My last entry covered the benefits of consortium databases and industry collaboration in general as a proven and technologically feasible method for combating fraud across industries. They help minimize fraud losses. So – with some notable exceptions – why are so few industries and companies using fraud consortiums and known fraud databases?
In my experience, the reasons typically boil down to two things: reluctance to share data and perception of ROI. I say “perception of ROI” because I firmly believe the ROI is there – in fact it grows with the number of consortium participants.
First, reluctance to share data seems to stem from a few areas. One is concern for how that data will be used by other consortium members. This is usually addressed through compelling reciprocation of data contribution by all members (the give to get model) as well as strict guidelines for acceptable use.
In today’s climate of hypersensitivity, another concern – rightly so – is the stewardship of Personally Identifiable Information (PII). Given the potentially damaging effects of data breaches to consumers and businesses, smart companies are extremely cautious and careful when making decisions about safeguarding consumer information. So how does a data consortium deal with this? Firewalls, access control lists, encryption, and other modern security technologies provide the defenses necessary to facilitate protection of information contributed to the consortium.
So, let’s assume we’ve overcome the obstacles to sharing one’s data. The other big hurdle to participation that I come across regularly is the old “what’s in it for me” question. Contributors want to be sure that they get out of it what they put into it. Nobody wants to be the only one, or the largest one, contributing records.
In fact, this issue extends to intracompany consortiums as well. No line of business wants to be the sole sponsor just to have other business units come late to the party and reap all the benefits on their dime. Whether within companies or across an industry, it’s obvious that mutual funding, support, equitable operating rules, and clear communication of benefits – to those contributors both big and small – is necessary for fraud consortiums to succeed.
To get there, it’s going to take a lot more interest and participation from industry leaders. What would this look like? I think we’d see a large shift in companies’ fraud columns: from “Discovered” to “Attempted”. This shift would save time and money that could be passed back to the legitimate customers. More participation would also enable consortiums to stay on top of changing technology and evolving consumer communication styles, such as email, text, mobile banking, and voice biometrics to name a few.