Merchant fraud threats grow: Is your KYC program keeping up?

Due to the unprecedented momentum of digital transformation, many credit unions are expanding their digital ecosystem to provide payments processing services to their merchant accounts. By functioning like a payment aggregator (PA), credit unions are empowering smaller businesses across every industry to digitally transform their potential via increased financial inclusion and streamlined access to financial services.

But while this ensures credit unions can stay relevant and competitive, it’s also introduces the prolific challenge of merchant fraud – creating new imperatives for Know-Your-Customer (KYC) and Customer Due Diligence (CDD) programs.

Merchant Fraud Escalates

The pandemic-induced shift in payments behavior, including instant and faster payments adoption and the transition to eCommerce, has driven companies to rethink their payments operations to better serve their customers. Simultaneously, this has presented credit unions with numerous opportunities to deepen the member relationship by offering payments processing services to merchant accounts. These services are extended under the following business agreements:

  • Revenue Sharing Agreement (RSA): Whereby the payments processor holds the risk.
  • Payment Facilitator (PayFac) program: Whereby the FI is registered with card associations, such as VISA or MasterCard, for example, as a registered payment facilitator and holds the risk.

The threat of merchant fraud is a primary concern for credit unions who are adopting payments processing services because of the massive scale these types of fraud can occur on and the sophistication of the schemes. Criminals are becoming more persistent and creative in their techniques, and expanding their networks through the ease of creating illegitimate businesses.

A few examples of how merchant fraud can happen include:

  • Authentic merchants facilitating fraudulent activities, such as participating in tax evasion or money laundering.
  • A high-risk company fronts itself as a low-risk company.
  • A dormant company poses as an operative business.
  • A merchant creates a merchant account without intending to run a legitimate business for the purpose of illicitly accessing credit lines and perpetrating bust-out fraud.
  • A merchant establishes a fake digital storefront via a stolen or synthetic identity.
  • Transaction laundering, or factoring, where a merchant processes illegal or unknown transactions on behalf of another company; $352 billion is laundered annually in the U.S. via this technique.

For credit unions functioning as PAs, it can be challenging to prevent these fraud schemes due to the sophistication of the methods and the lack of advanced solutions for merchant onboarding and continuous monitoring.

Credit unions must deploy advanced risk-mitigation measures to protect their organization from potential reputational and sanctions damage, chargebacks, regulatory compliance fines, and loss of customer trust. This is also particularly critical today, as AML and KYC laws demand potent CDD practices.

Preventing Merchant Fraud with New Technologies

Traditional AML compliance processes are inadequate to disrupt merchant-based fraud and money laundering activities because they’re defined by inefficient manual processes and the limitations of AML programs relying on rules-based systems and controls that generally produce high levels of false positives and substantial operational workloads.

Credit unions need to enhance their AML capacity with artificial-intelligence (AI) and machine learning (ML) technologies to adapt and effectively respond to this growing threat. This includes AI-driven transaction monitoring, which is paramount to containing fraud, complying with card association mandates, and positioning every transaction in a broader context. For example, transaction monitoring that’s enabled by advanced analytics and high quality data provides a real-time, contextual view of merchant risk and generates suspicious activity alerts.

Furthermore, next-generation KYC and CDD technologies are essential to onboarding merchants and managing risk. Smart automation, AI, and ML technologies via a cohesive platform enable credit unions to gain a consistent, holistic view of merchant accounts and their associated risk:

  • Overcomes the limitations of insufficient controls and complexities that can result in potential financial penalties, regulatory scrutiny, and reduced customer satisfaction.
  • Helps credit unions to deploy a customer-centric approach towards merchant onboarding that minimizes unnecessary friction.
  • Enables credit unions to leverage complete merchant account lifecycle risk coverage across merchant onboarding, ongoing due diligence, and enhanced due diligence (EDD) processes.
  • Allows customer and counterparty risk profiles to be augmented with the most current intelligence from hundreds of external data sources.
  • Provides AI-driven predictive customer risk scores for accurate high-risk merchant account management.
  • Offers efficiency improvements for analysts based on dynamic visual views of entity risk.

Merchant fraud is a growing challenge for credit unions to contend with, but robust KYC and CDD systems and effective monitoring processes ensures this threat can be proactively detected and prevented.

This is a 2017 statistic, but is being cited by companies in 2022 (like LexusNexus) so I think it still would be valuable to include.

Alak Das

Alak Das

Alak Das is VP of Products, Nice Actimize Premier products business unit, catering to SMB banks, credit unions, and mid-market FIs. He has over 20+ years of financial services experience ... Details