Apply DA Tag
Recently, I wrote about how Experian is assisting NASWA (National Association of State Workforce Agencies) with identity verification to help mitigate the spike in fraudulent unemployment insurance claims. Because of this I was not all that surprised when I found a letter in my mailbox from the Texas Workforce Commission with a fraudulent claim using my identity, inspiring me to follow up on this topic with a focus on fraud prevention best practices. Identity theft is on the rise According to Experian data analysis and a recent study on unemployment insurance fraud, at least 25% of new claims are a result of identity theft. This is 50 times higher than what we have traditionally seen in the highest ID theft fraud use case, new credit card applications, which generally amounts to less than 0.5% of new applications. Increasing digitization of the last few years—culminating in the huge leap forward in 2020—has resulted in a massive amount of information available online. Of that information, a reported 1.03 billion records were exposed between 2016 and 2020. There are currently approximately 330 million Americans, so on average more than three records per person have been exposed, creating an environment ripe for identity theft. In fact, a complete identity consisting of name, address, date of birth, and Social Security number (SSN) can be purchased for as little as $8. This stolen data is then often leveraged by both criminal rings who are able to perpetrate fraud on a large scale and smaller scale opportunists – like the ones in Riverside, CA leveraging access to identities of prison inmates. Fraud prevention through layered identity controls In the 20 years that I have been combatting ID theft both in the private and public sectors, I’ve learned that the most effective identity proofing goes beyond traditional identity resolution, validation, and verification. To be successful, you must take advantage of all available data and incorporate it into a layered and risk-based approach that utilizes device details, user behavior, biometrics, and more. Below, I outline three key layers to design an effective process for ID proofing new unemployment insurance claims. Layer 1: Resolve and Validate Identities Traditional identity data consists of the same basic information—name, address, date of birth, telephone number, and SSN—which is now readily available to fraudsters. These have been the foundation for ID proofing in the past and are still critical to resolving the identity in question. The key is to also include additional identity elements like email address and phone number to gain a more holistic view of the applicant. Layer 2: Assess Fraud Risk Determining an identity belongs to a real-life subject is not sufficient to mitigate the risk of ID theft associated with a new unemployment insurance claim. You must go beyond identity validation to assess the risk associated with their claim. Risk assessment risk falls into two categories – identity and digital risk. Identity Risk When assessing a claim, it’s important to check the identity for: Velocity: How often have you (or other states) seen the information being presented with this application? Has the information been associated with multiple identities? Recency of change: How long has the identity been associated with the contact information (phone, email, address, etc.)? Red flags: Has the subject been a recent victim of ID theft, or are they reported as deceased? Synthetic Identity: Are there signs that the identity itself is fictitious or manipulated and does not belong to a real-life person? Digital Risk Similar to the identity risk layer above, the device itself and how the subject interacts with the device are significantly important in identifying the likelihood a new claim is fraudulent. Device risk can be assessed by utilizing geolocation and checking for inconsistent settings or high-risk browsers, while behavioral risk might check for mouse movement, typing speed, or screen pressure. Layer 3: Verify Highest Risk Subjects The final stage in this process is to require additional verification for the highest risk claims, which helps to balance the experience of your valid subjects while minimizing the impact of fraud. Additional steps might include: Document verification: Scanning a government-issued ID (driver’s license, passport, or similar), which includes assessing for document security features and biometric comparison to the applicant. One-time passcode (OTP): It is key to deploy this sparingly only to phone numbers that have been associated with the subject for a significant time frame and incorporate checks to determine if it is at high risk (e.g., recently ported or forwarded). Knowledge-based verification (KBV): Leveraging non-public information from a variety of sources. By adding additional, context-based identity elements, it becomes possible to improve the three main objectives of most agencies’ identity proofing process – get good constituents through the first time, protect the agency and citizens from fraud, and deliver a smooth and secure customer experience in online channels. While there’s no quick fix to prevent unemployment insurance fraud, a layered identity strategy can help prevent it. Finding a partner that has a single, holistic solution empowers agencies to defend against unemployment insurance fraud while minimizing friction for the end-user, and preparing for future fraud schemes. To learn more about how you can protect your constituents and your agency from unemployment insurance fraud request a call today... Contact us
