an end to end view of risk in payments l.
Skip this Video
Loading SlideShow in 5 Seconds..
An End-to-End View of Risk in Payments PowerPoint Presentation
Download Presentation
An End-to-End View of Risk in Payments

Loading in 2 Seconds...

play fullscreen
1 / 27

An End-to-End View of Risk in Payments - PowerPoint PPT Presentation

  • Uploaded on

An End-to-End View of Risk in Payments. Introduction to the Risk Spectrum and Mitigation Strategies Sayantan Chakraborty North America Head of Payments Citi Global Transaction Services Brian Todd VP Fraud Prevention and Internal Control Citi Global Transaction Services. August 09, 2010.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'An End-to-End View of Risk in Payments' - Gabriel

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
an end to end view of risk in payments

An End-to-End View of Risk in Payments

Introduction to the Risk Spectrum and Mitigation Strategies

Sayantan Chakraborty

North America Head of Payments

Citi Global Transaction Services

Brian Todd

VP Fraud Prevention and Internal Control

Citi Global Transaction Services

August 09, 2010

  • The Treasury Risk Environment
    • Evolving Risks
    • Changing Marketplace
    • Opportunities
  • The Financial and Franchise Risk Umbrella
    • Payment Systems
    • Regulatory/Compliance
    • Credit
    • Operational
    • Fraud
  • Payments in the Age of Social Networks
  • Banks’ Changing Role in Risk Mitigation
  • Case Study
  • Conclusion
paradigm shift in risk as a result of changes in payment trends

What this means for Treasury Operations and Banks

Paradigm Shift in Risk as a Result of Changes in Payment Trends

Old Payments Landscape

New, More Complex Landscape

  • Electronification has eliminated physical controls making validation time-sensitive
  • Monitoring new payment channels requires more diligence and added complexity
  • With rising influence of technology, fraud has become more sophisticated
  • Increased regulation has necessitated increased compliance checks
  • High volume check processing
  • Electronic payments were less organized with limited channels
  • Relatively slower pace of processing allowed a “reactive” approach to risk
  • Payments fraud was limited
  • Compliance requirements were simpler

The new payments market presents Banks and Treasury Operations with a new set of challenges as well as opportunities

In order to minimize risk in the new marketplace, key stakeholders mustbe at the forefront of innovation,prioritize controlsin infrastructure andbe nimblein an increasingly complex environment

a deeper dive into the risk spectrum

Regulatory/ Compliance

  • Banking and payments regulations are constantly evolving
  • Ensuring compliance with regulations places a burden on Treasury Operations that have limited resources


  • With increasing complexity, meeting specialized operational requirements can be very demanding
  • Uncontrolled processes can result in financial and franchise risk


  • Fraud schemes are becoming increasingly difficult to expose
  • Perpetrators take advantage of opportunities presented by Economic Downturns, Natural Disasters and Political Strife

Payment Systems Risk

  • Evolving marketplace exposes weaknesses in payment systems and organizations
  • Changes in the payments infrastructure have not penetrated into treasury operations at the same scale
  • External issues can affect ability to effectively operate


  • The nature of payments transaction underscores the importance of monitoring counterparty credit risk
  • The recent financial crisis has further made the topic of counterparty risk extremely relevant
A Deeper Dive Into the Risk Spectrum
regulatory and compliance risks

Rapidly changing regulations place a compliance burden on organizations

Regulatory and Compliance Risks
  • Organizations are subject to Fines, Sanctions and Reputational Risk for non compliance
  • The blurred line between banks and non banks results in legal and financial risk to all counterparties in transaction
  • Enhanced anti money laundering enforcement can add an operational burden on payment initiators and providers
  • Regulatory Changes – HIPAA, OFAC, AML, Fed operating changes
    • Regulations do not always keep up with payment requirements
    • Reg CC and Op Circular 3 are undergoing changes to meet today’s payment realities
  • Often , there still is a secondary impact
    • Treasuries and Banks have to comply which causes impact to the units via:
      • Investment dollars
      • Priority shift
      • Resource reallocation

How can Banks and Treasurers collaborate?

