By: Allison Guidette, CEO
G2 was proud this week to join hundreds of acquirers and issuing banks at the MasterCard Global Risk Leadership Conference: Americas in Huntington Beach, CA.
I sat in on one of the pre-conference sessions, at which MasterCard’s Jeff DePetro, teaming with Deana Rich of Rich Consulting, led a compelling overview of recent BRAM program changes and an interactive session where attendees collaborated on case studies. DePetro explained that the majority of violations these days are transaction laundering, where cybercriminals process transactions for illicit sites through approved merchant accounts, and Rich highlighted underwriting best practices to detect potential launderers at boarding (prevention at the door being far preferable to subsequent detection).
Among the general sessions, the most memorable for me included the day one keynote, titled “Security in a Connected World,” led by author and cybersecurity expert, Marc Goodman. Among many insights, Marc discussed how our growing connecteness (e.g., the Internet of Things) creates vulnerability that is increasing exponentially each day. We’re really at the infancy of cyberpotential and cyberrisk. According to Goodman, if today’s Internet is the size of a golf ball, tomorrow’s will be as huge as the sun. This leads to significantly increased risk for us as consumers and for business professionals, including those managing business customer risk. At an acquiring attendee breakout, MasterCard’s Dave English ran a fascinating panel that extended the theme of accelerating complexity, discussing emerging categories of third-party risk.
G2 had an opportunity to address the audience on the topic of “Violators versus Risk: Who is Winning & Why?” Key themes included the growing sophistication, connectedness and technological prowess of cybercriminals, taking advantage of systemic vulnerabilities and the complexity of the payment ecosystem (new ways to pay, new places to shop, new “marketing schemes,” new illegal products) to gain access to merchant accounts and perpetuate their illegal sales activity. I spoke about key countermeasures implemented by the risk community, including continually evolving compliance programs (such as MasterCard BRAM), ever-evolving content monitoring, transaction laundering detection capabilities and new monitoring options, such as reputation.
To ensure that risk stays ahead of violators as the Internet grows sun-sized, I concluded with a key message: we need to tap into the new power of data/data science and our own ecosystem of bank departments, card networks and vendors to thwart increasingly adept cybercriminals and keep the payments ecosystem safe and profitable. Working as one digital payments ecosystem is the best strategy to prevent violators from declaring victory and, instead, stay a step ahead.