The recent AFP report (Association for Financial Professionals) on payments fraud in 2008 makes grim reading for financial institutions…
…especially compared to the previous 2007 one. 30% of respondents said they experienced more payments fraud attempts in 2008 than 2007, and incidence accelerated throughout the year with 38% saying that fraud increased in the second half of the year, probably due to worsening economic conditions.
From an IT point of view, this just reinforces the need to have systems that are easy and cost-effective to change. Lustratus developed a detailed report in 2008 about the shift in the area of IT payments processing solutions, where it outlined the key elements of the new, ‘2nd generation’ approach to payments processing as follows:
…the 2nd generation payments processing model needs to be based on the following key design points:-
-An extensible, service-oriented approach featuring plug-in capabilities
-Enterprise-wide, consolidated and centralized, real-time visibility and control of all payments processing activities, from anywhere to anywhere, based on a generic, standards-based payments model
-A business rules-based architecture governing payments processing functionality
– And, of course, the continued provision of reliable, efficient and repeatable payments handling as provided by 1st generation systems
The two key features that apply to thispayments fraud example are the extensible approach with plug-in capabilities, and in particular the rules-based concept. The idea behind having a business rules-driven payments processing infrastructure is that when changes are needed in the way payments are handled, these can be implemented quickly, safely and verifiably with rules as opposed to having to change program internals with all the associated implications. For example, rules could be used to enforce the use of separate accounts for handling checks or ACH payments, or having different accounts for every different payment type. In addition, rules when combined with events processing can provide an easy way to detect out of line situations and raise a red flag.
Payments fraud is only one of many examples of the need for systems to be able to respond quickly to change – and rules-based processing combined with an extensible, service-based approach to delivering functionality provides the ideal environment to tolerate that change quickly, safely, cheaply and effectively.