIAN.NET. Dynamic Solutions. Superior Results.

Index of Tables. General Information. New Account Application Review. Customer Authentication

Key BSA/AML takeaways from the 2015 FIBA conference

Product Overview. KIVA Respect 7 unified Teller (ut) Four Key Product Components

Contract and Procurement Fraud

IBM AML compliance solution

NCR BRANCH TRANSFORMATION SOLUTIONS

How Teller, ATM and Bank Vault reconciliations Can Help Track Physical Cash

Secure Payments Task Force Payment Use Cases Webinar

E-Debit International Inc. Introduction to Transaction Processing. Basic Overview of our Payment & Processing Systems 08/13

Risk Assessment - Balancing Risk While Enhancing Controls

ACTIVEVIEW ITEM PROCESSING IMAGE-BASED ITEM PROCESSING SOLUTION

The FFIEC BSA/AML Examination Manual 2010 Revisions

CORP Appendix A CORPORATE POLICY. Attachments: Related Documents/Legislation: Revenue Administrative Policy

Treasury Management Solutions

RSM ANTI-MONEY LAUNDERING SURVEY BEST PRACTICES AND BENCHMARKING FOR YOUR BSA/AML PROGRAM

Desktop Teller User s Starter Kit

Defining and promoting excellence in the provision of mobile money services

W H I T E PA P E R l The True Paperless Branch

Payments disputes: A pathway to deeper customer relationships

IIB - INTERNATIONAL BANKING ANTI-MONEY LAUNDERING SEMINAR

Self-Service...Enhance, Retain and Attract! Jan Estep President, Elan ATM/Debit Services

Let TellerElite Show Your Bank the Business Potential of Your Teller Line. Steve White, Development Manager May 24, 2017

Risk Management TRAINING AND EVENTS. aba.com/risktraining

Same Day ACH ODFI Implementation Checklist July Action Considerations Party Responsible for Task

Check Products National Check Payments Certification. Check Products. Copyright 2016 by the Electronic Check Clearing House Organization

Introducing an easier way to manage your business

Transcription:

RDC Risk Management Update 2011 Heather Holliway, Product Manager Synovus Financial Corp. Ed McLaughlin, Executive Director RemoteDepositCapture.com September 30, 2011

Regulatory Guidance Overview 1. FFIEC RDC Risk Management Guidance released January 14, 2009 RDC risk management process in an electronic environment Focusing on RDC deployed at a customer location Principles of RDC risk management discussed are applicable to: FI s Internal deployment ATM, Branch, Cash Vault Other forms of electronic deposit delivery systems (e.g., mobile banking and automated clearing house [ACH] check conversions). 2. Retail Payment Systems Booklet (N), (M) February 10, 2010 3. 2010 Version of the Bank Secrecy Act/Anti-Money Laundering Examination Manual Updated April 29, 2010 4. Authentication in an Internet Banking Environment October 12, 2005 1. Supplement to Authentication in an Internet Banking Environment June 22, 2011 5. Reg. CC changes are coming RDC Risk Management Update 2011 2

New Challenges Mobile, Flatbed, Merchant, Fax Treat as new products in the process Device security Check security Compliance Mobile for small business and the consumer The farther down you go the less the sophistication of the business Keep it simple Fewer checks and balances Segregation of duties Documented risk practices FFIEC Guidance is risk management oriented, not device oriented RDC Risk Management Update 2011 3

FFIEC guidance was a watershed event But what value will all the resulting effort produce? Nearly 90% of FIs surveyed have suffered NO LOSS uniquely attributed to RDC This includes CUs offering consumer RDC Losses among the 12% were not recurring events Fraud mechanisms are not a mystery, nor many: Duplicate presentment Kiting Insider fraud Duplicate presentment is the most commonly cited mechanism by a large margin We have suffered no loss uniquely attributed to RDC We have had a single loss incident We have had several loss incidents We have recurring loss incidents RDC Loss Profile 17% 8% 6% 8% 0% 1% 1% 21% 63% 92% 93% 91% 0% 20% 40% 60% 80% 100% Resp (%) Source: Celent FI survey, September 2010, n=194 >$50b $10b - $50b $1b - $10b <$1b This slide provided courtesy of Celent. Almost exclusively in our cases, our losses are due to insider fraud at our customer sites, due to a lack of or failing to follow existing dual controls US Mid tier bank RDC Risk Management Update 2011 4

