Financial Services
Back during World War I, the concept of “triage” was first introduced to the battlefield. Faced with massive casualties and limited medical resources, a system was developed to identify and select those who most needed treatment and who would best respond to treatment. Some casualties were tagged as terminal and received no aid; others with minimal injuries were also passed over. Instead, medical staff focused their attentions on those who required their services in order to be saved. These were the ones who needed and would respond to appropriate treatment. Our clients realize that the collections battlefield of today requires a similar approach. They have limited resources to face this mounting wave of delinquencies and charge offs. They also realize that they can’t throw bodies at this problem. They need to work smarter and use data and decisioning more effectively to help them survive this collections efficiency battle. Some accounts will never “cure” no matter what you do. Others will self-cure with minimal or no active effort. Taking the right actions on the right accounts, with the right resources, at the right time is best accomplished with advanced segmentation that employs behavioral scoring, bureau-based scores and other relevant account data. The actual data and scores that should be used depend on the situation and account status, and there is no one-size-fits-all approach.
What are your thoughts on the third extension to the Identity Theft Red Flags Rule deadline? Was your institution ready to meet Red Flag guidelines?
Does the rule list the Red Flags? The Identity Theft Red Flags Rule provides several examples of Red Flags in four separate categories: 1. alerts and notifications recieved from credit reporting agencies and third-party service providers; 2. the presentation of suspicious documents or suspicious identifying information; 3. unusual or suspicious account usage patterns; and 4. notices from a customer, identity theft victim or law enforcement.
Optimization is a very broad and commonly used term today and the exact interpretation is typically driven by one's industry experience and exposure to modern analytical tools. Webster defines optimize as: "to make as perfect, effective or functional as possible". In the risk/collections world, when we want to optimize our strategies as perfect as technology will allow us, we need to turn to advanced mathematical engineering. More than just scoring and behavioral trending, the most powerful optimization tools leverage all available data and consider business constraints in addition to behavioral propensities for collections efficiency and collections management. A good example of how this can be leveraged in collections is with letter strategies. The cost of mailing letters is often a significant portion of the collections operational budget. After the initial letter required by the Fair Debt Collection Practice Act (FDCPA) has been sent, the question immediately becomes: “What is the best use of lettering dollars to maximize return?” With optimization technology we can leverage historical response data while also considering factors such as the cost of each letter, performance of each letter variation and departmental budget constraints, while weighing the alternatives to determine the best possible action to take for each individual customer. n short, cutting edge mathematical optimization technology answers the question: "Where is the point of diminishing return between collections treatment effectiveness and efficiency / cost?"
Currently, financial institutions focus on the existing customer base and prioritize collections to recover more cash, and do it faster. There is also a need to invest in strategic projects with limited budgets in order to generate benefits in a very short term, to rationalize existing strategies and processes while ensuring that optimal decisions are made at each client contact point. To meet the present challenging conditions, financial institutions increasingly are performing business reviews with the goal of evaluating needs and opportunities to maximize the value created in their portfolios. Business reviews assess an organization’s capacity to leverage on existing opportunities as well as identifying any additional capability that might be necessary to realize the increased benefits. An effective business review covers the following four phases: Problem definition: Establish and qualify what the key objectives of the organization are, the most relevant issues to address, the constraints of the solution, the criteria for success and to summarize how value management fits into the company’s corporate and business unit strategies. Benchmark against leading practice: Strategies, processes, tools, knowledge, and people have to be measured using a review toolset tailored to the organization’s strategic objectives. Define the opportunities and create the roadmap: The elements required to implement the opportunities and migrating to the best practice should be scheduled in a phased strategic roadmap that includes the implementation plan of the proposed actions. Achieve the benefits: An ROI-focused approach, founded on experience in peer organizations, will allow analysis of the cost-benefits of the recommended investments and quantify the potential savings and additional revenue generated. A continuous fine-tuning (i.e. impact of market changes, looking for the next competitive edge and proactively challenge solution boundaries) will ensure the benefits are fully achieved. Today’s blog is an extract of an article written by Burak Kilicoglu, an Experian Global Consultant To read the entire article in the April edition of Experian Decision Analytics’ global newsletter e-news, please follow the link below: http://www.experian-da.com/news/enews_0903/Story2.html
