Regulatory Compliance
By: Joel Pruis When the OCC put forth the supervisory guidance on model risk governance the big focus in the industry was around the larger financial institutions that had created their own risk models. The overall intent to make sure that the larger financial institutions were properly managing the risk they were assuming through the use of the custom risk models they had developed. While we can’t say that this model risk governance was a significant issue, the guidance provided by the OCC is intended to provide financial institutions with the minimum requirements for model risk governance. Now that the OCC and the Federal Reserve have gone through the model risk governance reviews for the largest financial institutions in the US, their attention has turned to the rest of the group. While you may not have developed your own custom scorecard model, you may be using a generic scorecard model to support your credit decisions either for loan origination and/or portfolio management. As a result of the use of even generic scorecards and models, you do have obligations for model risk governance as stated in the guidance. While you may not be basing any decisions strictly on a score alone, the questions you have to asking yourself are: Does my credit policy or underwriting guidelines reference the use of a score in my decision process? While I may not be doing any type of auto-decision, do I restrict any credit authority based upon a score? Do I adjust any thresholds/underwriting guidelines based upon a score that is returned? For example, do I allow a higher debt to income if the score is above a certain level? How long have you been using a score in your decision processes that may have become a significant influence on how you decision credit? As you can see from the questions above, the guidance covers a significant population of the financial institutions in the US. As a result, some of the basic components that your financial institution must demonstrate it has done (or will do) are: Recent validation of the scorecard against your portfolio performance Demonstration of appropriate policy governing the use of credit risk models per the regulation Independence around the authority and review of the model risk governance and validations Proper support and documentation from your generic scorecard provider per the guidance. If you would like to learn more on this topic, please join me at the upcoming RMA Annual Risk Management Conference where I will be speaking on Model Validation for Community Banks on Monday, Oct. 27, 9:30 a.m. – 10:30 a.m. or 11 a.m. – 12 p.m. Also, if you are interested in gaining deeper insight on regulations affecting financial institutions and how to prepare your business, download Experian’s Compliance as a Differentiator perspective paper.
Data quality continues to be a challenge for many organizations as they look to improve efficiency and customer interaction.
By: Mike Horrocks The Wall Street Journal just recently posted an article that mentioned the cost of the financial regulations for some of the largest banks. Within the article it is staggering to see the cost of the financial crisis and also to see how so much of this could have been minimized by sound banking practices, adoption to technology, etc. As a former commercial banker and as I talk with associates in the banking industry, I know that there are more causes to point at for the crisis then there are fingers…but that is not the purpose of my blog today. My point is the same thing I ask my teenage boys when they get in trouble, “Now, what are you going to do to fix it?” Here are a couple of ideas that I want to share with the banking industry. Each bank and market you are going after is a bit unique; however think about these this week and what you could do. It is about the customer – the channel is just how you touch that customer. Every day you hear the branch office is dead and that mobile is the next wave. And yes, if I was a betting man, I would clearly say mobile is the way to go. But if you don’t do it right, you will drive customers away just as fast (check out the stats from a Google mobile banking study). At the end of the day, make sure you are where your customers want to be (and yes for some that could even be a branch). Trust is king. The Beatles may have said that “All You Need Is Love”, but in banking it is all about trust. Will my transaction go thru? Will my account be safe? Will I be able to do all that I need to do on this mobile phone and still be safe since it also has Angry Birds on it? If your customer cannot trust you to do what they feel are simple things, then they will walk. You have to protect your customers, as they try to do business with you and others. Regulations are here to stay. It pains me to say it, but this is going to be a truth for a long while. Banks need to make sure they check the box, stay safe, and then get on to doing what they do best – identify and manage risk. No bank will win the war for shareholder attention because they internally can answer the regulators better than the competition. When you are dealing with complicated issues like CCAR, Basel II or III, or any other item, working with professionals can help you stay on track. This last point represents a huge challenge for banks as the number of regulations imposed on financial institutions has grown significantly over the past five years. On top that the level of complexity behind each regulation is high, requiring in-depth knowledge to implement and comply. Lenders have to understand all the complexity of these regulations so they can find the balance to meet compliance obligations. At the same time they need to identify profitable business opportunities. Make sure to read our Comply whitepaper to gain more insight on regulations affecting financial institutions and how you can prepare your business. A little brainstorming and a single action toward each of these in the next 90 days will make a difference. So now, what are you going to do to fix it?