System Capabilities & Integration System Functionality Duplicate item detection Scanner options Data Integration & Usability Audit logs and event logs (MIS reporting) IQA and IUA Front and Back of the Check MICR & CAR/LAR Controls Marking Capability Presence of Endorsements Clearing options LCR (lowest cost routing) Includes rules for ACH vs.. Image and IRD ABA Validation routines Integration of BSA/AML systems and processes OFAC BCP (Enterprise) IT Security Infrastructure (SSO, rights and privileges, etc.) RDC Risk Management Update 2011 5

Key Information: Understand Business Know Your Customer Finances, Customers, Processes CDD (Customer Due Diligence, EDD (Enhanced Due Diligence, CIP (Customer Identification Program) Understand Deposits Obtain History Volumes & Values of Items, deposits, returns, Velocity Use this data to custom-fit RDC Thresholds, Limits, Holds & Availability Schedules Separation of Duties, Approvals Functional Capabilities Pricing, Balances, monitor deposit & data trends. RDC Should be customized to each individual client. RDC Risk Management Update 2011 6

Duplicate Detection Duplicate Detection should ideally be done across all levels & accounts, channels and products. Levels & Accounts User, Location, Account Channels RDC Location, Lockbox, ATM, Branch, Mail Drop, Kiosk & Inclearings, etc. Products Check and ACH (for converted items) Network All banks using a specific service provider Industry i3g / Fed Initiative More?? RDC Risk Management Update 2011 7

The Importance of Endorsements Endorsements can help prevent duplicates Restrict deposit to a specific bank & account Legal & Regulatory implications Appropriate endorsement can be identified Teller Payor Systemic Identification Decreases likelihood item will be used Criminals can also see the restrictive endorsement Systemic Capabilities are evolving Hardware & Software RDC Risk Management Update 2011 8

Testing Risk Management Risk Control / Risk Type Operational Error Check Kiting Duplicate Error Duplicate Fraud Value Fraud Volume Fraud Return Items Value / Volume Thresholds - RDC System DD* *Duplicate Detection - - - - Cross-Channel DD* - - - - *Duplicate Detection IQA / IQU / CAR / LAR Patterning - - - - Holds Availability Schedules Balances Level of Risk Management Adequacy: ¼ Circle = Minimal ½ Circle = Fair ¾ Circle = Moderate Full Circle = Good FIs should have at least 1.5 Total Circles per risk type, 2+ for Fraud Risk Types. RDC Risk Management Update 2011 9

RDC Risk Management Striking the perfect balance between BSA/Compliance and Treasury Management Heather Holliway, Product Manager Synovus Financial Corp. September 30, 2011

Let the Tug-of-War Begin Synovus released RDC in 2005 Rush to market, high profile product Treasury Management is eager to sell, sell, sell! BSA wants control! Copyright 2010, RemoteDepositCapture.com 11

Results of Tug-of-War Customer dissatisfaction with turn-around time on approval Sales team frustrated with documentation requirements and approval process Resource intensive for both BSA and Treasury Management teams BSA now referred to as BPU (Business Preventative Unit) Copyright 2010, RemoteDepositCapture.com 12

Question: The Dilemma How can we sell the service and deliver quickly while appropriately mitigating risk? Answer: Restructure the customer approval process based on customers risk classifications. Revise the Risk Policy! Copyright 2010, RemoteDepositCapture.com 13