The debate continues in the banking industry -- Do we push the loan authority to the field or do we centralize it (particularly when we are talking about small business loans)? A common argument for sending the loan authority to the field is the improved turnaround time for the applicant. However reality is that centralized loan authority actually provides a decision time almost two times faster than those of a decentralized nature. The statistics supporting this fact are from the Small Business Benchmark Study created and published by Baker Hill, a Part of Experian, for the past five years. Based upon the 2008 Small Business Benchmark Study, those institutions with assets of $20 billion to $100 billion used only centralized underwriting and provided decisions within 2.5 days on average. In contrast, the next closest category ($2 billion to $20 billion in assets) took 4.4 days. Now, if we only consider the time it takes to make a decision (meaning we have all the information needed), the same disparity exists. The largest banks using solely centralized underwriting took 0.8 days to make a decision, while the next tier ($2 billion to $20 billion) took an average 1.5 days to make a decision. This drop in centralized underwriting usage between these two tiers was simply a 15 percent change. This means that the $20 billion to $100 billion banks had 100% usage of centralized underwriting while the $2 billion to $20 billion dropped only to 85% usage. Eighty-five percent is still a strong usage percentage, but it has a significant impact on turnaround time. The most perplexing issue is that the smaller community banks are consistently telling me that they feel their competitive advantages are that they can respond faster and they know their clients better than bigger, impersonal banks. Based upon the stats, I am not seeing this competitive advantage supported by reality. What is particularly confusing is that the small community banks, that are supposed to be closest to the client, take twice as long overall from application receipt to decision and almost three times as long when you compare them to the $20 billion to $100 billion category (0.8 days) to the $500 million to $2 billion category (2.2 days). As you can see - centralized underwriting works. It is consistent, provides improved customer service, improved throughput, increased efficiency and improved credit quality when compared to the decentralized approach. In future blogs, I will address the credit quality component.
I was recently asked in a comment, "What do we have to do to become compliant?" Great question. There is not a single path to compliance when it comes to Red Flags compliance. Effectively, an institution that has covered accounts under the Rule must implement both a written and operational Identity Theft Prevention Program. The Red Flags Rule requires financial institutions and creditors to establish and maintain a written Program designed to detect, prevent and mitigate identity theft in connection with their covered accounts. The Program is a self-prescribed system of checks and balances that each financial institution and creditor implements to reach compliance with the Red Flags Rule. The goal of the provisions is to drive organizations to put into place a system that identifies patterns, practices and forms of activities that indicate the possible existence of identity theft. The provisions are not designed to steer the market to a “one size fits all” compliance platform. In essence, how businesses choose to meet the requirements will depend on the business size, operational complexity, customer transaction processes and risks associated with each of these characteristics. A compliant Program must contain reasonable policies and procedures to address four mandatory elements: Identifying Red Flags applicable to covered accounts and incorporating them into the Program Detecting and evaluating the Red Flags included in the Program Responding to the Red Flags detected in a manner that is appropriate to the degree of risk they pose and Updating the Program to address changes in the risks to customers, and to the financial institution’s or creditor’s safety and soundness, from identity theft The Red Flags Rule includes 26 illustrative examples of possible Red Flags financial institutions and creditors should consider when implementing a written Program. While implementation of any predetermined number of the 26 Red Flag examples is not mandatory, financial institutions and creditors should consider those that are applicable to their business processes, consumer relationships and levels of risk. The Red Flags Rule requires financial institutions and creditors to focus on identifying Red Flags applicable to their account opening activities, existing account maintenance, and new activity on an account that has been inactive for two years or more. Some mandatory requirements include: Keeping a current, written Identity Theft Prevention Program that contains reasonable policies and procedures to identify, detect and respond to Red Flags, and keeping the Program updated Confirming that the consumer reports requested from consumer reporting agencies are related to the consumer with whom the financial institution or creditor are doing business Reviewing address discrepancies
Our current collections management landscape is seeing unprecedented consumer debt burdens: Total consumer debt o/s is at $14 trillion as of Jan ’09 Revolving debt o/s has reached $1 trillion The unemployment rate is at 7.6% and is expected to continue to rise Credit card and Home Equity Line Of Credit issuers reduced available credit by approximately $2 Trillion last year and more reductions are expected in 2009 There is a continuing rise in delinquencies and chargeoffs. Here are some examples from our recent research: 8.5% of Prime Adjustable Rate Mortgages are now delinquent which shows an increase of 491% over this time last year 25% of all sub prime mortgages are now 60+ days delinquent Delinquencies for prime bankcard customers have increased 286% over the last 2 years 34% of all scoreable consumers (those who have sufficient trade information to calculate a score) now have a collection account. Compound these by a decline in the relative collectability of these accounts and you see: 9 million households now have negative equity 20% of 401(k) accounts have been tapped for loans (usually at a cost of 45% in penalties and fees to the account holder) According to the Federal Reserve, in late 2006 – at the height of the sub prime mortgage boom - the U.S. experienced a negative savings rate for the first time since the Great Depression.
