Financial Services
By: Wendy Greenawalt The final provisions included in The Credit Card Act will go into effect on August 22, 2010. Most lenders began preparing for these changes some time ago, and may have already begun adhering to the guidelines. However, I would like to talk about the provisions included and discuss the implications they will have on credit card lenders. The first provision is the implementation of penalty fee guidelines. This clause prohibits card issuers from charging fees that exceed the consumer’s violation of the account terms. For example, if a consumer’s minimum monthly payment on a credit card account was $15, and the lender charges a $39 late fee, this would be considered excessive as the penalty is greater than the consumers’ obligation on that account. Going forward, the maximum fee a lender could charge in this example would be $15 or equal to the consumers obligation. In addition to late fee limitations, lenders can no longer charge multiple penalty fees based on a single late payment, other account term violations or fees for account inactivity. These limitations will have a dramatic impact on portfolio profitability, and lenders will need to account for this with all accounts going forward. The second major provision mandates that if a lender increased a consumer’s annual interest rate after January 1, 2009 due to credit risk, market conditions, or other factors, then the lender must maintain reasonable methodologies and perform account reviews no less than every 6 months. If during the account review, the credit risk, market conditions or other factors that resulted in the interest rate increase have changed, the lender must adjust the interest rate down if warranted. This provision only affects interest rate increases and does not supply specific terms on the amount of the interest rate reduction required; so lenders must assess this independently to determine their individual compliance requirements on covered accounts. The Credit Card Act was a measure to create better policies for consumers related to credit card accounts and overall will provide greater visibility and fair account practices for all consumers. However, The Credit Card Act places more pressure on lenders to find other revenue streams to make up for revenue that was previously received when accounts were not paid by the due date, fees and additional interest rate income were generated. Over the next few years, lenders will have to find ways to make up this shortcoming and generate revenue through acquisition strategies and/or new business channels in order to maintain a profitable portfolio. http://www.federalreserve.gov/newsevents/press/bcreg/20100303a.htm
In “An ounce of prevention is worth a pound of cure” Kristan Frend touched on the vulnerabilities faced by members of our Armed Services. That post made me think about recent fraud trends. Over the course of this spring and summer, I attended a few conferences and at one of these events something a bit disturbing occurred – a staff member for one of the exhibitors was victimized during the event. The individual’s wallet, containing cash and credit cards, was stolen along with the person’s passport and the victim didn’t realize it until they received their wake-up call the next morning. The few people who heard about it wondered “How could this happen at an event of industry professionals?” The answer is simple. Even industry professionals are every-day consumers, vulnerable to attack. As part of our Knowledge Based Authentication practice, Experian engages in blind focus group interviews with “every-day consumers” facilitated by an independent consulting group on Experian’s behalf. What we learn during those sessions informs our best practices for many of the fraud products and guides our process for new question generation in Knowledge Based Authentication. It is also an eye-opening experience. Through our research we have learned that participant consumers are now more aware and accepting of Knowledge Based Authentication than in past years. Knowledge Based Authentication has become a bellwether, consumers expect it. They also expect organizations they deal with to have an Identity Theft Prevention Program – and the ability to recognize when something “just isn’t right” about a situation. However, few participants cited a comprehensive strategy to protect themselves against identity theft, and even fewer actually demonstrated a commitment to follow a strategy, even when they had one. During open and honest conversation in a relaxed setting, participants revealed their true behavior. Many admitted they still use the same password for all their accounts, write their passwords down, and keep copies of their passwords in easily accessible places, such as a purse or a wallet, a desk drawer or an online application. The bottom line is this: Most people will attempt to do what they think they should to protect themselves from identity theft, including shredding or tearing up mail offers, selectively using credit cards and/or monitoring their garbage. However, if the process is too cumbersome or if it requires that they remember too much, they will default to old habits. As Kristan pointed out, thieves may increasingly rely on computer attacks to gather data, but many still resort to low-tech methods like dumpster diving, mail tampering, and purse and wallet theft to obtain privacy sensitive information. When that purse or wallet contains not only personally identifiable information, but also account passwords, the risk levels are significantly higher. Cyber attacks are a threat, but a consumer’s own behavior may be just as risky. As for the victim in this story… a very sharp desk clerk at a neighboring hotel thought it strange that someone was checking-in for a number of days without a reservation at full rate and without luggage, which started the ball rolling and led to the perpetrator being caught and the victim getting everything back except for some cash that had been spent at a coffee merchant. Clearly, this close call didn’t turn-out as badly as it could have.
