Pacific Continental Bank Uses Fraud Analytics to Protect Small Business Online Banking Users
To protect its small business online banking users from all types of online fraud, Pacific Continental Bank, a $1.2 billion community bank based in Eugene, Ore., has deployed fraud analytics software from Guardian Analytics.
Although the scale of small business online banking fraud is smaller for a community bank like Pacific, no bank wants to appear in the newspaper account of an online banking attack or a lawsuit of a small business against its bank for failing to prevent an attack, points out Mellani Ocampo, ecommerce manager at the bank, who spoke to BS&T in an interview today.
Small business owners, on the other hand, "are not as concerned as they should be, Ocampo says. "Often clients are more ready to complain about the inconvenience of security rather than the fact that it could prevent them from losing money," she says. "That's why we wanted to do something that didn't require the customer to do anything, it happens behind the scenes. They just answer a phone call once in a while."
The software, FraudMap, monitors and analyzes online banking behavior to spot anything unusual or suspicious. A designated employee in Ocampo's group monitors the software's hourly alerts and decides which out-of-the-ordinary transactions to call clients about.
"We know our clients frighteningly well, many times we see things but already know that the client is at a conference or that his signor changed," Ocampo says.
Alerts come up every day, partly because the software is still new and learning about customer behavior. "In the first few weeks, a lot of things look unusual to the software," Ocampo says. "They become usual as it learns about the customer over time."
ACH and wire pose the greatest risk, because they're the most tempting targets. "The faster the money moves, and the more paperless it is, the scarier it is," Ocampo says.
To set up the software, which the bank uses in software-as-a-service mode, Pacific Continental had to provide access to its activity logs, Guardian Analytics took it from there.
In addition to the fraud monitoring, Pacific Continental requires tokens for small business payments and sets limits on their payments. "There are lots of layers to security, this is a very nice addition," Ocampo says.
In the future, the bank will provide the fraud reports to the board of directors. The bank also plans to use the software to find out which clients aren't using the online platform and disable their accounts to alleviate risk. "Clients who never use it are at the greater risk," Ocampo says. "If they never log in, they never know if someone's tampering with their account."
Although Ocampo declined to share what Pacific Continental paid for the FraudMap software, beyond that it's a middle-five-digit number, "We believe that if we avoid one fraud loss the software will pay for itself," she says. "It's definitely in my opinion worth the cost. When you read the paper, you can see companies that have lost more than this cost."