Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risk Management May, 2007 JPMorgan Chase Commercial Card Solutions.

Similar presentations


Presentation on theme: "Risk Management May, 2007 JPMorgan Chase Commercial Card Solutions."— Presentation transcript:

1 Risk Management May, 2007 JPMorgan Chase Commercial Card Solutions

2 2 Agenda Definitions Fraud Dispute Case Study – Employee Fraud State of Oklahoma Audit Findings

3 3 Definitions

4 4 Definitions Fraud – Unauthorized use of a payment card resulting from lost, stolen or compromised account. The user has malicious intent and is seeking personal gain from use of account. Dispute – Authorized cardholder questions the validity of a transaction. More along the lines of a transaction that was mistakenly applied to an account. MasterCard defines valid dispute reasons. Employee Abuse – Authorized cardholder uses card in a manner which the State receives no benefit. MasterCard defines the type of employee abuse for which customers can be indemnified.

5 5 Fraud

6 6 Common Fraud Types Lost/Stolen Counterfeit Card Mail Theft/Non-Receipt Unauthorized Use Skimming Phishing

7 7 Lost/Stolen Major source of fraud, along with counterfeit cards Perpetrator not sophisticated May know cardholder address, date of birth and social security number Generally does not have false identification Various types of spending

8 8 Counterfeit Card Credit card has been manufactured Security features will not be present or authentic Sophisticated perpetrator False identification used Often found within organized fraud rings

9 9 Mail Theft/Non-Receipt New account or replacement card recently mailed Perpetrator slightly more sophisticated Will know cardholder address, usually does not know date of birth and social security number Generally does not have false identification In-store purchases or mail/telephone order

10 10 Unauthorized Use Transactions are made without an actual plastic via mail or telephone orders Perpetrator is more sophisticated Adult or Internet-type transactions

11 11 Skimming Magnetic stripe is compromised Card has been manufactured Identification matches with a false name embossed on credit card Sophisticated perpetrator - organized fraud rings Enhanced security features deter perpetrators

12 12 Phishing Phishing is an attempt to gain private information about you and your accounts. Most often via that looks like it is from your financial institution You should never reply to or enter any information if you receive a suspicious If you are unsure if the is legitimate call the 800 number on the back of your card

13 13 Phishing It is not JPMorganChases practice to: Send that requires you to enter personal information directly into the Send threatening to close your account if you do not take immediate action of providing personal information Send asking you to reply by sending personal information Send asking you to enter your user ID, password, or account number into an or non- secure web page

14 14 Protection Against Fraud Loss is a Partnership Fraud statistics vary from customer to customer, depending upon the controls they have in place. Statistically, customers with higher loss are not taking advantage of the controls and reporting provided by the Bank. JPMChase is there to assist in reducing fraud losses through preventative measures, reporting, and recovery efforts. There are a number of things customers can do to guard against fraud.

15 15 Card Design Security Features Hologram Stylized Logo Tamper-evident signature panel (CVC2) Unique magnetic stripe coding (CVC1)

16 16 Top Fraud MCCs 5411 – Grocery Stores Electronics 5311 – Department Stores 5310 – Discount Stores 4812 – Telecommunication Equipment including telephone sales

17 17 Fraud Detection System Criteria for queues based on current fraud trends Reacts to request for authorization Queues are populated with authorization hits on criteria Queues can be defined for specific MCCs, dollar amounts, states/countries, etc.

18 18 Fraud Detection System Detection cases are reviewed by a fraud analyst Cardholder or Program Administrator is contacted to validate activity Accounts may be temporarily suspended until activity is validated Account analyzed by history, previous spending patterns, type of transaction, recently issued card

19 19 Disputes

20 20 Dispute Handling Guidelines Merchants have 45 days to respond to your dispute claim Provisional credit provided during the research process File disputes timely Maintain sufficient documentation on transactions to support your dispute Avoid card sharing, it forfeits your dispute rights Avoid use of department cards

