BITS BITS Financial Services Roundtable
Home
Publications Member Login Here:
About Us
Publications
Events
Certification
Consumer Info
Contact
FISAP


 Photograph
Quote from the Chairman of BITS Fraud Reduction Program

BITS Online Fraud Library
This library is compiled by BITS from publicly available reports and documents, as a resource for fraud-related information. BITS does not endorse any particular organization or their products, services, or other information provided by these links.

This page is periodcially updated. Please check back for new information. Bolded items are recent additions.

To Main BITS Publications Page
To Members Only Fraud Section (Login required)

Anti Money Laundering/Suspicious Activity Reporting
- FinCEN Report on Outreach to Large Depository Institutions
 (Oct 2009)
- FinCEN's SAR Activity Review: Trends, Tips & Issues
   Issue 15 (May 2009)
- Anti-Money Laundering (AML) Source Tool for Mutual
   Funds (Jan 2009)
- SAR Activity Review - By the Numbers (Nov 2008)
- SAR Activity Review: Trends, Tips & Issues
   Issue 14 (Oct 2008)
- FinCEN Update: Prepared Remarks of James H.
   Freis, Network: Promoting Information Sharing in our
   Global Anti-money Laundering/Counterterrorism
   Finance Efforts (Oct 2008)
- SAR Activity Review: By the Numbers (May 2008)
- SAR Activity Review: Tips, Trends and Issues,
   Issue 13 (May 2008)
- FinCEN's Strategic Plan for 2008-2012 (May 2008)
- Financial Crimes Enforcement Network FY07 Annual
   Report (Apr 2008)
- SAR Activity Review: By the Numbers (Jan 2008)
- Reporting of Certain Currency Transactions for Sole
   Proprietorships and Legal Entities Operating Under a
   "Doing Business As" ("DBA") Name (Jan 2008)
- Suggestions for Addressing Common Errors Noted in
   Suspicious Activity Reporting (Oct 2007)
- SAR Activity Review: Issue 12 (Oct 2007)
- Bank Secrecy Act/Anti-Money Laundering Examination
   Manual (Aug 2007)
- Bank Secrecy Act/Anti-Money Laundering Examination
   Manual (Aug 2006)
- Special Due Diligence Programs for Certain Foreign
   Accounts (Aug 2007)
- Suspicious Activity Report Supporting Documentation
   (Jun 2007)
- SAR Activity Review: By the Numbers (Jun 2007)
- SAR Activity Review: Issue 11 (May 2007)
- 2007 National Money Laundering Strategy (May 2007)
   (4MB)
- Financial Crimes Enforcement Network FY06 Annual
   Report (Apr 2007) (14MB)
- Interagency Guidance on Sharing Suspicious Activity
   Reports with Head Offices and Controlling Companies
   (Jan 2006)
- U.S. Money Laundering Threat Assessment (Dec 2005)
- Final Regulation Implementing Section 312 of the
   USA PATRIOT ACT (Dec 2005)
- Money Laundering: A Banker's Guide to Avoiding
   Problems (Dec 2002)
Back to Top

Check 21
- Board of Governors of the Federal Reserve System
   Report to the Congress on the Check Clearing for
   the 21st Century Act of 2003 (Apr 2007)
- Check 21 and Check Fraud Prevention: Are They
   Mutually Exclusive? (As contained in the Federal
   Reserve Bank of Philadelphia Publication: SRC Insights)
- Implementing the Check 21 Act: Potential risks facing
   banks (Aug 2005)
- Strategies for Mitigating Fraud Risks Associated with the
   Check Clearing in the 21st Century Act (Oct 2004)
- Check 21 Resource Document (Mar 2004)
Back to Top

Consumer Education
- Manipulation and Abuse of the Consumer Credit
   Reporting Agencies (Aug 2009)
- Identity Theft Help for Victims
- Plastic Fraud (Jun 2008)
- Count on Scammers and Schemers to Follow the
   News (Feb 2008)
- BITS Mortgage Fraud Prevention: An Education and
   Awareness Toolkit for Consumers (Jan 2008)
- ID Crime Prevention Toolkit
- ID Crime Recovery Toolkit (2.5MB)
- Treasury Warns Public About E-Mail Scams (Dec 2007)
- To Buy or Not To Buy: Identity Theft Spawns New
   Products and Services To Help Minimize Risk
   (Nov 2007)
- STOP, THINK, CLICK: Seven Practices for Safer
   Computing (Sep 2007)
- FinCEN Warning Notice: Fraudulent Stop Order Scams
   (Aug 2007)
- FTC Brochure: Giving the Bounce to Counterfeit Check
   Scams (Feb 2007)
- How Not to Get Hooked by a 'Phishing' Scam
   (Oct 2006)
- Fighting Back Against Identity Theft: Common
   Ways Identity Theft Happens (May 2006)
- 10 Dumb Things Users Do That Can Mess Up Their
   Computers (May 2006)
Back to Top