Banks can share best practices, market updates and operationally make it simpler for you to remain “compliant”, e.g. building controls universally within banking processes

operational risk

How do Banks and Treasuries Fit Together?

Operational Risk

Factors Affecting Operational Risk


  • Stringent hiring policies, rotation of personnel and separation of duties
  • Ensuring adequate coverage of key roles, and sensitive processes
  • Adequately staffed human resources with resources to find appropriate talent
  • Creation and testing of realistic and robust plans that mirror production processes
  • Merging similar functions to eliminate duplication
  • Inadequate separation of financial responsibilities increases payments fraud risk
  • Staffing issues can result in productivity loss
  • As the complexity of processes increases specialized requirements also increase
  • Inadequate or missing Continuity of Business (COB) plans
  • Physical plant costs

Many banks offer treasury outsource functions and products that can be used by treasuries to reduce operational costs and risks; some of the contingency management can be handled by Banks instead of building multiple redundancies

fraud risk

Counterfeit rings understand banking

  • Counterfeit rings use banking processes against banks and they exploit:
  • Float
  • Banks using rarely used Routing/Transit Numbers
  • Banks operating in diverse regions
  • Holidays
  • National disasters, or national strife
  • The level of sophistication of the counterfeiters is increasing
  • Counterfeiters utilize any situation which can cause a delay in bank processing or perceived control loss
  • Counterfeiters have banking experts working with them, and they understand how to exploit banking systems
Fraud Risk

Law firm scams have significantly increased bank’s and counterparty’s risks

  • Dollar values of these items are higher – averaging 300K
  • Law firms are not bound by Patriot Act and other banking regulations, prior to engaging in financial transactions
  • Law firms are protected in many states by favorable LLC (Limited Liability Corporation) laws, that allow them to be exempt from loss liability
  • Law firms have strategic advantage in local courts, if a dispute becomes a civil case
  • Law firms understand that the courts have not caught up, to the new forms of fraud, and the courts do not favorably decide on Reg. CC breaches, regardless of the root cause
fraud risk11

Why is Fraud Increasing?

Fraud Risk

Sheer Volume

  • 49.1 billion checks issued annually
  • In 2008, USPS intercepted more than 2 Billion worth of counterfeit checks drawn on U.S. financial institutions
  • Control lapses on print and mail procedures


  • Checks and other documents can be easily replicated
    • Availability of “Off the Shelf” check printing programs
    • Availability of Check Stock

Regulation CC

  • Funds availability
    • Hold times have decreased based on better collection processes
  • Return check timelines
    • Investigation time is limited by the requirement to identify and return check settlement items to bank of first deposit in 48 hours

Mail Theft

  • Counterfeit rings exploit the mailing process
    • Items intercepted en-route to destination

Jurisdiction Issues

  • Non-cooperation across international borders
  • Investigations limited to large dollar amounts
fraud risk12

Suggested Best Practices to Prevent Fraud

Fraud Risk

Best Practices

  • Employ stringent hiring procedures with appropriate background checks
  • Restrict employee access to customer file records
  • Destroy obsolete check stock as soon as possible
  • Do not include account number and authorized signatures in correspondence
  • Establish dual control procedures for the handling of any unprinted check stock



  • Separate accounts payables functions
  • Segregate the processing of returned checks


  • Create audit trails and conduct surprise audits
  • Reconcile bank accounts daily
credit risk

Organizations can mitigate credit risk by carefully evaluating their counterparties and by protecting their security interest in such relationships

Credit Risk
  • Payment transactions have inherent credit risk
    • Intraday / overnight exposures due to batch (e.g. ACH) and single entry transactions (e.g. Wires)
    • Risk exposures can be created due to special purpose funds deposited with a financial intermediary
  • Regulatory protection against such exposures is limited
    • FDIC insurance, where available, is capped to $250,000
  • Organizations should carefully evaluate and choose banks and other financial intermediaries
  • Security interest in such a relationship should be protected with an appropriate collateral
payments systems risk

Banks can help mitigate the payments systems risk through a disciplined risk evaluation of the payments infrastructure