A Realistic Approach Treasury Management must partner with BSA/Compliance and Operational Risk to create a realistic and reasonably designed risk based Remote Deposit Capture policy based on FFIEC guidance Implement monitoring or audit procedures Understand your customers activity to identify red flags before it s too late Be proactive vs. reactive Determine both business segment and BSA Risk tolerance thresholds Copyright 2010, RemoteDepositCapture.com 14

Customer Approval Process Customer approval process Define customer risk categories based on FFIEC guidance and your bank s risk appetite (e.g. low, medium and high) Determine which categories are permitted and prohibited Determine who owns the approval based on risk type (e.g. moderate risk requires dual approval, high risk RDC prohibited) Regardless of risk level, due diligence must be performed and documented Know your customer: apply your bank s CIP and CDD/EDD standards Document anticipated volume and $ deposited Review previous statements to understand customer s activity Verify account ownership Verify credit relationship is in good standing (if applicable) Copyright 2010, RemoteDepositCapture.com 15

Account Monitoring Ongoing Account Activity/Transaction Monitoring Examples of valuable data: customer account balances and deposit history spiked activity or trends that are inconsistent with anticipated account activity overdrawn accounts higher incident of NSF checks, returned items or customer complaints routinely resubmitted data files or duplicate presentment of checks or images changes in business profile or ownership Accounts with significant variances should be reviewed, explanations should be documented and archived for audit Accounts with suspicious activity: should be reported to Loss Prevention, Operational Risk and BSA/Compliance work with Relationship Manager to determine whether or not service should be removed Copyright 2010, RemoteDepositCapture.com 16

Training Critical for both Treasury Management and Customers! Treasury Management Training Sales must understand policy before selling Mandatory Product and Risk training on at least an annual basis Identify BSA/Compliance red flags for suspicious activity Escalation Criteria both Operational and BSA compliance Standardize documentation for monitoring and exception reviews to meet compliance, audit and regulatory scrutiny Customer Training - end user should understand the policies and procedures set forth in the legal agreement Deposit deadline Eligible / Ineligible items Handling of duplicate items Retention requirements Prohibited use Copyright 2010, RemoteDepositCapture.com 17

Striking the Perfect Balance Simplify the customer approval process based on FFIEC guidance Implement risk based account and transaction monitoring based on your bank s BSA risk profile and business segment risk tolerance Sales Team selling and generating fee income! BPU returns to BSA no longer the bad guys! Copyright 2010, RemoteDepositCapture.com 18

Summary of Risk Management Standards - FFIEC: Comprehensively identify and assess RDC risk prior to implementation Conduct appropriate customer CDD and EDD on new RDC customers Create risk-based parameters that can be used to conduct RDC customer suitability reviews Obtain expected account activity from the RDC customer, such as the anticipated RDC transaction volume, dollar volume, and type (e.g., payroll checks, third-party checks, or traveler s checks), comparing it to actual activity, and resolving significant deviations Compare expected activity to business type to ensure they are reasonable and consistent Develop well-constructed contracts that clearly identify each party s role, responsibilities, and liabilities, and that detail record retention procedures for RDC data Implement additional monitoring or reviews when significant changes occur in the type or volume of transactions Ensure that RDC customers receive adequate training Copyright 2010, RemoteDepositCapture.com 19

Questions? Copyright 2010, RemoteDepositCapture.com 20

Additional Takeaways Determine both business segment and BSA Risk tolerance thresholds Design a reasonable and realistic policy based on FFIEC guidance and controls currently in place e.g. assume more risk on the front line due to in depth monitoring on the back end Partner with BSA/Compliance tap into their knowledge! Copyright 2010, RemoteDepositCapture.com 21

Questions? RDC Risk Management Update 2011 22

Additional Takeaways Determine both business segment and BSA Risk tolerance thresholds Design a reasonable and realistic policy based on FFIEC guidance and controls currently in place e.g. assume more risk on the front line due to in depth monitoring on the back end Partner with BSA/Compliance tap into their knowledge! RDC Risk Management Update 2011 23

About The Presenter Heather Holliway Synovus Financial Corp. HeatherHolliway@synovus.com RDC Risk Management Update 2011 24

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback