Fraud reporting by partners

each instant payment network has specific requirements for reporting suspected fraud, with its own criteria for what qualifies as reportable fraud you must notify cross river about any suspected fraudulent transaction reporting procedure for all instant payment networks, if an activity meets the network's definition of a fraudulent payment, you must notify cross river as follows send an email to iprops support\@crossriver com mailto\ iprops support\@crossriver com with at least the following information, per payment network fednow rtp crnow a notice that a fraud reporting by partners docid\ mkrqgynhwyvegonmtfd9g occurred over fednow a notice that an fraud reporting by partners docid\ mkrqgynhwyvegonmtfd9g occurred over rtp a notice that a fraud reporting by partners docid\ mkrqgynhwyvegonmtfd9g occurred over crnow date of transaction date of transaction date of transaction payment id or cos reference id payment id or cos reference id payment id or cos reference id amount amount amount customer name customer name crnow customer name payment was sent to/from other financial institution that is party to the transaction receiving financial institution fraud reporting by partners docid\ mkrqgynhwyvegonmtfd9g party associated with the reportable transfer valid values are s sender is the suspected fraudulent party r receiver is the suspected fraudulent party b both sender and receiver are suspected fraudulent parties in accordance with the thresholds outlined in section fraud reporting by partners docid\ mkrqgynhwyvegonmtfd9g , send an incident report, if warranted, to unusualactivityreferrals\@crossriverbank com mailto\ unusualactivityreferrals\@crossriverbank com?subject=incident report form for suspicious instant payment reportable transfer use the fraud reporting by partners docid\ mkrqgynhwyvegonmtfd9g reporting requirements each instant payments network has explicit reporting requirements fednow summary if a funds transfer made through the fednow network is later identified as potentially fraudulent, you as a cross river partner must report it to cross river, enabling us to notify fednow the fednow service requires participants to report reportable transfers sent over the network a reportable transfer is defined as “any funds transfer completed, in part, through the fednow service based on a payment order sent or received by a fednow participant that was authorized by the sender at the time of submission but was later determined to potentially involve fraudulent activity the fednow participant must have a good faith belief that the transaction resulted from fraudulent activity ” you must ensure compliance with this requirement by reporting any reportable transfers to cross river, regardless of whether you are the sender or receiver of the transfer fraudclassifer model type codes the table below presents the various fednow fraudclassifier model type codes fraud type code code name fraud type description notes/examples fc00 transaction is not fraudulent none if a reportable transfer was previously reported and is later determined not to be the result of fraudulent activity, use fc00 to indicate not fraud n/a fc01 authorized party was manipulated product and services fraud a situation involving a transfer of funds in exchange for a product or service, irrespective of the nature of the relationship between the two parties, whereby the receiver of the funds does not deliver the product or service or delivers a grossly inferior product or service than advertised or promised examples include rental scams, travel scams, lottery scams, tech support scams, home repair scams, home alarm scams, free trial scams, brain booster scams, gold coin scams, etc example paul has been wanting a puppy and found a great deal online for $75, he can get a chocolate lab puppy, including delivery he needs to send $75 to the information provided in the ad excited about this great deal, he sends the money but never received the puppy fc02 authorized party was manipulated relationship and trust fraud a situation involving a transfer of funds to a trusted party or an imposter acting as a trusted or authorized party, where there is no expectation or promise of goods or services in exchange for the transferred funds; the seemingly trustworthy party can be an existing or emerging relationship or a party pretending to be an authority or reputable company examples include irs imposter scams, social security imposter scams, sheriff’s office scams (jury duty), romance scams, grandparent scams, utility scams, fake debt collections, duplicate payment scams, etc example joan developed a relationship with fred online a day before the first meeting in person, fred asked joan to send him $10,000 to get out of serious trouble joan sent the money to fred fred does not show up for their meeting and joan never hears from him again fc03 authorized party acted fraudulently embezzlement theft or misuse of funds legally placed in one’s trust or belonging to one’s employer this would include situations involving agents acting for others example tina, the treasurer, had the ability to initiate payments at her company tina instructs the company’s fis account to her personal account fc04 authorized party acted fraudulently synthetic identity fraud (sif) the use of a combination of personally identifiable information (pii) to fabricate a person or entity to commit a dishonest act for personal or financial gain use of a false identification to create an account with the intent to commit fraud example fred opens a deposit account under a fabricated identity fred uses the account to collect payments from his fraudulent scheme, wires the amount to an offshore account, and leaves the account dormant fc05 authorized party acted fraudulently false claim an intentional lie or deception to receive a payment or avoid a payment obligation informing a consumer of a false situation to obtain funds (e g , overdue utility bill/disconnect; child/grandchild in prison) example betsy orders online and makes the payment electronically days after she received the goods, she calls her bank, reports the purchases as fraudulent, and seeks a refund fc06 unauthorized party took over account compromised credentials account login information, intended only for an authorized party is obtained by an unauthorized party account login information (e g , id/password) allows one to access an account and is not specific to personal information, contact information, etc access to personal information, contact information, etc would be classified under impersonated authorized party example using greg's login id and password, frank gains full access to greg’s online bank account frank then proceeds to initiate several transfers through greg’s bank and the fednow service from greg's account to an account at different bank fc07 unauthorized party modified payment information compromised credentials unauthorized party has obtained access to a payment instruction “in process” and modified it to redirect funds to an account they have access to account login information (e g , id/password) allows one to access an account and is not specific to personal information, contact information, etc access to personal information, contact information etc would be classified under impersonated authorized party example steve set up an online recurring bill payment from his bank account while his roommate was nearby his roommate later authenticated into steve’s account using steve's id/password and modified the recurring payment upon processing of the payment, funds were redirected to an account under the roommate’s control fc08 unauthorized party modified payment information impersonated authorized party a person or organization who does not have authorized credentials but has enough information to authenticate as the authorized party authorized credentials in this context include account login information (e g , id/password) that allows one to access an account and is not specific to personal information, contact information, etc example jim scheduled an online bill payment a day later, jake represented himself as jim by successfully answering verification questions asked by the call center associate jake (as jim) then instructed the call center associate to modify the scheduled payment, redirecting it to an account in his control upon receipt of the payment, jake withdrew the funds the clearing house (rtp) summary you as a cross river partner must report to cross river any funds transfer using the rtp network that a network user learns afterwards was not authorized by the sender, so we can notify the clearing house we will request that the funds receiver return the funds, flagging the request as due to suspected fraudulent activity under the clearing house (tch) rtp operating rule ii g 2, participants must report fraudulent activity involving the rtp system to tch and the other participant involved, following the rtp technical specifications and risk management and fraud control requirements section 5 of the risk management and fraud control requirements states “a participant must report any instance of fraudulent activity or suspected fraudulent activity to tch subject to and in accordance with the rtp operating rules and other procedures established by tch from time to time ” a fraudulent rtp payment is a payment the sending participant determines was unauthorized by the sender ("unauthorized payment") based on an investigation of how it was initiated a payment authorized by the sender but induced under false pretenses does not qualify as an unauthorized payment under this rule you must report any suspected unauthorized rtp payments to cross river we take the necessary steps, including notifying the receiving participant and submitting a request for return of funds message with the "frad" reason code to request a return your timely reporting ensures compliance with tch rules and facilitates an efficient fraud response crnow summary you as a cross river partner must report any funds transfer made through cross river's crnow network that is identified as fraudulent or unauthorized cross river’s procedures require participants to report fraudulent activity involving the crnow system a fraudulent crnow payment is defined as “any funds transfer completed through the crnow service, based on any payment sent or received by a crnow participant, that resulted from fraudulent or unauthorized activity ” you must ensure timely reporting of such transactions to cross river incident report submission summary partners must escalate the following unusual activity to cross river bank (crb) via an incident report (ir) criminal violations involving insider abuse of any amount criminal violations of $5,000 or more when a suspect can be identified criminal violations of $25,000 or more, regardless of whether a suspect is identified transactions aggregating $5,000 or more, if the partner knows, suspects, or has reason to suspect that the transaction may involve money laundering or other illegal activity is designed to evade the bsa or its regulations lacks a clear business purpose or is inconsistent with the customer’s expected activity, with no reasonable explanation after reviewing available facts incident reporting process as a partner, maintain a documented incident reporting process to notify cross river of potentially unusual or suspicious activity escalate any unusual activity within 5 days of detection by submitting a crb incident report to unusualactivityreferrals\@crossriverbank com include any relevant supporting documentation in your report timely reporting is critical to ensure compliance and mitigate financial crime risks incident report template download our ms word incident report template as an example https //archbee doc uploads s3 amazonaws com/qt8sssvjnfadir3z gd2j yamfczayxrrfvzbgbn8yy 20250205 154636 docx