Financial Services
By: Kari Michel The way medical debts are treated in scores may change with the introduction of June 2011, Medical Debt Responsibility Act. The Medical Debt Responsibility Act would require the three national credit bureaus to expunge medical collection records of $2,500 or less from files within 45 days of their being paid or settled. The bill is co-sponsored by Representative Heath Shuler (D-N.C.), Don Manzullo (R-Ill.) and Ralph M. Hall (R-Texas). As a general rule, expunging predictive information is not in the best interest of consumers or credit granters -- both of which benefit when credit reports and scores are as accurate and predictive as possible. If any type of debt information proven to be predictive is expunged, consumers risk exposure to improper credit products as they may appear to be more financially equipped to handle new debt than they truly are. Medical debts are never taken into consideration by VantageScore if the debt reporting is known to be from a medical facility. When a medical debt is outsourced to a third-party collection agency, it is treated the same as other debts that are in collection. Collection accounts of lower than $250, or ones that have been settled, have less impact on a consumer’s VantageScore. With or without the medical debt in collection information, the VantageScore model remains highly predictive.
As I’m sure you are aware, the Federal Financial Institutions Examination Council (FFIEC) recently released its, \"Supplement to Authentication in an Internet Banking Environment\" guiding financial institutions to mitigate risk using a variety of processes and technologies as part of a multi-layered approach. In light of this updated mandate, businesses need to move beyond simple challenge and response questions to more complex out-of-wallet authentication. Additionally, those incorporating device identification should look to more sophisticated technologies well beyond traditional IP address verification alone. Recently, I contribute to an article on how these new guidelines might affect your institution. Check it out here, in full: http://ffiec.bankinfosecurity.com/articles.php?art_id=3932 For more on what the FFIEC guidelines mean to you, check out these resources - which also gives you access to a recent Webinar.
The following article was originally posted on August 15, 2011 by Mike Myers on the Experian Business Credit Blog. Last time we talked about how credit policies are like a plant grown from a seed. They need regular review and attention just like the plants in your garden to really bloom. A credit policy is simply a consistent guideline to follow when decisioning accounts, reviewing accounts, collecting and setting terms. Opening accounts is just the first step. Here are a couple of key items to consider in reviewing accounts: How many of your approved accounts are paying you late? What is their average days beyond terms? How much credit have they been extended? What attributes of these late paying accounts can predict future payment behavior? I recently worked with a client to create an automated credit policy that consistently reviews accounts based on predictive credit attributes, public records and exception rules using the batch account review decisioning tools within BusinessIQ. The credit team now feels like they are proactively managing their accounts instead of just reacting to them. A solid credit policy not only focuses on opening accounts, but also on regular account review which can help you reduce your overall risk.
By: Staci Baker In my last post about the Dodd-Frank Act, I described the new regulatory bodies created by the Act. In this post, I will concentrate on how the Act will affect community banks. The Dodd-Frank Act is over 3,000 pages of proposed and final rules and regulations set forth by the Consumer Financial Protection Bureau (CFPB). For any bank, managing such a massive amount of regulations is a challenge, but for a median-size bank with fewer employees, it can be overwhelming. The Act has far reaching unintended consequences for community banks. According to the American Bankers Association, there are five provisions that are particularly troubling for community banks: 1. Risk retention 2. Higher Capital Requirements and Narrower Qualifications for Capital 3. SEC’s Municipal Advisors Rule 4. Derivatives Rules 5. Doubling Size of the Deposit Insurance Fund (DIF) In order meet new regulatory requirements, community banks will need to hire additional compliance staff to review the new rules and regulations, as well as to ensure they are implemented on schedule. This means the additional cost of outside lawyers, which will affect resources available to the bank for staff, and for its customers and the community. Community banks will also feel the burden of loosing interchange fee income. Small banks are exempt from the new rules; however, the market will follow the lowest priced product. Which will mean another loss of revenue for the banks. As you can see, community banks will greatly be affected by the Dodd-Frank Act. The increased regulations will mean a loss of revenues, increased oversight, additional out-side staffing (less resources) and reporting requirements. If you are a community bank, how do you plan on overcoming some of these obstacles?
