This may not be relevant to Investment or transaction banking businesses but the recent ATM fraud event in Tokyo is truly out of the Hollywood thriller movie script.
Why is this fraud event so special?
Approximately 1,600 counterfeit magnetic stripe debit cards cloned from card data stolen from Standard bank accounts were used between the hours of 5 a.m. to 8.m. on Sunday May 15th at 1400 ATM s located in 7-eleven stores.
Who could be actors in this entire commando style attack?
- Criminal gangs with in depth knowledge of the Japanese banking system
- Insider current or former employee who were familiar with the hours ATM activity is monitored, what rule are setup to raise red flag, how long it would take he bank to notice and shut down fraud event going on.
Regulators have been harping on banks need to have more robust Fraud monitoring capabilities. It’s believed that there was a fraud monitoring in place however by the time the pattern was noticed, $19 million was already gone. Many would still want to credit the bank for detecting the incident within three hours.
What are additional controls that could be built?
- More video surveillance on most off premises ATMs
- Detect foreign cards being used multiple times at multiple ATMs over a short period of time
- More data analytics, rules and real time monitoring capability
- Banks must have multi layered defences in place to detect sophisticated cash out schemes.