About Verafin

Verafin offers a variety of fraud management solutions, providing your institution with a centralized platform that combines adaptive fraud alerts, robust case management, management dashboards, and user-friendly reporting functionality. Verafin helps your institution proactively prevent fraud loss and creates a valuable connection between your institution’s fraud management and BSA/AML compliance efforts.

If your institution is currently partnered with Verafin or wishes to integrate Verafin’s services with Narmi, there are two options available:

1. Real-time Fraud Monitoring Integration with Ensenta

2. Generate and send audit reports to Verafin for regular processing and fraud monitoring

Real-time Fraud Monitoring Integration with Ensenta

Within Ensenta’s SmartAlert products, they offer Remote Deposit Capture (RDC) real-time fraud monitoring using Verafin.

Financial institutions must sign an agreement directly with Verafin to use this add-on service. This can be included in the RDC flow upon completion of the user’s check deposit process. It is supported for the following products:

• Consumer RDC - Mobile

• Consumer RDC - Desktop

• Business RDC - Desktop

• ATM Risk Management & Check Image Processing

Implementation Considerations

The Smart Alerts for Real-time Fraud Monitoring with Verafin projects cannot be started until your institution is live on the Ensenta platform.

Typically, Ensenta can kick off the Smart Alerts/Verafin project shortly after your institution has a significant number of client transactions coming in. Ensenta’s experience is that the Verafin configuration takes 60-90 days from that point, depending on Verafin’s experience with the Core that your institution is using.

Most of what is done by Ensenta for this product add-on can be done very quickly (within a few days), but there are configuration/integration steps between the financial institution and Verafin that take up to ~90 days to complete.

Workflow

1. After the end-user deposit experience has ended, JHA Ensenta sends an alert (with images) to Verafin.

2. Verafin runs its deposit fraud analytics. If the deposit is potentially fraudulent, Verafin will email an alert to the financial institution.

3. The financial institution investigates Verafin’s platform and tools. The FI should follow their SOPs to determine if and how to place an extended hold on the deposit.

4. The EZAdminSM Check21 Express deposit status changes trigger an additional alert to Verafin with the updated status of Approved, Adjusted, or Rejected.

   • If the check deposit is approved within the EZAdmin platform, an updated alert is sent to Verafin with the final status.

   • If an adjustment is made within the EZAdmin platform, an updated alert is sent to Verafin and the deposit fraud analysis is rerun.

   • If the check is deemed fraudulent, the FI can reject the check within the EZAdmin platform. An updated alert is sent to Verafin with the final status.

Refer to About Ensenta for additional information about Ensenta’s products and integrations.

Verafin Audit Reports

Separate from the Ensenta integration with Varafin, Narmi can deliver digital banking audit reports to your institution that can then be securely sent to Verafin. These audit reports, also called “activity logs,” contain a list of events that detail customer activities, such as logging into the system, selecting services, entering one-time passcodes, and other critical information.

How and When are Audit Reports Sent?

Audit reports are sent from Narmi to your institution every four hours via SFTP. Your institution decides whether to receive files only during business hours or 24/7. File deliveries outside of business hours will be queued for morning processing.

Narmi can use an existing SFTP path, create a new path, or create a new folder within an existing path. Upon receiving the audit reports from Narmi, your institution sends them to Verafin via SFTP to be processed.

Applicable Institution Settings

The following institution settings in the Admin Platform must be configured to facilitate Verafin audit report deliveries:

• Audit Delivery Only During Business Hours – Determines if audits are deliverable only during business hours. If false, deliveries outside of business hours will be queued for morning processing.

• Audit Delivery Format* – The only supported options are the default and Verafin.

• Audit Delivery Private Key* – A private key file used to connect to the destination SFTP server. Note: This expects an OpenSSH formatted key.

• Audit Delivery URL* – The URL of the SFTP server that automatically delivers the audit files. The URL must start with sftp://username:password@ where the username and password are substituted with the actual SFTP values. The full value might look like sftp://username:password@hostname:22/directory/%Y%m%d%H%M%Spath.txt. This setting is not visible since it contains a secret. The whole URL must be URI encoded.

*Setting must be configured by the Narmi team and will not be visible to your institution in the Admin Platform

Please reach out to your Narmi Relationship Manager with any questions about setting up Verafin audit reports.

Audit Report File Format

During setup, the Narmi team will configure the institution settings in the Admin Platform to ensure the file generates properly and follows Verafin’s required specs.

The document below outlines Verafin’s file requirements, which Narmi follows to enable the Verafin application to access detailed customer activity for fraud investigations.

FAQs

Will the file include any duplicate data?

• No, the file only includes applications that came in after the previous file was sent.

What is the naming convention of the report?

• NARMI_VERAFIN_YYYYMMDDhhmmss