I encourage all of you to have a look at this newly launched Federal Trade Commission Web site dedicated to the Red Flags Rule guidelines. It is a good resource to that organizes the requirements of the Rule in a user-friendly manner. It also looks to be an ongoing resource for the posting of updates and related commentary. I suggest you make this site one of your bookmarks today: The Federal Trade Commission has launched a Web site to help entities covered by the Red Flags Rule design and implement identity theft prevention programs. The Rule requires “creditors” and “financial institutions” to develop written programs to identify the warning signs of ID theft, spot them when they occur, and take appropriate steps to respond to those warning “red flags.” Of particular interest, is the "Read the Guide" tab, where you can view and download the new FTC guide to Red Flag Rules. For those in the telecommunications and utilities spaces, check out the "Publish the Articles" tab where you will find two bulletins on Red Flags in these arenas. Enjoy.
This post continues the feature from my colleague and guest blogger, Mark Sofietti, Associate Process Architect in Advisory Services at Baker Hill, a part of Experian. In today’s market, the banking industry seems to be changing at a very rapid pace. The current crisis that we are in, as an industry and as a nation, is forcing institutions to revisit risk management policies and procedures to make the appropriate changes needed to remain healthy and profitable. However, the current crisis is not the only reason why institutions should focus on change management. Change management needs to be appropriately handled in bad and good times. Understanding change management is always a necessity to a well-run organization. Whether it is a reorganization, a new software system, a new policy or moving to a new building, change can cause a great deal of stress and uncertainty -- but it can also cause benefits. So, as managers, you may be asking, “What can I do to ensure that positive changes are happening within my organization? What are some of the items that I should consider when I am bringing about organizational change?” There are four necessary steps that need to be taken in order to improve the success of an initiative that is causing change to an institution. I covered two in my last post. Here are the additional steps. 3. Consider methods of change One method of change is the education of individuals about new ways of operating. This method should be used when there is more resistance to change and when individuals lack a clear understanding or knowledge of the change being made. Education may cause the implementation to take longer, but those involved will better understand the effects of the change. A second method is gathering participation from different levels and skill sets within the organizations. Building a team should be used when there is the highest risk of failure due to change resistance and when more information needs to be gathered before an effective implementation can be completed. Negotiation is a method that is used when a group or person is going to be negatively affected by the change. This method could alleviate the discomfort by giving the person or group some other benefit. Negotiations could allow an organization to avoid resistance, but it may be very costly and time consuming to implement the change. The coercion change method is when a change is implemented with little room for diversion from the plan. Employees are told what the change is going to be and they have to accept it. This method should be used when speed is of the utmost importance, or if the change is not going to be easily accepted. Most employees do not like this approach and it may cause resentment or it might cause staff members to leave. The final method of change uses manipulation, the conscious decision to share limited information about the change that is taking place. This method should only be used when no other tactic will work, or if time or cost is major issues. This approach is dangerous because it can lead to more problems in the future. 4. Create plan of action A plan should be created for the implementation of change to clearly address reservations and define the change strategy. It should include internal and external audiences who can be affected by the change. It is common to forget those who are indirectly impacted by the change -- and these audiences (customers, for example) may be the most important. Objectives of the change need to be clearly outlined in the plan in order to understand how the new future state of the organization will look and operate. The plan needs to be communicated to all those involved so that the transition can be understood and everyone can be held accountable. The plan should be periodically revisited after implementation in order to review progress. Creating a plan of action is a very important step to ensure that those who resisted the change do not revert back to their old habits. Achieving change is not an easy process, especially when time is not on your side. If you take a second look at the change that you are trying to implement and do the necessary planning, you have a greater chance for success than if you or your organization fails to fully evaluate the consequences. Effective change management should be part of any financial risk management process. Take charge of your institution’s future through a calculated approach to change management and your organization will be in a better position for the next change that is coming around the bend.