Counterfeit Checks
- The Evolution of the Check as a Means of Payment
   (Jan 2009)
- FTC Brochure: Giving the Bounce to Counterfeit Check
   Scams (Feb 2007)
- BITS Voluntary Guidelines for Collections in the Financial
   Services Industry (Mar 2004)
Back to Top

Cybercrime
- In the Crossfire - Critical Infrastructure in the Age of Cyber-War (Jan 2010)
- 2010 Threat Predictions (Dec 2009)
- Symantec: Top Security and Storage Trends to Watch (Dec 2009)
- McAfee Virtual Criminology Report 2009 (Nov 2009)
- The Top Cybersecurity Risks (Sep 2009)
- APWG: Phishing Activity Trends Report (Jan - June 2009)
- Understanding Scam Victims: Seven Principles for System Security (Aug 2009)
- A Cybercrime Hub (Aug 2009)
- McAfee Threats Report: 1st Quarter 2009 (May 2009)
- Symantec Global Internet Security Threat Report Trends
   for 2008 (Apr 2009)
- Symantec Report on the Underground Ecomomy
   (Nov 2008)
- IAAC Directors' and Corporate Advisors' Guide to Digital
   Investigations (Nov 2008)
- DOJ: Cybercrime Against Businesses (Oct 2008)
- Data Breaches: What the Underground World of
   "Carding" Reveals (May 2008)
- Global Markets and Global Vulnerabilities: Fighting
   Transnational Crime through Financial Intelligence
   (Apr 2008)
- Electronic Crime Scene Investigation: A Guide for First
   Responders, Second Edition (Apr 2008)
- Russian Business Network Study (Oct 2007)
- GAO-07-705: Cybercrime: Public and Private Entities
   Face Challenges in Addressing Cyber Threats
   (Jun 2007)
- CRS Report for Congress Terrorist Precursor Crimes:
   Issues and Options for Congress (May 2007)
Back to Top

Data Breaches/Information Security
- Hey, You, Get Off My Cloud: Exploring Information Leakage in Third Party Compute Clouds
   (Oct 2009)
- On the Leakage of Personally Identifiable Information Via Online Social Networks
   (Aug 2009)
- Verizon 2009 Data Breach Investigations Report
   (Apr 2009)
- McAfee: 2009 Threat Predictions (Jan 2009)
- Information Security Breaches: Thinking Back and
   Looking Ahead (Sep 2008)
- UNISYS Security Index: Global Summary (May 2008)
- Do Data Breach Disclosure Laws Reduce Identity
   Theft? (Jun 2008)
- 2008 Data Breach Investigations Report
   (Verizon) (May 2008)
- Best Security, Privacy and Data Protection Articles
   of 2007 (Jan 2008)
- SANS Top-20 2007 Security Risks: 2007 Annual Update
   (Nov 2007)
- GAO-07-837: Information Security: Despite
   Reported Progress, Federal Agencies Need to Address
   Persistent Weaknesses (Jul 2007)
- GAO-07-737: Personal Information: Data Breaches
   Are Frequent, but Evidence of Resulting Identity Theft
   Is Limited; However, the Full Extent Is Unknown
   (Jun 2007)
- BITS/ABA Key Considerations for Responding to
   Unauthorized Access to Sensitive Customer Information
   (Nov 2006)
- BITS Consumer Confidence Toolkit: Data Security and
   Financial Services (Oct 2006)
- BITS Key Considerations for Securing Data in Storage
   and Transport (Apr 2006)
- Interagency Guidelines Establishing Information Security
   Standards: Small-Entity Compliance Guide (Dec 2005)
Back to Top

Email Security
- Phishing Activity Trends Report: 3rd Quarter 2009 (Jan 2010)
- Count on Scammers and Schemers to Follow the
   News (Feb 2008)
- STOP, THINK, CLICK: Seven Practices for Safer
   Computing (Sep 2007)
- BITS Email Security Toolkit: Protocols and
   Recommendations for Reducing the Risks (Apr 2007)
- How Not to Get Hooked by a 'Phishing' Scam (Oct 2006)
Back to Top

