2. Sell the portfolio.

3. Acknowledge that there is a problem and commit the necessary resources to fight fraud. The first option is not a very popular choice here at Envision Credit Union, and I'm sure it would be a tough sell at most board and/or budget meetings. The second option is short-sighted. Do not let fraud risks intimidate you into abandoning what can be the most profitable part of your portfolio, as well as an important relationship with members. While it's true that credit card fraud is a hot media topic, as percentage of expenses it only represents 7 cents of every $100 transaction according to the latest statistics from Visa and credit card ROA is typically the highest in a credit union's loan portfolio. In my case credit card ROA (after loan and fraud losses and processing fees) is 7.5% while mortgages are 6.6% and auto loans are 6.1%. In addition, it really would only solve half of the problem–the credit side of the house. Recent statistics show that in fact debit card fraud is increasing at a faster pace than credit card fraud and you can't sell your debit portfolio. So this leaves us with the final option of acknowledging that there is a problem and committing the necessary resources to fight fraud. Where do you start? Cardholder Education and Awareness

There are some types of fraud that we can't control easily such as the highly publicized merchant data breaches and hacking incidents at third party providers. (I am encouraged by recent news from Visa about streamlined rules for issuer fraud claims that will take effect in October, and now that credit unions have representation on the Visa Board I am more confident that the small issuer voice will be heard.) Credit unions have an obligation to try to manage those areas where we do have more control. This starts with the basics of education. The majority of fraud is still perpetrated via "traditional" methods such as lost/stolen wallets, phishing, skimming, and good old mail fraud. Continue to reinforce simple messages to your members that you will never ask for their PIN or other personal information in an email and that they need to shred statements and other sensitive documents so that "friendly fraud" doesn't occur. Stop Being An Easy Target for Fraudsters!

You don't have to be a victim just because you are a small issuer. It's time for credit unions to help themselves. Take advantage of the myriad of easy-to-implement best practices, tools, and prevention tactics that are available to you! One of the best places to start is with the credit and debit card processors you choose. All VisaNet processors that you contract with should be required to validate compliance on an annual basis through an onsite PCI audit. Is your processor compliant and do they have the latest fraud tools and software updates running on their mainframes?

In addition, be sure to review your credit and debit card portfolios' parameters at least annually to ensure that you are conforming to the industry's best practices. This includes items such as card activation, 24/7 neural network monitoring, CVC/CVC validation, name matching, managing credit lines and daily limits, to name just a few. CMG has published a "Plastic Card Security Best Practices" document for their Bond policyholders. I would suggest using that as your guide as you evaluate your controls and settings with your processor. Take Action and Empower Your Staff

At Envision, we are very proactive at fighting fraud. We love catching the bad guys and more importantly protecting our members. Our assistant vice president of card services, Linda Sojat, and her staff have taken the initiative to create filters and queries to mine our cardholders' data and predict and prevent fraud based on the behavior of our membership. And it's working! I can't think of a greater motivator– professionally or personally. As Linda put it, "It's pretty cool!"