By: Kristan Frend Last week I came across a news article that said the NYPD arrested 26 people who allegedly took at least $5 million from stealing identities. What I found most disturbing was that criminals allegedly affected more than 200 soldiers, including many of whom were unaware of what was happening, since they were serving overseas. To help reduce the risk of identity theft and minimize fraud losses, all three major credit bureaus provide Active- Duty Alerts, which allow deployed soldiers to have their credit frozen while they are overseas. While these fraud alerts, coupled with financial institutions implementing identity theft programs, can help prevent identity theft losses, what is being done to reduce the risk of military personnel data being exposed and stolen? As social security numbers play a key role in identity theft, I was surprised and disturbed to learn that government issued military ID cards include the card holder’s social security number in full on the front. This creates an obvious security vulnerability to the card holder. Especially considering that the military ID card must be shown in a number of situations, such as getting on and off base, medical care, picking up prescriptions, entering a base shopping exchange, mess hall, etc. There are many situations where the service member encounters people in positions that were once filled by military personnel but are now filled by civilians, who may not have the same code of honor toward others in the military community. While it’s true that thieves are increasingly using computer hacking, phishing, malware, spyware and key stroke loggers to gather SSNs, thieves still resort to low-tech methods like dumpster diving, mail tampering, and purse and wallet theft to obtain privacy sensitive information. The need to show ID so often and the fact that it contains all of their pertinent data, puts service members at particular risk when they may be in harm’s way, focused more on missions than money missing from their bank account. The good news is that the Department of Defense launched a Social Security Number reduction initiative consisting of a phased removal of SSNs. Phase one, removal of dependent SSNs from ID cards is underway. Phase two, removal of printed SSNs from all cards has been placed on hold indefinitely, and phase three, removal of SSNs embedded in barcodes will begin in 2012. My point is not to be critical of the use of SSNs; I think we all can agree that the use of SSNs have become an integral part of our culture. However, we should look to see that organizations carefully balance the value of how SSNs are used with the vulnerabilities that its use creates. The old adage “an ounce of prevention is worth a pound of cure” could never be truer than with identity theft. The easiest way to minimize fraud is to avoid it by not giving criminals the opportunity to perpetrate identity theft against individuals.
By: Kennis Wong Several weeks ago, I attended and presented at Experian’s sold-out annual conference, Vision, in Phoenix, Arizona. One of the guest speakers was Malcolm Gladwell, best-selling author of The Tipping Point, Blink, Outliers and What the Dog Saw: And Other Adventures. Since I\'ve read three of his four books, I could be considered a fan. And yes, his hair did look as wild in person as it appears in the pictures on the insides of his book covers. But that was not why I was so impressed by his speech. The real reason was that his topic was so relevant to how Experian Decision Analytics delivers value to our clients. Gladwell spent the whole hour addressing the difference between “puzzle” and “mystery”, providing abundant examples for both. The puzzle-versus-mystery topic was from one of his articles in The New Yorker. To solve a puzzle, one or more pieces of information are needed. The source of the problem is that insufficient data is available to have a conclusive answer to the question. An example would be finding Osama Bin Laden’s whereabouts. We simply do not have enough information to locate him, and we need more intelligence. On the other hand, a mystery is not solved by simply gathering more information. It is a matter of making sense out of a massive amount of data available, using analysis and judgment. Enron’s creative accounting was an example of a mystery. All the information was out in the open. Pages and pages of SEC filings and annual reports were there for anyone who was willing and able to analyze them. All that was needed to solve the mystery was to make sense out of the data. In the Fraud and Identity Solutions team, we satisfy clients’ needs by providing solutions for both puzzles and mysteries to fend off fraudsters. Besides the core credit bureau data, we have demographic data, fraud consortium data, past application data, automotive data and much more. We also have strategic partnerships to deliver demand deposit account, cell phone, and device data. All these data sources ensure that our clients get the data they need to piece the puzzle together. Our consulting and analytics, on the other hand, help clients to solve mysteries. Looking at individual pieces of disparate data is inefficient and provides little or no value. That’s why our numerous scoring solutions combine the available data in a way that is most predictive of various fraud outcomes. For example, our Precise ID Score and Fraud Shield Score Plus predict first- and third-party fraud; our BustOut Score predicts the likelihood of bust outs; our Never Pay score predicts the likelihood of a consumer never making a payment. As more data are available, we incorporate them into existing or new models if it increases the effectiveness of the models. So we have both the puzzle and mystery grounds covered. A note to Malcolm Gladwell: Great job at Vision! If you write a book about this topic, I’ll definitely buy it.