Financial Abuse of the Elderly and Vulnerable
- BITS Fraud Protection Guide: Protecting the Elderly and Vulnerable from Financial Fraud and Exploitation (February 2010, Updated from 2005)
- BITS Fraud Protection Training Guide: PowerPoint Presentation (February 2010, Updated from 2005)
- BITS Fraud Protection Guide: Protecting the Elderly and
   Vulnerable from Financial Fraud and Exploitation
   (Nov 2005)
Back to Top

Fraud Risk Management
- Advice for Phone and Online Banking Users (Jan 2010)
- 2009 Lexis Nexis True Cost of Fraud (Nov 2009)
- Bank Secrecy Act - GAO: Suspicious Activity Report Use
   Is Increasing (Apr 2009)
- Six Critical Elements of a Comprehensive Risk
   Management Program (Dec 2008)
- 2008 RSA Online Fraud Report (Dec 2008)
- Managing the Business Risk of Fraud: A Practical Guide
   (Jul 2008)
- Ten Things About Fraud Control (Nov 2007)
- How Does Your Hotline Measure Up? (Checklist Criteria)
   (Nov 2007)
- Financial Crimes Report to the Public,
   Fiscal Year 2007 (Sep 2007)
- Risky Business: Managing Electronic Payments in the
   21st Century (Dec 2005)
Back to Top

Identity Theft
- Predicting Social Security Numbers from Public Data
   (Jul 2009)
- FTC Compliance Guide: Fighting Fraud with the Red
   Flags Rule (Mar 2009)
- Identity Theft Assistance Center Blog
- Vicitms' Rights: Fighting Identity Crime on the Front
   Lines (Feb 2009)
- FTC Report: Security in Numbers - SSNs & ID Theft
   (Dec 2008)
- Identity Theft Help for Victims
- Identity Theft: The Aftermath 2007 (Jun 2008)
- Victims of Fraud Dossier, Part IV (May 2008)
- International Association of Chiefs of Police (IACP) and
   Bank of America Identity Crime Toolkits (Dec 2007)
    - ID Crime Prevention Toolkit
    - ID Crime Recovery Toolkit (2.5MB)
    - Police Chief's Identity Crime Toolkit (3MB)
- Identity Fraud Trends and Patterns: Building a
   Data-Based Foundation for Proactive
   Enforcement (Oct 2007)
- FTC 2006 Identity Theft Survey Report
- Identity Theft Laws: State Penalties and Remedies and
   Pending Federal Bills (Jun 2007)
- Fighting Back Against Identity Theft: Common
   Ways Identity Theft Happens (May 2006)
- Identity Management at Credit Unions (Mar 2006)
- Identity Theft: Some Outreach Efforts to Promote
   Awareness of Consumer Rights are Under Way
   (Jun 2005)
- Local Law Enforcement's Response to Identity Theft
   Crimes: Strategies to Support the Investigative Role of
   the Police and Compliance with the F.A.C.T. Act of 2004
   (Jun 2005)
- Locking up the Evil Twin: A Summit on Identity Theft
   Solutions (Mar 2005)
- National and State Trends in Fraud & Identity Theft
   (Feb 2005)
- The Use of Technology to Combat Identity Theft
   (Feb 2005)
- Identity Theft: A Risk to be Managed (Feb 2005)
- Putting an End to Account-Hijacking Identity Theft
   (Dec 2004)
- Putting an End to Account-Hijacking Identity Theft
   Study Supplement (Jun 2005)
- BITS Fraud Reduction Guidelines: Strategies for Identity
   Theft Prevention and Consumer Assistance (Jul 2003)
- Documents to Assist Members in Addressing Email
   Hoaxes (July 2003)
    - Questions for Financial Institutions to Ask
      Customers Calling to Report an Email Hoax
Back to Top

Internal Fraud
- Deloitte's 6th Annual Global Security Survey (Feb 2009)
- ACFE 2008 Report to the Nation on Occupational Fraud &
   Abuse (Jul 2008)
- Managing the Business Risk of Fraud: A Practical Guide    (Jul 2008)
- (ISC)2 Global Information Security Workforce
   Study (May 2008)
- When Bad Things Happen to Good Banks: The Perils of
   Unbalanced Internal Control Regime (Mar 2008)
- CERT Podcast: Insider Threat and the Software
   Development Life Cycle (Mar 2008)
- Insider Threat Study: Illicit Cyber Activity in the
   Government Sector (Jan 2008)
- Insider Threat Study: Illicit Cyber Activity in the
  Information Technology and Telecommunications Sector
   (Jan 2008)
- Internal Fraud: Building the Business Case for
   Investment (Oct 2007)
- KPMG Profile of a Fraudster Survey 2007 (Aug 2007)
- Internal Fraud: Surveying the Current Landscape
   (Mar 2007)
- Report to the Nation on Occupational Fraud & Abuse
   (Aug 2006) (7MB file)
- Common Sense Guide to Prevention and
   Detection of Insider Threats, Ver 2.1 (Jul 2006)
- Insider Activities: Comptroller's Handbook (Mar 2006)
- Insider Threat Study: Computer System Sabotage in
   Critical Infrastructure Sectors (May 2005)
- Insider Threat Study: Illicit Cyber Activity in the
   Banking and Finance Sector (Aug 2004)
Back to Top

