Financial Services
Inactive credit card accounts are defined as credit cards that were approved, opened and never used by account holders. They also include credit card accounts that were approved, opened, utilized by account holders but don’t have a balance for the last six to 12 months. Inactive credit card accounts pose several challenges and opportunities to lenders. A review of inactivity rates of credit card portfolios of credit unions across the United States as of March 2018 shows that inactive accounts comprise approximately 11 percent of total accounts on the books. The average credit line of inactive accounts is $8,700. (Data were extracted from Experian’s File One™ database using a sample of credit card accounts with credit unions across the United States as of March 2018. Sample size is approximately 600,000 credit card accounts.) Why do credit card accounts become inactive? One potential reason for inactivity is the convenience of securing a credit card during demand deposit account (“DDA”) opening processes. Lenders today may prequalify or preselect a customer quickly and efficiently for a credit card while a customer’s request to open a checking account or deposit account is being processed. Lenders benefit from this choreographed process with no to very minimal additional effort and time requested from the customer. The removal or significant decrease in friction costs — such as requiring additional customer information that previously would have deterred a customer from proceeding with the credit card application — gave lenders the advantage of processing more applications. (Schruder, Kyle. Feb. 26, 2018. The Top 5 Behavioural Economics Principles for Designers — Bridgeable blog. https://uxplanet.org/the-top-5-behavioural-economics-principles-for-designers-ea22a16a4020.) Because of this convenience, some customers say yes to obtaining a credit card even though they had no intention of securing one in the first place. In behavioral economics, this may be identified as the “yeah, whatever” heuristic. People take the option with the least effort or the path of least resistance. (Thaler, Richard H. and Cass R. Sunstein. 2009. Nudge Improving Decisions About Health, Wealth, and Happiness. New York: Penguin Books. Pages 35, 85.) With low commitment to the credit card, customers who are approved will receive the new plastic and forget about it. An active credit card user may become inactive because the features, benefits and rewards are no longer relevant for their current financial needs. For example, a merchandise purchase or balance transfer promotion has expired and was paid off. Rewards are less attractive compared to other credit card offers in the marketplace. Lack of lender engagement activities may also lead to inactivity. For example, there are no marketing campaigns with promotions or special rewards offers. Revolving accounts with very low credit lines aren’t given credit line increases even though credit risk is acceptable, and accounts generate good interest income. The challenges to lenders with a large segment of inactive accounts include the direct cost of contingent liability. A percentage of unused credit lines is classified as contingent liability in the balance sheet. If contingent liability is reduced, then funds may be used to invest in more productive activities. In the absence of analytics and deep understanding of various customer behaviors in the portfolio, it can become costly for a lender when inactive accounts are included in all kinds of marketing campaigns. Marketing budgets are limited and ought to be used wisely to target segments with high expected returns and to achieve specific and well-defined objectives. Inactive accounts may also come with credit risk challenges. Some customers designate certain credit cards as emergency credit cards. That is, these cards will be used only in emergency situations where payment is needed immediately, and no other funds can be easily accessed at such time. Some situations are significantly more serious and may be accompanied by deep financial stress. During these times, inactive accounts are utilized and may result in collections or charge-offs. How can lenders handle the challenges of inactive accounts? An inactive account strategy that uses data and analytics is very helpful and prudent. Determine which accounts are never active or were inactive within the last 12 months. Identify which accounts pose elevated credit risk. There are various interventions that can be designed to improve card activation, which may include marketing campaigns and account management strategies including credit line options. If inactive accounts were included in marketing campaigns or account management strategies, then track the performance. These performance reports will provide the rationale and guidelines for further action, which may include account closure. Evaluate the multiple relationships of the customer with the lender and estimated cardmember value. Survey the inactive accounts and obtain feedback regarding the reasons for lack of card usage. Those insights will help identify areas for improvement and drive new initiatives. We have seen that inactive accounts aren’t a trivial component of a credit card portfolio. There are real costs and risks associated with inactive accounts. They also provide opportunities for improving card features and benefits and ways to continue engaging existing cardmembers.
