Limiting the impact of fraud is vital for businesses which need to protect their revenues and their customers from the potentially devastating effects of fraud. The fraud landscape is ever changing and with an estimated £193billion* lost to fraud each year there are big rewards to come from fighting fraud effectively.
Third-party fraud, particularly fraud related to stolen identities is on the rise and managing it is not an easy task. Most organisations will encounter at least a few of these dilemmas when it comes to tackling their own fraud challenges:
1. Fraud changes fast
It can be difficult to adapt to, keep up with, or even overtake fraudsters. Criminals are on the look-out for easy targets, they are like lions prowling round a herd of wildebeest looking for the weakest one. They will probe systems and identify vulnerabilities looking for their next point of attack. Fraudsters can be agile which means that businesses must also act quickly in order to mount an effective counter-attack. Your response to ever-changing fraud will come from your ability to recognise the trends that affect you at any given time and having the working practices in place to support you in making necessary change. However, if the solutions you use to fight fraud are not equally adaptive then they won’t help you to prevail. To win you need the right combination of systems and you need to be able to change your strategies rapidly and easily, to deal with threats as they emerge. If your fraud toolkit cannot help you to do this then it is hampering your fight.
2. So many solutions… so little integration
Recent years have seen a proliferation in the number and types of fraud prevention and identity checking solutions available. There are tools based on known data, those that use various forms of biometric, device intelligence and behavioural science. Then, there are the more traditional approaches of document checking and usernames and passwords. So we have the weapons in our arsenal but the application of these solutions and particularly how we make them work together to enhance our overall fraud fighting capability, is often the missing piece of the puzzle. Different solutions are deployed in different configurations across different channels, they are governed by their own rule sets, workflows and intelligence. It’s as if we’re going to war but the Navy, Army and Airforce are not on speaking terms. Is the inability to deploy all of your fraud-fighting weapons in a single strategy letting the fraudsters in?
3. Specialist IT and Technical teams don’t have time to help
The scenarios described above highlight the complexities in managing your response to fraud. With an ever-changing, fraud landscape and a complex network of technology to help you manage it, changes and even general maintenance of your systems often require specialist IT resource. Of course your specialist teams are likely to be in high demand, when you have to make changes to every system for every use case, every time you need to make small changes to your strategy. Being involved in a never-ending cycle of system tweaks and maintenance is not rewarding for your specialists. They want to be involved in the strategic projects that really move your fight against fraud but they don’t have the time. Is system maintenance eating up the resource you need to deploy strategic fraud prevention?
4. What about customer experience?
Most of your customers are not fraudsters or identity thieves! And of course you want to treat them well, the problem with fraud prevention is that it can impact your customers. There are two main ways in which identity checking and fraud prevention can negatively impact your customers’ journey with you:
• When the checks you deploy take too much time or require the customer to take more action than they want to. This adds friction to the customer journey and leads to abandonment of the interaction by frustrated customers.
• When your checking suggests there is fraud – and there isn’t. False positives cause havoc for you and for your customers. You will spend time and money investigating when it’s not needed. For your customers you will either be slowing down or stopping them, this is a poor experience for them and it could well lead to them taking their custom elsewhere.
Balancing fraud prevention with customer experience takes constant attention, get it wrong and your customers go elsewhere or you start losing too much to fraud. How easy are you finding it to manage this balancing act?
5. There’s a whole lot of legislation
Everyone wants to limit fraud and that includes government and regulatory bodies. There isn’t however one regulation that covers fraud, rather different pieces of legislation have an impact. This is particularly the case when it comes to Identity checking and authentication. For businesses that need to comply, ensuring that legislation is incorporated appropriately in order to work with their own fraud protection policies can be a challenge. Over the next two years there are two key pieces of legislation that will affect how your business carries out identity checking and by extension fraud prevention. The Fourth Anti-Money-Laundering Directive (4thAMLD) will become law in June 2017, the second Payment Services Directive (PSD2) is on a similar timeline. Without getting into the ins and outs of these pieces of legislation (it’s a big topic for another day – or rather several other days!) they are likely to add complexity to your policies around identity checking and authentication. You may well need to adapt your strategies to incorporate regulatory change – another layer of complexity and another driver for more agile fraud and identity tools.
So where does this leave you?
Managing fraud risk is complex, there are many factors to consider and they are constantly changing. To fight fraud businesses need to be well-informed and adaptable. Strategies must be constantly updated and rapidly deployed and having the tools to hand to support you in this is vital.
We are proud to bring CrossCore to the market, this is the first, smart, plug and play platform for identity and fraud solutions and more information can be found here.