Faster Payments Risk Management PDF

Summary

This document discusses the various risks associated with faster payment systems, including operational, cross-channel, fraud, liquidity, technology, and credit risks. It analyzes the challenges of handling high-velocity transactions and emphasizes the importance of effective risk management strategies.

Full Transcript

The high velocity of payments handled by Faster Payment systems may lead to a number of risks for
stakeholders. As users increasingly adopt Faster Payments, understanding and mitigating risk grows in
importance. These risks, if not addressed, can affect not only the smooth functioning of the payment system,
but also the stability and trust in Faster Payments themselves. The upcoming sections will elaborate several
risks that Faster Payments face, including operational risks, cross-channel risks, fraud risks, liquidity risks,
technology risks, and credit risks.

All financial market infrastructures face operational risk that originate due to deficiencies in information
systems or internal processes, human error, management failures, or disruptions from external events that
result in the reduction, deterioration, or breakdown of services. Operational risk is the risk of financial loss
and undermined user confidence resulting from the failure of internal processes and systems because of
human error or external events.

Operational risk poses a huge challenge particularly in many Faster Payments systems because of the need for
continuous system availability 24/7/365. This imposes significant demands on operational reliability for Faster
Payments and participants. Speed, on the other hand, magnifies the impact of any operational incidents leading
to delays or interruptions in Faster Payment services, and these interruptions are immediately noticeable to end
users. The repercussions of an operational incident in Faster Payments may manifest much sooner in comparison
to traditional retail payments, where service interruptions or slowdowns could go unnoticed.

A Faster Payment system being unavailable for a few minutes can cause many payments to fail; the consequences
of operational downtime can therefore have even more serious implications than with traditional systems. As
users become accustomed to utilizing Faster Payments for time-sensitive payments, any interruptions could affect
users and result in penalties for late payments or insufficient funds for other transactions.

Faster payment systems are subject to fraud risks and security risks, forming a large subset of operational
risks. These risks can originate from internal or external sources and are closely linked to each other.

Due to the speed of faster payments, processes related to payments within banks speed up as well. Nevertheless,
banks have multiple departments that are involved in handling payment processing, so even though a bank

92
has the technology to connect to a payment rail and process faster payments for its customers, risks could arise
from other departments’ processes not being adjusted to keep up with that speed. Key departments that could
be impacted are compliance and risk management, operations, IT, treasury services and customer service.

Compliance risks in Faster Payment systems pose a significant challenge for FIs and other stakeholders
involved in processing these payments. The major factor contributing to this increase in compliance risks
arises from the increased speed of most types of Faster Payments. Concerns around insufficient time to
adhere to regulatory guidance, anti-money laundering (AML) protocols, KYC due diligence, and fraud
prevention are increasingly being solved by automation, which leads to its own problems. The high velocity
of Faster Payments provides a smaller window of opportunity for stakeholders to conduct thorough due
diligence and real-time monitoring, potentially increasing the risk of non-compliance and fraud.,

FIs must navigate the delicate balance between meeting customer expectations and satisfying regulatory
requirements around financial crime and risk controls. This poses a considerable challenge for FIs who are
accustomed to lengthier time periods with the possibility of manual intervention. Despite the challenges
associated with compliance, the cost of non-compliance can be very steep. Penalties for non-compliance can
include fines, suspension, and even exit of the FI from the Faster Payment systems.

One of the major subtypes of operational risk is fraud risk. Some common fraud scenarios in Faster Payment
include:

End user manipulation by a fraudster, resulting in the issuance of a payment instruction bound for
the fraudster by the payer acting in good faith
Payment initiation by a fraudster that has fraudulently obtained the payer or payee’s sensitive payment data
The modification of a payment attribute (such as the account number, transaction amount, or name
of the payee or payer) of a genuine payment instruction intercepted by the fraudster
Fraud risk has the potential to affect all actors in the payment value chain, including end users, FIs, and the overall
Faster Payment system, and these risks are common across both Faster Payments and traditional retail payments.
As with operational risks, the end-to-end speed of Faster Payments, especially the immediate availability of funds,
makes Faster Payments more lucrative and susceptible to fraud risk than traditional payments.,

The Federal Reserve’s FraudClassifier Model provides some guidance on how to systematically classify
fraud based on three key questions:

Whether an authorized or an unauthorized party initiated the payment
How the fraud was executed
What tactic was used to commit fraud
Using this model and adding payment attributes (such as payment amount, date, type, and channel) to these
classifications can provide additional insights to help aid the organization in identifying fraud trends.