Credit cards are the most widely available credit products offered to millions of consumers today. For many consumers, owning a credit card is a relatively simple step toward establishing credit history and obtaining access to other lending products later in life. For credit unions, offering a credit card to members expands and enriches the credit relationship. In today’s environment, some credit unions don’t view credit cards as an integral part of their member service. I propose that the benefits of credit cards in a credit union portfolio are impactful, meaningful and fully align to member outreach and community service. A high-level review of risk-adjusted yields across three of the most common retail products offered by credit unions show that credit cards can be very profitable. The average APR of credit cards as of Q3 2020 is just slightly below personal loans. While charge-offs as a percentage of balances are more than double of personal loans, the estimated risk-adjusted yield is still elevated and is 1.8 times higher than auto loan and leases. See Table 1. Table 1. Estimated average risk-adjusted yield for auto loan and lease, personal loan, and credit card for credit unions Auto loan and lease Personal loan Credit card Average APR 5.21% 12.05% 11.26% Charge-offs as % of balances (annualized) 0.28% 0.89% 1.98% Risk-adjusted yield 4.93% 11.16% 9.28% Notes: Average APR of auto loans and leases, personal loans, and charge-off information as of Q3 2020 was extracted from Experian-Oliver Wyman IntelliViewSM Market Intelligence Reports. IntelliView Market Intelligence Reports, Dec. 22, 2020, experian.com/decision-analytics/market-intelligence/intelliview. Average APR of credit card as of Q3 2020 was extracted from National Credit Union Administration website. Credit Union and Bank Rates 2020 Q3, Dec. 22, 2020, https://www.ncua.gov/analysis/cuso-economic-data/credit-union-bank-rates/credit-union-and-bank-rates-2020-q3. Estimated risk-adjusted yield is calculated as the difference between average APR and charge-offs. A profitable retail product allows a credit union to share those profits back with members consistent with its mission of promoting and supporting the financial health and well-being of its members. Credit cards provide diversification of income streams. Income diversification provides a level of stability across cyclical economic conditions when some types of credit exposures may perform poorly, while others may be more stable. When combined with sound and effective risk governance, credit diversification allows lenders to mitigate levels of concentration risks in their aggregate portfolio. Offering credit cards to members is one avenue to grow loan volume and achieve scale that’s sufficiently manageable for credit unions. Scale is particularly important today as it’s needed to fund technology investments. The pandemic accelerated the massive movement toward digital engagement, and scale makes technology investments more cost-effective. When lenders become more productive and efficient, they further lower the cost of credit products to members. (Stovall, Nathan. Dec. 14, 2020. Desire to compete with megabanks driving more U.S. regional bank M&A — KBW CE blog. https://platform.mi.spglobal.com/web/client?auth=inherit#news/.) The barriers to offering credit cards have moderately declined. Technology partners, payment processors and specialized industry companies are available in the marketplace. The biggest challenge for credit unions and lenders is credit risk management. To be profitable and to stay relevant, credit cards require a relatively sophisticated risk management framework of underwriting criteria, pricing, credit line management, operations and marketing. Industry and specialized support for launching and managing credit cards is widely available and accessible. Analytics play an essential role in managing credit cards. With an average active life of approximately five years, credit card portfolios need regular and periodic performance reviews to manage inherent risk and to identify opportunities for growth and profitability. Account management for credit cards is equally as important as underwriting. Credit line management, authorization, activation and retention have significant impact to the performance of existing accounts. Continuous engagement with members is critical and has taken on a new meaning lately. Credit cards provide an opportunity to engage members, to grow lending relationships and to support financial well-being. Marketing and meaningful card offers drive card usage and relevance. They’re critical components in customer communication and service. The benefits of credit cards contribute positively to a credit union portfolio. With sound and effective risk management practices, credit cards are profitable, help diversify income streams, grow loan volume and support member credit needs.
Recently, I shared articles about the problems surrounding third-party and first-party fraud. Now I’d like to explore a hybrid type – synthetic identity fraud – and how it can be the hardest type of fraud to detect. What is synthetic identity fraud? Synthetic identity fraud occurs when a criminal creates a new identity by mixing real and fictitious information. This may include blending real names, addresses, and Social Security numbers with fabricated information to create a single identity. Once created, fraudsters will use their synthetic identities to apply for credit. They employ a well-researched process to accumulate access to credit. These criminals often know which lenders have more liberal identity verification policies that will forgive data discrepancies and extend credit to people who appear to be new or emerging consumers. With each account that they add, the synthetic identity builds more credibility. Eventually, the synthetic identity will “bust out,” or max out all available credit before disappearing. Because there is no single person whose identity was stolen or misused there’s no one to track down when this happens, leaving businesses to deal with the fall out. More confounding for the lenders involved is that each of them sees the same scam through a different lens. For some, these were longer-term reliable customers who went bad. For others, the same borrower was brand new and never made a payment. Synthetic identities don\'t appear consistently as a new account problem or a portfolio problem or correlate to thick- or thin-filed identities, further complicating the issue. How does synthetic identity fraud impact me? As mentioned, when synthetic identities bust out, businesses are stuck footing the bill. Annual SIF (synthetic identity fraud) charge-offs in the United States