Abstract
Boston, MA - March 25, 2009 Risks associated with prepaid cards and
strategies for prepaid risk management have been well documented in research
published by numerous sources. But the majority of these sources focus
regarding prepaid risk issues has centered on the role that prepaid cards can
play in money laundering schemes, as well as the best practices for managing
prepaid money laundering risk.
Published discussion of the anti-money laundering (AML) aspect of prepaid risk
management is significant, as is that of data security, and Mercator provides
some commentary surrounding both. However, the relative scarcity of
information surrounding fraud in the prepaid space obliges us to focus the
majority of this research document on the crucial aspect of fraud management.
Prepaid Fraud and Risk: Between Cash and a Hard Place presents examples of
various schemes that help to illustrate each mode of prepaid fraud. At a very
high level, the report explores the concerns surrounding prepaid cards and how
they might be exploited by money launderers, as well as the initiatives the
industry has taken to implement best practices for AML. Third, the report
addresses the latest developments in how data security breaches are impacting
the prepaid risk landscape. This report also examines systems that various
prepaid market participants have deployed to combat fraudulent activity within
their prepaid portfolios, and discusses the growing adoption over the last few
years of risk management systems and services provided by processors. Finally,
we will discuss the potential for AML technology and processes in use in the
broader financial services industry to be efficiently merged with prepaid
fraud management initiatives so that market participants might recognize
greater value in their risk systems.
“The fraud schemes that involve prepaid cards, either at the point of
activation or when they are reloaded with fraudulent funds, are certainly
crafty in their ingenuity and no less pernicious than other types of
fraudulent activity when it comes to that activitys social and cultural
impacts”, comments David Fish, Senior Analyst in Mercator Advisory Groups
Prepaid Advisory Service and author of the report. “The demand for
collaborative systemic fraud controls has never been greater. Consortia and
trade associations in the investigative and security areas have been a good
place to start, initiating a general dialogue among institutions. However,
systems should also talk to each other in such a way that the entire payments
ecosystem is made more secure.”
Report Highlights Include:
- 1. While much of the discussion has focused mostly on money laundering
when it comes to prepaid cards and their use in criminal schemes, Mercator
takes a deep dive into some of the fraud trends that are unique to Prepaid.
- 2. The host of fraud schemes involving prepaid cards is an ever-evolving
beast, and Mercator presents several bleeding edge examples of how the bad
guys are exploiting the system.
- 3. Market participants seem to have a handle on schemes that include
elements of money laundering since prepaid issuers, processors, and program
managers have incorporated AML best practices in their processes and products.
- 4. The recent rash of processor data breaches has included at least one
big name in the prepaid space. The real world "Oceans Eleven" that ensued will
have lasting repercussions on how prepaid cards are processed.
- 5. Systems for fraud management in credit and debit card portfolios are
being adapted and deployed for use in prepaid programs. Once-manual workflow
processes are seeing greater automation, but for issuers who take the risk on
their prepaid products, does the cost of system deployment outweigh the
benefit?
Companies Mentioned in This Report:
American Express, Blackhawk Network, Department of Justice, Dun & Bradstreet,
FBI, Federal Reserve, FICO (nee Fair Isaac), Fidelity National Information
Systems (FIS), FinCEN, First Data, Green Dot, InComm, MasterCard, Metavante,
NBPCA, RBS WorldPay, TSYS, UBS, US Bank, Visa.
This report contains 27 pages and 8 exhibits.
Table of Contents
TABLE OF FIGURES
INTRODUCTION
I. Prepaid Fraud
II. Money Laundering Risk
III. Data Security In The Prepaid Space
IV. Risk Management Systems For Prepaid
CONCLUSION
TABLE OF FIGURES
- Figure 1: Direct and Indirect Go-to-Market Models for Prepaid Cards
- Figure 2: Prepaid Card Chargeback Process (Loads)
- Figure 3: Fraudulent Loads - Social Engineering at the POS
- Figure 4: Prepaid Card Chargeback Process (Usage)
- Figure 5: Placement of AML in an FI Organization
- Figure 6: 3 Stages of Money Laundering
- Figure 7: AML System Elements Today, and Future Linkage to Fraud and
Marketing
- Figure 8: RBS WorldPay Breach - ATM Cash Capacity