As part of its guidance, the Office of the Comptroller of the Currency recommends that lenders perform regular validations of their credit score models in order to assess model performance.
Julie Conroy - Research Director, Aite Group Finding patterns indicative of money laundering and other financial crimes is akin to searching for a needle in a haystack. With the increasing pressure on banks’ anti-money laundering (AML) and fraud teams, many with this responsibility increasingly feel like they’re searching for those needles while a combine is bearing down on them at full speed. These pressures include: Regulatory scrutiny: The high-profile—and expensive—U.S. enforcement actions that took place during the last couple of years underscore the extent to which regulators are scrutinizing FIs and penalizing those who don’t pass muster. Payment volumes and types increasing: As the U.S. economy is gradually easing its way into a recovery, payment volumes are increasing. Not only are volumes rebounding to pre-recession levels, but there have also been a number of new financial products and payment formats introduced over the last few years, which further increases the workload for the teams who have to screen these payments for money-laundering, sanctions, and global anti-corruption-related exceptions. Constrained budgets: All of this is taking place during a time in which top line revenue growth is constrained and financial institutions are under pressure to reduce expenses and optimize efficiency. Illicit activity on the rise: Criminal activity continues to increase at a rapid pace. The array of activity that financial institutions’ AML units are responsible for detecting has also experienced a significant increase in scope over the last decade, when the USA PATRIOT Act expanded the mandate from pure money laundering to also encompass terrorist financing. financial institutions have had to transition from activity primarily focused on account-level monitoring to item-level monitoring, increasing by orders of magnitude the volumes of alerts they must work (Figure 1) Figure 1: U.S. FIs Are Swimming in Alerts Source: Aite Group interviews with eight of the top 30 FIs by asset size, March to April 2013 There are technologies in market that can help. AML vendors continue to refine their analytic and matching capabilities in an effort to help financial insitutions reduce false positives while not adversely affecting detection rates. Hosted solutions are increasingly available, reducing total cost of ownership and making software upgrades easier. And many institutions are working on internal efficiency efforts, reducing vendors, streamlining processes, and eliminating the number of redundant efforts. How are institutions handling the increasing pressure cooker that is AML compliance? Aite Group wants to know your thoughts. We are conducting a survey of financial insitution executives to understand your pain points and proposed solutions. Please take 20 minutes to share your thoughts, and in return, we’ll share a complimentary copy of the resulting report. This data can be used to compare your efforts to those of your peers as well as to glean new ideas and best practices. All responses will be kept confidential and no institutions names will be mentioned anywhere in the report. You can access the survey here: SURVEY
The security world was taken by surprise earlier this month when researchers discovered Heartbleed, a new large-scale threat that exploits a security vulnerability in OpenSSL.
By: Teri Tassara In my blog last month, I covered the importance of using quality credit attributes to gain greater accuracy in risk models. Credit attributes are also powerful in strengthening the decision process by providing granular views on consumers based on unique behavior characteristics. Effective uses include segmentation, overlay to scores and policy definition – across the entire customer lifecycle, from prospecting to collections and recovery. Overlay to scores – Credit attributes can be used to effectively segment generic scores to arrive at refined “Yes” or “No” decisions. In essence, this is customization without the added time and expense of custom model development. By overlaying attributes to scores, you can further segment the scored population to achieve appreciable lift over and above the use of a score alone. Segmentation – Once you made your “Yes” or “No” decision based on a specific score or within a score range, credit attributes can be used to tailor your final decision based on the “who”, “what” and “why”. For instance, you have two consumers with the same score. Credit attributes will tell you that Consumer A has a total credit limit of $25K and a BTL of 8%; Consumer B has a total credit limit of $15K, but a BTL of 25%. This insight will allow you to determine the best offer for each consumer. Policy definition - Policy rules can be applied first to get the desirable universe. For example, an auto lender may have a strict policy against giving credit to anyone with a repossession in the past, regardless of the consumer’s current risk score. High quality attributes can play a significant role in the overall decision making process, and its expansive usage across the customer lifecycle adds greater flexibility which translates to faster speed to market. In today’s dynamic market, credit attributes that are continuously aligned with market trends and purposed across various analytical are essential to delivering better decisions.