By: Kari Michel Credit risk models are used by almost every lender, and there are many choices to choose from including custom or generic models. With so many choices how do you know what is best for your portfolio? Custom models provide the strongest risk prediction and are developed using an organization’s own data. For many organizations, custom models may not be an option due to the size of the portfolio (may be too small), lack of data including not enough bads, time constraints, and/or lack of resources. If a custom model is not an option for your organization, generic bureau scoring models are a very powerful alternative for predicting risk. But how can you understand if your current scoring model is the best option for you? You may be using a generic model today and you hear about a new generic model, for example VantageScore. How do you determine if the new model is more predictive than your current model for your portfolio? The best way to understand if the new model is more predictive is to do a head-to-head comparison – a validation. A validation requires a sample of accounts from your portfolio including performance flags. An archive is pulled from the credit reporting agency and both scores are calculated from the same time period and a performance chart is created to show the comparison. There are two key performance metrics that are used to determine the strength of the model. The KS (Komogorov-Smirnov) is a statistical term that measures the maximum difference between the bad and good cumulative score distribution. The KS range is from 0% to 100%, with the higher the KS the stronger the model. The second measurement uses the bad capture rate in the bottom 5%, 10% or 15% of the score range. A stronger model will provide better risk prediction and allow an organization to make better risk decisions. Overall, when stronger scoring models are used, organizations will be best prepared to decrease their bad rates and have a more profitable portfolio.
With the upcoming changes to overdraft fee policies coming to the banking industry July 1st, courtesy of the Federal Reserve, banks and credit unions are re-examining the revenue growth opportunities through their new account opening process. We frequently hear from our fraud risk and operations client partners that when there is a push for revenue growth, fraud detection gets de-prioritized as a trade off to bringing in more new customers. A DDA-friendly risk based authentication approach may offer some compromise to this seemingly “one for one” exchange. Here are some quick revenue-friendly, risk-averse practices being seen in the branches, call centers, and online channels of Experian clients: • Drive referrals to knowledge based authentication (KBA), negative record checks (account abuse, fraud records) or both off of an upfront fraud score, such as the Precise ID(SM) for Account Opening score. Segmenting based on risk is cost efficient and promotes an improved customer experience. • Bolster the fraud defenses of your online channel by raising the “pass” or “accept” threshold. The lower acquisition costs for this online account opening are tempting but this is also the venue most exploited by fraudsters. Some incremental manual reviews should work out as a small price to pay to catch the higher prevalence of fraud. • Cross sell and up sell with confidence based on more comprehensive authentication. By applying appropriate risk based authentication strategies, more products can be offered and exposure is reduced because you know you are dealing with the true consumer.
By: Wendy Greenawalt In my last blog, I discussed the Risk-Based Pricing Rule and provided an overview of the risk based pricing notice compliance option. In this blog, I will provide a re-cap of the compliance Risk-Based Pricing notice and talk about the Credit Score Disclosure exception compliance option in more detail. When the Risk-Based Pricing Rule went into effect in January 2010, the Federal Reserve Board and Federal Trade Commission outlined two distinct compliance options available to lenders. The first option is a risk based pricing notice, which must be provided to a specific segment of consumers who “receive terms that are materially less favorable than the terms available to a substantial portion of consumers”. The notice also provides consumers with general information about credit reports, how lenders use them to make lending decisions and how to obtain a copy of their credit report. The second compliance option is a credit score disclosure exception. This option requires lenders to provide a disclosure to all consumers associated with a new account and must be in a written format that can be retained by the consumer for reference. The credit score disclosure provides consumers with the credit score that was used in conjunction with the lending decision, the range of scores for the credit score used and a national score distribution that enables consumers to compare their score to the scores of other consumers. The disclosure also contains key factors that adversely affected the consumers’ credit score and information about how to obtain a copy of their credit report. Some lenders who want to streamline compliance or those who have a concerned with the messaging contained in the Risk-Based Pricing notice may prefer this option. Either way, both compliance options should be carefully evaluated by lenders to ensure an effective compliance program is implemented. Model forms have been provided for both compliance options, which will assist lenders in complying, but implementing the new forms into existing processes and systems will require time, effort and cost for most lenders.