In today’s digital-first environment, fraud threats are growing in sophistication and scope. It’s critical for credit unions to not only understand the specific threats presented by life online, but to also be prepared with a solid fraud detection and prevention plan. Below, we’ve outlined a few fraud trends that credit unions should be aware of and prepared to address. 2021 Trends to Watch: Digitization and the Movement to Life Online Trend #1: Digital Acceleration As we look ahead to the rest of 2021 and beyond, we expect to see adoption of digital strategies nearing the top of credit unions’ list of priorities. Members’ expectations for their digital experience have permanently shifted, and many credit unions now have members using online channels who traditionally wouldn’t have. This has led to a change in the types of fraud we see as online activities increased in volume. Trend #2: First-Party Fraud is On the Rise First party fraud is on the rise – 43% of financial executives say that mule activity is up 10% or more compared to attack rates prior to the pandemic, according to Trace Fooshee, Senior Analyst for Aite Group, and we expect to see this number grow. The ability for credit unions to identify and segregate the “good guys” from “bad guys” is getting more difficult to discern and this detail is more important than ever as credit unions work to create frictionless digital experiences by using digital tools and strategies. Trend #3: Continual Uptick in Synthetic Identity Fraud We expect synthetic identity fraud (SID) to continue to rise in 2021 as cybercriminals become more sophisticated in the digital space and as members continue with their new digital habits. Additionally, fraudsters can use SIDs to bring significant damage and loss to credit unions through fraudulent checks, debit cards, person-to-person and automated clearing house (ACH) transactions. More and more, fraudsters are seen opening accounts and remaining very patient – using an account to build and nurture a trusted relationship with the credit union and then remain dormant for two years before ensuing in any sort of abuse. Once the fraudster feels confident that they can bypass authentication processes or avoid a new product vetting, oftentimes, they will take that opportunity to get easy access to all solutions credit unions have available and will abuse them all at once. There are no signs of fraud slowing, so credit unions will need to stay vigilant in their fraud protection and prevention plans. We’ve outlined a few tips for credit unions to help protect member data while reducing risk. The Fight Against Fraud: Four Key Tips Tip #1: Manage Each Fraud Type Appropriately Preventing and detecting fraud requires a multi-level solution. This can involve new methods for authenticating current and prospective members, as well as incorporating synthetic identity services and identity proofing throughout the member lifecycle. For example, credit unions should consider taking extra verification steps during the account opening process as a preventative measure to minimize SID infiltration and associated fraud losses. As credit unions continue down the path of digitization, it’s also important to add in digital signals and behavior-based verification, such as information about the device a consumer is logging in from to heighten defenses against bad actors. Tip #2: Be Resourceful In the wake of the COVID-19 pandemic, many have asked, “How should credit unions approach fraud prevention tactics when in-person contact is limited or unavailable?” In some cases, you might need to be willing to say no to requests or get creative and find other options. Sometimes, it takes leveraging current resources and using what’s readily available to allow for a binary decision tree. For example, if you’re suspicious of a dormant account that you think could be synthetic, call them, and ask yourself these questions: Did they answer? Was the phone still active? Send the account holder an email – did you get a reply? Is this a new member? Is this a new channel for the member? Could they have logged on to do this instead of calling the call center? Tip #3: Empower Members Through Education Members like to know that their credit unions are taking the necessary steps and applying the right measures to keep their data secure. While members might not want every detail, they do want to know that the security measures are there. Require the use of strong passwords, step-up authentication, and empower members with alerts, notifications, and card controls. Additionally, protect members by providing resources like trainings, webinars, and best practices articles, where they can learn about current cyber trends and how to protect their data. Tip #4: Trust Data Many credit unions rely on an employee’s decision to decide when to take action and what action to take. The challenge with this approach comes when the credit union needs to reduce friction for members or tighten controls to prevent fraud, because it’s extremely hard to know exactly what drove prior actions. A better alternative is to rely on scores and specific data. Tweaks to the scores or data points that drive actions allow credit unions to achieve the desired member experience and risk tolerance – just be sure to leverage internal experts help figure out those policies. By determining what conditions drive actions before the actions are taken (instead of doing it one case at a time) the decisions remain transparent and actionable. Looking for more insights around how to best position your credit union to mitigate and prevent fraud? Watch our webinar featuring experts from around the industry and key credit unions in this Fraud Insight Form hosted by CUES. Watch now Contact us var expChannel = "Blog"; var expBUPartner = "eCom"; var expBUSegment = "Insights-Blog"; var expProductGrp = "";