alone could be as high as $11 billion. – Steven D’Alfonso, research director, IDC Financial Insights1 Unlike first- and third-party fraud, which deal with true identities and can be tracked back to a single person (or the criminal impersonating them), synthetic identities aren’t linked to an individual. This means that the tools used to identify those types of fraud won’t work on synthetics because there’s no victim to contact (as with third-party fraud), or real customer to contact in order to collect or pursue other remedies. Solving the synthetic identity fraud problem Preventing and detecting synthetic identities requires a multi-level solution that includes robust checkpoints throughout the customer lifecycle. During the application process, lenders must look beyond the credit report. By looking past the individual identity and analyzing its connections and relationships to other individuals and characteristics, lenders can better detect anomalies to pinpoint false identities. Consistent portfolio review is also necessary. This is best done using a risk management system that continuously monitors for all types of fraudulent activities across multiple use cases and channels. A layered approach can help prevent and detect fraud while still optimizing the customer experience. With the right tools, data, and analytics, fraud prevention can teach you more about your customers, improving your relationships with them and creating opportunities for growth while minimizing fraud losses. To wrap up this series, I’ll explore account takeover fraud and how the correct strategy can help you manage all four types of fraud while still optimizing the customer experience. To learn more about the impact of synthetic identities, download our “Preventing Synthetic Identity Fraud” white paper and call us to learn more about innovative solutions you can use to detect and prevent fraud. Contact us Download whitepaper 1Synthetic Identity Fraud Update: Effects of COVID-19 and a Potential Cure from Experian, IDC Financial Insights, July 2020
Despite the constant narrative around “unprecedented times” and the “new normal,” if the current market volatility tells us anything, it’s to go back to basics. As financial institutions navigate COVID-19’s economic impact, and challenges that are likely to be different or more extreme than in the past, the best credit portfolio management practices are fundamental. The global pandemic impacts today’s data as existing data and analytics may not accurately reflect what is happening now, resulting in inaccurate portfolio assessment. In order to successfully navigate loss forecasting, predicting borrower behavior and controlling loss ratios, lenders must engage new data, analytics and economic scenarios suited for today’s changing times. In Experian’s latest white paper, “Credit Portfolio Management After the COVID-19 Recession,” we’ll explore best practices to combat the following challenges: Forecasting credit losses despite increased economic volatility Businesses have long used a variety of data, analytics and models to anticipate and project the future direction of their organization based on a number of data points; however, with the onset of the global pandemic, long-standing scenarios became suddenly irrelevant. Predicting borrower behavior given increased financial disparities The post-pandemic and pre-pandemic worlds are very different places for some borrowers. Pandemic-related job losses and other economic effects will not be spread evenly and this variability may be reflected in lenders’ portfolios. Controlling loss ratios In the post-COVID world, it will be mission critical for lenders to use high-quality and up-to-date data to balance priorities and identify which areas of their portfolio need attention now. Whether your portfolio is doing better than expected, as expected, or worse than expected, now is the time to refresh portfolio management strategy. Lenders should be watching for early indicators in loan portfolios to better navigate a fluctuating economy and that requires new resources and better tools. Take control of your business’ trajectory. Download now
Previously, we discussed the risks of account takeover and how a Defense in Depth strategy can protect your business. Before implementation it’s important to understand the financial benefits of the strategy. There are a few key steps to assessing and quantifying the value of Defense in Depth. Transaction risk assessment: This requires taking inventory of all possible transactions. Session-level risk analysis: With the transactions categorized by risk level, the next step is to review session history based on the highest risk activity within the session. Quantify the cost of a challenge: There are multiple costs associated with challenging a user using step-up authentication. Consider both direct and indirect costs – failure rate, contact center operational cost, and attrition rate following failed challenges (consider lifetime value of account) Quantify the expected challenge rate: This can be done by comparing the Defense in Depth approach to a traditional approach. Below is a calculator that will help determine the cost of the reduced challenges associated with a Defense in Depth strategy versus a traditional strategy. initIframe(\'5f039d2e4c508b1b0aafa4bd\'); In addition to the quantitative benefits, it is important to consider some of the qualitative benefits of this approach: Challenging at moments that matter: Customers appreciate and expect protection in online banking, especially when moving money externally or updating contact information. This is a great way to achieve both convenience and security. Improved fraud management: By staging the risk decision at the transaction level, the business can balance the type of challenge with the transaction risk. There are incremental cost considerations to include in the business case as well. For instance, there is an increase in transaction calls for a risk assessment at the medium/high risk transactions – about 10% in the example above. Generally, the increased transaction cost is more than offset by the reduction in cost of challenges alone. A Defense in Depth strategy can help businesses manage fraud risk and prevent account takeover in online banking without sacrificing user experience. If you are interested in assistance with building your business case and understanding the strategies to implement a successful Defense in Depth strategy, contact us today. Contact us 1Identity Fraud in the Digital Age, Javelin Strategy & Research, September 2020
