Find answers to questions such as: What makes an ERM program effective? How should it be implemented?
Independent Study Reveals Corporate Account Takeover Fraud Continues to Plague SMBs and Banks
April 11 - Guardian Analytics, a market leader in predictive analytics-based fraud prevention software, together with independent research firm, Ponemon Institute, has announced the results of the 2011 Business Banking Trust Study. Five hundred thirty-three executives and business owners from small and medium businesses (SMBs) in the United States participated in the study. In its second year, the research offers a comprehensive look into the pervasiveness of fraud targeting SMBs and the impact it has on businesses' relationships with their banks.
The results of the 2011 Business Banking Trust Study indicate that in the last year, the industry has not moved the needle in addressing the corporate account takeover and fraud plaguing SMBs and their financial institutions. The data shows that fraud is still pervasive, money is leaving accounts unnoticed at an alarming rate, and businesses will leave their banks because of it. While businesses are taking some precautions, their overall expectation is that banks will protect them.
"Banks are facing a lose-lose proposition: losing money and losing customers," said Terry Austin, CEO, Guardian Analytics. "Year-over-year, there has been no improvement overall in the industry's ability to proactively prevent money from leaving small business accounts that have been compromised. The silver lining is that there is a big opportunity for banks to be proactive and implement fraud prevention strategies that will improve their trusted relationships with customers and save them money in the long run."
Data highlights from the 2011 Business Banking Trust Study include:
- Fraud Attack Rate: Fifty-six percent of businesses experienced fraud in the last 12 months. Of those that experienced fraud, 61 percent were victimized more than once. 75 percent of the businesses participating in the study experienced online account takeover and/or online fraud. These figures are nearly the same as those in the 2010 Business Banking Trust Study, indicating banks and businesses are struggling to make progress on the issue.
- Fraud Detection Rate: In 78 percent of fraud cases, banks failed to catch fraud involving the illegal transfer of funds or other nefarious practices such as information identity theft.
- Fraud Loss Recovery: Banks were able to keep money from leaving the bank in 22 percent of cases and fully recover fraudulently transferred funds for 10 percent of businesses. Banks were unable to recover funds in 68 percent of cases, leading to losses for both business and banks. Banks took losses in 37 percent of cases by reimbursing businesses for unrecovered funds, and businesses took losses in 60 percent of cases.
- Mobile Banking Growth Rate: Thirty-eight percent of respondents said they access their company's banking accounts from mobile devices including smart phones and tablet PCs like the iPad, compared to only 23 percent in 2010.
- Responsibility and Liability: Forty-one percent of respondents said that in their opinion, the bank would not cover any losses if their company's bank assets were stolen and not recovered. This perception increased from 26 percent in 2010. Despite this increased awareness, 70 percent of businesses still feel that their institution should be ultimately responsible for securing online accounts.
- Customer Churn: Forty three percent of businesses said they have moved their banking activities elsewhere after a fraud incident. Ten percent of businesses that have experienced fraud have terminated their banking relationship following fraud attacks, and additional 33 percent said they did not fully terminate their relationship, but moved their primary cash management services to another institution.
"This year's data again affirms that businesses' trust in their banks is quickly damaged and they are not willing to give their banks a second chance," said Dr. Larry Ponemon, chairman and founder, Ponemon Institute. "As online and mobile banking adoption continues to grow, the possibility for more fraud and more lost customers escalates. Endpoint security will be challenged to keep up with the growing number of devices and threats, and banks are in the best position to take the lead on proactively protecting all account holders from the wide variety of threats."
The Guardian Analytics 2011 Business Banking Trust Study includes more details on SMBs' online banking behavior and their views of banks' security practices including accountability and end-user education practices. It also provides recommendations for banks and businesses to better prevent fraud. Download it at the following link: http://info.guardiananalytics.com/2011TrustStudyKit.html
Ponemon Institute was commissioned by Guardian Analytics to conduct the survey independently in February 2011. Guardian Analytics protects financial institutions and their customers from online fraud attacks through its SaaS solution, FraudMAP, which uses behavioral analytics to detect account takeover and fraudulent transactions by identifying suspicious activities relative to normal behavior.
About Guardian Analytics
Headquartered in Los Altos, Calif., Guardian Analytics is focused on the prevention of online banking fraud and committed to making advanced solutions available to institutions of all sizes. The company's risk management approach to detecting account takeover and fraudulent transactions is built on deep expertise in behavioral analytics, online banking and online fraud. National and community banks and credit unions rely on Guardian Analytics to protect individual account assets the integrity of their online channels and their brand reputations. Founded in 2005, Guardian Analytics is privately held with venture funding from Foundation Capital, Sutter Hill Ventures and Split Rock Partners. For more information, please visit www.guardiananalytics.com.
About Ponemon Institute
The Ponemon Institute© is dedicated to advancing responsible information and privacy management practices in business and government. To achieve this objective, the Institute conducts independent research, educates leaders from the private and public sectors and verifies the privacy and data protection practices of organizations in a variety of industries.