St. Mary’s Bank, the nation’s first credit union, is a not-for-profit, member-owned institution headquartered in New Hampshire. With a strong commitment to protecting its members, the fraud team faced a growing challenge: online banking fraud was getting through existing controls.
Even with multiple fraud monitoring systems in place, St. Mary’s Bank continued to see a large influx of fraud cases.
Accounts were being compromised.
Member accounts were being closed and reopened.
Cases were escalating internally.
The team knew fraudsters were getting into online banking, but they didn’t know exactly how.
“Even though we had other fraud controls in place and other systems monitoring activity, we were still seeing a large influx in fraud,” says Lisa Allard, Fraud Manager at St. Mary’s Bank. “We knew they were getting in somehow. We just didn’t know how.”
It became clear that traditional monitoring wasn’t enough. They needed something real-time. And they needed insight into behavior.
What the team needed was visibility at login. They wanted to know:
Is this truly our member accessing their account or someone impersonating them?
“What we knew we needed was something real time and something behavioral,” Lisa explains. “So we could see upfront that it’s not our member that’s actually logging in.”
With BioCatch Account Takeover Protection and BioCatch Link, St. Mary’s Bank gained insight into how users interact with online banking — their behavior during a session — not just the information they entered. That added a powerful new layer of protection.
One of the biggest breakthroughs came with BioCatch Link. When fraud was confirmed and marked in the system, Link automatically surfaced connections across accounts.
“All we needed to do was mark the fraud in BioCatch,” Lisa says. “The next day, we could see that a mobile user ID was linked to two, three, four, five other members.”
Before BioCatch Link, uncovering those relationships required manual investigation and time-consuming analysis. Now, the connections were clear and actionable. That allowed the team to:
Instead of reacting after fraud occurred, they could block it at the front door.
External transfers had historically been a high-risk fraud area. To manage that risk, St. Mary’s Bank used to call every member who set up an external transfer for the first time. Every single one.
With new members joining regularly, fraud analysts spent significant time on outbound verification calls.
“We used to call every member that had an external transfer for the first time,” Lisa says. “That took a lot of time for our fraud analysts.”
After implementing BioCatch Account Takeover Protection and Link, that changed.
Now, behavioral analytics helps assess the risk of those transactions in real time. The team no longer needs to call every member initiating an external transfer.
“We rely heavily on BioCatch to check the behavior for that activity,” Lisa explains. “We’re not having to make that outbound call every time.”
The impact:
Security improved, and so did the member experience.
In early January 2025, the team saw a powerful example of prevention in action. They identified suspicious behavior linked to a large business depositor’s online banking access. Based on behavioral signals and account link analysis, they determined that fraud activity was connected to the account.
They shut down the accounts and opened new ones before fraud occurred. No funds were lost.
“We identified fraud activity linked to the account through online banking,” Lisa shares. “We were able to shut down the accounts and open new ones before the fraud even happened.”
The CEO personally reached out to the member, not to explain a loss, but to explain how the financial institution had prevented one.
That moment reinforced the value of stopping fraud before it impacts members.
Today, one primary fraud analyst manages BioCatch Link. Instead of spending the week chasing alerts, that analyst focuses on:
The data surfaces patterns automatically. The analyst uses that insight to strengthen protections. The team has shifted from reactive case handling to proactive fraud prevention.
By adding BioCatch Link, St. Mary’s Bank has been able to:
For the nation’s first credit union, protecting members is foundational. With behavioral analytics through BioCatch Account Takeover Protection and the addition of BioCatch Link, they are doing exactly that, stopping fraud at the front door.
Interested in learning more? Connect with us.