Faster payment systems and their participants are susceptible to liquidity risks arising from the possibility of a
counterparty, whether a participant or another entity, lacking adequate funds to settle their financial obligations.

THE 2025 AFPP HANDBOOK 93
Liquidity risks in Faster Payment systems depend on the type of settlement model being used by the system.
For systems such as FedNow and RTP, which utilize real-time settlement, liquidity risk is minimum because
settlement is pre-funded and each transaction is settled in real time during payment processing. For push-
to-card systems such as Mastercard Send and Visa Direct, which use prefunded settlement, even though the
settlement happens same day or next day, the liquidity risk is mitigated as the funds are blocked for settlement
at the time of processing. However, Same Day ACH FI relies on deferred net settlement so there is liquidity
risk that builds up between the settlement cycles. Liquidity is primarily required at the end of each settlement
cycle, introducing potential risks if inter-PSP settlement occurs beyond normal business hours. To mitigate
such risks, tools like prefunding, liquidity pools, collateral agreements, or arrangements with liquidity providers
are employed, ensuring ample funds for settlement. Furthermore, posting only occurs after settlement.

Technology risk refers to any potential for technology failures to disrupt business. There are a number of
different types of risks that can expose the vulnerabilities of the technology of Faster Payments systems.

1. External attacks, most likely cyber-attacks rather than physical attacks on the system’s premises, can
cause significant issues related to the loss or theft of sensitive data, damage in the operating
technologies, and/or the integrity of the system.
2. Mistakes in the programming can result in operational errors and thus unplanned downtime when
system updates take place.
3. While the modern payments landscape is more and more automated, there is still room for human
error in the process of building and maintaining information technology systems.
4. Technology systems run on electricity and are vulnerable to outages.
5. While most Faster Payments systems have modern infrastructures, there is a theoretical possibility
that they reach their processing limits and overload, and therefore would not be able to fulfill their
responsibilities related to the speed of processing.
6. System owners often outsource their infrastructure operations to technology service providers, thus
all the above-mentioned risks can also affect the system itself even if they are not directly connected
to the system owner.

Credit risk represents the risk of financial loss resulting from a borrower’s failure to repay a loan to the
lender and can arise in some types of Faster Payments. Credit risk is not present in systems that feature
real-time settlement such as FedNow and RTP, but for systems where the payee’s PSP posts the funds to
the payee before receiving the funds from the payer’s PSP, credit risk can accumulate there is. In the case
of Same Day ACH, for example, credit risk is mitigated by only posting the funds to the beneficiary after
settlement takes place.

Evolving technology and the increased volume of payment transactions have made fraud increasingly more
relevant. Faster Payments must uphold internal controls encompassing administrative controls and internal
accounting controls, which cover account types and limits, access controls, the segregation of duties, and the
reconcilement of input to output as well as management review. Faster Payments use various fraud detection

94
and mitigation techniques to ensure a safe experience for consumers. Though the implementation of internal
controls has its own barriers and limitations, diverse methodologies and techniques on risk assessment as well
as various requirements guarantee a secure and undisturbed transaction journey.

As described in section “Fraud classifications” of this handbook, fraud can be generally classified into
authorized and unauthorized fraud. Accordingly, there are specific fraud detection and mitigation techniques
that are particularly appropriate for each of these fraud types.

An example of authorized fraud is where fraudsters manipulate the account holder to make a payment to
the fraudster by tricking them into believing the fraudster is someone they trust. Combating authorized
fraud requires focus on mitigation techniques such as consumer education and fraud awareness in addition
to tools such as Confirmation-of-Payee (COP).

Looking at unauthorized fraud, fraudsters use sophisticated techniques to take over accounts or initiate
fraudulent payments by misusing account information. Strong customer authentication is key a preventative
tool along with fraud monitoring systems.

The table provided below offers a non-exhaustive breakdown of mitigation and detection techniques tailored
to the distinct characteristics and challenges of each type of fraud.

