Executive Summary

Research Purpose and Methodology

In a world of faceless banking channels — from the Internet to ATM — the
branch continues to be the most important connection between a financial
institution and its customers. When it comes to answering customers’
questions and addressing their concerns, the branch plays a vital role in
reinforcing the brand experience and retaining customer trust.

How? By paying more attention to the emotional side of a bank’s customer relationships. Customers are only human; they can’t help but be affected by the headlines they see and the experiences they have. When it comes to the security of their assets, customers must rely on the branch to answer their questions and alleviate their concerns.

Unfortunately, many banks are not coming through for their customers. In fact, the performance of their customer service representatives may even have a detrimental effect on those relationships, when it comes to reassuring customers that the bank’s fraud management practices are providing adequate protection.

As a provider of services and solutions to banks for identifying threats and deterring fraud, Unisys set out to help banks measure the extent of this problem, and to cope with it, by conducting research to understand both the consumer perspective and the messages bank representatives are communicating to customers. Two central questions were addressed by the research:

• How are branch personnel communicating their banks’ identity-theft
  safeguards to their existing and potential clients?
• What are consumers’ experiences and concerns with identity theft and
  what impact are they having on their selection of financial institutions
  and services?

Data was obtained through two recently completed surveys targeting banking customers and bank branch customer service representatives (bank reps).

In the consumer survey, 1,081 consumers with checking accounts were contacted by telephone as part of a national household survey by ICR. The households surveyed constitute a representative national sample of U.S. households with checking accounts.

In the banker survey, 300 bank branches were contacted by telephone in a “mystery shopper” program. These included 100 branches of banks with more than $200 billion in assets (Group A banks) and 200 branches of banks with $10 billion to $200 billion in assets (Group B banks). Interviewers identified themselves as looking for a new bank after having been a victim of identity theft. Data include banker responses and interviewer perceptions of the interaction.

Why Banks Must Act Now

In the past, banks looked at fraud from the perspective of hard-dollar loss only. But recently, banks have become much more sensitive to the potential damage to their brands and ensuing loss of customer trust. And it’s not a moment too soon, because fraud today is taking its cue from the advances in banking technology — becoming “industrialized” in the process. That is, criminals are using technology to automate their fraudulent activities, to process high volumes of data, and to capture knowledge.

According to a Gartner¹ April 2004 survey, more than 1.4 million people have been victims of identity fraud, costing banks and credit card issuers $1.2 billion last year in new account, checking account and credit-card fraud.

Global headlines are touting the recent development of “phishing” attacks — fraudulent mass e-mail campaigns designed to lure customers into providing personal financial information such as passwords or account information to criminals. With the increasing reliance upon technology, identity fraud has seemingly become easier to commit: create a passable facsimile of an email from a financial institution, ask for a customer’s data under the auspices of updating an account or confirming a password. And you’re in.

A relatively new development, phishing has only begun to scratch the surface. According to the Anti-Phishing Working Group’s (APWG) July 2004 Phishing Attack Trends Report², phishing attacks grew on average 50% each month from December 2003 through July 2004. According to APWG, the financial services sector is the most targeted industry for such attacks.

But the fraud isn’t just limited to online banking. Criminals are walking this ill-gotten customer data right into the branch, using it to gain entry into customer accounts.

Although the hard-dollar losses attributed to identity theft fraud are significant, because identity fraud also has the capacity to undermine customer confidence in a bank’s brand, it’s critical that the front-line branch personnel accurately communicate the bank’s policies to customers.

¹Litan, A. “Phishing Victims Likely Will Suffer Identity Theft Fraud,” Gartner Analyst Report, May 14, 2004.
²Anti-Phishing Working Group, Phishing Attack Trends Report, July 2004.

The Results

In conducting this research, Unisys and ICR found a surprising disconnect between what consumers expect from their financial institutions and what banks are delivering — at least in terms of identity theft prevention and detection services as reported by the bank customer service representatives we surveyed. Indeed, if the disconnect does not exist, then branch representatives seem unable to crisply articulate the programs and protections that banks have in place to protect their customers. Early on in an epidemic, such as the one we’re experiencing today, reality and perception are inches, not miles, apart.

What follows is a detailed analysis of the results of these two related surveys, along with explanations of the opportunities banks can seize upon to help them retain consumer trust and confidence.

More than ever, banks have a renewed focus on the branch. Whether achieved through M&A or organic growth, the physical footprint of many banks has expanded considerably in the past few years. But the security messaging that they put forth in the marketplace is getting lost on its way to consumers. As this research revealed, measurable gaps exist between reps’ answers and consumer concerns regarding identity theft.

