Part 1 In reality, we are always facing potential issues in our small business portfolio, it is just the nature of that particular beast. Real problems occur, though, when we begin to take the attitude that nothing can go wrong, that we have finally found the magic formula that has created the invincible portfolio. We’re in trouble when we actually believe that we have the perfect origination machine to generate a portfolio that has a constant and acceptable delinquency and charge-off performance. So, we all can agree that we need to keep a watchful eye on the small business portfolio. But how do we do this? How do we monitor a portfolio that has a high number of accounts but a relatively low dollar amount in actual outstandings? The traditional commercial portfolio provides sufficient operating income and poses enough individual client credit risk that we can take the same approach on each individual credit and still maintain an acceptable level of profitability. But, the small business portfolio doesn’t generate sufficient profitability nor has individual loan risk to utilize the traditional commercial loan portfolio risk management techniques. Facing these economic constraints, the typical approach is to simply monitor by delinquency and address the problems as they arise. One traditional method that is typically retained is the annual maturity of the lines of credit. Because of loan matures, financial institutions are performing annual renewals and re-underwriting these lines of credit — and complete that process through a full re-documentation of the line. We make nominal improvements in the process by changing the maturity dates of the lines from one year to two or three year maturities or, in the case of real estate secured lines, a five year maturity. While such an approach reduces the number of renewals that must be performed in a particular year, it does not change the basic methodology of portfolio risk management, regularly scheduled reviews of the lines. In addition, such methodology simply puts us back to the use of collections to actually manage the portfolio and only serves to extend the time between reviews. Visit my next post for the additional pitfalls around individual risk rating and ways to better monitor your small business portfolio.
I have heard this question posed and you may be asking yourselves: Why are referral volumes (the potential that the account origination or maintenance process will get bogged down due to a significant number of red flags detected) such a significant operations concern? These concerns are not without merit. Because of the new Red Flag Rules, financial institutions are likely to be more cautious. As a result, many transactions may be subject to greater customer identification scrutiny than is necessary. Organizations may be able to control referral volumes through the use of automated tools that evaluate the level of identity theft risk in a given transaction. For example, customers with a low-risk authentication score can be moved quickly through the account origination process absent any additional red flags detected in the ordinary course of the application or transaction. In fact, using such tools may allow organizations to quicken the origination process for customers. They can then identify and focus resources on transactions that pose the greatest potential for identity theft. A risk-based approach to Red Flags compliance affords an institution the ability to reconcile the majority of detected Red Flag conditions efficiently, consistently and with minimal consumer impact. Detection of Red Flag conditions is only half the battle. Responding to those conditions is a substantial problem to solve for most institutions. A response policy that incorporates scoring, alternate data sources and flexible decisioning can reduce the majority of referrals to real-time approvals without staff intervention or customer hardship.
What is your greatest concern as the May 1, 2009 enforcement date approaches for all guidelines in the Identity Theft Red Flags Rule?