Preventing account takeover (ATO) fraud is paramount in today’s increasingly digital world. In this two-part series, we’ll explore the benefits and considerations of a Defense in Depth strategy for stopping ATO. The challenges with preventing account takeover Historically, managing fraud and identity risk in online banking has been a trade-off between customer experience and the effectiveness of fraud controls. The basic control structure relies on a lock on the front door of online banking front door—login—as the primary authentication control to defend against ATO. Within this structure, there are two choices. The first is tightening the lock, which equals a higher rate of step-up authentication challenges and lower fraud losses. The second is loosening the lock, which results in a lower challenge rate and higher fraud loses. Businesses can layer in more controls to reduce the false positives, but that only allows marginal efficiency increases and usually represents a significant expense in both time and budget to add in new controls. Now is the perfect time for businesses reassess their online banking authentication strategy for a multitude of reasons: ATO is on the rise: According to Javelin Strategy & Research, ATO increased 72% in 2019.1 Users’ identities and credentials are at more risk than ever before: Spear phishing and data breaches are now a fact of life leading to reduced effectiveness of traditional authentication controls. Online banking enrollments are on the rise: According to BioCatch, in the months following initial shelter-in-place orders across the country, banks have seen a massive spike in first time online banking access. Users expect security in online banking: Half of consumers continue to cite security as the most important factor in their online experience. Businesses who reassess the control structure for their online banking will increase the effectiveness of their tools and reduce the number of customers challenged at the same time – giving them Defense in Depth. What is Defense in Depth? Defense in Depth refers to a strategy in which a series of defense mechanisms are layered in order to protect data and information. The basic assumptions underlying the value of a Defense in Depth strategy are: Different types of transactions within online banking have different levels of inherent risk (e.g., external money movement is considerably higher risk compared to viewing recent credit card transactions) At login, the overall transaction risk associated with the session risk is unknown The risk associated with online banking is concentrated in relatively small populations – the vast majority of digital transactions are low risk This is the Pareto principle at play – i.e., about 80% of online banking risk is concentrated within about 20% of sessions. Experian research shows that risk is even more concentrated – closer to >90% of the risk is concentrated in <10% of transactions. This is relatively intuitive, as the most common activities within online banking consist of users checking their balance or reviewing recent transactions. It is much less common for customers to engage in higher risk transaction. The challenge is that businesses cannot know the session risk at the time of challenge, thus their efficiency is destined to be sub-optimal. The benefits of Defense in Depth A Defense in Depth strategy can really change the economics of an online banking security program. Adopting a strategy that continuously assesses the overall session risk as a user navigates through their session allows more efficient risk decisions at moments that matter most to the user. With that increased efficiency, businesses are better set up to prevent fraud without frustrating legitimate users. Defense in Depth allows businesses to intelligently layer security protocols to protect against vulnerability – helping to prevent theft and reputational losses and minimize end-user frustration. In addition to these benefits, a continuous risk-based approach can have lower overall operational costs than a traditional security approach. The second part of this series will explore the cost considerations associated with the Defense in Depth strategy explored above. In the meantime, feel free to reach out to discuss options. Contact us 1Identity Fraud in the Digital Age, Javelin Strategy & Research, September 2020
COVID-19 is not only shifting the way we work, live and think, but it is also reframing the conversation behind which metrics successful companies focus on. Having worked in marketing for various lenders, origination and funding milestones were prevalent in their marketing. However, during this unique time in mortgage when most lenders are shattering previous origination records, focus is now drawn to new performance indicators. Providing a seamless digital process A recent McKinsey survey determined that consumer and business digital adoption vaulted five years forward in a matter of eight weeks at the beginning of the pandemic. And while this is generally true for business, many mortgage lenders may not have had the time or resources to update and modernize their processes due to massive origination volumes. When volume is good, companies wait to update their technology – either due to an “if it isn’t breaking why fix it” mentality, or, in the case of unmanageable volume, lenders can’t fathom disrupting their processes. Lenders that proactively streamlined technology and focused on digital adoption before the pandemic are leveraging and benefitting from the current mortgage environment. For lenders that did not digitize in time, the high-volume environment highlights their inefficiencies and unscalable processes. Providing meaningful customer experiences Forward-thinking, resilient mortgage lenders are also tracking how effectively they can provide meaningful customer experiences, for both their borrowers as well as their internal customers – their employees. For borrowers, it could come in the form of enjoying a seamless mortgage experience, being proactively kept abreast of their loan status, and the ability to interact and communicate with the lender in a manner that works best for their style. For employees of the company, this can come from feeling valued and listened to, with relevant and useful communications and resources to rely on during these uncertain times. It also comes in the form of providing the right resources for employees to perform at a high level during these times when it matters the most and working efficiently without sacrificing quality. Investing in technology and your greatest asset, your employees, is the answer to how mortgage lenders can achieve these metrics which will help them stand out among their competition. As the refi heyday starts to show signs of impermanence, these differentiators will become more important than ever – and all lenders should be taking a proactive look now at how they can bridge their digital gaps. Mortgage lenders are coming out of 2020 with strong earnings and should look to allocate a part of these earnings towards ‘future-proofing’ through scalable technology that will ultimately reduce costs and continue to bring in qualified volume. Join Experian Mortgage in accelerating the mortgage evolution and learn how we can help bridge your technology gaps. Learn More