By: Staci Baker With the increase in consumer behaviors such as ‘strategic default’, it has become increasingly difficult during the past few years for lenders to determine who the most creditworthy consumers are – defining consumers with the lowest credit risk. If you define risk as ‘the likelihood of [a consumer] becoming 90 days or more past due’, the findings are alarming. From June 2007 to June 2009, Super Prime consumers (those scoring 900 or higher) in the U.S. have gone from an average VantageScore* of 945 to 918, which increased their risk level from approx. 0.12% to 0.62% - an increase of 417% for this highly sought after population! Prime and near prime risk levels increased by 400% and 96% respectively. Whereas subprime consumers with few choices (stay subprime or improve their score), saw a slight decrease in risk, 8% - increasing their average VantageScore from 578 to 599. So how do lenders determine who to lend to, when the risk level for all credit tiers increases, or remain risky? In today’s dynamic economy, lenders need tools that will give them an edge, and allow them to identify consumer trends quickly. Incorporating analytic tools, like Premier Attributes, into lender’s origination models, will allow them to pinpoint specific consumer behavior, and provide segmentation through predefined attribute sets that are industry specific and target profitable accounts to improve acquisition strategies. As risk levels change, maintaining profitability becomes more difficult due to shrinking eligible consumer pools. By adding credit attributes, assessing credit risk both within an organization and for new accounts will be simplified and allow for more targeted prospects, thus maximizing prospecting strategies across the customer lifecycle and helping to increase profitability. * VantageScore®, LLC, May, 2010, “Finding Creditworthy Consumers in a Changing Economic Climate”
We\'ve blogged about fraud alerts, fraud analytics, fraud models and fraud best practices. Sometimes, though, we delude ourselves into thinking that fraud prevention strategies we put into place today will be equally effective over time. Unfortunately, when a rat finds a dead-end in a previously-learned maze, it just keeps hunting for an exit. Fraudsters are no different. Ideally we want to seal off all the exits, and teach the rats to go and do something productive with their lives, but sadly that is not always the case. We also don\'t want to let too many good consumers get stuck either, so we cannot get too trigger-happy with our fraud best practices. Fraud behavior is dynamic, not static. Fraudsters learn and adapt to the feedback they receive through trial and error. That means when you plug a hole in your system today, there will be an increased push to seek out other holes tomorrow. This underscores the importance of keeping a close eye on your fraudsters\' behavior trends. But there must be some theoretical breaking point where the fraudsters simply give up trying--at least with your company. This behavioral extinction may be idealistic in the general sense, but is nonetheless a worthy goal as related to your business. One of the best things you can do to prevent fraud is to gain a reputation amongst the fraudsters of, \"Don\'t even try, it\'s not even worth it.\" And even if you don\'t succeed in getting them to stop trying altogether, it\'s still satisfying to know you are lowering their ROI while improving yours
I recently attended a conference where Credit Union managers spoke of the many changes facing their industry in the wake of the real estate crisis and economic decline that has impacted the US economy over the past couple of years. As these managers weighed in on the issues facing their businesses today, several themes began to emerge – tighter lending standards & risk management practices, increased regulatory scrutiny, and increased competition resulting in tighter margins for their portfolios. Across these issues, another major development was discussed – increased Credit Union mergers and acquisitions. As I considered the challenges facing these lenders, and the increase in M&A activity, it occurred to me that these lenders might have a common bond with an unexpected group –American family farms. Overall, Credit Unions are facing the challenge of adding significant fixed costs (more sophisticated lending platforms & risk management processes) all the while dealing with increased competition from lenders like large banks and captive automotive lenders. This challenge is not unlike the challenges faced by the family farm over the past few decades – small volume operators having to absorb significant fixed costs from innovation & increased corporate competition, without the benefit of scale to spread these costs over to maintain healthy lending margins. Without the benefit of scale, the family farm basically disappeared as large commercial operators acquired less-efficient (and less profitable) operators. Are Credit Unions entering into a similar period of competitive disadvantage? It appears that the Credit Union model will have to adjust in the very near future to remain viable. With high infrastructure expectations, many credit unions will have to develop improved decisioning strategies, become more proficient in assessing credit risk –implementing risk-based pricing models, and executing more efficient operational processes in order to sustain themselves when the challenges of regulation and infrastructure favor economies of scale. Otherwise, they are facing an uphill challenge, just as the family farm did (and does); to compete and survive in a market that favors the high-volume lender.
