Welcome » IT Booklets » Retail Payment Systems » Retail Payment Systems Risk Management » Retail Payment Instrument Specific Risk Management Controls » Credit Cards
Credit and fraud losses are two of the most significant credit
card-related risks to a financial institution. Credit losses
due to contractual delinquency and bankruptcy account for the
majority of credit card charge-offs. Fraud includes
unauthorized use of lost or stolen cards, fraudulent applications,
counterfeit or altered cards, and the unauthorized use of a
cardholder's credit card number for card-not-present
Consumer compliance regulations (Regulation Z and Regulation E)
and association operating rules (Visa and MasterCard) provide
significant consumer protection for fraudulent transactions.
According to Regulation E, if cardholders report timely the loss of
their credit cards, they are responsible for no more than $50 of
the charges resulting from fraud. Regulation Z provides
additional billing error resolution procedures. Visa,
MasterCard, Discover, and American Express have zero liability
programs, which indemnify card holders for all fraudulent losses in
many circumstances. The issuing financial institution or the
merchant pays the costs of any fraud involving credit cards.
At a minimum, the merchant should obtain an authorization, a
cardholder's signature, or an electronic imprint of the card
(electronic information on the card) at the POS. The merchant
is required by the card companies to cover fraudulent transactions
through the chargeback process if it does not follow the minimum
procedures. This has become a significant issue for many
online retailers processing card-not-present transactions.
The major bankcard companies; however, have introduced services to
reduce the liability of the merchants. Under one initiative,
issuers will assume losses for fraudulent transactions if the
payment was authorized using the bankcard company's authentication
A control method financial institutions use to reduce risk is
the authorization process to approve the credit transaction.
For example, when the merchant swipes the bankcard, the issuer can
deny authorization of the transaction if the consumer is over his
or her credit limit, is delinquent, or if the card has been
reported as stolen. Financial institutions can also employ
the address verification service (AVS) to verify a cardholder's
billing address and other pertinent information. AVS is used
for mail, telephone, and Internet transactions.
Employing the appropriate underwriting, account management,
monitoring, and collection practices can mitigate credit
risk. By setting standards that reduce the probability of
delinquency and fraud, financial institutions can more effectively
control credit losses.