As the drive for mobility by members increase, credit unions are facing the unintended consequences associated with fueling the consumer appetite for mobile banking applications. These are natural “cause and effect” circumstances that should be visible and considered by both financial institution and member alike. The first consequence of the drive for mobility is that any electronic transaction is susceptible to electronic fraud and theft. This is factual historically, and it will continue to remain so. The relative risk of performing electronic mobile transactions increases exponentially in proportion to its online visibility and availability with unsecured mobile devices.
A second consequence, implicating the first, is a result of the veracious appetite of consumers to adopt mobile “Anything” and then the casual regard of the device and its content. The general consumer’s lack of regard for the security of personal mobile devices exposes expose themselves, their credit union and retail merchants alike to additional fraud, fees, and operational expense beyond the traditional electronic transaction. Add to this the natural technology curve of mobile banking solutions, which in contrast to more established electronic transaction methodology, must pass through the technology maturation cycle, you end up with even greater inherent risk and fraud susceptibility. Remember, no electronic system is perfect or completely secure.
And finally a third consequence associated with all of the considerations of this changing mobile landscape is the rising tidal wave of compliance mandated to support the emergence of electronic commerce. This flood of regulatory requirements is on a steep and steady incline, demanding financial institutions to invest in resources that have the potential to negate the professed gains in efficiencies and reduced costs promised by mobile transaction and payment systems adoption.
Susceptibility of Electronic Financial Data
Performing financial transactions through the same device that is your phone, your calendar and which now wants to be your wallet, is drawing a lot of attention from critics across the globe. Reviewing the last five years, it is easy to see why critics are concerned. Consider just one reported case and its scope of impact. In 2007, hackers were successful in infiltrating the corporate computer systems of TJ Maxx over a one year period, and stole over 45 million pieces of credit card and personal consumer data. This massive success of hackers exposes the susceptibility of electronic consumer financial data. The breadth of impact from theft and fraud resulting from the adoption of electronic transactions is staggering. In the case of TJ Maxx, Ross (2007) reported, “At least 45.7 million pieces of sensitive, personal credit information were stolen from the computer system of the TJX Company, owners of TJ Maxx and Marshals and some other discount stores. It is a giant crime.” This crime cost consumers and TJ Maxx millions of dollars in monetary funds and good will.
The advent of mobile devices only compounds the already growing problem of fraud and theft surrounding electronic transaction processing. Smart phone availability and adoption now reaches into the tens of millions of consumers globally. These consumers have at their fingertips a singular device that is their phone, their calendar, their email, and if technology providers get their wish, their electronic wallet. In a Bloomberg Business Week report, Kharif (2012) sited, “By 2015, consumers worldwide will buy $1.3 trillion worth of goods with their phones and tablets.” With this forecast, projections for fraud are astounding. “Potentially, it could be billions of dollars a year in losses.” Kharif (2012) continued.
When one considers the personal practices of smart phone owners it is not hard to understand the sentiment expressed by Mike Urban, director of financial crime solutions at Fiserv, who said, “There’s huge concern.” Kharif (2012). Such concern rises when smart phone owners do not secure their phone’s access, loose it or misplace it temporarily, or simply leave their device in open areas. The additional risk of more widely accessible, unsecured mobile devices compounded with emerging technologies that will require the natural process of maturation require all reasonable persons to ask the question, “Should we do this simply because we can?”
Costs of Compliance
Compliance is a major topic of concern for financial institutions of all sizes and types. For credit unions, who are struggling for bottom line and resources, the demand of complying with regulation is high and costs can escalate quickly. As new technologies emerge, regulators have piled on more requirements to address the changing landscape of transaction processing and the associated risk of those mobile transactions. Chilingerian (2012, p1) reported, “San Diego Medical Federal Credit Union, which has $73 million in assets and services around 6,300 members, is forking out between $4,500 and $5,500 per month to keep up with regulations and NCUA requests.” Many credit unions are recognizing material increases in costs for compliance as a result of new and emerging mobile technologies. Why? Because these technologies are deemed necessary by credit unions to protect existing membership’s patronage and to acquire new members that are needed to grow and remain viable.
Legislation such as the Bank Secrecy Act and the Dodd-Frank Act, in conjunction with requirements from government agencies such as the Department of Housing and Urban Development, have added additional layers of compliance and complexity to the already substantial regulatory guidelines utilized by examining auditors. The results of these, and other regulations, has brought confusion for members who are now required to review and interpret lengthy and complex disclosure statements. Credit union leaders insist, “You’ll get frustrated members saying, why do we have to do all of this?” Chilingerian (2012, p1). Credit union leaders find it difficult to justify or logically reason the purpose of such increases in regulation. They argue that regulation has been contrived to address unethical behavior and practices in the financial markets. However, they assert these regulations do not reflect the broader industry which represents and upholds ethical professional guidelines. Rather they regulate the whole based on the practices of a few.
How do financial instructions stay pace with the expanding demands and appetites of members, while quenching the thirst of the compliance monster? One way credit union leaders are proactively addressing these demands is by leveraging the cooperative business model of the CUSO. Technolgoy and compliance CUSOs in the industry are already working with credit unions to mitigate the rising costs of both technology and compliance. The power of the cooperative business model allows credit unions, regardless of size or expertise, to join together to build solutions that can be leveraged collectively, and own the solutions for future use.
To the bigger questions of, “Why should we become mobile?” or “Should we become mobile simply because we can?” These will be answered by members and industry leaders alike, but let’s not make a choice to fuel member’s desire for mobile transactions simply because of the flattery of mobile technology providers who say, “We should because we can.”
Ross, B 2007, ‘Record Data Theft’, World News Tonight (ABC), p. 1, Regional Business News, EBSCOhost, viewed 17 June 2013.
Kharif, O 2012, ‘A New Frontier For Criminals’, Bloomberg BusinessWeek, 4299, p. 62, Business Source Complete, EBSCOhost, viewed 17 June 2013.
Chilingerian, N 2012, ‘CUs Tally Up the Rising Cost Of the Compliance Burden’, Credit Union Times, 23, 2, pp. 1-31, Business Source Complete, EBSCOhost, viewed 17 June 2013.