Payments Systems Risk
  • Payments are settled through a payments “infrastructure” which interconnects various organizations
  • Such multilateral systems may increase, shift or transform risks in unanticipated ways
  • Consequently organizations can be severely affected :
    • Either directly due to a system failure at their end


    • Indirectly, due to a failure in the other indirectly connected systems
  • Liquidity Risk : Breakdown in the payments infrastructure can pose liquidity challenges
  • Operational Risk : Payments systems malfunctioning can result in financial implications due to information loss
  • Legal Risk : Potential litigation or inability to enforce a contract could result in significant financial and reputational loss
  • Franchise Risk: Failure to meet payments obligation can result in negative publicity

Banks as participants in payments systems, are deeply involved in risk evaluation. The payment system benefits from the collective evaluation

ach transactions

Due to the batch processing nature and the regulation governing ACH transactions, there are risks that organizations should be cognizant of

ACH Transactions

Credit Risk

  • Credit Risk originates in ACH transactions in the following scenarios:
    • Counterparty not funding a transaction on their overdrawn account
    • Intraday and overnight balances
    • Unsecured deposits

Fraud Risk

  • ACH rules for identification and reporting of suspicious transactions are different for organizations and individuals
    • Corporates have 48 hours to report and act against a fraudulent transaction
    • Individuals have 60 days
  • Lines are blurred between a corporate and an individual transaction
  • Organizations are sometimes left vulnerable due to lack of understanding of the qualification for transactions
payments in the age of social network

Why should State and Local Government bodies care?

“If Facebook were a country it would be the eighth most populated in the world, just ahead of Japan, Russia and Nigeria “ *

56% CAGR

101% increase

Payments in the Age of Social Network
  • The ubiquity of Social Networks cannot be ignored
  • Piper Jaffray predicts that total US revenues from virtual goods will reach $1.0 Bn this year
  • Facebook alone has more than 110 Million unique users in the USᅡ

ᅡ(As of March 2010, Source: )

US Virtual Goods Revenue ($MM)

Source: Piper Jaffray, “Pay to Play: Paid Internet Services”, July 13, 2009

  • Social Networks are the channels of the future to connect with citizens
    • Many state and local government bodies are already using Social Networks
    • Counties in Texas - Grayson, Collin and Cooke, have started their own Facebook and Twitter sites to make it easier for the public to access important information**

Growth of Facebook Users (MM)


* Owyang, J. (2009). A Collection of Social Network Stats for 2009 Retrieved March 20, 2010

** Source : : “Social Networking in Government: Opportunities & Challenges”

multiple payment options in the virtual economy
Multiple Payment Options in the Virtual Economy

Traditional Payments

Credit/Debit Cards



  • Virtual Goods/Services
  • Monthly Subscription for Online Games

Account Funded

  • Make payments directly from your bank account with added security






  • Payor enters mobile number and funds are collected via monthly mobile bill

Virtual Currency

QQ Coins

Facebook Credits

  • Members can use purchased virtual currency to pay other members or buy goods online

Next Generation Payments

p2p payments gaining traction on social networks
P2P Payments Gaining Traction on Social Networks

The new TwitPay will provide a means of quick and easy donations for Twitter users using “retweets”

Charities looking for donations can simply tweet a request, and donors can respond by retweeting the message, which opens up a authorized payment transfer from the users account

TwitPay collects up to 5% on these transactions

Traditional P2P on Facebook

P2P for Charity on Twitter



  • Buxter is ClickandBuy's Facebook application that allows members to make P2P payments in either Euros or Dollars
  • Allows Facebook users to:
    • Send money to other Facebook users
    • Receive money from other Facebook users
    • Request money from other Facebook users
    • Withdraw money to their ClickandBuy account
    • Purchase Facebook applications
  • Users are only charged for withdrawals (1.9%)
risk management in the new paradigm
Risk Management in the New Paradigm

Authenticating the actual user or payor becomes increasingly difficult

Sophisticated hackers can steal or create false identities easily

Information security becomes increasingly important as social network IDs are now linked to user’s payment accounts



