Skip Navigation Links Home > Resources > Browse Topics

Risk Management

Payments risk has never been more important to WesPay’s members than it is today. Challenging operational issues, complex regulatory changes, and more sophisticated fraud scenarios impact all of us.  Understanding payments risk and mitigating for those potential risks are essential strategies for successful financial institutions.

Because staying informed about risk issues, best practices, and controls can be challenging, WesPay has developed a comprehensive risk section for members. WesPay’s educational and publication risk resources, industry articles, and tools are all identified.  As you continue to refine and update your risk strategy, check here for the latest industry best practices and information.

Featured Risk White Paper

Risk Tools and Articles

Current Issues in Payments Risk Management

This white paper is a look at current payments risk management topics as identified by members, and weaves information from the WesPay survey, the Symposium discussion, and information from the WesPay ACH Self-Audit Guide. Download White Paper

ALSO: Appendix A - Complete list of questions and answers to the risk survey used in this white paper (XLSX)

Types of Risk

There are many types of payments risk that can affect any financial institution. The definitions for seven of the most common types of risk are provided here.

Criminal Misuse/Fraud

Criminal misuse occurs when someone (either internal or external to an organization) obtains consumer or business data that is used for personal gain. Examples of criminal misuse/fraud include:

  • Data breaches
  • Identity theft
  • Unauthorized access to a computer or data base in order to disrupt daily activities
  • New account fraud


Operational Risk

Operational Risk results from compromised internal controls, processes, people, or systems. Operational Risk can occur as a result of an external event or internal failure. The term covers a number of activities specific to financial institutions, including:

  • Lack of adequate controls for new and existing customers
  • Poor employment practice controls
  • Damage to a physical asset from a natural disaster or other event
  • Disruption of the business due to a system failure
  • Failed transaction process management
  • Failure of a business partner or vendor


Regulatory Risk

Regulatory Risk results from a failure to comply with the standards and codes of conduct applicable to the banking organization’s business activities and functions. While ignoring regulations and applicable laws may not result in a financial loss for the institution, a failure to comply with established banking regulations leaves the institution open for increased risk and fraudulent activities (both internal and external) and regulatory sanctions.


Credit Risk

Credit Risk is the possibility of a loss that occurs due to a failure of a partner, vendor, customer, or other third party who fails to meet a contractual debt obligation or agreement. Credit Risk also is called “credit exposure.”


Competitive Risk

Competitive Risk is the inability of a financial institution to provide expected services and products. A failure to provide these services can result in lost market share to more aggressive peers and potential nonbank competitors.


Reputational Risk

Reputational Risk is the probability of a loss of customers resulting from a decline in a financial institution’s reputation. Reputational risk is often discussed when an institution has had a data breach leading to criminal misuse, an operational risk that jeopardizes customer information or funds, or a credit problem resulting from credit default. When problems occur, customers lose confidence in the institution and may move accounts and assets to institutions without such problems.


Systemic Risk

Systemic Risk is financial system instability caused by factors that affect an entire market segment. It implies the risk of collapse of an entire financial system or entire market, as opposed to a risk associated with one specific entity or group. It can be potentially catastrophic since it involves complex relationships and interdependencies in a system or market. For example, the failure of a large financial institution or payments aggregator could cause a cascading failure, which could potentially bankrupt or bring down the entire system or market.





Risk Tools and Articles
Risk Glossary

All WesPay White Papers:

Current Issues in Payments Risk Management (PDF)

6 Critical Elements of a Risk Management Program (PDF)

Remote Deposit Capture: Sound Practices for Implementation and Risk Avoidance (PDF)

Mobile Remote Deposit Capture: Opportunities & Challenges (PDF)

International Remittance Transfers: Member Survey Findings and Details of Amendments to Regulation E (PDF)

NACHA ACH Risk Management and Assessment Rule: Overview (PDF)

Industry Resources

FFIEC Guidance Digest of RDC (PDF)

FedACH Risk Management Services

EPN’s Risk Management Services

NACHA Strategy for ACH Risk Management (PDF)

NACHA Risk Management Newsletter

FFIEC Paper on Outsourced Cloud Computing (PDF)




E-mail this page to a friend

 © 2001 - 2013 Western Payments Alliance, All Rights Reserved.
Privacy Policy & Online Secured Ordering | Refunds & Returns Policy
300 Montgomery St, Suite 400 / San Francisco, CA 94104 Phone: (415) 433-1230 / Fax: (415) 433-1370