TABLE 54 FRAUD MITIGATION AND DETECTION METHODS AND TECHNIQUES

Technology Confirmation-of-Payee (CoP) X
Fraud monitoring system / trend analysis and anomaly detection X X
Biometric and behavioral authentication X X
Digital ID X
Fraud negative lists (fraudulent individual database) X X
Regulation and Transaction value & volume limits X X
scheme rules
Transaction hold for analysis X X
Strong customer authentication / multi-factor authentication X X
Fraud reporting transparency (e.g., industry-wide reporting with clear, X X
standardized, and transparent fraud classifications)
Education and End user education (e.g., fraud awareness campaigns) and staff training X X
collaboration
Industry-wide fraud classification models (e.g., Fed’s FraudClassifier model) X X
Cross-industry collaboration (e.g., information-sharing practices, fraud X X
awareness campaigns, etc.)

Sources: The World Bank “Fraud Risks in Fast Payments” October 2023; Faster Payments Council “Examining Faster Payments Fraud Prevention” July
2020; and Lipis Advisors research.

Methods and techniques used to detect fraud in the payments ecosystem have evolved as technology progresses,
new fraud typologies emerge, and payment methods and use cases continue to evolve.

Trend analysis and anomalous transaction detection involves examining historical data to identify patterns and
anomalies that may indicate fraudulent behavior. Payment system operators are increasingly implementing

THE 2025 AFPP HANDBOOK 95
trend analysis at the central infrastructure level to leverage system-wide data and information-sharing practices.
Individual financial institutions also carry out their own efforts in this regard prior to payment submission.

Machine learning has become a powerful tool in fraud detection, leveraging algorithms and predictive models
to analyze large datasets and identify potential fraudulent transactions. These systems continuously learn and
adapt based on new data, improving their accuracy over time. Predictive and behavioral modeling go hand-in-
hand with machine learning, as they involve creating models that anticipate potential fraud based on historical
patterns and user behavior. Machine learning models with a combination of tactical rules and behavioral
biometrics can contribute to a robust and more proactive fraud detection system.

There has been an increased focus in recent years on preventing Faster Payments fraud during payment
initiation and when accessing the related transaction account. This emphasis is due to the increasing
proficiency of fraudsters in exploiting end users. The use of strong customer authentication is being
prioritized by financial institutions.

Confirmation-of-Payee is another relevant pre-payment initiation tool that aims to verify the identity of the
payee in a transaction, ensuring that payments are directed to legitimate recipients. This involves cross-
referencing information provided by the payee with external data sources to confirm their identity, reducing
the risk of fraudulent payments where fraudsters pretend to be someone or something they are not.

Enhanced due diligence is a proactive methodology involving investigations to authenticate the legitimacy of
clients during the processes of opening bank accounts or enrolling in new services. This is a preventive measure
against fraud, specifically aiming to deter individuals with malicious intent from establishing bank accounts
for the reception of illicit funds. Enhanced due diligence can act as a constraint, impeding fraudulent actors’
ability to carry out illicit activities.

“Commercially reasonable” in the context of ACH payments is associated with an organization’s specific set
of facts and circumstances. The term is used to describe the method that should be used by FIs in a number
of a circumstances, such as fraud prevention techniques/methods, data security, and others.

According to the Nacha Operating Rules, originators of WEB debit entries must use what the rules define
as “commercially reasonable fraudulent transaction detection system” to screen entries for fraud. The
organization using the ACH Network should determine what is commercially reasonable to them when
choosing solutions to comply with the rule. ‘Account validation’ is part of a ‘commercially reasonable
fraudulent transaction detection system.’ Examples of methods to validate an account may include, but are
not limited to, the use of a prenotification entry, ACH micro-transaction verification, use of a validation
service provided by either an ODFI or a third-party, and the use of account validation capabilities or services
enabled by APIs.
Another example is how, according to the Nacha Operating Rules, originators of micro-entries must conduct
commercially reasonable fraud detection” on its use of micro-entries, including by monitoring of forward and
return volumes of micro-entries to minimize the incidence of fraud schemes using micro-entries and establishing
a baseline of normal micro-entry activity for the originator.

Another example is Nacha’s rule on ACH data security, wherein each ODFI is responsible for ensuring that
it, its originators, and their respective third-party service providers adopt and implement “commercially
reasonable” policies, procedures and systems to receive, store, transmit and destroy consumer-Level ACH
Data in a secure manner and to protect against data breaches.

96
Internal controls include the policies and procedures that financial institutions establish to reduce risk and
ensure they meet operating, reporting, and compliance objectives. Many of the internal controls that are
effective with other existing payment instruments are also applied by participants of Faster Payments and
by Faster Payments networks.