By: John Straka Unsurprisingly, Washington deficit hawks have been eyeing the “sacred cows” of tax preferences for homeownership for some time now. Policymakers might even unwind or eliminate the mortgage interest deductions and capital-gains exemptions on home appreciation that have been in place in the U.S for many decades. There is an economic case to be made for doing this—more efficient resource allocation of capital, other countries have high ownership rates without such tax preferences, etc. But if you call or email or tweet Congress, and you choose this subject, my advice is to tell them that they should wait unti it’s 2005. In other words, now—or even the next few years most likely—is definitely not a good time at all to eliminate these housing tax preferences. We need to wait until it’s something like “2005”—when housing markets are much stronger again (hopefully) and state and local government finances are far from their relatively dire straits at present. If we don’t do this right, and insist on making big changes here now, then housing will take an immediate hit, and so will employment from both the housing sector and state and local governments (with further state and local service cutbacks also, due to budget shortfalls). The reason for this, of course, is that most homeowners today have not really benefited much, and won’t, from those well-established tax preferences. Why not? Because these preferences have been in place for so long now that the economic value (expected present discounted value) of these tax savings was long ago baked into the level of home prices that most homeowners paid when they bought their homes. Take the preferences away now, and the value of homes will immediately drop, and therefore so will property tax revenues collected by local governments across the U.S. This strategy will thus further bash the state- and-local sector in order to plump up some (we hope) our federal tax revenues by the value of the tax preferences. Housing will become a further drag on economic growth, and so will the resulting employment losses from both construction and local government services. As a result, it’s possible that on net the federal government may actually lose revenue from making this kind of change at precisely the wrong time. It may very well never be quite like “2005” again. But waiting for greater housing and local government strength to change long-standing housing tax preferences should make the macroeconomic impact smaller, less visible, and more easily absorbed.
A surprising occurrence is happening in the consumer credit markets. Bank card issuers are back in acquisition mode, enticing consumers with cash back, airline points and other incentives to get a share of their wallet. And while new account originations are nowhere near the levels seen in 2007, recent growth in new bank card accounts has been significant; 17.6% in Q1 2011 when compared to Q1 2010. So what is accounting for this resurgence in the credit card space while the economy is still trying to find its footing and credit is supposedly still difficult to come by for the average consumer? Whether good or bad, the economic crisis over the past few years appears to have improved consumers debt management behavior and card issuers have taken notice. Delinquency rates on bank cards are lower than at any time over the past five years and when compared to the start of 2009 when bank card delinquency was peaking; current performance has improved by over 40%. These figures have given bank card issuers the confidence to ease their underwriting standards and re-establish their acquisition strategies. What’s interesting however is the consumer segments that are driving this new growth. When analyzed by VantageScore, new credit card accounts are growing the fastest in the VantageScore D and F tiers with 46% and 53% increases year over year respectively. For comparison, VantageScore A and B tiers saw 5% and 1% increases during the same time period respectively. And although VantageScore D and F represent less than 10% of new bank card origination volume ($ limits), it is still surprising to see such a disparity in growth rates between the risk categories. While this is a clear indication that card issuers are making credit more readily available for all consumer segments, it will be interesting to see if the debt management lessons learned over the past few years will stick and delinquency rates will continue to remain low. If these growth rates are any indication, the card issuers are counting on it.
By: Staci Baker The Durbin Amendment, according to Wikipedia, gave the Federal Reserve the power to regulate debit card interchange fees. The amendment, which will have a profound impact on banks, merchants and anyone who holds a debit card will take effect on October 1, 2011 rather than the originally announced July 21, 2011, which will allow banks additional time to implement the new regulations. The Durbin Amendment states that card networks, such as Visa and Mastercard, will include an interchange fee of 21 cents per transaction, and must allow debit cards to be processed on at least two independent networks. This will cost banks roughly $9.4 billion annually according to CardHub.com. As stipulated in the Amendment, institutions with less than $10 billion in assets are exempt from the cap. In preparation for the Durbin Amendment, several banks have begun to impose new fees on checking accounts, end reward programs, raise minimum balance requirements and have threatened to cap transaction amounts for debit card transactions at $50 to $100 in order to recoup some of the earnings they are expected to lose. These new regulations will be a blow to already hurting consumers as their out of wallet expenses keep increasing. As you can see, The Durbin Amendment, which is meant to help consumers, will instead have the cost from the loss of interchange fees passed along in other forms. And, the loss of revenue will greatly impact the bottom line of banking institutions. Who will be the bigger winner with this new amendment - the consumer, merchants or the banks? Will banks be able to lower the cost of credit to an amount that will entice consumers away from their debit cards and to use their credit cards again? I think it is still far too soon to tell. But, I think over the next few months, we will see consumers use payment methods in a new way as both consumers and banks come to a middle ground that will minimize risk levels for all parties. Consumers will still need to shop and bankers will still need their tools utilized. What are you doing to prepare for The Durbin Amendment?