Well, in my last blog, I was half right and half wrong. I said that individual trade associations and advocacy groups would continue to seek relief from Red Flag Rules ‘coverage’ and resultant FTC enforcement. That was right. I also said that I thought the June 1 enforcement date would ‘stick’. That was wrong. Said FTC Chairman Jon Leibowitz, “Congress needs to fix the unintended consequences of the legislation establishing the Red Flag Rule – and to fix this problem quickly. We appreciate the efforts of Congressmen Barney Frank and John Adler for getting a clarifying measure passed in the House, and hope action in the Senate will be swift. As an agency we’re charged with enforcing the law, and endless extensions delay enforcement.” I think the key words here are ‘unintended consequences’. It seems to me that the unintended consequences of the Red Flag Rules reach far beyond just which industries are covered or not covered (healthcare, legal firms, retailers, etc). Certainly, the fight was always going to be brought on by non-financial institutions that generally may not have had a robust identity authentication practice in place as a general baseline practice. What continues to be lost on the FTC is the fact that here we are a few years down the road, and I still hear so much confusion from our clients as to what they have to do when a Red Flag compliance condition is detected. It’s easy to be critical in hindsight, yes, but I must argue that if a bit more collaboration with large institutions and authentication service providers in all markets had occurred, creating a more detailed and unambiguous Rule, we may have seen the original enforcement date (or at least one of the first or second postponement dates) ‘stick’. At the end of the day, the idea of mandating effective and market defined identity theft protection programs makes a lot of sense. A bit more intelligence gathering on the front end of drafting the Rule may, however, have saved time and energy in the long run. Here’s hoping that December 31st ‘sticks’…I’m done predicting.
--By Wendy Greenawalt Recently the Federal Reserve Board and Federal Trade Commission issued a new rule requiring any lender who utilizes a credit report or score when making a credit decision to provide consumers with a risk-based pricing notice. The new regulation goes into effect on January 1, 2011, but lenders must begin the planning process now--as compliance will require potential changes to their current lending practices. The regulation is another evolution in an attempt to provide consumers with more visibility to their credit history and the impact a blemished record may have on their finances. The ruling is good for consumers, but will require lenders to modify existing lending processes and add another consumer disclosure, as well as additional costs to the lending process. The risk-based pricing rule provides lenders with two compliance options--the risk-based pricing notice or a credit score disclosure exception. In this blog, I will discuss the primary compliance option, the risk-based pricing notice. The risk-based pricing notice is a document that notifies consumers that the terms of their new credit account are materially less favorable than the most favorable terms. The notice will not be provided to all consumers, but rather just those that receive account terms that are worse than what is offered to the most credit worthy consumers. Determining who will receive the notice has been outlined in the rule, and lenders can use several options including the direct comparison, credit score proxy or tiered pricing method. For lenders that perform regular validation of their portfolio, determining which consumers to issue a notice to should not be difficult. However, for those lenders who do not perform regular scorecard performance monitoring, this is another reminder of the importance of on-going validations and monitoring. As the economy continues to recover and lenders begin to re-enter the market, it will be more important than ever to validate that scores are performing as expected to manage risk and revenue goals. In my next blog, I will discuss the credit score disclosure exception.