As described in Nacha’s Operating Guidelines, internal controls encompass both administrative controls,
and internal accounting controls, though these internal controls can be generally implemented for any Faster
Payments network.

Administrative controls are those that establish parameters for transaction authorization, including:

Organization controls: organization of the department, staffing requirements, and placement of
the Faster Payments department within the company’s organizational structure
Training program: a formal program designed for all levels of personnel to be trained
Operating procedures: formal, detailed, documented procedures that regulate schedules and workflow
Analysis of transaction errors: maintenance of a record of errors, with notes on their nature
and frequency, to indicate basic deficiencies in the total system
Risk controls: control over processing risk to determine the overall exposure to the institution,
including all operating, credit, systems, and processing areas
Internal accounting controls increase the reliability of financial records, including:

Segregation of duties: duties assigned to prevent an individual from both initiating and concealing
errors, either intentionally or accidentally i.e.,, one person inputs the payment and another person
verifies and approves the payment
Reconcilement of input to output: reconciling and balancing batch totals and run totals
Physical security: control over the physical movement of logs, transmission registers, etc., whether
received from other institutions or transferred internally
Management review: formal review that enables management to determine whether operating
and accounting procedures are being followed
The reputation of the Faster Payments network depends on the efficiency of automated systems and the
operating procedures developed to support them, so participants must work to minimize human error.
Furthermore, the receiving FI is responsible for the proper posting of transactions to its customers’ accounts,
while the sending FI is responsible for submitting items to the Faster Payments network. Both parties should
have sound internal controls and procedures that will help ensure that their responsibility is fulfilled.

Implementing internal controls for Faster Payments can face barriers and limitations depending on the
organizational context, internal expertise, and the characteristics of the Faster Payment system. For instance,
process issues may arise, including challenges related to workflow adjustments, integration with existing
payment methods, and the need for standardized procedures. Service Level Agreements (SLAs) can also
pose hurdles, involving concerns about meeting performance expectations and ensuring timely transactions
while managing risks.

THE 2025 AFPP HANDBOOK 97
Some common challenges may include:
Resource allocation and costs: organizations may face budget constraints that limit their ability
to allocate the right resources needed to carry out tasks. Staff with knowledge of Faster Payments may
need to be sourced and trained.
Integration with existing payment methods: Integrating the processes of new payment systems
with existing processes and technologies may require significant changes. Additionally, the presence
of silos in payment processes can create barriers to the implementation and design of internal
controls.
New security concerns and challenges: Faster Payments may introduce new security risks, such as
fraud and cybersecurity threats. The lack of expertise to deal with these issues and set the necessary
internal controls poses an additional barrier. In certain organizations, employees may be unfamiliar
with the new technologies and challenges associated with Faster Payments, requiring the allocation of
additional resources to staff training.

Service disruptions can be more damaging for Faster Payments than for traditional payment systems because
one of the selling points of Faster Payments is their (near) 24/7 availability. While traditional systems have
planned downtimes, most Faster Payment systems do not; they typically operate on a continuous basis
whereas traditional systems clear and settle transactions over a longer time.

Service disruptions can damage the value of Faster Payments in multiple ways. First, maintaining end user and
participant trust in the Faster Payments system’s services is very important, otherwise end users may stop using
the system and participants may withdraw from it, lowering system utility for everyone. Second, end users – both
consumers and businesses – utilize Faster Payments to make important payments. Service disruptions, especially
extended disruptions, can complicate an end user’s ability to execute important financial transactions, potentially
disrupting supply chains, important business-to-consumer disbursements, bill payments, etc. These disruptions
can have ripple effects throughout the economy if they are not taken care of quickly.

Technological progress has enabled shifts in the speed and quantity of payment transactions. As the volume of
payments rises, payment system operators need to strengthen their risk management systems and controls to
maintain secure practices in transferring funds.