In today’s digital environment, consumers have higher expectations of their interactions with businesses than ever before – and utility companies are no exception. By obtaining a deeper consumer view, you can improve your contact strategies, allocate resources more effectively, reduce costs and more accurately assess ability to pay. As part of our recently launched Q&A perspective series, Traci Veldboom, Experian Marketing Services Relationship Manager, Jason Weinstein, Experian Account Executive and Kara Marshall, Manager of Energy Efficiency Business Intelligence at Eversource, provided insight on how utility providers can leverage data attributes to enhance targeting efforts and optimize customer assistance and energy efficiency programs. Check out what they had to say: Q: What commercial data insights and services does Experian provide? JW: Experian offers firmographic data attributes to help organizations segment their target market and discover their ideal customers. This data includes contact names, job titles, number of employees, total sales volume, as well as information around the office space itself such as building square footage, office size and multi-tenant codes. Additionally, we have a wealth of business credit data, including legal liability amounts, tax lien indicators and our Commercial Intelliscore. Q: How can data be leveraged to reach customers using different communication channels? Can you gain further insight into cross-sell opportunities for regulated vs. unregulated energy customers? JW: Experian’s ConsumerViewSM database was developed to connect to most DSPs, DMPs, digital publishers, OTVs and more. We offer fully managed digital media buying services and assist with marketing to regulated energy customers by providing a ‘file’ of data and demographic insights on households within a certain service area. This file remains separate from your CRM and can be used for direct marketing purposes. TV: We have several utility clients that service regulated energy customers but also offer unregulated services that they want to promote including home repair services, tree cutting services and smart home devices. As an unregulated business, they are unable to use their regulated customer data files. They license the Experian ConsumerView file as an acquisition tool to reach and expand their customer footprint. KM: At Eversource, we use Experian’s comprehensive consumer marketing data to create targeted audience lists for direct mail and email campaigns. With a better understanding of a consumer’s behavior and ability to pay, we can better promote and optimize our customer assistance and energy efficiency programs. Additionally, we use consumer data for geographic segmentation, so we can reach more relevant audiences and increase the effectiveness of our advertising. Q: How can utility providers identify customers who are likely to sign up for renewable energy services? JW: For clients that have already identified a sample of customers utilizing renewable energy solutions, Experian’s analytics team can create a robust lookalike model to determine similar households that may be likely to sign up for the same services. Alternatively, we can utilize our GreenAwareSM segmentation system to better understand and identify consumers based on their level of green activity – and in turn – convert them into profitable customers. KM: While my primary responsibility is marketing our energy efficiency programs, I have used Experian’s consumer data to help promote our renewable efforts. The natural gas side of Eversource is currently working on a geothermal energy microgrid pilot in Massachusetts. We are leveraging data insights to identify and target a similar audience segment as that of our home weatherization and heating system programs. Additionally, we’ve partnered with our customer service team to promote a ‘Shared Clean Energy Facility’ program designed to bring the benefits of solar panels to lower-income customers. For more insight on how to increase customer acquisitions, identify consumers eligible for financial-aid programs and maximize your marketing spend, watch our Experian Symposium Series event on-demand. Watch now Learn more About Our Experts Traci Veldboom, Relationship Manager, Experian Marketing Services, North America Traci is the Relationship Manager for Experian’s Marketing Services, supporting North America. She supports Experian’s utilities client’s strategic business initiatives and assists with developing multi-channel engagement strategies. Jason Weinstein, Account Executive, Experian Marketing Services, North America Jason is an Account Executive for Experian’s Marketing Services division, supporting North America. He manages relationships with Experian’s utilities clients and helps them to optimize their processes and capabilities with unparalleled data, analytics and technology. Kara Marshall, Manager, Energy Efficiency Business Intelligence, Eversource Kara is Manager of Energy Efficiency Business Intelligence at Eversource, New England’s largest energy provider. She develops customer insights to increase participation in Eversource’s nation-leading energy efficiency programs and improve the overall customer experience.