No two customers are the same. That’s why it’s important to go beyond the traditional credit score for a closer look at each consumer’s individual circumstance and create personalized response plans. Learn more about some of the many different customers you’ll encounter and download our guide to get recommendations for every stage of the lifecycle. Get the Guide
It’s clear that the digital transformation we experienced this year is here to stay. While there are many positives associated with this transformation – innovation, new ways to work, and greater online connectedness – it’s important that we review the risks associated with these trends as well. In late 2019 and throughout 2020, Experian surveyed consumers and businesses. We asked about online habits, expectations for information security and plans for future spending. Unsurprisingly, about half of consumers think they’ll continue to spend more online in the coming year. Those same consumers now have a higher expectation for their online experience than before the onset of COVID-19. Hand-in-hand with the online activity trends come increased risks associated with identity theft and fraud as criminals find new chances to steal information. In response to both of these trends, businesses and consumers want a balance between security and convenience. Our latest trends report dives into the new opportunities 2020 has created for fraud, and the opportunities to prevent identity theft or manipulation and the associated losses while building stronger relationships. Download the full North America Trends Report for a look into North American trends over the last year and to learn how fraud prevention and positive customer relationships are actually two sides of the same coin. North America Trends Report
A few weeks ago, I shared the first in a series of articles about understanding the different types of fraud and how to solve for them. In that article, I likened the fraud problem to baking. Continuing that theme, I’m going to explore first-party fraud by comparing it to biting into a cookie you think is chocolate chip, only to find that it’s filled with raisins. The raisins in the cookie were hiding in plain sight, indistinguishable from chocolate chips without a closer look, much like first-party fraudsters. What is first-party fraud? First-party fraud refers to instances when an individual makes a promise of future repayments in exchange for goods or services without the intent to repay. The fraudster might accomplish this by applying for a loan or credit card they won’t pay back, or misrepresenting their financial situation to get a more favorable rate. First-party fraud sometimes presents via “mules” or consumers who are persuaded to use their own information to obtain credit or merchandise on behalf of a larger fraud ring. This type of fraud has become especially prevalent in 2020 due to the increases in online activity for both work and purchasing. Mule activity has increased by 41% in 2020 in comparison to attack rates prior to the pandemic. – Julie Conroy, Research Director, Aite Group First-party fraud is often miscategorized as credit loss and written off as bad debt, which causes problems when businesses later try to determine how much they’ve lost to fraud versus credit risk, and then make future lending decisions. How does first-party fraud impact me? Firstly, there are often substantial losses associated with first-party fraud. According to Payments Journal, 60% of financial institutions report first-party fraud as the prominent source of fraud losses. The ranks of those who commission the attacks, as well as the mules who provide logistical support, will continue to increase at the same pace, if not more quickly, as economic conditions remain suppressed. The result will be an increase in the volume of attacks in general but with a particular emphasis on the kinds of fraud that typically accompany prolonged recessions, most notably first-party fraud.1 – Trace Fooshee, Senior Analyst, Aite Group An imperfect first-party fraud solution can also strain relationships with good customers and hinder growth. When lenders have to interpret actions and behavior to assess customers, there’s a lot of room for error and losses. Those same losses hinder growth when, as mentioned before, businesses anticipate credit losses that aren’t actually credit losses. This type of fraud isn’t a single-time event, and it doesn’t occur at just one point in the customer lifecycle. It occurs when good customers develop fraudulent intent, when new applicants who have positive history with other lenders have recently changed circumstances, or when seemingly good applicants have manipulated their identities to mask previous defaults. Finally, first-party fraud impacts how your organization categorizes and manages risk – and that’s something that touches every department. Solving the first-party fraud problem Preventing first-party fraud requires a change in how we think about the fraud problem. It starts with the ability to separate first- and third-party fraud to treat them differently. Because first-party fraud doesn’t have a victim, you can’t work with the person whose information was stolen to confirm the fraud. Instead, you’ll have to work implement a consistent monitoring system and make a determination internally when fraud is suspected. As we’ve already discussed, the fraud problem is complex. However with a partner like Experian, you have the tools required to perform a closer examination and the ability to differentiate between the types of fraud so you can determine the best course of action moving forward. In the coming weeks, I’ll continue my exploration of this topic with a dive into synthetic identity and account takeover fraud, and how a layered fraud management strategy can help you minimize customer friction to improve and deepen your relationships while preventing fraud. Contact us if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to detect and prevent all types of fraud. Contact us 1Key Trends Driving Fraud Transformation in 2021 and Beyond, December 2020