The Federal Reserve has several compliance-related mandates on FedNow participants, necessitating the
establishment of compliance and customer due diligence programs along with procedures for scrutinizing
customer data against sanction lists. These requirements, irrespective of legal obligations, align with the
standards applicable to federally supervised financial institutions. The Federal Reserve Banks retain the
authority to terminate or limit a participant’s service access for non-compliance with these requisites or
applicable laws. In addition, managing third-party risk is crucial in payment processor relationships, requiring
risk assessment, policies and procedures, due diligence, and oversight to mitigate associated risks. The Office of
Foreign Assets Control (OFAC) oversees and enforces economic sanctions programs and U.S. persons, including
financial institutions, which must adhere to these requirements. As such, the FedNow Service assists financial
institutions in risk management through various methodologies employed as well as additional features such as
customizable transaction limits and the creation of negative lists to prevent payments to specific accounts.

98
RTP rules and regulations outline the essential risk management and fraud control measures that a participant
must follow. For instance, sending participants must employ multi-factor authentication. Participants must also
conduct thorough fraud monitoring before submitting a payment message to RTP. Participants are required to
regularly evaluate the effectiveness of their fraud monitoring systems and make necessary updates to address
emerging fraud risks. The fraud and risk-screening measures must be available on a 24/7 basis. Participants
must promptly investigate transactions or activities associated with fraud alerts from TCH’s fraud-monitoring
program and integrate alerts related to confirmed fraud into their standard fraud-detection practices and
report them to the system operator.

Both FIs and their service providers should establish and maintain systems and controls to minimize the
associated risks with ACH activities, which have clearly defined objectives, business strategies, and clear
risk parameters. An effective vendor management program should include a due diligence process for
selecting third-party service providers and an oversight process. All these management programs should be
produced and captured in periodic reports that allow for various analyses and evaluations. Moreover,
financial institutions should implement credit risk controls that establish underwriting standards that require
an analysis of originators’ creditworthiness and set appropriate credit exposure limits. Similarly, when the
FI requires pre-funding before transactions originate through the ACH network, the bank should ensure
that it has collected funds before an ACH file is sent to the ACH Operator.

Card networks require their participants to follow KYC and AML procedures to assess risks related, at a
minimum, to suspicious activity monitoring and the participants’ risk tolerance before transaction initiation.
Firstly, participants are required to monitor cardholder and merchant transactions based on their risk ratings.
These ratings can be provided by credit rating agencies, the participant’s own calculation, or the card
networks’ value-added services. Second, participants are required to monitor their clients’ transactions based
on the types of transactions they send, the products they use, the geographies transaction are sent to, and the
changes in their behaviors over time, such as volume, value, and frequency. Third, all participants must apply
some sort of validation of both the originators and receivers of P2P transactions and the receiving entity that
issued the receivers‘ cards. Additionally, receiving entities ought to apply similar monitoring procedures to
screen for suspicious activities before posting funds to the beneficiary.

Faster payment systems employ structured process flows for comprehensive risk assessment in managing the
intricate landscape of Faster Payment transactions. These systems identify and map various risks, including
fraud, liquidity, operational, legal, settlement, and systemic risks, throughout the payment lifecycle. Thus,
risk assessment is crucial for managing diverse risks, including liquidity, third-party management, fraud,
and information security. By integrating multi-factor authentication, real-time transaction monitoring, and
compliance checks, Faster Payments bolster security and ensure adherence to regulatory standards before
the payment initiation stage. Thorough due diligence on participants, continuous review and updates, and
well-defined response mechanisms contribute to proactive risk mitigation. The documentation and reporting
of the risk assessment process, along with regular communication of outcomes to stakeholders, regulatory
bodies, and internal decision-makers, further enhance the reliability and robustness of Faster Payment
ecosystems. Payment process flows are integral to the overall risk assessment and management within the
realm of instant payment systems.

THE 2025 AFPP HANDBOOK 99
The choice of a settlement model has important consequences for the safety, efficiency, and liquidity costs/
processes of a Faster Payments system and its participants. There are two major settlement models used in
Faster Payment systems: real-time gross settlement (i.e., prefunded,) and deferred net settlement. Each model
has its own potential benefits and downsides, and the most appropriate choice depends on the specific context
of each Faster Payments system, such as the regulatory framework, the number and type of participants, the
degree of adoption of Faster Payments, transaction value limits, and others.

The main advantage of real-time gross settlement is avoiding the buildup of credit risk between participating
FIs. This settlement model requires higher liquidity management efforts, such as liquidity forecasting, particularly
when the National Settlement System (NSS) is not operating. There are also differences in terms of the type of
account used for settlement, the funding mechanisms, and the liquidity management tools available to
participants even between Faster Payment systems using real-time gross settlement.

