Account Takeover( ATO ) Fraud
Account takeover fraud refers to a type of fraud where a criminal gains unauthorized access to a victim's account by stealing or guessing their login credentials. This can happen through phishing scams, data breaches, or malware.
Address Verification Service (AVS)
A fraud prevention tool used by merchants and payment processors to verify a cardholder's billing address. AVS compares the address provided by the customer with the billing address on file with the card issuer, and can help prevent fraudulent transactions.
Auction Fraud
A type of fraud that occurs in online auctions, where a seller misrepresents an item or fails to deliver it after receiving payment. This can be done through fake bids, shill bidding or other deceptive practices.
Automated Clearing House (ACH) Fraud
A type of fraud that involves using the ACH network to initiate unauthorized transactions or steal funds from a victim's bank account. This can be done through phishing scams, malware or other means of obtaining login credentials.
BIN Attack
A type of fraud where an attacker generates a large number of card numbers, known as "BINs," and uses them to make small transactions to test which ones are valid. Once valid card numbers are identified, the attacker can use them for larger fraudulent transactions.
Bank Secrecy Act (BSA)
A law that requires financial institutions to monitor and report suspicious activity to the government. The BSA is intended to prevent money laundering, terrorist financing and other illegal activities.
Banking as a Service (BaaS)
A model where non-bank companies offer banking services to their customers, using the infrastructure and regulatory frameworks of partner banks. BaaS enables companies to provide banking services without the costs and complexities of obtaining a banking license.
Beneficial Owner
The person or entity that ultimately owns or controls a company or asset. Beneficial ownership information is important for preventing fraud, money laundering and other illegal activities.
Biometric Verification
A method of identity verification that uses a person's unique physical characteristics, such as fingerprints, facial recognition or voiceprints. Biometric verification can help prevent fraud and identity theft, as it is more difficult to fake biometric data than traditional authentication methods.
Black-Box Machine Learning
A machine learning model that is opaque to users, meaning the inner workings and decision-making processes are not transparent. Black-box machine learning can be effective for certain applications, but can also lead to biases or errors that are difficult to detect and correct.
Card Cloning
A type of fraud where a criminal creates a counterfeit copy of a legitimate credit or debit card by stealing the card's information using a skimming device or hacking a payment system. The cloned card can be used to make unauthorized purchases or withdraw cash from the victim's account.
Card Payment Fraud
A broad term that encompasses any type of fraudulent activity involving credit or debit cards. This can include card skimming, phishing scams, identity theft, and other tactics used to steal cardholder information or make unauthorized transactions.
Card Purchase Authorization
The process by which a merchant verifies that a customer has sufficient funds to complete a transaction using a credit or debit card. This can be done through various methods, including online authorization requests or phone calls to the card issuer.
Chargeback Fraud
A type of fraud where a customer disputes a legitimate transaction and requests a chargeback, but then keeps the merchandise or services received. This can result in a loss for the merchant, who must reimburse the customer and may not be able to recover the goods or services.
Customer Due Diligence (CDD)
The process by which financial institutions verify the identity of their customers and assess their risk for money laundering or other illegal activities. CDD includes collecting personal information, conducting background checks, and monitoring customer transactions for suspicious activity.
Deepfake
A type of synthetic media that uses artificial intelligence to create manipulated videos, audio recordings, or images that appear to be authentic. Deepfakes can be used for malicious purposes, including spreading disinformation or blackmailing individuals.
Denied Persons List (DPL)
A list of individuals and entities who are prohibited from doing business with US companies due to national security concerns or violations of trade laws. The DPL is maintained by the US government and is used to prevent the export of sensitive technology and other goods.
Electronic Funds Transfer (EFT)
The electronic transfer of money from one bank account to another, typically initiated through online banking, mobile apps, or point-of-sale systems. EFT is a convenient and secure way to make payments, but can be vulnerable to fraud and cyberattacks.
Enhanced Due Diligence (EDD)
A higher level of customer due diligence that is required for customers who pose a higher risk of money laundering or terrorist financing. EDD includes more extensive background checks, monitoring of transactions, and ongoing risk assessments.
False Positives
In fraud detection and risk management, false positives refer to instances where legitimate transactions or activities are flagged as suspicious or fraudulent. False positives can lead to unnecessary account freezes, declines, or investigations, which can inconvenience customers and reduce profits for businesses.
