Lynne Karla, Vice President, Auditor, Park National Bank
Victoria Strayer, Senior Director, Enterprise Business Compliance, TSYS

Gary Roboff, Senior Consultant, BITS & The Santa Fe Group

As the electronic funds transfer environment has matured, the payments industry's ability to mitigate risk has grown more difficult. A range of issues has challenged FIs. It include new attacks -- more sophisticated data breaches -- via the Internet and other technologies; the increasing role of third-party actors (e.g., processors, ISOs) in the U.S.; the growing gulf between magnetic stripe and chip and PIN in card environments across the globe; changes in international payments regulations and protocols; and the convergence of payment system functions. BITS’ Third Party Access Working Group was created to monitor such developments, and members will discuss questions such as:

As third parties play larger roles in the ACH and more processing and sales activities take place outside of originating FIs, are additional steps required to enhance risk mitigation? If so, what are they?

• How do changes to the ACH (e.g., international transactions, same-day settlement, direct-connect relationships) impact risk?
• How can the industry improve PCI compliance? Is there a way to project which entities may be best equipped to maintain PCI compliance between periodic examinations?
• Is there a need to re-engineer the U.S. real-time payments environment, and if so, which approaches have the best chance of mitigating risk at acceptable cost?

Debbie Byrd, Senior Vice President, Director of Loss Prevention, BBVA Compass Bank

Glen Sgambati, Chief Data, Risk & Security Officer, Early Warning Services

Link analysis may be the next generation in preventing deposit-account fraud, and being able to look across multiple financial institutions to identify fraud rings is a key development. Based on the knowledge that people and transactions are socially connected, the technology helps identify fraudsters operating in crime rings that might otherwise go undetected. Building on the bank-owned Early Warning collaborative model, several banks have been participating during the last year in a proof of concept using link analysis and data in the national shared database. To date, the results indicate that major losses to financial institutions can be mitigated.

• How link analysis helps identify crime rings infiltrating the financial system
• What link analysis means to the future of fraud prevention in the financial services industry
• What BBVA Compass Bank and Early Warning have discovered through link analysis conducted in the last year

Stuart Nix, Senior Fraud Investigator, Capital One Financial Corp.

Fraudsters are establishing or taking over lines of credit with the intent to meet or exceed the credit limit by artificially inflating the funds available in the account before they “bust out” by removing the funds. Until now, this fraud has been undocumented and it may be the largest fraud category for the financial industry. All lenders are at risk, as the fraudsters have shifted their focus to include not only credit cards but all lending programs such as auto loans, home equity lines, business lines of credit, retail banking, etc.

• Learn how criminals have exploited weaknesses in the credit process
• Identify characteristics, elements and red flags of bust out fraud
• Discuss recommended processes and strategies institutions can implement to mitigate the risk

Timothy T. Li, Deposit Risk Manager, JPMorgan Chase

Michael Mulholand, Director, Fraud Solutions Strategy, Memento

Anyone in loss prevention knows that check fraud continues to increase in this tough economic environment. While loss avoidance for check fraud has been successful to a degree, current efforts come at a very high price. Teams of analysts wade through thousands of false positives searching for fraudulent checks, confounding efforts to manage fraud and the departmental budget effectively. It's time for a quantum leap in the fight against the old problem of check fraud.

• Learn why current approaches to check fraud prevention are not working
• Learn how next generation tools for analysts improve productivity and empower informed decisions in an environment where the right decision must be made within seconds
• Learn how to improve check fraud detection while dramatically reducing false positives

Montresa McMillan, CEO, MJM Strategy

Joe Salesky, Founder & Chief Strategy Officer, Clairmail

Increasingly, bank customers are demanding anytime, anywhere mobile access to their accounts. However, there are no end-to-end security standards for mobile communications. Consumers and businesses perceive risks with mobility, especially since most mobile phones lack the firewall, anti-virus software and other protections common on PCs. Financial institutions need to implement multiple layers of security and adhere to demanding best practices to manage the risk posed by all-too-common threats such as spoofing, phishing, vishing, man- in-the-middle attacks and SMiShing.

• Attack vectors against SMS, browser and embedded/downloaded applications ·         Responding to each kind of vulnerability
• The reality of perceived insecurity
• SMS as out-of-band, real-time, trusted-path validation
• Complying with multifactor authentication