Reports

454 kb
Date : 21 Jan 2011
Chapter 8 : Customer Education

Introduction :

With the advent of electronic banking, the neighbourhood bank has set up a branch on the desktop of the customer. The customer’s experience of banking is therefore no longer fully under the control of the bank. In the age of the self-service model of banking, the customer also has to be equipped to do safe banking through self help.  It is often said that the best defence against frauds is an aware customer. With fraudsters constantly creating more diverse and complex fraudulent ruses using advanced technology and social engineering techniques to access their victims’ accounts, spreading awareness among consumers becomes imperative.

Some banks regularly run campaigns to raise consumer awareness on a variety of fraud related issues. However, to generate a standard understanding of the evolving fraud scenarios, a combined effort could proliferate the information to a larger customer base. It is also important to educate the other stakeholders, including bank employees, who can then act as resource persons for customer queries, law enforcement personnel for more understanding response to customer complaints and media for dissemination of accurate and timely information.

Scope:

  • Illustrate how to plan, organise and implement a fraud awareness raising initiative

  • Provide a framework to evaluate the effectiveness of an awareness program

  • Offer a communication framework

  • Highlight potential risks associated with awareness initiatives in an effort to avoid such issues in future programs

  • Contribute to the development of a safe and secure culture by encouraging users to act responsibly and operate more securely

1) Roles and Responsibility - Board of Directors/Senior Management:

There needs to be commitment from the Board of Directors/Senior Management towards the process of consumer education initiatives by providing adequate resources, evaluating the effectiveness of the process and fine-tuning and improving customer education measures on an ongoing process.

2) Organisational structure

Working group

To get desired support for the programme, it is important to identify and involve key stakeholders in decision-making, planning, implementation and evaluation.

  • Establish a clear goal for the endpoint, in consultation with key stakeholders.

  • Clearly define roles, responsibilities and accountabilities.

  • Communicate in an open, honest, clear and timely manner.

  • Allow for flexibility in approaches to suit different stakeholder needs.

  • Support with training and development to ensure a change in behaviour and culture.

  • Learn from previous and ongoing experiences and celebrate achievements.

3) Communication Strategy

1. Defining ‘Awareness’

Security awareness is the understanding and knowledge of the threats to the sensitive personal information of the customer and the protection measures to be adopted. It is the basic component of the education strategy of an organisation which tries to change the attitude, behaviour and practice of its target audience (e.g. customers, general public, employees etc.). Awareness activities need to be done an ongoing basis, using a variety of delivery methods and are less formal and shorter than formal training processes.

The purpose of awareness presentations is simply to focus attention on security. Such presentations are intended to allow individuals to recognise security concerns and respond accordingly. In awareness activities, the learner is only the recipient of information.

2. Suggested approach for awareness programmes1

The three main stages in the development of an awareness programme are :

a. Planning and design : Awareness programmes can be successful only if users feel the content is in their interest and is relevant to their banking needs. In the planning stage, the needs of the target audience should be identified, a plan developed, organizational buy-in and appropriate budgets obtained and priorities established. The work plan should clearly mention the main activities with the required resources, timelines and milestones. This plan must be reviewed periodically as the programme progresses.

b. Execution and management :This process focuses on the activities to implement the awareness program. A suitable vendor should be engaged for content creation and publication.

c. Evaluation and course correction :Continuous improvement cannot occur without knowing how the existing programme is working. A well-calibrated feedback strategy must be designed and implemented.

The component processes under the above sections can be listed as under :

Plan, assess and design

Execute and manage

Evaluate and adjust

Establish a working group

Nominate team members

Establish baseline for evaluation

Define goals and objectives

Review work plan

Gather data

Define target group

Launch and implement the activities

Collect feedback on communications

Identify human and material resources required

Document learnings

Assess effectiveness through number of events

Evaluate potential solutions

 

Review program objectives

Select desired solutions and procedures

 

Make necessary changes in the plan

Identify programme benefits and obtain budgetary sanctions

 

 

Prepare work plan and checklists

 

 

Define communications concept

 

 

Define indicators to measure the progress

 

 

Establish baseline for evaluation

 

 

Document learnings

 

 

3. Target audience

Since awareness programmes should be customized for a specific audience, it is important to identify and segment the target users for the programs.

The target groups for these programs would be:

  • Bank customers

  • Bank employees and consultants

  • Law Enforcement Agencies – Police, Judiciary and Consumer Forums

  • Fraud risk professionals

  • Media personnel

  • Channel partners and suppliers

  • General public of varying age and technical knowledge – children, youth, adults, senior citizens and silver surfers

4. Stake holder support

Building consensus amongst decision makers and stakeholders for financial and administrative support is an important step in the programme. In this respect, both fixed and variable costs need to be identified. These will include personnel, operational costs, awareness material, advertisements and promotions and maintenance of website.

The common objectives of the awareness programme will be to:

  • Provide a focal point and a driving force for a range of awareness, training and educational activities

  • Provide general and specific information about fraud risk trends, types or controls to people who need to know

  • Help consumers identify areas vulnerable to fraud attempts and make them aware of their responsibilities in relation to fraud prevention

  • Motivate individuals to adopt recommended guidelines or practices

  • Create a stronger culture of security with better understanding and commitment

  • Help minimise the number and extent of incidents, thus reducing costs directly (fraud losses) and indirectly (for eg., reduced need to investigate)

5. Concept of communication

Communication is crucial for the success of any awareness programme. The key elements of effective communication are:

  • Ability to reach out to a broad audience which can contribute to the multiplier effect to maximize the reach of the message

  • Not to be alarming or overly negative about a situation. If issues or risks need to be detailed, it is often easier for the audience to understand in the context of real world experiences

  • Deliver the right message content to the right audience using the most effective communication channels

  • The message should state the risks and threats facing the users, why it is relevant to them, what to do and not to do, and finally how to be protected. The message should be compelling and clearly state why security is important. Users who understand why certain types of behaviour are risky are most likely to take ownership of the issue and change their behaviour.