By: Zach Smith On September 13, the Consumer Financial Protection Bureau (CFPB) announced final amendments to the mortgage rules that it issued earlier this year. The CFPB first issued the final mortgage rules in January 2013 and then released subsequent amendments in June. The final amendments also make some additional clarifications and revisions in response to concerns raised by stakeholders. The final modifications announced by the CFPB in September include: Amending the prohibition on certain servicing activities during the first 120 days of a delinquency to allow the delivery of certain notices required under state law that may provide beneficial information about legal aid, counseling, or other resources. Detailing the procedures that servicers should follow when they fail to identify or inform a borrower about missing information from loss mitigation applications, as well as revisions to simplify the offer of short-term forbearance plans to borrowers suffering temporary hardships. Clarifying best practices for informing borrowers about the address for error resolution documents. Exempting all small creditors, including those not operating predominantly in rural or underserved areas, from the ban on high-cost mortgages featuring balloon payments. This exemption will continue for the next two years while the CFPB re-examines the definitions of “rural” and “underserved.” Explaining the "financing” of credit insurance premiums to make clear that premiums are considered to be “financed” when a lender allows payments to be deferred past the month in which it’s due. Clarifying the circumstances when a bank’s teller or other administrative staff is considered to be a “loan originator” and the instances when manufactured housing employees may be classified as an originator under the rules. Clarifying and revising the definition of points and fees for purposes of the qualified mortgage cap on points and fees and the high-cost mortgage points and fees threshold. Revising effective dates of many loan originator compensation rules from January 10, 2014 to January 1, 2014. While the industry continues to advocate for an extension of the effective date to provide additional time to implement the necessary compliance requirements, the CFPB insists that both lenders and mortgage servicers have had ample time to comply with the rules. Most recently, in testimony before the House Financial Services Committee, CFPB Director Richard Cordray stated that “most of the institutions have told us that they will be in compliance” and he didn’t foresee further delays. Related Research Experian's Global Consulting Practice released a recent white paper, CCAR: Getting to the Real Objective, that suggests how banks, reviewers and examiners can best actively manage CCAR's objectives with a clear dual strategy that includes both short-term and longer-term goals for stress-testing, modeling and system improvements. Download the paper to understand how CCAR is not a redundant set of regulatory compliance exercices; its effects on risk management include some demanding paradigm shifts from traditional approaches. The paper also reviews the macroeconomic facts around the Great Recession revealing some useful insights for bank extreme-risk scenario development, econometric modeling and stress simulations. Related Posts Where Business Models Worked, and Didn't, and Are Most Needed Now in Mortgages Now That the CFPB Has Arrived, What's First on It's Agenda Can the CFPB Bring Debt Collection Laws into the 21st Centrury
Billions of dollars are being issued in fraudulent refunds at the state and federal level. Most of the fraud can be categorized around identity theft. An example of this type of fraud may include fraudsters acquiring the Personal Identifying Information (PII) from a deceased individual, buying it from someone not filing or otherwise stealing it from legitimate sources like a doctor’s office. The PII is then used to fill out tax returns, add fraudulent income information and request bogus deductions. Additional forms of tax refund fraud may include: Direct consumer tax refund fraud using real PII of US Citizens to file fraudulent tax returns and claim bogus deductions thereby increasing refund amounts EITC (Earned Income Tax Credit)/ACC (Additional Childcare Credit) fraud which is usually perpetrated with the assistance of a tax preparer and claiming improper cash payments and/or deductions for non-existent children. Tax Preparer Fraud where tax preparers purposefully submit false information on tax returns or file false returns for clients. Under reporting of income on tax filings. Taking multiple Homestead Exemptions for tax credit. Since this Fraud more often occurs as an early filing using Fraudulent or stolen PII the individual consumer is at risk for long term Identity issues. Exacerbating the tax refund fraud problem: The majority of returns that request refunds are now filed online (83% of all federal filings in 2012 were online) -if you file online, there is no need to submit a W-2 form