FedNow
A real-time payment service being developed by the Federal Reserve that will enable instant money transfers between banks and other financial institutions. FedNow is intended to improve the speed and efficiency of payments, particularly for individuals and small businesses.
FedRAMP
The Federal Risk and Authorization Management Program, a US government initiative that provides a standardized approach to security assessment, authorization, and monitoring of cloud computing products and services. FedRAMP aims to improve the security and reliability of cloud-based solutions for government agencies.
Financial Action Task Force (FATF)
An intergovernmental organization that sets global standards for anti-money laundering and counter-terrorism financing measures. FATF conducts assessments of member countries' compliance with its recommendations and promotes international cooperation to combat financial crimes.
Funds Transfer Fraud
A type of fraud that involves the unauthorized transfer of funds from one account to another. This can be done through various methods, including phishing scams, social engineering, or hacking. Funds transfer fraud can be difficult to detect and can result in significant losses for individuals and businesses.
Greylisting
A spam filtering technique that temporarily rejects email messages from unknown senders and requests that they resend the message later. Greylisting helps reduce spam and phishing attacks by blocking messages from automated spam bots.
Human Trafficking
The illegal trade of human beings, often for forced labor, sexual exploitation, or other forms of exploitation. Human trafficking is a global problem that affects millions of people and generates billions of dollars in profits for criminals.
Identity Verification
The process of verifying a person's identity using various methods, such as biometric authentication, document verification, or knowledge-based authentication. Identity verification is important for preventing fraud, money laundering, and other illegal activities.
Inherent Risk
The level of risk inherent in a particular activity or business process, regardless of the controls in place. Inherent risk is influenced by factors such as the complexity of the process, the type of transactions involved, and the external environment.
Know Your Customer (KYC)
The process by which businesses verify the identity of their customers and assess their risk for money laundering or other illegal activities. KYC includes collecting personal information, conducting background checks, and monitoring customer transactions for suspicious activity.
Link Analysis
A method of analyzing data that involves mapping connections and relationships between entities, such as individuals, accounts, or transactions. Link analysis can help detect patterns of fraud or suspicious activity.
Look-Back Review
An examination of past transactions or activities to identify potential instances of fraud, money laundering, or other illegal activities. Look-back reviews are often conducted as part of compliance audits or investigations.
Money Mule
A person who is recruited by criminals to receive and transfer stolen funds or goods, often without realizing that they are participating in illegal activities. Money mules can be used to help launder money or facilitate other types of fraud.
Money Services Business (MSB)
A type of financial institution that provides services such as money transfers, currency exchange, or check cashing. MSBs are subject to anti-money laundering regulations and must comply with Know Your Customer (KYC) requirements.
Multi-Factor Authentication (MFA)
A security method that requires users to provide multiple forms of identification or authentication, such as a password and a biometric scan, to access a system or account. MFA helps protect against unauthorized access and account takeovers.
Name Screening
The process of screening individuals or entities against lists of known or suspected terrorists, criminals, or other high-risk individuals. Name screening is an important part of anti-money laundering and counter-terrorism financing efforts.
Neobanking
A type of financial service that operates entirely online, with no physical branches. Neobanks offer a range of services, such as checking and savings accounts, loans, and investments, often with lower fees and more flexible options than traditional banks.
Operational Risk
The risk of loss or disruption resulting from inadequate or failed internal processes, systems, or human factors. Operational risk can include a range of risks, such as fraud, errors, technology failures, and natural disasters.
Payment Screening
The process of screening transactions to identify potential instances of fraud, money laundering, or other illegal activities. Payment screening can involve various methods, such as name screening, transaction monitoring, or behavioral analysis.
Phishing
A type of cyber attack that involves using fake emails, websites, or messages to trick individuals into providing personal information or login credentials. Phishing attacks are a common tactic used by criminals to steal money, data, or identities.
Politically Exposed Person
A person who holds a prominent public position, such as a government official, and is therefore considered to be at higher risk for corruption, bribery, or money laundering. Financial institutions are required to conduct enhanced due diligence when dealing with politically exposed persons.
RegTech (Regulatory Technology)
The use of technology to facilitate compliance with regulatory requirements, such as anti-money