Financial services companies have long struggled to make inclusive decisions for small businesses and for low- and moderate-income consumers. One key reason: to make accurate predictions of the financial risks associated with those customers’ accounts requires lenders to rely on a wider variety of data than a credit score alone. To accurately assess risk, expanded Fair Credit Reporting Act regulated data is helpful – including rental data, trended data, enhanced public records, alternative financial services data and more. This expanded FCRA data is one key to financial inclusion. Without that data, lenders risk rejecting potentially profitable customers, including so-called credit invisibles and thin file consumers. In fact, The Federal Reserve, along with four important financial services regulators, highlighted the consumer benefits of alternative data in their December 2019 interagency statement. That statement also highlighted the increased importance of managing compliance when firms use alternative data in credit underwriting. With hundreds of data sources available to help with important tasks such as verifying identity, checking credit, and assessing the value of automotive and real-estate collateral, why have some lenders been slow to use the most appropriate data attributes when making credit decisions? One reason is a matter of IT Architecture; another is priorities. Changing a business process to take advantage of new data requirements can be prohibitively lengthy and costly – in terms of both analytical and IT resources. This is especially true for older systems—which were seldom adapted to use Application Programming Interfaces (APIs) supporting modern data structures such as JSON. Furthermore, data access to older systems can require specific types of system connectivity such as VPNs or leased lines. Latency is important in this type of application: some of these tasks have to be done instantly in a digital-first or digital-only lending environment. So is time to market: lenders deploying analytics processes cannot wait for overtaxed IT teams to complete lengthy projects. Lenders’ analytics and IT teams have long known they need to be more agile and efficient, faster to market, and increasingly secure. Their answer, largely, has been a slow but steady migration of their systems to the cloud. A 2019 McKinsey survey revealed that CIOs were modernizing their infrastructures primarily to achieve four goals: agility and time to market, quality and reliability, cost, and security. There are other benefits as well. But if the business case for a cloud strategy was somewhat clear to IT and analytics leaders, it became crystal clear to the rest of the business in 2020. As companies shifted to at-home work using cloud-based collaboration tools, especially videoconferencing services, most companies conquered what was perhaps the final barrier to entry—the fear that the issues of data privacy and security were somehow more insurmountable with virtual machines, containers, and microservices than with on-premise infrastructure. Last quarter, the leading cloud providers Amazon Web Services, Google Cloud Platform, and Microsoft Azure reported incredible annual revenue growth: 29%, 45%, and 48% respectively. COVID-19 has proven to be the catalyst that greatly sped up the transition to cloud technologies. The jump to the cloud means that lenders are suddenly more capable than ever at making analytically sound – and therefore more financially inclusive decisions. The key to analytical decision-making is to use the right data and to make the most appropriate calculations (called attributes) as part of a business strategy or a mathematical model. With Experian programs such as Attribute Toolbox now available in the cloud, calculating those all-important attributes is as simple for the IT department as coding an API call. Lenders will soon be able just as easily to retrieve and process raw data from over 100 data sources, to recognize their native formats and to extract the desired information quickly enough for real-time and batch decisioning. The pandemic has brought economic distress to millions of Americans—it is unlike anything in our lifetimes. The growth of cloud computing promises to enable these consumers to obtain additional products as well as more favorable pricing and terms. It’s ironic that COVID has accelerated the adoption of the very technologies that will expand access to credit for many people who cannot currently access it from mainstream financial firms. To learn more about our Attribute Toolbox, click here. Learn More
The global pandemic has created major shifts in the ways companies operate and innovate. For many organizations, a heavy reliance on cloud applications and cloud services has become the new normal, with cloud applications being praised as “an unsung hero” for accommodating a world in crisis, as stated in an article from the Channel Company. However, cloud computing isn’t just for consumers and employees working from home. In the last few years, cloud computing has changed the way organizations and businesses operate. Cloud-based solutions offer the flexibility, reduced operational costs and fast deployment that can transform the ways traditional companies operate. In fact, migrating services and software to the cloud has become one of the next steps to a successful digital transformation. What is cloud computing? Simply put – it’s the ability to run applications or software from remote servers, hosted by external providers, also known as infrastructure-as-a-service (IaaS). Data collected from cloud computing is stored online and is accessed via the Internet. According to a study by CommVault, more than 93% of business leaders say that they are moving at least some of their processes to the cloud, and a majority are already cloud-only or plan to completely migrate. In a recent Forrester blog titled ‘Troubled Times Test Traditional Tech Titans,’ Glenn O’Donnell, Vice President, Research Director at Forrester highlights that “as we saw in prior economic crises, the developments that carried business through the crisis remained in place. As many companies shift their infrastructure to cloud services through this pandemic, those migrated systems will almost certainly remain in the cloud.” In short, cloud computing is the new wave – now more than ever during a crisis. But what are the benefits of moving to the cloud? Flexibility Cloud computing offers the flexibility that companies need to adjust to fluctuating business environments. During periods of unexpected growth or slow growth, companies can expand to add or remove storage space, applications, or features and scale as needed. Businesses will only have to pay for the resources that they need. In a pandemic, having this flexibility and easy access is the key to adjusting