Looking at Faster Payments systems in scope of this handbook, FedNow uses real-time gross settlement via
transactions between Federal Reserve master accounts. In contrast, RTP operates through a fully prefunded
account (the “RTP Prefunded Balance Account”) jointly owned by all the participating entities in the Federal
Reserve. TCH is the sole agent of the account. When a transaction in RTP is settled, ownership shares of
the transacting parties is shifted, so no value is transferred into or out of the TCH account as part of settling
the transaction.

All payments are prefunded by sending participants. Participants fund the RTP account according to their
prefunded requirement, which is determined by The Clearing House. In general, TCH will determine the
Prefunded Requirement for a Participant based on its total U.S. Transactional Deposits based on public call
report data. Participants – directly or through a Funding Agent – must transfer funds in an amount equal to
or greater than its prefunded requirement to the Prefunded Balance Account via Fedwire before it can
originate any RTP payments. FIs that do not provide their own funding must have an arrangement in place
with another FI.

RTP verifies the sending participant’s Current Prefunded Position (CPP). RTP will reject the payment if the
sending participant has insufficient liquidity to cover the payment. RTP records entries by decreasing the
net position and current prefunded position of sending participants (or its funding provider) and increases
the net position and current prefunded position of receiving participants (or its funding provider) when
transactions are successful. These current prefunded positions are backed dollar-for-dollar by funds held in
the prefunded balance account.

100
 Figure 11. How an accepted credit transfer impacts
the net positions of sending and receiving participants in RTP

Participants must fund the prefunded account according to their RTP payment needs because RTP’s settlement
account is separate from the participant’s master accounts, ensuring the presence of sufficient liquidity to avoid
payment rejections.

Knowing your customer is vital for financial institutions to provide products and services. It is also important to
gather information that can be used to verify the identity of customers to ensure that payments are initiated by
legitimate customers for legitimate reasons. Rules and requirements have been put in place by regulators and
payment system operators for the collection and retention of customer information by financial institutions,
which can vary based on the FI’s risk profile, size, and the type of services it offers. All financial institutions are
bound by federal regulations to collect customer data, use them for KYC, AML and sanction list checks, and
to regularly verify their customers identities.

There are a number of different risks related to Faster Payments, though legal and security risks generally
originate from the customer side. Proper customer onboarding is vital for financial institutions and third
parties in order to minimize these risks.

THE 2025 AFPP HANDBOOK 101
From a security perspective, FIs collect key information about their customers that is (supposed to be) only
known to them and cannot be accessed or replicated by other individuals throughout the onboarding process.
If the customer information used for authorization is easy to figure out or not layered, such as multi-factor
authentication, fraudsters can steal accounts and initiate transactions impersonating the FI’s customers. As
many Faster Payments are irrevocable, it is vital for FIs to minimize fraudulent incidences because
correcting them is costly and sometimes undoable. Furthermore, collecting adequate data about all
customers allows FIs to restrict individuals access to Faster Payments who are not supposed to have it, such
as people on sanctions lists, offering an additional layer of sanctions and AML screening.

This leads us to legal risks related to preventing fraudulent activities and providing payment system access
to individuals who should not have it. FIs can be penalized by financial regulators for non-compliance with
rules and regulations stating requirements related to these topics. As Faster Payment methods, especially
those that are irrevocable, are easier to abuse by fraudsters, the number of cases can increase significantly
and thus the legal risks and costs along with them. Therefore, participants of Faster Payment systems ought
to pay increased attention to applying fraud prevention and mitigation methodologies, for instance, adequate
customer onboarding procedures.

While financial institutions can decide for the more specific customer information required by them for their
identification procedures, there are minimum requirements set by the BSA. These include the customer’s
name, date of birth, address, and Social Security Number, though passport numbers may be used for
foreigners. Customer data must be collected prior to the opening of their account.

FIs must utilize rigorous risk-based procedures for verifying customer identities within a reasonable time period
following the account opening. They are expected to review a government-issued form of identification proving
the customer’s nationality and/or residence, and a photograph or similar safeguard, such as a valid passport or
driver’s license. FIs are also encouraged to review multiple documents in order to limit fraud risk. FIs are allowed
to verify identification without documents, for instance, contacting the customer, using independent verification
services such as customer reporting agencies, or to check references from other FIs.