Lately there has been a lot of press about breaches and hacking of user credentials. I thought it might be a good time to pause and distinguish between authentication credentials and identity elements. Identity elements are generally those bits of meta data related to an individual. Things like: name, address, date of birth, Social Security Number, height, eye color, etc. Identity elements are typically used as one part of the authentication process to verify an individual’s identity. Credentials are typically the keys to a system that are granted after someone’s identity elements have been authenticated. Credentials then stand in place of the identity elements and are used to access systems. When credentials are compromised, there is risk of account takeover by fraudsters with mal intent. That’s why it’s a good idea to layer-in risk based authentication techniques along with credential access for all businesses. But for financial institutions, the case is clear: a multi-layered approach is a necessity. You only need to review the FFIEC Guidance of Authentication in an Internet Banking Environment to confirm this fact. Boiled down to its essence, the latest guidance issued by the FFIEC is rather simple. Essentially it’s asking U.S. financial institutions to mitigate risk using a variety of processes and technologies, employed in a layered approach. More specifically, it asks those businesses to move beyond simple device identification — such as IP address checks, static cookies and challenge questions derived from customer enrollment information — to more complex device intelligence and more complex out-of-wallet identity verification procedures. In the world of online security, experience is critical. Layered together, Experian’s authentication capabilities (including device intelligence from 41st Parameter, out-of-wallet questions and analytics) offers a more comprehensive approach to meeting and exceeding the FFIEC’s most recent guidance. More importantly, they offer the most effective and efficient means to mitigating risk in online environments, ensuring a positive customer experience and have been market-tested in the most challenging financial services applications.
By: Kennis Wong On the surface, it’s not difficult to define existing account fraud. Obviously, it is fraud perpetrated against an existing account. But the way I see it, existing account fraud can be broken down into four types. The first type is account takeover fraud, which is what most organizations think as the de facto existing account fraud. This is when a real consumer using his or her own identity to open a legitimate account, but the account later on get taken over by an identity fraudster. The idea is that when the account was first established, it was created by the rightful person. But somewhere along the way, the account and identity information were compromised. The fraudster uses the compromised information to engineer their way into the account. The second type is impersonation. Impersonation is somewhat similar to account takeover in the sense that it is also misusing the victim’s account. But the difference is that impersonation is more of a one or few times misuses of the account. Examples are a fraudulent use of a credit card or wire transfer. These are the obvious categories. But I think we should also think about these other categories. My definition of existing account fraud also includes this third type – identity fraud that was undetected during application. In other words, an account is established based on stolen identity. Many organizations call this “new account fraud”, which I don’t have a problem with. But I think it’s really also existing account fraud, because – is this existing account? The answer is yes. Is this fraud? Absolutely. It’s not that difficult, is it? Similarly, I am including first-party fraud in existing account fraud as well. A consumer can use his or her own identity to open an account, with an intention to default after the account is established. Example is bust out fraud. You see that this is an expanded definition of existing account fraud, because my focus is on detection. No matter at what point and how identity fraud comes in, it becomes an account in your organization, and that is where we need to discover the fraud. But at the end of the day, it’s not too important how to categorize or name the fraud - whether it\'s application fraud, existing account fraud, first party fraud or third party fraud, as long as organizations understand them enough and have a good way to detect them. Read more blog posts on existing account fraud.