to volatile market conditions. Reduced operational costs Companies (big or small) that want to reduce costs from running a data center will find that moving to the cloud is extremely cost-effective. Cloud computing eliminates the high cost of hardware, IT resources and maintaining internal and on-premise data systems. Cloud-based solutions can also help organizations modernize their IT infrastructures and automate their processes. By migrating to the cloud, companies will be able to save substantial capital costs and see a higher return on investment – while maintaining efficiency. Faster deployment With the cloud, companies get the ability to deploy and launch programs and applications quickly and seamlessly. Programs can be deployed in days as opposed to weeks – so that businesses can operate faster and more efficiently than ever. During a pandemic, faster deployment speeds can help organizations accommodate, make updates to software and pivot quickly to changing market conditions. Flexible, scalable, and cost-effective solutions will be the keys to thriving during and after a pandemic. That’s why we’ve enhanced a variety of our solutions to be cloud-based – to help your organization adapt to today’s changing customer needs. Solutions like our Attribute Toolbox are now officially on the cloud, to help your organizations make better, faster, and more effective decisions. Learn More
Intuitively we all know that people with higher credit risk scores tend to get more favorable loan terms. Since a higher credit risk score corresponds to lower chance of delinquency, a lender can grant: a higher credit line, a more favorable APR or a mix of those and other loan terms. Some people might wonder if there is a way to quantify the relationship between a credit risk score and the loan terms in a more mathematically rigorous way. For example, what is an appropriate credit limit for a given score band? Early in my career I worked a lot with mathematical optimization. This optimization used a software product called Marketswitch (later purchased by Experian). One caveat of optimization is in order to choose an optimal decision you must first simulate all possible decisions. Basically, one decision cannot be deemed better than another if the consequences of those decisions are unknown. So how does this relate to credit risk scores? Credit scores are designed to give lenders an overall view of a borrower’s credit worthiness. For example, a generic risk score might be calibrated to perform across: personal loans, credit cards, auto loans, real estate, etc. Per lending category, the developer of the credit risk score will provide an “odds chart;” that is, how many good outcomes can you expect per bad outcome. Here is an odds chart for VantageScore® 3 (overall - demi-decile). Score Range How Many Goods for 1 Bad 823-850 932.3 815-823 609.0 808-815 487.6 799-808 386.1 789-799 272.5 777-789 228.1 763-777 156.1 750-763 115.6 737-750 85.5 723-737 60.3 709-723 45.1 693-709 33.0 678-693 24.3 662-678 18.3 648-662 14.1 631-648 10.8 608-631 7.9 581-608 5.5 542-581 3.5 300-542 1.5 Per the above chart, there will be 932.3 good accounts for every one “bad” (delinquent) account in the score range of 823-850. Now, it’s a simple calculation to turn that into a bad rate (i.e. what percentage of accounts in this band will go bad). So, if there are 932.3 good accounts for every one bad account, we have (1 expected bad)/(1 expected bad + 932.3 expected good accounts) = 1/(1+932.3) = 0.1071%. So, in the credit risk band of 823-850 an account has a 0.1071% chance of going bad. It’s very simple to apply the same formula to the other risk bands as seen in the table below. Score Range How Many Goods for 1 Bad Bad Rate 823-850 932.3 0.1071% 815-823 609.0 0.1639% 808-815 487.6 0.2047% 799-808 386.1 0.2583% 789-799 272.5 0.3656% 777-789 228.1 0.4365% 763-777 156.1 0.6365% 750-763 115.6 0.8576% 737-750 85.5 1.1561% 723-737 60.3 1.6313% 709-723 45.1 2.1692% 693-709 33.0 2.9412% 678-693 24.3 3.9526% 662-678 18.3 5.1813% 648-662 14.1 6.6225% 631-648 10.8 8.4746% 608-631 7.9 11.2360% 581-608 5.5 15.3846% 542-581 3.5 22.2222% 300-542 1.5 40.0000% Now that we have a bad percentage per risk score band, we can define dollars at risk per risk score band as: bad rate * loan amount = dollars at risk. For example, if the loan amount in the 823-850 band is set as $10,000 you would have 0.1071% * $10,000 = $10.71 at risk from a probability standpoint. So, to have constant dollars at risk, set credit limits per band so that in all cases there is $10.71 at risk per band as indicated below. Score Range How Many Goods for 1 Bad Bad Rate Loan Amount $ at Risk 823-850 932.3 0.1071% $ 10,000.00 $ 10.71 815-823 609.0 0.1639% $ 6,535.95 $ 10.71 808-815 487.6 0.2047% $ 5,235.19 $ 10.71 799-808 386.1 0.2583% $ 4,147.65 $ 10.71 789-799 272.5 0.3656% $ 2,930.46 $ 10.71 777-789 228.1 0.4365% $ 2,454.73 $ 10.71 763-777 156.1 0.6365% $ 1,683.27 $ 10.71 750-763 115.6 0.8576% $ 1,249.33 $ 10.71 737-750 85.5 1.1561% $ 926.82 $ 10.71 723-737 60.3 1.6313% $ 656.81 $ 10.71 709-723 45.1 2.1692% $ 493.95 $ 10.71 693-709 33.0 2.9412% $ 364.30 $ 10.71 678-693 24.3 3.9526% $ 271.08 $ 10.71 662-678 18.3 5.1813% $ 206.79 $ 10.71 648-662 14.1 6.6225% $ 161.79 $ 10.71 631-648 10.8 8.4746% $ 126.43 $ 10.71 608-631 7.9 11.2360% $ 95.36 $ 10.71 581-608 5.5 15.3846% $ 69.65 $ 10.71 542-581 3.5 22.2222% $ 48.22 $ 10.71 300-542 1.5 40.0000% $ 26.79 $ 10.71 In this manner, the output is now set credit limits per band so that we have achieved constant dollars at risk across bands. Now in practice it’s unlikely that a lender will grant $1,683.27 for the 763 to 777 credit score band but this exercise illustrates how the numbers are generated. More likely, a lender will use steps of $100 or something similar to make the credit limits seem more logical to borrowers. What I like about this constant dollars at risk approach is that we aren’t really favoring any particular credit score band. Credit limits are simply set in a manner that sets dollars at risk consistently across bands. One final thought on this: Actual observations of delinquencies (not just predicted by the scores odds table) could be gathered and used to generate a new odds tables per score band. From there, the new delinquency rate could be generated based on actuals. Though, if this is done, the duration of the sample must be long enough and comprehensive enough to include both good and bad observations so that the delinquency calculation is robust as small changes in observations can affect the final results. Since the real world does not always meet our expectations, it might also be necessary to “smooth” the odds-chart so that its looks appropriate.