with that online filing. If your employment information cannot be pulled into the forms by your tax software you can fill it in manually. The accuracy of information regarding employer and wage information for which deductions are based, is only verified after the refund is issued. Refunds directly deposited - filers now have the option to have their refunds deposited into a bank account for faster receipt. Once these funds are deposited and withdrawn there is no way to trace where the funds have gone. Refunds provided on debit cards – filers can request their refund in the form of a debit card. This is an even bigger problem than bank account deposits because once issued, there is no way to trace who uses a debit card and for what purpose. So what do you need to look for when reviewing tax fraud prevention tools? Look for a provider that has experience in working with state and federal government agencies. Proven expertise in this domain is critical, and experience here means that the provider has cleared the disciplined review process that the government requires for businesses they do business with. Look for providers with relevant certifications for authentication services, such as the Kantara Identity Assurance Framework for levels of identity assurance. Look for providers that can authenticate users by verifying the device they’re using to access your applications. With over 80% of tax filings occurring online, it is critical that any identity proofing strategy also allows for the capability to verify the source or device used to access these applications. Since tax fraudsters don’t limit their use of stolen IDs to tax fraud and may also use them to perpetrate other financial crimes such as opening lines of credit – you need to be looking at all avenues of fraudulent activity If fraud is detected and stopped, consider using a provider that can offer post fraud mitigation processes for your customers/potential victims. Getting tax refunds and other government benefits into the right hands of their recipients is important to everyone involved. Since tax refund fraud detection is a moving target, it’s buyer beware if you hitch your detection efforts to a provider that has not proven their expertise in this unique space.
All skip tracing data is the same, right? Not exactly. While there are many sources of consumer contact data available to debt collectors, the quality, freshness, depth and breadth can vary significantly. Just as importantly, what you ultimately do or don't do with the data depends on several factors such as: Whether or not the debt is worth your while to pursue How deep and fresh the data is What if no skip data is available, and, What happens if there is no new information available when you go to your skip-tracing vendor requesting new leads? So what's the best way for your company to locate debtors? What data sources are right for you? Check out my recent article in Collections and Credit Risk for some helpful advice, and be sure to check out our other debt collection industry blog posts for best practices, tips and tricks on ways to recover more debt, faster. What data sources do you find most beneficial to your business and why? Let us know by commenting below.
Gone are the days when validating scoring models was a thing you did when you got around to it. Besides that fact that the OCC wants models validated at least once a year, it’s just good business sense to make sure your tools are working as expected. At a minimum, the OCC wants back testing, stress testing, benchmarking and sensitivity analysis, but there is another aspect to validations that needs to be taken into consideration. Most lenders do not rely exclusively on a scoring model of their decisioning (or at least they shouldn’t). Whether it’s a dual score strategy or attribute overlay, additional underwriting criteria is often used to help refine and optimize decision strategies. However, those same overlays need to be incorporated into the model validation process so that the results are not misleading. VantageScore Solutions, LLC has just published a concise white paper offering excellent examples of how to make sure your overlay criteria are an integral part of the overall validation process, ensuring your effort here are yielding the right results. And while on the topic of model validation, next time I’ll review what to do when you have no idea what to test for. Stay tuned!
Not surprisingly, bankcard utilization is the highest among subprime consumers with VantageScore D and F tiers having average bankcard utilization rates of 68% and 81% respectively. In comparison, VantageScore A tier (super prime) consumers had an average bankcard utilization rate of 6% and VantageScore B tier (prime) consumers had an average bankcard utilization rate of 15%. Join our panel of experts on October 23 to hear from industry experts on key regulations that are changing the way banks need to conduct business in order to grow and stay profitable. Source: Experian Oliver Wyman Market Intelligence Reports.