The surge in digital demand over the past year reinforced the deep connection between recognition, fraud prevention and the online customer experience. As businesses transformed their operations to accommodate the rapidly growing volume of digital transactions, consumer expectations for easy, secure interactions increased at an even faster pace. That meant less tolerance for the interruptions caused by security and risk controls. We surveyed more than 9,000 consumers and 2,700 businesses worldwide about this connection for our 2021 Global Identity and Fraud Report. This year’s report dives into: Business priorities for the year ahead Why the digital customer experience remains siloed Consumer preferences that impact the digital customer journey Pandemic-era digital activities that have changed consumer expectations As we move forward into the rest of 2021 it’s crucial that businesses continue to focus on fraud prevention. In order to implement an effective fraud strategy that also makes it easier for customers to engage, businesses need to move away from a one-size-fits-all approach and focus on applying the right level of protection to each and every transaction. Download the report Review your fraud strategy
At some point a lender may need to issue an RFI or an RFP for a credit decisioning system. In this latest installment of “working with vendors” let’s dive into some best practices for writing RFIs and RFPs that will help you more quickly and efficiently understand the capabilities of a vendor. First, have one person (or at most a very small group) review the document before it goes out to vendors. Too often these kinds of documents seem like they’re just cut and pasted together without any concern if they paint a coherent picture. If it’s worth the time to write an RFI/RFP, then it’s worth the time to get it right so that the vendor responses make sense. If your document paints an inconsistent picture, a vendor may not know what products will best serve your requirements. In turn, precious time will be wasted in discussions around what’s being proposed. Here are some things to make clear in the document: For what part of the credit life cycle does this RFI/RFP apply (prospecting, origination, account management or collections)? If the request covers more than one part of the life cycle, make clear which questions apply to which part of the life cycle. Do you need a system that processes in batch or real-time requests (or both)? For example, a credit card account management solution can process accounts in batch (for proactive line management), in real time (for reactive requests) or possibly even both. Let the vendor know what it is you’re trying to do, as there may be different systems involved in processing these requests. Do you want this system hosted at the vendor, a third party (like AWS, Azure, etc.) or installed on premises? If you have a preference, let the vendor know. If you have no preference, ask the vendor what they can support. In general, consider playing down or skip detailed pricing questions. There’s nothing wrong with asking for a price range. For credit decisioning systems, detailed pricing is difficult for the vendor since there are often high levels of unknown customization to do. A better question might be, “What things will the vendor have to know in order to accurately price the solution? What are the logical next steps to get more accurate pricing? What’s the typical range of pricing in a solution such as this and what drives that range?” Will you be acting as an aggregator? Sometimes systems are created as front ends to several lenders. For example, a client may want to create a website where a borrower can “shop” among several lenders. This is certainly doable but carries with it a whole host of legal, compliance, business and technical questions. In my opinion, I’d skip the RFI/RFP in this situation and have a robust sit down directly with the vendors. This option will likely be far more productive. Ask more open-ended questions. “How does the solution perform task X?” as opposed to, “Do you support Y?” Often, there’s more than one way to accomplish a task. Asking more open-ended questions will yield a more comprehensive answer from the vendor rather than a simple yes or no response. It also gives you the opportunity to learn about the latest decisioning techniques. Be careful that you have not copied old RFP questions that are no longer relevant. I’ve had clients ask if we support Bernoulli Boxes (a mid-80s kind of floppy disk), or whether we support OS/2, etc. I’ve even had questions about supporting a particular printer. These kinds of questions are centered on the support of the operating system and not a particular vendor’s credit decisioning software. Instead of asking yes/no technology questions, ask for a typical sample architecture. Ask what kinds of APIs are supported (REST, SOAP/XML, etc.). Ask about the solution’s capabilities to call third-party systems (both internal and external). Ask fewer, but more in-depth questions. If the solution needs screens, be clear which screens you’re talking about. Do you need screens to make rule adjustments or configuration changes? Do you need screens for manual review or some sort of case management? Do you need consumer-facing screens where borrowers can type in their application data? If you need screens, be clear on the task the screens should perform. If you have particular concerns, ask them in an open-ended way. For example, “The solution will have to exchange file-based data with a mainframe. How can your solution best satisfy this requirement?” In general, state your requirement not the technology to use. A preamble or brief executive summary is useful to get the big picture across before the vendor delves into any questions. A paragraph or two can go a long way to help the vendor better assess your requirements and provide more meaningful answers to you. This works well because it’s easier to give the big picture in a few paragraphs as opposed to sprinkled around in multiple questions. To summarize, be clear on your requirements and provide a more open-ended format for the vendor to respond. This will save both you and the vendor a lot of time. In section three, I’ll cover evaluating vendors.
