My last entry covered the benefits of consortium databases and industry collaboration in general as a proven and technologically feasible method for combating fraud across industries.  They help minimize fraud losses.  So – with some notable exceptions – why are so few industries and companies using fraud consortiums and known fraud databases? In my experience, the reasons typically boil down to two things: reluctance to share data and perception of ROI.  I say "perception of ROI" because I firmly believe the ROI is there – in fact it grows with the number of consortium participants. First, reluctance to share data seems to stem from a few areas. One is concern for how that data will be used by other consortium members.  This is usually addressed through compelling reciprocation of data contribution by all members (the give to get model) as well as strict guidelines for acceptable use. In today’s climate of hypersensitivity, another concern – rightly so – is the stewardship of Personally Identifiable Information (PII).  Given the potentially damaging effects of data breaches to consumers and businesses, smart companies are extremely cautious and careful when making decisions about safeguarding consumer information.  So how does a data consortium deal with this?  Firewalls, access control lists, encryption, and other modern security technologies provide the defenses necessary to facilitate protection of information contributed to the consortium. So, let’s assume we’ve overcome the obstacles to sharing one’s data.  The other big hurdle to participation that I come across regularly is the old “what’s in it for me” question.  Contributors want to be sure that they get out of it what they put into it.  Nobody wants to be the only one, or the largest one, contributing records. In fact, this issue extends to intracompany consortiums as well.  No line of business wants to be the sole sponsor just to have other business units come late to the party and reap all the benefits on their dime.  Whether within companies or across an industry, it’s obvious that mutual funding, support, equitable operating rules, and clear communication of benefits – to those contributors both big and small – is necessary for fraud consortiums to succeed. To get there, it’s going to take a lot more interest and participation from industry leaders.  What would this look like? I think we’d see a large shift in companies’ fraud columns: from “Discovered” to “Attempted”.  This shift would save time and money that could be passed back to the legitimate customers.  More participation would also enable consortiums to stay on top of changing technology and evolving consumer communication styles, such as email, text, mobile banking, and voice biometrics to name a few.  

By: Amanda Roth Last week, we discussed how pricing with competition is important to ensure sound decision practices are being implemented in the domains of loan pricing and profitability.  The extreme of pricing too high for the market can obviously be detrimental to your organization.  The other extreme can be just as dangerous. Pricing for your profitability, regardless of what the competition is charging in your area, has a few potential issues associated with it regarding management of risk.  For example, the statistics state you can charge 5 percent in your “A” tier and still be profitable, but the competition is charging 7.5 percent for the same tier.  You may be thinking that by offering 5 percent you will attract the “best of the best” to your organization.  However, what your statistics may not be showing you is the risk outside of your applicant base.  If you significantly change the customers you are bringing in, does your risk increase as well, ultimately increasing the cost associated with each loan?   Increased costs will reduce or even eliminate the profitability you had expected. A second potential issue is setting the expectation within the marketplace.  It is often understood with the consumers that when changes occur to the interest rate at the federal level, there will be changes at their local financial institution.  These changes are often very small.  By undercutting your competition by such an extreme amount, your customers may question any attempts to raise rates more than 50bp, if you do experience increased costs as a result of the earlier situation or any other factors.  A safer strategy would be to charge between 6.5 percent and 7 percent, which allows you to obtain some of the best customers, ensure stability within the market, and take advantage of additional profitability while it is available.  This is definitely a winning strategy for all — and an important consideration as you develop your portfolio risk management objectives.    

There was a recent discussion among members of the Anti Fraud experts group on LinkedIn regarding collaboration among financial institutions to combat fraud.  Most posters agreed on the benefits of such collaboration but were cynical when it came to anything of substance, such as a shared data network, getting off the ground.  I happen to agree with some of the opinions on the primary challenges faced in getting cross industry (or even single industry!) cooperation to prevent both consumer and commercial fraud.  Those being: 1) sharing data and 2) return on investment. Despite the challenges, there are some fraud prevention and “negative” file consortium databases available in the market as fraud prevention tools.  They’re often used in conjunction with authentication products in an overall risk based authentication / fraud deterrence strategy. Some are focused on the Demand Deposit Account (DDA) market, such as Fidelity’s DebitBureau, while others, like Experian’s own National Fraud Database, address a variety of markets.  Early Warning Services has a database of both “account abuse” – aka DDA financial mismanagement – and fraud records.  Still others like Ethoca and the UK’s 192.com seem focused on merchant data and online retailers. Regardless of the consortium, they share some common traits.  Most: – fall under Fair Credit Reporting Act regulation – are used in the acquisition phase as part of the new account decision – require contribution of data to access the shared data network Given the seemingly general reluctance to participate in fraud consortiums, as evidenced by the group described above, how do we assess value in these consortium databases?  Well, for one, most U.S. banks and credit unions participate in and contribute customer behavior data to a consortium.  Safe to say, then, that the banking industry has recognized the value of collaboration and sharing data with each other – if not exclusively to minimize fraud losses but at least to manage potential risk at acquisition.  I’m speaking here of the DDA financial mismanagement data used under the guiding principle of “past performance predicts future results”. Consortium data that includes confirmed fraud records make the value of collaboration even more clear: a match to one of these records compels further investigation and a more cautious review of the transaction or decision.  With this much to gain, why aren’t more companies and industries rushing to join or form a consortium? In my next post, I’ll explore the common objections to joining consortiums and what the future may look like.