FIs must retain customer information captured at account opening for CIP purposes for a period of five years
after an account is closed. They also need to keep the descriptions of the documents used for verification, the
methods used for verification in the absence of a document, and the resolution of any substantive discrepancy
discovered when verifying customer information. All requirements are set out in 31 CFR 1010.430, “Nature
of records and retention Period”.

FIs are required to include procedures in their CIP processes that determine whether or not their customers
appear on any government sanctions list. These procedures must take place within a reasonable time following
the account opening. FIs must conduct their business following federal directives in connection with such lists.
Checking customers against the OFAC lists is a separate requirement from the CIP.

102
 TABLE 55. FASTER PAYMENTS STAKEHOLDER
RESPONSIBILITIES IN THE CUSTOMER IDENTIFICATION PROGRAM

Financial institutions Set appropriate CIP based on the size and type of business
Obtain customer information upon account opening
Verify the identity of each customer through risk-based procedures
File suspicious activity report upon CIP failure of a customer
Comply with record keeping requirements
Cross check registered account with government lists
Provide adequate customer notice before verification procedures
When relying on another FI for customer information ensure that it is regulated by the federal regulator and has
adequate AML procedures
Ensure its third party providers adhere to CIP
Third parties Carry out services to FIs, regardless of data collection or management, according to the FI’s CIP
Customer Share required information upon account opening
Update information upon changes

In addition to the standard CIP responsibilities of Faster Payments stakeholders, specific requirements are
set for the users of the Request for Payment service in RTP. TCH requires participants that send out Request
for Payment messages to ensure that the sender of the request has a legitimate purpose to request funds
from the receiver of the message, such as:

The message is initiated by a non-consumer sender and is sent for a current sale or transaction, or the
amount is due, owed, or otherwise agreed to be paid to the sender.
The message is initiated by a consumer sender to a receiver who is known to the sender and who is
reasonably expected to receive the request from the sender.

Authentication is the means of recognizing a customer’s identity. In the landscape of Faster Payment
transactions, security hinges on robust authentication practices. This section will delve into the various
methods and applications of authentication channels for Faster Payment solutions.

This section will delve into authentication methods used in these systems and shed light on Strong Customer
Authentication, biometric authentication, device binding, and risk-based authentication. The subsequent
section will examine the various parties that must be authenticated in a Faster Payment transaction. The
section will conclude with an examination of the authentication methods used in each of the various Faster
Payment rails examined throughout this text.

Settlement finality and processing speed make authentication a critical component of Faster Payment
security. The most common tactics around authentication revolve around some combination of Strong

THE 2025 AFPP HANDBOOK 103
Customer Authentication (SCA) measures, with customers using one or more factors to authenticate their
identity before initiation. The factors that make up SCA may include a combination of the following:

Possession: something the customer physically possesses, such as a card, key fob, or phone.
Inherence: verification using something unchangeable to the nature of the customer. Biometric
verification via fingerprint, iris scan, or voice falls into this category.
Knowledge: something the customer knows, such as a PIN, passcode, or memorable information.
Some FIs only allow for a payment to be initiated once SCA is completed. While SCA practices are present in
the United States, there is no nationwide mandate requiring its usage. FIs and PSPs either define individually
or through industry agreements what sort of authentication methods they intend to use. SCA is used widely
in the sign-in process for mobile banking and payments apps, and consumers can opt into it for certain actions
such as high-value payments.

Biometric authentication uses physical features that are unique to an individual and can be easily retrieved and
verified from a database. Biometric authentication is inherently more secure, accessible, and convenient than
knowledge-based verification, as it cannot be forgotten, easily shared or stolen, or guessed. Common types of
biometric verification include fingerprint scanning, voice identification, facial recognition, and eye scanning.
Users will often verify themselves biometrically when logging into the channel through which they access
Faster Payments, usually via smartphone or laptop, or for certain transactions such as high-value payments.
Biometric authentication ensures that payments are associated with a specific person while minimizing the risk
of fraud or unauthorized usage. However, generative AI poses a challenge to biometric authentication by
generating highly realistic synthetic images, videos, and voice that can mimic genuine biometric features,
enabling potential fraudsters to create convincing replicas for unauthorized access, thereby undermining the
security measures implemented by biometric authentication systems for Faster Payments.