Regardless of the specific checks and overall processes incorporated into your Red Flags Identity Theft Prevention Program, the use of an automated decisioning strategy or strategies will allow you to: Deliver consistent responses based on objective authentication results, while eliminating subjectivity often found in more manual review processes. Save time and money associated with a manual review process currently attributed to Red Flag Rule referrals. Provide examiners a detailed process flow including decision elements. Create champion / challenger flows to test, compare and alter new strategies over time. Revise, over time, the specific elements used in your decisioning to appropriately weight each from a fraud detection and/or compliance perspective. Experian's consumer authentication products provide hosted decisioning strategies that alleviate the burden on our clients associated with maintenance and development of those processes. Whether you facilitate your own strategies or use a service provider's hosted strategies, it is important to ensure you are maximizing their ability to balance pass rates, fraud detection and compliance requirements.
We have talked about: the creation of the vision for our loan portfolios (current state versus future state) – e.g. the strategy for moving our current portfolio to the future vision. Now comes the time for execution of that strategy. In changing portfolio composition and improving credit quality, the discipline of credit must be strong (this includes in the arenas of commercial loan origination, loan portfolio monitoring, and credit risk modeling of course). Consistency, especially, in the application of policy is key. Early on in the change/execution process there will be strong pressure to revert back to the old ways and stay in a familiar comfort zone. Credit criteria/underwriting guidelines will have indeed changed in the strategy execution. In the coming blogs we will be discussing: assessment of the current state in your loan portfolio; development of the specific strategy to effect change in the portfolio from a credit quality perspective and composition; business development efforts to affect change in the portfolio composition; and policy changes to support the strategy/vision.
If the business is a creditor or a “financial institution” (defined as a depository institution) that offers covered accounts, you must develop a Program to detect possible identity theft in the accounts and respond appropriately. The federal banking agencies, the NCUA and the FTC have issued Guidelines to help covered entities identify, detect and respond to indicators of possible identity theft, as well as to administer the Program. A copy of the Red Flag Guidelines can be found: Federal Reserve Board – 12 C.F.R. pt 222, App. J Federal Deposit Insurance Corporation – 12 C.F.R. pt 334, App. J FTC – 16 C.F.R. pt 681, App. A NCUA – 12 C.F.R. pt 717, App. J Office of the Comptroller of the Currency - 12 C.F.R. pt 41, App. J Office of Thrift Supervision - 12 C.F.R. pt 571, App. J
They have started to shift away from time-based collections management activities (the 30-, 60-, 90-day bucket approach). Instead, the focus is migrating towards the development of collections strategy that is based on the underlying risk of the individual – to look at how he is performing on all of the obligations in the total relationship to determine the likelihood of repayment and the associated activities that can facilitate that repayment. They’ve found they can’t rely purely on traditional models anymore because consumer behavior has dramatically changed and an account only approach doesn’t reflect the true risk and value of the individual’s relationship.
The credit reporting agencies will not identify Red Flags, as such, on a credit report. However, there may be certain information on a credit report that you have determined to be an indicator of possible identity theft and have incorporated into your Program, such as a consumer fraud alert or a notice of address discrepancy. In addition, the Red Flag Guidelines specify that a credit report indicating a pattern of inconsistent or unusual recent activity might be a Red Flag.
Learn More Image