Fraud – it’s a word that comes up in conversations across every industry. While there’s a general awareness that fraud is on the rise and is constantly evolving, for many the full impact of fraud is misunderstood and underestimated. At the heart of this challenge is the tendency to lump different types of fraud together into one big problem, and then look for a single solution that addresses it. It’s as if we’re trying to figure out how to un-bake a terrible cake instead of thinking about the ingredients and the process needed to put them together in the first place. This is the first of a series of articles in which we’ll look at some of the key ingredients that create different types of fraud, including first party, third party, synthetic identity, and account takeover. We’ll talk about why they’re unique and why we need to approach each one differently. At the end of the series, we’ll get a result that’s easier to digest. I had second thoughts about the cake metaphor, but in truth it really works. Creating a good fraud management process is a lot like baking. We need to know the ingredients and some tried-and-true methods to get the best result. With that foundation in place, we can look for ways to improve the outcome every time. Let’s start with a look at the best known type of fraud, third party. What is third-party fraud? Third-party fraud – generally known as identity theft – occurs when a malicious actor uses another person’s identifying information to open new accounts without the knowledge of the individual whose information is being used. This type of fraud is unique from first party or synthetic identity fraud because it involves an identifiable victim that’s willing to collaborate in the investigation and resolution, for the simple reason that they don’t want to be responsible for the obligation made under their name. Third-party fraud is often the only type of activity that’s classified as fraud by financial institutions. The presence of an identifiable victim creates a high level of certainty that fraud has indeed occurred. That certainty enables financial institutions to properly categorize the losses. Since there is a victim associated with it, third party fraud tends to have a shorter lifespan than other types. When victims become aware of what’s happening, they generally take steps to protect themselves and intervene where they know their identity has been potentially misused. As a result, the timeline for third-party fraud is shorter, with fraudsters acting quickly to maximize the funds they’re able to amass before busting out. How does third-party fraud impact me? As the digital transformation continues, more and more personally identifiable information (PII) is available on the dark web due to data breaches and phishing scams. Given that half of consumers anticipate increasing their online spending in the coming year, we anticipate that the amount of PII readily available to criminals will only continue to grow. All of this will lead to identity theft and increase the risk of third-party fraud. Third-party fraud has been on businesses\' radar throughout 2020, with account takeover and account opening fraud representing high opportunities for risk. While we don’t yet know the full financial impact of COVID-19, it’s clear that it has created both opportunity—increased online presence and interaction—and need—in the form of financial distress for businesses and consumers—when it comes to third-party fraud. Solving the third-party fraud problem We’ve examined one part of the fraud problem, and it is a complex one. With Experian as your partner, solving for it isn’t. Continuing my cake metaphor, by following the right steps and including the right ingredients, businesses can detect and prevent fraud. Preventing third-party fraud involves two distinct steps. Analytics: Driven by extensive data that captures the ways in which people present their identity—plus artificial intelligence and machine learning—good analytics can detect inconsistencies, and patterns of usage that are out of character for the person, or similar to past instances of known fraud. Verification: The advantage of dealing with third-party fraud is the availability of a victim that will confirm when fraud is happening. The verification step refers to the process of making contact with the identity owner to obtain that confirmation. It does require some thought and discipline to make sure that the contact information used leads to the identity owner—and not to the fraudster. Over the coming weeks, I’ll be exploring first-party fraud, synthetic identity fraud, and account takeover fraud and how a layered fraud management strategy can help keep your business and customers safe from all types. Let us know if you’d like to learn more about how Experian is using our identity expertise, data, and analytics to detect and prevent fraud. Contact us
Enterprise Security Magazine recently named Experian a Top 10 Fraud and Breach Protection Solutions Provider for 2020. Accelerating trends in the digital economy--stemming from stay-at-home orders and rapid increases in e-commerce and government funding--have created an attractive environment for fraudsters. At the same time, there’s been an uptick in the amount of personally identifiable information (PII) available on the dark web. This combination makes innovative fraud and breach solutions more crucial than ever. Enterprise Security Magazine met with Kathleen Peters, Experian’s Chief Innovation Officer, and Michael Bruemmer, Vice President of Global Data Breach and Consumer Protection, to discuss COVID-19 digital trends, the need for robust fraud protection, and how Experian’s end-to-end breach protection services help businesses protect consumers from fraud. According to the magazine, “With Experian’s best in class analytics, clients can rapidly respond to ever-changing environments by utilizing offerings such as CrossCore® and Sure ProfileTM to identify and prevent fraud.” In addition to our commitment to develop new products to combat the rising threat of fraud, Experian is focused on helping businesses minimize the consequences of a data breach. The magazine noted that, “To serve as a one-stop-shop for data breach protection, Experian offers a wide range of auxiliary services such as incident management, data breach notification, identity protection, and call center support.” We are continuously working to create and integrate innovative and robust solutions to prevent and manage different types of data breaches and fraud. Read the full article Contact us
Learn More Image