Device binding is a method of authentication that links a user’s identity to the possession of a specific device,
such as a smartphone or laptop, from which authorized payments can be made. In this authentication approach,
payments can only be made from devices that are linked to the user, mitigating the risk of unauthorized
payments in the event of a compromised password or data breach. Device binding enhances security by
requiring both the proper login credentials as well as access from a registered and trusted device. However,
device cloning or theft of the physical device associated with a Faster Payments account mitigates this if not
promptly reported, as the thief can directly send fraudulent payments from the trusted laptop or phone.

Risk-based authentication is a method in which the risk associated with a transaction is assessed, determining
the level of security necessary for fulfillment. This method analyzes risk using factors such as the user’s
transaction history, intended payment beneficiary, geographic location, IP address, and transaction value.
RBA compares these factors against behavioral data gathered on users to identify anomalies that could
signal that a payment requires additional identification. If any of these factors raise alarm with the payment
service provider, additional verification may be needed. RBA adapts security methods based on
perceived risk, allowing low-risk transactions to be processed seamlessly while prompting additional
authentication steps for higher-risk transactions.

104
Individual payment senders must be authenticated, usually during the login process for the channel through
which they access the service. This process is usually performed via some method of SCA, using something
the sender knows (such as a password or PIN), something they are (biometric verification), and something they
have, such as a trusted device through which they receive authentication codes. These measures help ensure
that the person initiating the payment is the legitimate account holder, enhancing security and reducing the
risk of unauthorized access.

Authentication for businesses is a slightly more rigorous process than for individuals using a Faster Payment
service. In the initial signup process for Faster Payment services, authentication may require legal documentation.
Authorized representatives within the organization can also be assigned specific access credentials and often
employ digital signatures to authenticate payment instructions. Robust access controls, such as role-based
access can also be implemented to restrict system entry, and risk-based authentication can also be applied to
business payments.

Authentication for financial institutions connecting to a Faster Payment system involves rigorous measures
to ensure the security and integrity of transactions. Institutions undergo thorough identity verification, often
requiring legal documentation to confirm their regulatory standing. Secure access controls and SCA
methods are implemented, including cryptographic keys or digital certificates. The integration of advanced
monitoring systems helps detect and respond to unusual patterns in transaction behavior, enhancing fraud
prevention. Compliance with industry standards and regulatory requirements is mandatory, ensuring
that financial institutions maintain a robust authentication framework, protecting the overall stability and
trustworthiness of Faster Payment systems.

Authentication for Same Day ACH payments is generally performed through the channel by which the ACH
Network is accessed. Nacha requires that ODFIs utilize a commercially reasonable method to verify the identity
of payment originators when the origination agreement is entered into. Beyond the basic requirements set out by
Nacha, FIs may require more stringent verification policies for Same Day ACH transfers made via their channels,
such as SCA and risk-based analysis for anomalous payments.

FedNow relies on the same authentication solutions and processes as the FedLine transfer service. For direct access
to this service by FIs, SCA is used, including a physical USB security token device and the usage of a passphrase
known by the user accessing the service. For consumer payments sent via a third party or payment app, there
is no general requirement for SCA, but it is implemented in many of the login processes for channels through
which consumers access the service. FIs handling FedNow payments will often utilize additional authentication
methods as a part of industry standards and individual FI standards. These methods may include biometric
authentication, Strong Customer Authentication, utilizing passwords or phrases, device binding, SMS or email

THE 2025 AFPP HANDBOOK 105
codes, or risk-based authentication, which analyzes transaction patterns, device information, and user behavior
for dynamic security adjustments.

Sending banks must at minimum utilize SCA (specifically inherence and knowledge-based) to authenticate
the identity of senders before payment submission. This can be performed via biometric verification during
the initial payment channel login payment process, and text/email verification before payment submission.
Processes must also be in place to detect anomalous activity around the initial login and authentication of
the customer as part of the authentication procedure. Strong Customer Authentication is also commonly
used by FIs when facilitating RTP payments via mobile banking app or online channels. Zelle, which uses
RTP rails to facilitate some of its transactions, also requires the use of multifactor authentication, though
not for all transactions made using the service.

For push-to-card payments authentication procedures are carried out via the channel through which the user
accesses the service. FIs are responsible for authenticating originating account holders in all transfers in
accordance with their own authentication compliance policies and the applicable state and federal
regulations. The card networks also place an emphasis on secure authentication for transfers made via
mobile app, mandating that FIs use some sort of a secure authentication method for service access such as
user ID/password authentication or biometrics.

106