21 21 Chargeback Tip - Disputes Cardholder should contact merchant to resolve dispute Cardholder must tender return of merchandise Quality of service requires supporting documentation Issuers may assist with cancellation of recurring payments on behalf of the cardholder

22 22 Case Study Employee Fraud

23 23 Case Study Recovering From Employee Fraud Classic Fraud Profile Trusted long term employee Employee rarely took vacations/time off Employee had no real backup Had multiple levels of responsibility Employee enforced policy for everyone else Had access to forms to cover fraud Start small and built up over time New supervision – limited training

24 24 Case Study Recovering From Employee Fraud Internal Weaknesses Poorly trained supervision Was a program administrator and a cardholder Limited transparency Limited audit/review by department No internal audit Limited review by accounts payable Weak purchase oversight, small dollar purchases Start small and built up over time New supervision – limited training

25 25 Case Study Recovering From Employee Fraud Best Practices/Learning Points Act quick and decisively Advise senior management immediately Get HR involved Think before you act or say anything Consider the consequences Work the data There is a reason for the program There are corrective actions There have been successful accomplishments

26 26 Case Study Recovering From Employee Fraud Best Practices/Learning Points Clearly define the underlying issues Have the facts straight Describe why the program exist Describe the effectiveness Describe what you are doing to resolve the issue Consider the former employee Consider the current co-workers

27 27 Case Study Recovering From Employee Fraud Corrective Action Steps New reporting requirements Transaction monitoring Minimum use requirements Card Authorizations Review of authorized levels Internal audit corrective action plans New supervisor manual

28 28 MasterCoverage Liability Protection Program Coverage afforded by MasterCard to indemnify entities for instances of employee abuse Maximum coverage of $100K per cardholder Program administrator action required Adhere to claim criteria Limited to certain activity up to 75 days before and 14 days after JPMC is notified of employee termination Claims available through customer service or program coordinator Key Requirements Employee must be terminated Cards must be cancelled within two business days of employee termination date

29 29 MasterCoverage Liability Protection Program Key Exclusion Department Cards Charges made by someone who is not an employee

30 30 State of Oklahoma Audit Findings

31 31 State of Oklahoma Purchase Card Audits 2006 Audit Cycle Purchase Card Expenditures $17.9MM For the agencies audited, there was $7MM or 39% of purchase card expenditures 25 Agencies audited On average of 42% of the expenditures for each Agency were tested Estimated administrative cost savings for the State of Oklahoma for calendar year 2006 of $6.4 MM* * 2005 RPMG Research, P-Card Benchmark Survey Results

32 32 Most Common Purchase Card Audit Findings Receipts filed were not properly signed, dated, and annotated as Received Internal Procedures were not properly submitted or updated to the Department of Central Services Memo Statements were not properly signed, dated, or included in the Agencys purchase documentation Employee Agreements that were not signed by participating employees of the Purchase Card program

33 33 Highest Occurrences of Quantifiable Audit Findings Applicable items that exceeded $500 were not included on the inventory list of the Agency Receipts reviewed were not properly signed, dated, and annotated as Received Employee Agreements that were not signed by participating employees of the Purchase Card program

34 34 Findings Associated with Highest Dollar Amount Total purchase card expenditures exceeding the amount encumbered by the agency Purchase card transactions not having appropriate documentation Purchase card transactions not having a detailed or itemized receipt

35 35 Highest Error Rate Associated with Purchase Card Findings Agencies who reported lost cards did not have Missing Lost Card Reports on file at the time of the audit Items for Inventory were not included on the inventory list of the Agency

36 36 Outcome of Continuous Monitoring Performed 13 agency directors voluntarily deactivated cards due to lack of or inappropriate Approving Officials 4 more agency directors deactivated their cards during or regular audits 5 purchase cards were cancelled and 4 were placed on hold due to cardholders not recorded on the DCS training log

37 37 Questions?

38 38 Contacts David W Cox Vice President JPMorganChase (312) Lisa Martin Department of Central Services State of Oklahoma (504)


Download ppt "Risk Management May, 2007 JPMorgan Chase Commercial Card Solutions."

Similar presentations


Ads by Google