The sharp uptick in fraud that coincided with the digital evolution made it clear that banks, credit unions, and fintechs need to invest in a strategy that utilizes identity layers to keep their customers and their finances safe. The steady rise in fraud over the last several years spiked—payment fraud rose 70% last year and is expected to increase by 95% in 2021—making it more challenging than ever to address the fraud threat while meeting increasing customer expectations. The rising fraud threat 2020 saw a rapid influx of customers using digital channels and the amount of data flowing into financial systems. There’s been a seismic shift, and we’re not going back. According to a recent study, 80% of consumers now prefer to manage their finances digitally, leaving the door open for fraudsters to take advantage of digital newbies. The increase in online activity corresponded with criminal activity. The rates of synthetic identity, account opening, and account takeover fraud have risen as fraudsters’ tactics have evolved. 80% of fraud losses now come from synthetic identities In 2020 the rate of new account credit card fraud attempts rose 48% Account takeover accounted for 54% of all fraud attacks in 2020 Fraudsters will continue to take advantage of current conditions, moving from stimulus-related fraud back to more traditional forms of financial theft, and financial institutions must adapt in turn with robust identity layers. Resolving the identity threat In our recent white paper, developed in partnership with One World Identity, we explore how businesses can address the fraud threat. It requires a multilayered identity proofing strategy for both onboarding and ongoing authentication. By doing this, financial institutions can gain a holistic view of consumers and their associated risks, decreasing friction while enabling robust fraud protection. To learn more, download our “Improving Fraud by Increasing Identity Layers” white paper. Download white paper
DDigitalization, also known as the process of using digital technology to provide new opportunities for revenue and growth, continues to remain a top priority for many organizations in 2021. In fact, IDC predicts that by 2024, “over 50% of all IT spending will be directly for digital transformation and innovation (up from 31% in 2018).”[1] By combining data and analytics, companies can make better and more instant decisions, meet customer expectations, and automate for greater efficiency. Advances in AI and machine learning are just a few areas where companies are shifting their spend. Download our new white paper to take a deep dive into other ongoing analytics trends that seem likely to gain even greater traction in 2021. These trends will include: Increased digitalization – Data is a company’s most valuable asset. Companies will continue utilizing the information derived from data to make better data-driven decisions. AI for credit decisioning and personalized banking – Artificial intelligence will play a bigger role in the world of lending and financial services. By using AI and custom machine learning models, lending institutions will be able to create new opportunities for a wider range of consumers. Chatbots and virtual assistants – Because customers have come to expect excellent customer services, companies will increase their usage of chatbots and virtual assistants to facilitate conversations. Cloud computing – Flexible, scalable, and cost-effective. Many organizations have already seen the benefits of migrating to the cloud – and will continue their transition in the next few years. Biometrics – Physical and behavioral biometrics have been identified as the next big step for cybersecurity. By investing in these new technologies, companies can create seamless interactions with their consumers. Download Now [1] Gens, F., Whalen, M., Carnelley, P., Carvalho, L., Chen, G., Yesner, R., . . . Wester, J. (2019, October). IDC FutureScape: Worldwide IT Industry 2020 Predictions. Retrieved January 08, 2021,
For the last several months, Experian has participated as the only credit bureau in the pilot of the electronic Consent Based Social Security Number (SSN) Verification (eCBSV) service. As we move forward to general rollout and expanded availability later this year, it’s time to review the benefits of eCBSV and how it helps businesses prevent synthetic identity fraud. Service and program overview The eCBSV service combats synthetic identity fraud by comparing data provided electronically by approved financial institutions against the Social Security Administration’s (SSA) database in real time. This service helps financial institutions verify SSNs more efficiently and enables improved experiences for identifying legitimate or possibly synthetic identities applying for your products. The verification process begins with consent from the SSN holder – and with eCBSV this consent is provided electronically rather than via a wet signature. Then, the SSN is checked against the SSA database to validate the SSN, name, and date of birth combination are or are not a match. The