However, despite these gaps, Unisys is confident that the financial services industry can only benefit from knowing how customer service reps are communicating bank policies to consumers. We’re encouraging the industry to use this information as a tool, as it reevaluates strategies to improve and implement a comprehensive education plan on identity theft for service reps.

As you’ll see, the future of your business depends on it.

Identity Theft Issues

Customer experience with identity theft

Identity theft — impersonating another individual to fraudulently obtain loans, access accounts, apply for credit cards, or establish accounts — has become widespread. When U.S. consumers participating in this survey were asked whether anyone in their household or immediate family ever experienced identify theft, 20% indicated that they were acquainted with identity theft — either through personal experience or through someone they know.

According to this study, consumers who have experience with identity theft tend to be under age 34 (30%), with higher incomes (27% have incomes of $75,000 and over) and college educations (28%), and reside in metropolitan areas (21%).

Responsibility for protecting customer assets

Based on their interactions with bank customer service representatives, mystery shoppers were asked their opinions regarding whether the bank takes responsibility for protecting the customer, or if the bank considers identity theft to be the customer’s problem.

The mystery shoppers found that most customer service reps (59%) indicated that both the institution and customer share responsibility for identity theft. However, 12% of bank reps indicated to the shoppers that it was entirely the customer’s problem.

Information offered regarding identity theft

Few bank reps offered or referred to brochures and printed materials on identity theft. In fact, only 9% of reps offered brochures or related materials to the mystery shoppers. One rep offered to sell an inquiring shopper a $10 packet on identity theft materials.

And despite the fact that the conversation centered on identity fraud, only 3% of the reps suggested that the mystery shopper call a credit-reporting agency; the overwhelming majority (97%) did not.

Phishing attacks

Each mystery shopper told the customer service reps that they’d experienced identity theft problems at a previous bank, beginning when someone sent them an email asking to confirm some information (a “phishing” campaign). When asked directly whether their bank had had similar problems, the vast majority of customer service reps (91%) said their banks had never experienced phishing attacks. However, 11% of reps said they warn customers to never give out information over the phone or respond to emails requesting personal information. Among reps who were aware of attacks against their banks, 29% said their institutions try to notify customers immediately when scams occur.

What this means for banks

Banks have a clear opportunity to assuage customers’ concerns with regard to identity theft, and at the same time reinforce their brand. However, this research shows that they may not be rising to the challenge. Given the sheer number of consumers who have experienced identity theft, it’s imperative that branch personnel are adequately trained on the issue. The future of the bank’s brand depends on it.

As the face and voice of the institution, branch personnel must communicate their financial institution’s preventive measures and response policies. Based on these survey results, banks need to further educate their branch personnel on how to communicate this clearly to customers.

Obviously, a certain amount of discretion is needed to adequately safeguard the security practices of financial institutions. Still, banks have an opportunity to build and further maintain trust by informing customers of the bank’s commitment to preserving customers’ assets and identities.

About Unisys

Unisys is a worldwide information technology services and solutions company. Our people provide consulting, systems integration, outsourcing, infrastructure and server technology with precision thinking and relentless execution in more than 100 countries. Unisys banking solutions address key areas including enterprise payments, paper-to-electronic transformation, multi-channel integration, identity theft and anti-money laundering. Most of the industry’s leaders rely on our solutions, including 22 of the top 25 global banks, eight of the top 10 international life and pensions insurers, and five of the world’s top 10 property and casualty insurers. For more information, see http://www.unisys.com/financial.

About International Communications Research, Inc.

ICR is a large and international full-service marketing research firm based in Media, Pa. Its professional staff has experience in unique consumer populations, business-to-business, healthcare/pharmaceuticals, technology, financial, advertising/PR, utilities, retail, industrial and social science research. ICR is a member of the Council of American Survey Research Organizations (CASRO), and conducts projects in full compliance with CASRO professional and ethical standards. The ICR Technology Group, which conducted these studies, is a specialized team of researchers and economists with experience in computer systems and solutions, banking and financial services, and wire-based and wireless communications and services.

Read the Free White Paper

Full coverage of this ground-breaking Unisys-sponsored industry research can be found in the white paper, which includes survey results and analysis regarding customer trust, protection of customer data, fraud prevention, theft response, check imaging and online banking.

For more details on the study results, in addition to this Executive Summary, download the complete white paper (PDF 255 kb).