  • Payment processors must find balance between processing large volume micro payments efficiently without risking processing errors
  • Payment monitoring must now extend beyond actual dollars, but must extend to how users are using their virtual currencies


  • Existing laws and regulations does not contemplate payments in the virtual context
  • Inconsistent across markets (e.g. China outlaws use of virtual currency to buy “real” goods, while Korea allows virtual to real transactions)
  • The taxation laws around gaming revenues are vague
responding to priorities
Responding to Priorities

State and Local Governments are grappling with today’s economic realities

  • Re-capitalization and asset stabilization with bail-out of entire industry sectors
  • Increasing complexity of processes due to end consumer’s constant demand for additional services
  • Budget pressures driving efficiency initiatives to reduce costs and increase productivity

How can Banks help?


Drive Innovation

Embedded Partnerships

  • Assisting in reaching higher levels of electronification while optimizing processes around residual paper-based payments
  • Tools and analytics to proactively manage treasury-wide liquidity and funding strategy
  • Industry expertise and advise on next generation of development in financial and treasury related processes
  • Understanding and leveraging emerging consumer behavior to create bundled offerings like mobile top up or consumer directed payments
  • Offering innovative solutions for all evolving payment needs along the entire paper to electronic payments spectrum from traditional check disbursements to virtual payments
  • Cooperation: access market-ready platforms, product capabilities and a globally connected network and proven expertise
  • Extend participation beyond treasury & operations to procurement and HR
  • Collaborative innovation with evolving risks in m-commerce, secure digital identity, prepaid services and virtual payments paradigm
case study

Case Study

The Direct and Secondary Impact of Fraud

international checks fraud

International check payments for a major public sector entity were intercepted at a mail vendor and tampered to fraudulently withdraw funds

  • Innovate to stay one step ahead of counterfeiters
    • Measures like beneficiary name matching has been very successful in filtering fraudulent cases
  • Communicate and exchange information with external vendors
    • Daily reconciliation with external vendors
    • Regular internal audits and reviews
  • Plan comprehensively for recovery
    • Establish, Review, and Improve recovery plans in all locations taking the local regulations into account
    • Create internal measures for quick identification and priority processing for recovery related to fraud
International Checks Fraud

What went wrong?

  • A crime ring infiltrated a postal vendor in the UK
  • They were able to identify and intercept pension payment mails
  • The names on the check were altered to fraudulently withdraw funds

Regulatory environment is increasing the financial burden on Treasury Operations

Risks to Treasury Operations are significant and are constantly evolving

Fraud is increasing in sophistication

New payment channels are also giving rise to new risks

Banks can provide expertise to mitigate payments risk at a lower cost

  • Up-to-date information about regulation and compliance
  • Fraud prevention
  • Risk evaluation of payments systems
  • Technology and Innovation

© 2010 Citibank, N.A. All rights reserved. Citi and Citi and Arc Design are trademarks and service marks of Citigroup Inc. or its affiliates and are used and registered throughout the world.

In January 2007, Citi released a Climate Change Position Statement, the first US financial institution to do so. As a sustainability leader in the financial sector, Citi has taken concrete steps to address this important issue of climate change by: (a) targeting $50 billion over 10 years to address global climate change: includes significant increases in investment and financing of alternative energy, clean technology, and other carbon-emission reduction activities; (b) committing to reduce GHG emissions of all Citi owned and leased properties around the world by 10% by 2011; (c) purchasing more than 52,000 MWh of green (carbon neutral) power for our operations in 2006; (d) creating Sustainable Development Investments (SDI) that makes private equity investments in renewable energy and clean technologies; (e) providing lending and investing services to clients for renewable energy development and projects; (f) producing equity research related to climate issues that helps to inform investors on risks and opportunities associated with the issue; and (g) engaging with a broad range of stakeholders on the issue of climate change to help advance understanding and solutions.

Citi works with its clients in greenhouse gas intensive industries to evaluate emerging risks from climate change and, where appropriate, to mitigate those risks.

efficiency, renewable energy & mitigation