By: Kari Michel The topic of strategic default has been a hot topic for the media as far back as 2009 and continues as this problem won’t really go away until home prices climb and stay there. Terry Stockman (not his real name) earns a handsome income, maintains a high credit score and owns several residential properties. They include the Southern California home where he has lived since 2007. Terry is now angling to buy the foreclosed home across the street. What’s so unusual about this? Terry hasn’t made a mortgage payment on his own home for more than six months. With prices now at 2003 levels, his house is worth only about one-half of what he paid for it. Although he isn’t paying his mortgage loan, Terry is current with his other debt payments. Terry is a strategic defaulter — and he isn’t alone. By the end of 2008, a record 1 in 5 mortgages at least 60 days past due was a strategic default. Since 2008, strategic defaults have fallen below that percentage in every quarter through the second quarter of 2010, the most recent quarter for which figures are available. However, the percentages are still high: 16% in the last quarter of 2009 and 17% in the second quarter of last year. Get more details off of our 2011 Strategic Default Report What does this mean for lenders? Mortgage lenders need to be able to identify strategic defaulters in order to best employ their resources and set different strategies for consumers who have defaulted on their loans. Specifically designed indicators help lenders identify suspected strategic default behavior as early as possible and can be used to prioritize account management or collections workflow queues for better treatment strategies. They also can be used in prospecting and account acquisition strategies to better understand payment behavior prior to extending an offer. Here is a white paper I thought you might find helpful.
The Communications Fraud Control Association’s annual meeting and educational event was held last week (June 14 – 16) at the Allerton hotel in Chicago, IL. The Communications Fraud Control Association is made up of communications and security professionals, fraud investigators, analysts, and managers, law enforcement, those in risk management, and many others. As an organization, they started out as a small group of communications professionals from the major long distance carriers who were looking for a better and more collaborative way to address communications fraud. Now, almost 30 years later, they’ve got over 60 members – a great representation of the industry yet still a nimble size. From what I hear, this makes for a specialized but quite effective “working” conference. Unfortunately I was not able to attend the conference but my colleague, Kennis Wong, attended and presented on the topic of Account Takeover and existing account fraud. It’s an area of fraud and compliance that Experian has spent some R&D on recently, with some interesting findings. In the past, we’ve been more focused on helping clients prevent new account and application fraud. It might seem like an interesting time to expand into this area, with some studies citing large drops in existing account fraud (2011 Identity Fraud Survey Report by Javelin). BUT...consumer costs in this area are way UP, not to mention the headline-grabbing news stories about small business account takeover. Which means it’s still a large pain point for financial institutions. Experian’s research and development in existing account fraud, combined with our expertise in fraud scores and identity theft detection, has resulted in a new product which is launching at the end of this month: Precise ID for Customer Management. Stay tuned for more exciting details.
Whether you call it small business, commercial, or corporate account takeover, this form of existing account fraud has been in the headlines lately and seems to be on the rise. While account takeover happens to individual consumers quite frequently, it’s the sensational loss amounts and the legal battles between companies and their banks that are causing this form of commercial fraud to make the news. A recent BankInfoSecurity.com article, Fraud Verdict: Opinions Vary, is about a court opinion on a high profile ACH fraud case - Experi-Metal Inc. vs. Comerica Bank – that cites a number of examples of corporate account takeover cases with substantial losses: · Village View Escrow of Redondo Beach, Calif.: lost $465,000 to an online hack · Hillary Machinery: settled with its bank for undisclosed terms in 2010. · The Catholic Diocese of Des Moines, Iowa: lost $600,000 in fraudulent ACH transactions. I was curious what information was out there and publicly available to help businesses protect themselves and minimize fraud losses / risk. NACHA, the electronics payment association, had some of the best resources on their website. Labeled the “Corporate Account Takeover Resource Center”, it has a wide variety of briefs, papers, and recommendations documents including prevention practices for companies, financial institutions, and third-party service providers. There’s even a podcast on how to fight ACH fraud! One thing was interesting to note, though. NACHA makes a point to distinguish between ACH fraud and corporate account takeover in this statement at the top of the web page: Corporate Account Takeover is a form of corporate identity theft where a business’ online credentials are stolen by malware. Criminal entities can then initiate fraudulent banking activity. Corporate Account Takeover involves compromised identity credentials and is not about compromises to the wire system or ACH Network. ACH fraud and wire fraud, terms mistakenly used to describe this type of criminal activity, are a misnomer. The ACH Network is safe and secure. Mostly I agree –the ACH Network is safe and secure. But from an F.I.\'s or company’s perspective, corporate account takeover and ACH Fraud often go hand in hand.