Mobile Payments
- Alternatives for Banks to offer Secure Mobile Payments (Aug 2010)
- Mobile Payments: Mobile Operator Market Opportunities
   and Business Models (Aug 2007)
Back to Top

Mortgage and Loan Fraud
- FFIEC Issues 2009 Mortgage Fraud White Paper:The Detection and Deterrence of Mortgage Fraud Against Financial Institutions"
   (Feb 2010)
- FinCEN's SAR Activity Review: Trends, Tips & Issues"
   (Oct 2009)
- Q2 2009 Mortgage Fraud Risk Report"
   (Aug 2009)
- FBI 2008 Mortgage Fraud Report, "Year in Review"
   (Jul 2009)
- FinCEN Advisory: Guidance to Financial Institutions on
   Filing Suspicious Activity Reports Regarding Loan
   Modification/Foreclosure Rescue Scams (Apr 2009)
- FinCEN Report: Mortgage Loan Fraud Connections with
   Other Financial Crime (Mar 2009)
- Mortgage Asset Research Institute's (MARI®) 11th
   Periodic Mortgage Fraud Case Report to the Mortgage
   Banker's Association (MBA) (Mar 2009)
- Filing Trends in Mortgage Loan Fraud (Feb 2009)
- OCC Offers Consumer Tips to Avoid Foreclosure
   Rescue Scams (May 2008)
- Q2-2008 Core Mortgage Risk Monitor (Apr 2008)
- FBI 2007 Mortgage Fraud Report (Apr 2008)
- Suspected Money Laundering in the Residential Real
   Estate Industry: An Assessment Based Upon Suspicious
   Activity Report Analysis (Apr 2008)
- Mortgage Loan Fraud: An Update of Trends based Upon
   an Analysis of SARs (Apr 2008) (5MB)
- Mortgage Loan Fraud: An Industry Assessment based
   upon SAR Analysis (Nov 2006)
- Interthinx Training DVD: Fraud Angels (Mar 2008)
- BITS Mortgage Fraud Prevention: An Education and
   Awareness Toolkit for Consumers (Jan 2008)
- MBA Study: Strengthening Federal and State Mortgage
   Fraud Prevention Efforts (Oct 2007)
Back to Top

Online/Remote Channel Fraud
- Malicious Software: A Security Threat to the
   Internet Community (Jun 2008)
- CyberSource: 8th Annual Online Fraud Report
   (Apr 2008) (registration required)
- IC3: 2007 Internet Crime Report (Apr 2008) (7MB)
- A Practical Approach to Managing Phishing (Apr 2008)
- APWG: Advisory on Utilization of Whois Data For
   Phishing Site Take Down (Mar 2008)
- APWG: Phishing Activity Trends (Dec 2007)
- APWG: The Relationship of Phishing and Domain Tasting
   (Sep 2007)
- Online Financial Fraud and Identity Theft Report
   (Aug 2007)
- Report on Phishing A Report to the Minister of Public
   Safety and Emergency Preparedness Canada annd the
   Attorney General of the United States (Oct 2006)
- 10 Dumb Things Users Do That Can Mess Up Their
   Computers (May 2006)
- Online Identity Theft: Phishing Technology, Chokepoints
   and Countermeasures (Oct 2005)
- FFIEC: Authentication in Internet Banking Environment
   (Oct 2005)
- Voluntary Guidelines for Consumer Confidence in Online
   Financial Services (Sep 2005)
- STAR ID Theft/Phishing Research Update (May 2005)
- Fraud Prevention Strategies for Internet Banking
   (Apr 2003)
Back to Top