By: Kyle Aiman Let’s face it, debt collectors often get a bad rap. Sure, some of it is deserved, but the majority of the nation’s estimated 157,000 collectors strive to do their job in a way that will satisfy both their employer and the debtor. One way to improve collector/debtor interaction is for the collector to be trained in consumer credit and counseling. In a recent article published on Collectionsandcreditrisk.com, Trevor Carone, Vice President of Portfolio and Collection Solutions at Experian, explored the concept of using credit education to help debt collectors function more like advisors instead of accusers. If collectors gain a better understanding of consumer credit – how to read a credit report, how items may affect a credit score, how a credit score is compiled and what factors influence the score – perhaps they can offer suggestions for improvement. Will providing past-due consumers with a plan to help improve their credit increase payments? Read the article and let us know what you think!
By: Ken Pruett The great thing about being in front of customers is that you learn something from every meeting. Over the years I have figured out that there is typically no “right” or “wrong” way to do something. Even in the world of fraud and compliance I find that each client's approach varies greatly. It typically comes down to what the business need is in combination with meeting some sort of compliance obligation like the Red Flag Rules or the Patriot Act. For example, the trend we see in the prepaid space is that basic verification of common identity elements is really the only need. The one exception might be the use of a few key fraud indicators like a deceased SSN. The thought process here is that the fraud risk is relatively low vs. someone opening up a credit card account. So in this space, pass rates drive the business objective of getting customers through the application process as quickly and easily as possible….while meeting basic compliance obligations. In the world of credit, fraud prevention is front and center and plays a key role in the application process. Our most conservative customers often use the traditional bureau alerts to drive fraud prevention. This typically creates high manual review rates but they feel that they want to be very customer focused. Therefore, they are willing to take on the costs of these reviews to maintain that focus. The feedback we often get is that these alerts often lead to a high number of false positives. Examples of messages they may key off of are things like the SSN not being issued or the On-File Inquiry address not matching. The trend is this space is typically focused on fraud scoring. Review rates are what drive score cut-offs leading to review rates that are typically 5% or less. Compliance issues are often resolved by using some combination of the score and data matching. For example, if there is a name and address mismatch that does not necessarily mean the application will kick out for review. If the Name, SSN, and DOB match…and the score shows very little chance of fraud, the application can be passed through in an automated fashion. This risk based approach is typically what we feel is a best practice. This moves them away from looking at the binary results from individual messages like the SSN alerts mentioned above. The bottom line is that everyone seems to do things differently, but the key is that each company takes compliance and fraud prevention seriously. That is why meeting with our customers is such an enjoyable part of my job.
Last week, a group of us came together for a formal internal forum where we had the opportunity to compare notes with colleagues, hear updates on the challenges clients are facing and brainstorm solutions to client business problems across the discipline areas of analytics, fraud and software. As usual, fraud prevention and fraud analytics were key areas of discussion but what was also notable was how big a role compliance is playing as a business driver. First party fraud and identity theft detection are important components, sure, but as the Consumer Financial Protection Bureau (CFPB) gains momentum and more teeth, the demand for compliance accommodation and consistency grows critical as well. The role of good fraud management is to help accomplish regulatory compliance by providing more than just fraud risk scores, it can help to: Know Your Customer (KYC) or Customer Information Program (CIP) details such as the match results and level of matching across name, address, SSN, date of birth, phone, and Driver’s License. Understand the results of checks for high risk identity conditions such as deceased SSN, SSN more frequently used by another, address mismatches, and more. Perform a check against the Office of Foreign Asset Control’s SDN list and the details of any matches. And while some fraud solutions out there make use of these types of comparisons when generating a score or decision, they may not pass these along to their customers. And just think how valuable these details can be for both consistent compliance decisions and creating an audit trail for any possible audits.
Learn More Image