For communications companies, acquiring new accounts is an ongoing challenge. However, it is critical to remember that managing new and existing accounts – and their respective risks – is of tremendous importance. A holistic view of the entire customer lifecycle is something every communications organization can benefit from. The following article was originally posted by Mike Myers on the Experian Business Credit blog. Most of us are pretty familiar with credit reports and scores, but how many of you are aware of the additional tools available to help you manage the entire credit risk lifecycle? I talk to credit managers everyday and as we’re all trying to do more with less, it’s easy to forget that opening accounts is just the first step. Managing risk on these accounts is as critical, if not more so, than opening them. While others may choose to “ship and chase”, you don’t need to. Proactive alert/monitoring services, regular portfolio scoring and segmentation are key components that a successful credit department needs to employ in the constant battle against “bad” accounts. Use these tools to proactively adjust credit terms and limits, both positively and negatively. Inevitably some accounts will go bad, but using collection research tools for skip tracing and targeting services for debt collection will put you first in line for collections. A journey of 1,000 miles begins with a single step; we have tools that can help you with that journey and all can be accessed online.
At Experian’s recent client conference, Vision 2011, there was a refreshing amount of positive discussion and outlook on origination rates and acquisition strategies for growth. This was coming not only from industry analysts participating in the conference but from clients as well. As a consumer, I’d sensed the ‘cautious optimism’ that we keep hearing about because my mailbox(the ‘original’ one, not email) has slowly been getting more and more credit card offer letters over the last 6 months. Does this mean a return to prospecting and ultimately growth for financial institutions and lenders? It’s a glimmer of hope, for sure, although most agree that we’re a long way from being out of the woods, particularly with unemployment rates still high and the housing market in dire shape. Soooo…..you may be wondering where I’m going with this…. Since my job is to support banks, lenders, utilities and numerous other businesses’ in their fraud prevention and compliance efforts, where my mind goes is: how does a return to growth – even slight – impact fraud trends and our clients’ risk management policies? While many factors remain to be seen, here are a few early observations: · Account takeover, bust out fraud, and other types of existing account fraud had been on the rise while application fraud had declined or stayed the same (relative to the decrease in new originations); with prospecting and acquisition activity starting to increase, we will likely see a resurgence in new account fraud attempts and methods. · Financial institutions and consumers are under increasing risk of malware attacks; with more sophisticated malware technology popping up every day, this will likely be a prime means for fraudsters to commit identity theft and exploit potentially easier new account opening policies. · With fraud loss numbers flat or down, the contracted fraud budgets and delayed technology investments by companies over the last few years are a point of vulnerability, especially if the acquisition growth rate jumps substantially.
By: Kennis Wong Data is the very core of fraud detection. We are constantly seeking new and mining existing data sources that give us more insights into consumers’ fraud and identity theft risk. Here is a way to categorize the various data sources. Account level - When organizations detect fraud, naturally they leverage the data in-house. This type of data is usually from the individual account activities such as transactions, payments, locations or types of purchases, etc. For example, if there’s a purchase $5000 at a dry cleaner, the transaction itself is suspicious enough to raise a red flag. Customer level - Most of the times we want to see a bigger picture than only at the account level. If the customer also has other accounts with the organization, we want to see the status of those accounts as well. It’s not only important from a fraud detection perspective, but it’s also important from a customer relationship management perspective. Consumer level - As Experian Decision Analytics’ clients can attest, sometimes it’s not sufficient to look only at the data within an organization but also to look at all the financial relationships of the consumer. For example, in the situation of bust out fraud or first-party fraud, if you only look at the individual account, it wouldn’t be clear whether a consumer has truly committed the fraud. But when you look at the behavior of all the financial relationships, then the picture becomes clear. Identity level - Fraud detection can go into the identity level. What I mean is that we can tie a consumer’s individual identity elements with those of other consumers to discover hidden inconsistencies and relationships. For example, we can observe the use of the same SSN across different applications and see if the phones or addresses are the same. In the account management environment, when detecting existing account fraud or account takeover, this level of linkage is very useful as more data becomes available after the account is open. Loading...
Learn More Image