By: Kristan Frend I recently gave a presentation on small business fraud at the annual National Association of Credit Managers (NACM) Credit Congress. Following the session, several B2B credit professionals shared recent fraud issues The attendees confirmed what we’ve been hearing from our customers: fraudsters are shifting from consumer to business/commercial fraud and they’re stepping up their game. One of the schemes mentioned by an attendee included fraudsters obtaining parcel provider’s tracking numbers to reroute shipments meant for their B2B customer. The perpetrator calls the business’s call center, impersonates the legitimate business customer to place an order, obtains the tracking number, and then calls back with the tracking number to request that the shipment be rerouted. Often the new shipping location is a residential address where an individual has been recruited for a work-at-home employment opportunity. The individual is instructed to sign for deliveries and then reship merchandise to a freight company within the country or directly to destinations outside the United States. The fraud is uncovered once the legitimate B2B customer receives an invoice for goods which they never ordered or received. I encourage you to take a look at your business’s policies and procedures on handling change of address shipment requests. What tools do you employ to verify the individual making the request? Are you verifying who the new address belongs to? You may also want to ask your parcel provider about account setting options available for when your employees submit reroute requests. While a shipping reroute request isn’t always indicative of fraud, I recommend you assess your fraud risk and consider whether your fraud-related business processes need refining. Keep an eye out here for postings on these topics: known fraud, bust out fraud, and how best to minimize fraud loss.
By: Staci Baker As more people have become underwater on their mortgage, the decision to stay or not stay in their home has evolved to consider a number of influences that impact consumer credit decisions. Research is revealing that much of an individual’s decision to meet his credit obligations is based on his trust in the economy, moral obligation, and his attitude about delinquency and the effect it will have on his credit score. Recent findings suggest that moral obligation keeps the majority of homeowners from walking away from their homes. According to the 2009 Fannie Mae National Housing Survey (i) – “Nearly nine in ten Americans (88%), including seven in ten who are delinquent on their own mortgages, do not believe it is acceptable for people to stop making payments on an underwater mortgage, while 8% believe it is acceptable.” It appears that there is a sense of owning up to one’s responsibilities; having signed a contract and the presumed stigma of walking away from that obligation. Maintaining strong creditworthiness by continuing to make payments on an underwater mortgage is motivation to sustain mortgage payments. “Approximately 74% of homeowners believe it is very important to maintain good credit and this can be a factor in encouraging them not to walk away (ii).” Once a homeowner defaults on their mortgage, their credit score can drop 150 to 250 points (iii), and the cost of credit in the future becomes much higher via increased interest rates once credit scores trend down. Although consumers expect to keep investing in the housing market (70% said buying a home continues to be one of the safest investments available (iv)) they will surely continue optimizing decisions that consider both the moral and credit implications of their decisions. i December, 2009, Fannie Mae National Housing Survey ii 4/30/10, Financial Trust Index at 23% While Strategic Defaults Continue to Rise, The Chicago Booth/Kellogg School Financial Trust Index iii http://www.creditcards.com/credit-card-news/mortgage-default-credit-scores-1270.php iv December, 2009, Fannie Mae National Housing Survey
By: Kari Michel The Federal Reserve’s decision to permit card issuers to use income estimation models to meet the Accountability, Responsibility, and Disclosure (CARD) Act requirements to assess a borrower’s ability to repay a loan makes good sense. But are income estimation models useful for anything other than supporting compliance with this new regulation? Yes; in fact these types of models offer many advantages and uses for the financial industry. They provide a range of benefits including better fraud mitigation, stronger risk management, and responsible provision of credit. Using income estimation models to understand your customers’ complete financial picture is valuable in all phases of the customer lifecycle, including: • Loan Origination – use as a best practice for determining income capacity • Prospecting – target customers within a specific income range • Acquisitions – set line assignments for approved customers • Account Management – assess repayment ability before approving line increases • Collections – optimize valuation and recovery efforts One of the key benefits of income estimation models is they validate consumer income in real time and can be easily integrated into current processes to reduce expensive manual verification procedures and increase your ROI. But not all scoring models are created equal. When considering an income estimation model, it’s important to consider the source of the income data upon which the model was developed. The best models rely on verified income data and cover all income sources, including wages, rent, alimony, and Social Security. To lean more about how income estimation models can help with risk management strategies, please join the following webinar: Ability to pay: Going beyond the Credit CARD on June 8, 2010. http://www.bulldogsolutions.net/ExperianConsumerInfo/EXC1001/frmRegistration.aspx?bdls=24143
Learn More Image