6. Communication content

The messages through these communications would carry information related to various frauds in general with specific focus on electronic frauds through fake websites, phishing, vishing, skimming and emails.

7. Communication collaterals

Awareness building collaterals can be created in the form of:

  • Leaflets and brochures

  • Educational material in account opening kits

  • Safety tips in cheque books, PIN, account statements and envelopes

  • Receipts dispensed by ATMs

  • DVDs with animated case studies and videos

  • Screensavers

  • Electronic newsletters

  • Short Messaging Service (SMS) texts

  • Recorded messages played during waiting period of phone banking calls

The collaterals should be created in regional languages wherever required.

8. Communication channels

Since the target groups obtain information from a variety of sources, more than one communication channel could be used to engage them successfully. These could be:

  • Advertising campaigns though print and TV media

  • Talk shows on television/radio

  • Customer meets and interactive sessions with specialists

  • Common website developed with content from all stakeholders

  • Online training modules and demos hosted on this site

  • Groups, games and profiles on social media

  • Advertisements on online shopping sites

  • Bill boards

  • Posters in prominent locations such as petrol pumps and popular restaurants

  • Interactive guidance in the form of helplines

  • ATM screens , Emails and SMS texts

  • Distance learning programmes and demos

The message delivered, the channels used and the sender of the message should be influential and credible, otherwise the target group may be less inclined to listen.

An effective way to deliver the message would be the use of multipliers that can help communicate to a broad range of audience. Few examples of such bodies could be:

  • Community centres

  • Schools and colleges

  • Computer and book stores

  • Libraries

  • NGOs

  • Clubs

  • Adult education centres

9. Research and analysis

In addition to the above, a research group should be formed to continually update the team with the latest trends and evolving modus operandi. The team would maintain a repository of material such as:

  • Case studies

  • Sample mails

  • Sample of fraudulent documents

  • Data collected from victims or targets of frauds

  • International practices and developments

10. Evaluation

Evaluation of the effects of various campaigns for specific target groups can be measured through qualitative (e.g. focus groups, interviews) and/or quantitative (e.g. questionnaires, omnibus surveys) research. Evaluation against metrics, performance objectives, etc. should also be conducted to check the campaign’s effectiveness, and to establish lessons learned to improve future initiatives.

Other issues relating to bank customer education:

Apart from regular education efforts, when new operating features or functions, particularly those relating to security, integrity and authentication, are being introduced, banks should ensure that customers have sufficient instruction and information to be able to properly utilize them. Continual education and timely information provided to customers will help them to understand security requirements and take appropriate steps in reporting security problems.

INDUSTRY LEVEL RECOMMENDATIONS:

Each bank would have a documented policy, training mechanisms, material and research units. At the industry level, material can be pooled from these units to be used on a larger platform towards a common goal.

KEY RECOMMENDATIONS

  1. There needs to be a commitment from the Board of Directors/Senior Management towards the process of consumer education initiatives by providing adequate resources, evaluating the effectiveness of the process and fine-tuning and improving customer education measures on an ongoing process.

  2. To get desired support for the programme, it is important to identify and involve key stakeholders in decision-making, planning, implementation and evaluation. A working group or committee can be created with various activities like establishing a clear goal for the endpoint, in consultation with key stakeholders, clearly defining roles, responsibilities and accountabilities, communicating in an open, honest, clear and timely manner, allowing for flexibility in approaches to suit different stakeholder needs, supporting training and development to ensure a change in behaviour and culture, learning from previous and ongoing experiences and celebrating achievements.

  3. Banks need to follow a systematic process of development of an awareness programme through the stages of planning and design, execution and management and evaluation and course correction.

  4. Since awareness programmes should be customised for a specific audience, it is important to identify and segment the target users for the programmes like: bank customers, employees, law enforcement personnel, fraud risk professional, media partners, etc.

  5. Building consensus among decision makers and stakeholders for the financial and administrative support is an important step in the programme. In this respect, both fixed and variable costs need to be identified. These will include personnel, operational costs, awareness material, advertisements, and promotion and maintenance of website.

  6. Since the target groups obtain information from a variety of sources, more than one communication channel could be used to engage them successfully.

  7. A research group should be formed to continually update the communications team with the latest trends and evolving modus operandi. The team would maintain a repository of material such as case studies, sample mails, sample of fraudulent documents, international practice/developments, etc.

  8. Evaluation of the effects of various campaigns for specific target groups can be measured through qualitative (e.g. focus groups, interviews) and/or quantitative (e.g. questionnaires, omnibus surveys) research. Evaluation against metrics, performance objectives, etc. should also be conducted to check the campaign’s effectiveness, and to establish lessons learned to improve future initiatives.

  9. Apart from regular education efforts, when new operating features or functions, particularly those relating to security, integrity and authentication, are being introduced, banks should ensure that customers have sufficient instruction and information to be able to properly utilize them.

At the industry level, each bank should have a documented policy, training mechanisms, material and research units. Material can be pooled from these units to be used on a larger platform towards a common goal.


1 http://www.enisa.europa.eu/act/ar/deliverables/2006/ar-guide/en,
http://csrc.nist.gov/publications/nistpubs/800-50/NIST-SP800-50.pdf


2022
2021
2020
2019
2018
2017
2016
2015
2014
2013
Archives
Top