verification will also indicate if the SSN is listed as deceased with the SSA. Together, these factors can help flag whether or not an identity is synthetic. By managing this process electronically, it is faster, more secure, and more efficient than before, offering an improved experience for consumers and the financial institutions that service them. Layering solutions While eCBSV is an excellent step forward in the fight against the rising threat of synthetic identity fraud, a layered fraud mitigation strategy is still necessary. It’s only by layering solutions that financial institutions can accurately identify different types of fraud and provide them with the correct treatment, which is especially important when it comes to rooting out fraud when it’s already embedded in a portfolio. To learn more about how Experian is helping to combat synthetic identity fraud and how eCBSV can benefit your financial institution, request a call. Request a call
Perhaps your loan origination system (LOS) doesn’t have the flexibility that you require. Perhaps the rules editor can’t segment variables in the manner that you need. Perhaps your account management system can’t leverage the right data to make decisions. Or perhaps your existing system is getting sunset. These are just some of the many reasons a company may want to investigate the marketplace for new credit decisioning software. But RFIs and RFPs aren’t the only way to find new decisioning software. After working in credit services decisioning for over 20 years — and seeing hundreds of RFPs and presenting thousands of solutions and proposed architectures — I’ve formed a few opinions about how I would go about things if I were in the customer’s seat and have broken that into a three-part series. Part 1 will cover everything up to issuing an RFI or RFP. Part 2 will discuss writing an RFP or RFI. Part 3 will cover evaluating vendors. Let’s go. If you’re looking to buy new decisioning software, your first inclination might be to issue an RFI or an RFP. However, that may not be the best idea. Here’s an issue that I frequently see. Vendors are constantly evolving their products. How a product did feature X two years ago might be completely different now. The terminology that the industry uses might have changed, and new capabilities (like machine learning) might have come about and changed whole sets of functionalities. The first decision point is to ask yourself a question, “Do I know exactly what I want or am I trying to generally learn what is out there?” An RFI or RFP isn’t always the greatest way to exchange information about a product. From a vendor’s standpoint, a feature-rich, complex system has to be reduced down to a few text answers or (worst yet) a series of yes or no answers. It all boils down to nuance. On many occasions, I’ve faced a dilemma when answering an RFP question, “This question is unclear; if the customer means X, the answer is yes; if they mean Y, the answer is no.” If I were in a room with the customer, I could ask them the question, they could provide clarification and I could then provide the accurate answer. There would be more opportunity to have a back and forth, “Oh when you said X, this is what you meant ….” All of that back and forth is lost with an RFI or RFP, or at least delayed until the (hopefully selected) vendor gets a chance to present in front of a live audience. Also, consider that vendors are eager to educate you about their product. They know exactly how the product works and they’re happy to answer your questions. It’s perfectly reasonable to go to a vendor with prewritten questions and thoughts and to pose those questions during a call or demonstration with the vendor. Nothing would prevent a customer from using the same questions for each vendor and evaluating them based on their answers. All of this can be done without issuing an RFI or RFP. In conclusion, I’d offer the following points to think about before issuing an RFI or RFP: A customer can provide questions that they want answered during a demonstration of a credit decisioning product. These same questions can be used to provide an initial assessment of several vendors. A customer’s understanding of a vendor’s capabilities is likely 10x faster and deeper with an interactive session versus reading the answers in a questionnaire. Nuanced and follow-up questions can be asked to gather a complete understanding. Alternative solutions can be explored. This exercise doesn’t have to replace an RFP but instead can better inform the customer about the questions they need answered in order to issue an RFP. Don’t be afraid to talk to a vendor, even if you’re not sure what you want in a new product. In fact, talk to several vendors. More than likely, you’ll learn a lot more via a discussion than you will via an RFI questionnaire. What’s good about an RFI or RFP is coming in with prepared questions. That way, you can judge each vendor using the same criteria but, if possible, get the answers to those questions via an interactive session with the vendors. Next: How to write an effective RFP or RFI.
