Content Library

Fraudsters work in real-time. Fraud prevention tools should too.

Why “Day-2” fraud reviews should be a last resort

Day 2 blog

Before financial institutions (FIs) were savvy in fraud technology and automation, applications or transactions which required a fraud review were conducted manually. A human would review each and every fraud or application alert generated by a model or set of rules so they could make a decision. With each manual review taking anywhere from a few hours to a few days, this process was time-consuming and inefficient.

Today, the fraud review process has evolved in response to a dramatic increase in fraud. This was caused by 1) the rapid expansion of digital finance during the COVID-19 pandemic, 2) an increase in new online targets for fraudsters, and 3) an increase in their cash reserves. Since then, financial Institutions have continued to see more fraud: In 2022, 70% of FIs lost over $500,000 to fraud. Demand for fraud technology has responded accordingly: In fact, in 2022, the fraud detection and prevention market was valued at $36.89 billion, according to Fortune Business Insights.

In this current ecosystem, new fraud technology has led to the automation of a large portion of fraud reviews. Rather than a human going through every review manually, some reviews are automated using step-up verification measures such as phone-based verification, selfie screening, and more. Manual reviews are still an essential part of the fraud prevention process when it comes to particularly risky transactions, but automating a portion of them saves FIs time and money to focus on other business priorities.

However, even with more fraud reviews being automated, many organizations still rely on a “Day-2” fraud review process. A Day-2 process refers to when FIs approve applications and transactions upfront and then screen those applications and transactions for fraud in batches the next day. For example, if a client completes an application to open an account on a Wednesday, the fraud screening will not occur until Thursday.

This approach is risky for both the FI and the customer. If fraud alerts aren’t generated and reviewed in real-time, money can be transferred to a fraudster before anyone is the wiser. To prevent this, FIs must integrate real-time fraud prevention into their processes throughout the customer lifecycle.

Issues with a Day-2 fraud process?

There can be multiple unintended consequences for using a Day-2 fraud process. When an account is successfully opened without a real-time fraud screening, a bad actor could begin transacting on the account before the fraud analysts ever review the application for legitimacy. On top of that, there is a cost associated with sending a client a debit card, welcome packet, and other onboarding procedures.

There is also an operational cost associated with closing the account on Day-2, including: securing the account, taking action on the funds which were deposited, closing the card, sending communication about the account closure, etc. Banks that use real-time screening and decisioning during origination (instead of a Day-2 process) avoid much of this cost.

Day-2 processes aren’t just used during onboarding. Banks also use them for other types of transactions, including deposits. Historically, banks relied on fraud analysts and/or tellers to place regulatory holds on a deposit when the conditions of Regulation CC were met. (This refers to a set of federal requirements around how long banks can place holds on customer-deposited funds.)

This approach presents many challenges because human error can play a role, especially as it relates to being compliant and remaining consistent. And if those alerts are not generated in real-time, the funds could be available to the bad actor before a hold could even be placed.

Because of how manual of a process Day-2 is, banks put enormous strain on their back-office employees. This creates backlogs and impacts the ability to scale for new products without adding more team members.

Why do banks still rely on Day-2 review for originations?

The volume of data breaches has risen over the past few years. In 2022, the FBI’s Internet Crime Complaint Center (IC3) reported a total of 800,944 cybercrime complaints, with losses exceeding $10.3 billion. Fraudsters use this stolen data to develop and circulate synthetic identities, which FIs must be prepared to identify and remove from their products. At the same time, consumers are increasingly demanding fully digital banking experiences. These trends opened the door for massive increases in new account applications — both legitimate and fraudulent — being submitted, and many banks use legacy technology that's simply not up to speed.

These challenges occur for many reasons, such as architecture limitations, data availability, lack of identity solutions at the front end, and antiquated origination application. All of this puts fraud leaders in a precarious position when a fraud attack occurs through their originations channel, as they must still find a way to identify all of the fraudulent applications while keeping the channel open for business to legitimate customers.

Long story short: there is a lot on the line for banks. There is a reputational risk if the financial institution receives high volumes of suspected identity theft applications and does not have the technology to verify legitimate applications. There’s also the monetary risk of direct fraud losses if fraudsters are not identified and stopped quickly. Simultaneously, banks know that they will lose good customers if they don’t provide a seamless and near-instant digital experience. Their answer to these challenges is often a Day-2 process which allows them to onboard as many customers as possible, hoping to catch any bad actors the next day.

An alternative: real-time fraud prevention

Is there a better way? Could the Day-2 review only be used on exceptions rather than serving as the primary fraud prevention tactic? Could technology be used to identify those exceptions for manual review and no longer rely on a spreadsheet? Could layering of defenses and automation be used to decide the application in real-time or add step-up verification in real-time, thus allowing for a better client experience?

The answer is yes. Manual review is certainly a fraud tactic that can be used in account originations. However, it should be used as an exception and not as the go-to fraud prevention process. Technology designed to manage identity risk can provide multiple risk signals in real-time, allowing the opportunity to select the appropriate risk threshold on which accounts should be immediately approved or declined.

This flexibility can reduce false positives, provide clients the opportunity to self-resolve, and maintain a higher level of risk and oversight. Being more precise in identification and decisioning can relieve pressure and workload from the fraud team, creating more room for banks to scale into new products.

On a transactional level, advancements in technology have enabled financial institutions to interdict directly with the client when performing an online transaction or payment. Transactions that feed into a fraud system can be screened in real-time and put through automatic holds if needed, protecting both the client and the bank before the item is processed.

Faster account openings, faster payments, faster fraud

Faster payments and faster account openings will continue to be the expectation of consumers, and the technology will evolve to meet those demands. But the demands of speed will also provide a path to faster fraud. Fraud prevention policies need to be adjusted accordingly in order to keep up.

Move faster than the pace of fraud.

Related content