One year ago today, The Clearing House debuted RTP, its Real Time Payments system for the US financial market. Supported by all the member banks of The Clearing House, RTP is off to a strong start. It’s estimated that 50% of eligible demand-deposit accounts will be able to receive an RTP transaction by year end.
The purpose of RTP is to provide instant transfer of funds between member banks, reducing expenses and streamlining reconciliation. Faster and simpler than ACH transactions, RTP brings the convenience and speed to banking transactions that businesses expect in today’s instant-digital world. And in the case of card transaction settlement, RTP provides a vastly superior means for merchants to receive their money fast. However, while RTP is a system long overdue in the US, it comes with its own set of risks.
Oftentimes, increased transaction speed goes hand in hand with decreased fraud controls. And fraudsters are quick to jump on opportunities. That’s just what has happened in the UK, which has had an RTP system since 2008. Invoice fraud has become a serious problem for consumers. Fraudsters manage to trick consumers into paying a valid-appearing invoice from a trusted vendor. Keep in mind that with RTP, money is transferred instantly, and once it’s gone, it’s really gone. Thieves are quick to move funds, making it nearly impossible to recover.
In addition to invoice fraud, thieves are taking advantage of transaction speed to take over and drain consumer accounts using stolen credentials. Again, because it’s so easy to transfer funds, fraudsters can quickly move money through multiple burner accounts until it’s no longer possible to track. Really, all forms of money laundering are made easier with RTP.
So what are FIs in the US doing to combat this risk? RTP security requires a multi-step approach. Since RTP eliminates the opportunity for manual risk evaluation, member FIs are turning to advanced machine learning and behavioral analytics that can spot questionable transactions much more effectively than the old system ever could. Another area of risk is account number theft. While we’ve made great strides safeguarding consumer account data for credit and debit cards, with RTP it’s imperative to secure bank account numbers. Fortunately, just as tokenization has cut fraud for card account purchases, tokenization can also protect bank account data.
While FIs are stepping up their fraud-prevention game in response to RTP risk, it’s a shift that needed to happen anyway. Investing in cutting edge fraud control technology can only help clear the way for additional innovation in B2B and C2B transactions in the future.