Preventing fraud losses requires an understanding of each individual fraud type—including third-party, first-party, synthetic identity, and account takeover fraud—and how they differ from one another. It’s only with a multi-layered fraud strategy that businesses can adequately detect and treat each type of fraud while maintaining the customer experience. When’s the last time you reviewed your existing fraud strategy? Download infographic Review your fraud strategy
Since 2002, lenders have been aware of the importance of Know Your Customer (KYC) and the associated Customer Identification Program (CIP) requirements. As COVID-19 has changed procedures and priorities for businesses and consumers across the board, it’s more important than ever for institutions to ensure their CIP process includes ongoing monitoring of identity risk. What is CIP? Standard KYC programs include a Customer Identification Program to verify and validate identities along with due diligence to assess the risks associated with each identity. CIP defines the process by which a business collects data to establish a reasonable belief that the identity is valid, and that the individual is eligible to participate in our financial system. While this process works in conjunction with other fraud mitigation tactics, they serve different purposes. A good CIP program emphasizes the customer experience, regulatory compliance, cost control, and smart growth. Fraud mitigation focuses on ensuring that an eligible identity is being presented by its true owner, rather than as part of a scheme to acquire goods and services with intent to default on repayment obligations. Businesses who focus on solely on fraud mitigation rather than complying with KYC and CIP regulations run the risk of potential harm to business reputation, and of course, financial penalties. Fenergo found that as of the end of 2019, global penalties for AML and KYC non-compliance totaled $36 billion. CIP vs. Fraud Mitigation Many financial institutions equate a CIP program with efforts to mitigate fraud. It’s understandable, as both processes include emphasis on the accuracy of an identity as it’s presented by a consumer. It is assumed that only the true owner of the identity would possess the detailed information necessary to meet CIP requirements and therefore would not likely be committing fraud. There was a time—prior to large scale thefts of stored information, personal details shared through social media and other behavior changes that made personal information very public—when this would have been true. Unfortunately, those days have passed and even an amateur criminal with limited experience and resources could find current, accurate identity information for sale online, information good enough to pass the CIP test and be considered a legitimate consumer. The real challenge is that when they go through CIP, many real consumers may inadvertently provide true information that doesn’t meet the verification standard. This is a result of consumer lifestyle changes outpacing the sources of data used to verify the information they’ve provided. It makes sense; in most years roughly 13% of American adults change their address. New homes, job changes and changes in marital status impact a large number of people every day. Adding to the confusion—it’s life’s changes that prompt people to borrow and purchase. The result is that many of the people that are more likely to fail CIP verification are the very people trying to legitimately access financial services. The result is that CIP verification often isn’t a challenge for those intending to commit fraud, but it can be for genuine consumers. The challenges of CIP In a recent internal study, Experian reviewed the ability to pass a standard CIP strategy that assessed the accuracy of the name, current address, date of birth and Social Security number provided by a large sample of consumers. We then compared legitimate consumers to those later confirmed to have been identity thieves impersonating a victim. Consistently, the identity thieves were at least as proficient at passing CIP as their true-consumer counterparts. In a second step, we applied a fraud score that looked for identity theft by assessing the past uses of the identities, their consistency, velocity and many other characteristics unrelated to the accuracy of the data. The difference between CIP verification and a fraud risk assessment was striking. Across the entire range of fraud risk, the percentage of records that passed CIP verification remained the same. That said, CIP still plays a very important role in risk mitigation. In fact, CIP and fraud prevention are inextricable in financial services. Just as a CIP verified identity can still be fraud, a record that may appear to be low fraud risk may not pass CIP. Since both processes have existed side by side for nearly two decades, each presumes that the other is in place and both are necessary to detect and prevent fraud. Striking a balance CIP verification and fraud mitigation strategies are both necessary and important to protecting assets and the broader financial system from fraud. It’s important to leverage a layered approach where both eligibility and risk are assessed, and next steps for verification include resolution of identity discrepancies alongside verification that ensures an identity is not being misused for fraud. Experian can help you confidently verify customer identities, understand and anticipate customer activities, and implement ongoing monitoring. If you’d like to set up a review of your current strategy or learn more about how we can help you with CIP and fraud mitigation to strengthen your ability to know your customer compliantly, let us know. Contact us [expCTA url="http://www.google.com" label="Button Test Short code" target="" style="primary"]
According to Experian’s latest Global Insights Report, 38% of consumers expect to increase their online activity in the next 12 months. The report also found that consumers continue to have high expectations for their online experience, and businesses are re-imagining the customer journey to reflect that need. This January, Experian surveyed 3,000 consumers and 900 businesses to explore the changes in consumer behavior and business strategy pre- and post-COVID-19. As consumers have embraced life online, they’ve continued to emphasize their feelings regarding the importance of protecting their information. More than half of consumers still consider security to be the most important factor in their digital experience – the same experience they have such high expectations of. Business are acting in turn, with more than half investing in fraud detection methods or software to reduce friction in the customer experience. Digital transformation is also highlighting the need to: Manage regulatory compliance Integrate security measures Ensure access to AI models Attract and manage customers Integrate automation solutions Download the report to get all the latest insights into consumer desires and business behaviors, and keep visiting the Insights blog for a deeper dive into US-specific findings. Download report
Dealing with challenges is part of the collections process. But in today’s economic environment, there are even more barriers to overcome. Since it is unclear how long the COVID-19 pandemic and associated financial stress will last, debt collection agencies and departments must evolve and refine their collections and recovery capabilities. As you step into the new collections environment, it will be imperative to keep pace with shifting consumer behaviors and trends and properly react, adapt and engage. Recent data findings show that many consumers are still worried about their finances and ability to pay down existing debt: Revolving Card Credit Line Increases (CLI) are up 78.4% overall1 Almost 3% of auto loans are 30+ Days Past Due (DPD) 2% of unsecured personal loans are 30+ Days Past Due (DPD) New account originations are up 0.8% overall Download our latest white paper to discover more industry trends, outlooks for 2021, and the benefits of leveraging data and advanced analytics to develop better strategies, make more profitable decisions and better serve consumers in times of continued economic uncertainty. Access white paper Learn more 1Findings from Experian's Ascend Market Insights Dashboard, data based on number of accounts. Data refreshed: January 24, 2021.