Payment Card/ATM Fraud
- Best Practices for Managing Cardholder Dispute, Chargeback Processes (Mar 2010)
- The 2008 Survey of Consumer Payment Choice (Jan 2010)
- The future of everyday payments in Europe: Who cares? (Jan 2010)
- ATM Crime: Overview of the European situation and golden rules on how to avoid it (Aug 2009)
- Skimming Prevention: Best Practices for Merchants (Sep 2009)
- ATM Crime: Overview of the European Situation and Golden Rules on How to Avoid It (Aug 2009)
- Stopping Card Fraud in its Tracks (Jul 2009)
- Economics of payments card: A status report
   (Mar 2009)
- The Federal Reserve's Role in Retail Payments: Adapting
   to a New Environment (Jan 2009)
- The Economics of Payment Cards (Nov 2008)
- Recent Payment Trends in the United States (Oct 2008)
- BITS Debit Card/ATM Fraud Resource List (Oct 2008)
- Understanding Risk Management in Emerging Retail
   Payments (Sep 2008)
- Payments Card-related Legislative and Policy Update
   (Sep 2008)
- Plastic Fraud (Jun 2008)
- A Guide to the ATM and Debit Card Industry:
   2006 Update (Jan 2007)
- Targeting Debit Card Fraud: A Multi-pronged Approach
   to Educate, Prevent and Detect (Nov 2005)
- The Laws, Regulations, and Industry Practices That
   Protect Consumers Who Use Electronic Payment
   Systems: Credit and Debit Cards (Jan 2005)
Back to Top

Payments Fraud and Risk
- Heartland Payment Systems: Lessons Learned from a Data Breach (Jan 2010)
- Payments Fraud. How it happens. And what you can do to protect your organization. (Nov 2009)
- Payment Cards and Mobile: Inside Fraud (Oct 2009)
- The Beating Heart of Banking: Insights in Global Payments (June 2009)
- Payments Fraud: Perception versus Reality - A Conference Summary (June 2009)
- Payment System End-Users Committee (EUC) Position
   Paper on SEPA Direct Deposit (Jul 2009)
- A Backward Glance While Looking Forward
   Federal Reserve Bank of Kansas City (Apr 2009)
- 2009 AFP Payments Fraud and Control Survey: Report
   of Survey Results (Mar 2009)
- The Federal Reserve's Role in Retail Payments: Adapting
   to a New Environment (Jan 2009)
- Consumer Choice and Merchant Acceptance of Payment
   Media Federal Reserve Bank of Chicago (Nov 2008)
- The Economics of Payment Cards
   Federal Reserve Bank of Chicago (Nov 2008)
- Recent Payment Trends in the United States (Oct 2008)
- Understanding Risk Management in Emerging Retail
   Payments (Sep 2008)
- Assessing the Landscape of Payments Fraud
   Chicago Fed Letter (Jun 1008)
- 2008 Payments Conference "Payments Fraud:
   Perception Versus Reality" (Jun 1008)
- The Contactless Wave: A Case Study in Transit
   Payments (Jun 2008)
- FFIEC Booklet: Wholesale Payment Systems
- The Evolution of the ACH (Dec 2007)
- Chicago Fed Letter: Competitive Forces Shaping the
   Payments Environment: What's Next? (Aug 2007)
- Accepting Contactless Payments: A Merchant
   Implementation (Jun 2007)
   (Registration required for full report)
- Fraud in the ACH System: A Holistic Approach for
   Financial Institutions (Jun 2007) (Registration required)
- Liability Flows Among Networks - Comment Letter on
   Cross-Network Liability (May 2007)
- Third Party Payments System Access Control White
   Paper and Recommendations (May 2007)
- BITS ACH Check Conversion Risk Management Toolkit
   (Mar 2007)
- FRB: The Supervisory Framework Surrounding Nonbank
   Participation in the U.S. Retail Payments System:
   An Overview (Apr 2006)
- NACHA: A Comprehensive Strategy for Risk
   Management in the ACH Network (Feb 2007)
- OCC Bulletin 2006-39 - Managing Risks of ACH Activity
   (Sep 2006)
- NACHA: A New Strategic ACH Rules Framework for Risk
   Mitigation in the 21st Century (May 2005)
- The Laws, Regulations, and Industry Practices That
   Protect Consumers Who Use Electronic Payment
   Systems: ACH E-Checks & Prepaid Cards (Mar 2005)
- Account-to-Account Services: Emerging Product
   Overview (Mar 2005)
Back to Top

Remote Deposit Capture
- BITS Remote Deposit Image Capture: The Processes,
   Risks and Strategies Used to Mitigate Them (Sep 2006)
- NetDeposit: Remote Deposit Capture: A White Paper
   Addressing Regulatory, Operational and Risk Issues
   (Aug 2006)
Back to Top

Back to Main Publications Page
BITS Publications
Comment Letters
 Public Testimony
 Presentations
 BITS Bulletin Archive
"The BITS Strategy for Identity Theft Prevention and Victim Assistance is an outstanding example of the excellent work BITS is doing for the financial services industry."
-Wayne A. Abernathy, Former U.S. Treasury Assistant Secretary for Financial Institutions