When I worked as a junior analyst for one of the largest credit card issuers in the United States, the chief credit risk officer required the development of a “light switch report” and strongly encouraged everyone in her organization to read the report every day. She called it the light switch report because every morning when she walks into her office and the lights switch on, she would read the report and understand what’s going on with the business. I took her advice and developed the habit of reading the light switch report every morning — for more than a decade while I was with the organization. I knew the volume of applications, the approval rate and the average line of credit of approvals. I developed an informed idea of how delinquency rates would look six months into the future based on the average credit score of approvals today. Her advice was valuable, and the discipline she shared helped me develop my skill sets as a junior analyst, a people manager and head of a retail business line. Performance reports are foundational and are one of the key elements of a sound and prudent risk management framework. Regulators require effective monitoring reports and provide guidance on report generation as part of its examination process. (Office of the Comptroller of the Currency. Comptroller’s Handbook, Retail Lending Safety and Soundness. April 2017. Page 15.) While supporting lender clients on strategy designs and development, I have an opportunity to review various performance reports. I’d like to take this time to reiterate some of the basic components of a good performance report. Knowledge of audience is primary. Good performance reports are tailored for specific audiences who can make decisions that will affect specific outcomes. Performance reports for day-to-day monitoring would be different from reports designed for executive leadership. Transparency and accuracy are required and when reports are designed in support of areas of responsibility, those reports become meaningful and transformative. Relevant metrics matter. Once you identify the report’s audience, the metrics you choose to appear in the report become the next important exercise. Metrics should be relevant and consistent with the audience who’s expected, upon reviewing the report, to make statements such as the business is doing well and stable, or corrective action is needed. For example, a report on the predictive power of credit risk scores intended for model developers will likely contain metrics such Kolmogorov-Smirnov (KS), Gini index or worst scoring capture rate. Such reports won’t include the average handling time of an application, which will be more appropriate for an operations team. Metrics become even more powerful for decision-makers when calculated at a segment level. I’m a big fan of vintage reports. They tell the story of current lending practices (e.g., approval rates, average loan amount, average booked credit risk score), and more significantly they often foretell future performance (e.g., delinquency rates, charge-off rates). These foresights allow analysts and managers to plan and develop strategies today to manage the future state. If approve or decline decisions use a dual score matrix, generate a report showing the volume of applications on the dual score matrix. It’s quicker to spot unusual distributions compared to expectations when data is presented at this sublevel. The benefit is swifter modification or new actions when needed. If statistical designs are utilized, such as test or control segments and champion or challenger segments, metrics calculated at these levels become insightful. They allow validation of a randomized process and support statistical analysis and statements. Timeliness of reports is critical. Some reports for operational or technology purposes require constant and continuous reporting. Daily reports are important especially when new strategies are implemented. Sometimes daily reports are far more relevant within the first two or three weeks of a new strategy implementation. When daily reports show stabilization and alignment to expectations, switching to weekly or monthly reports is acceptable. Most retail products are designed for review on a cycle or monthly basis. Monthly and quarterly reports are milestones and provide good health checks of the business. Don’t forget formats. If a picture is worth a thousand words, then use charts and graphs to display data and capture audience attention. We’re all used to seeing data presented in tables, but there are far more applications today that allow us to read reports with compelling graphics, trendlines and patterns that grab our curiosity and draw us into the story. I like narratives even if they appear as headlines on a report. Succinct comments show discipline and convey understanding of a report’s contents. Effective performance reports evolve as the business changes. Audience, metrics and segments will change, but the basic components provide general guidelines on developing consistent and relevant reports.
Learn More Image
