Fraud
When customers attack—5 tips for tackling first-party fraud and abuse
   
Leading banks in the US, UK, Canada and Ireland are beginning to define a set of best practices for addressing the first-party fraud and abuse problems.

One of the most difficult questions for any issuer of credit is also one of the most important for improving portfolio performance: whether or not a customer intends to fulfill a credit obligation.

Substantial amounts of first-party fraud and credit abuse—debt incurred by customers who don’t intend to fulfill their credit obligations—are mixed into traditional collections queues. That’s a problem because these cases are often unaffected by traditional collections treatments. After consuming collections resources, most end up being written off as uncollectable bad debt.

The financial impact is substantial. Based on Fair Isaac’s work with leading banks, we estimate that gross losses from first-party fraud or abuse are much larger than those from third-party fraud.  First-party fraud behavior is not actively monitored today and does not fit most behavior scores and collections treatment scenarios, as these abusive customers do not intend to pay, nor do they show the same behavioral patterns that traditional third-party fraud tends to display.

With the means to scientifically disentangle such cases from other account delinquencies, banks can precisely target the most effective techniques for each type of problem. By identifying abusers at the earliest possible moment—originations, in some cases—banks can minimize losses. At the same time, they can focus collections efforts on those accounts whose behavior can be influenced, thereby improving collections yield and further reducing total bad debt.

Emerging best practices

Leading banks in the US, UK, Canada and Ireland are beginning to define a set of best practices for addressing the first-party fraud and abuse problems. Here are some of the measures being taken.

1. Start with enterprise problem definitions

No common definitions of first-party fraud or abuse can be applied by all financial institutions. Each company’s portfolio, business objectives and policies affect how these behaviors manifest themselves and how they should best be addressed. Effective solutions are built on enterprise-specific definitions.

Because data from multiple businesses within an institution can enable earlier and more accurate detection of abuse, working toward enterprise definitions is also one of the best ways to begin to create the intelligence sharing and coordinated actions necessary to effectively address these problems. Different functional organizations and business units will no doubt see different aspects of the problems. Acknowledging and exploring these differences helps institutions form a complete view.

To begin the definition process, financial institutions may want to set up a cross-functional/LOB team to examine accounts from various parts of the business that ended up being written off. In addition to known fraud accounts, suspected fraud and abuse accounts can be identified using data from the collections process, if that is available. For example, customers whom the organization was never able to contact should be tagged as probable cases of fraud.

Taking this initial grouping of written-off accounts, the team can then work backward through the account lifecycle to origination, searching for common characteristics and behavior that will further refine definitions. For example, first-party abusers who take on additional credit in an attempt to pay their bills may often slow their discretionary credit card spending. First-party fraudsters, in contrast, will usually accelerate their spending on luxury items and exhibit other distinct changes in spending velocity (speed and direction).  

Lenders should consider product- and segment-specific variation in legitimate customer behavior. For example, as shown in Figure 1, credit card accounts that are more than 30% overlimit and 3 cycles delinquent have a high probability of being first-party fraud or abuse. Other products may have similar drop-offs in cure rates, though the account characteristics and point where the drop-off begins will likely differ.

Figure 1

Credit card accounts more than 30% overlimit and 3 cycles delinquent have a high probability of being first-party fraud or abuse.

Other characteristics that may be predictive of fraud will appear much sooner. These may include account debt burden, number of credit applications over a given period, and transaction and payment behavior. For example, “sleeper” fraudsters who commit “bust-out” fraud often transact heavily during the first couple of months, pay their bills on time and request a credit limit increase.

Studying these behaviors will help the team form and refine initial definitions. When they then take these definitions back to the pool of written-off accounts, some accounts may be added to the probables list and others will be eliminated. In this back-and-forth way, the team can arrive at a reliable calculation of the percentage of write-offs attributable to first-party abuse.

The other outcome of the process is, of course, a working list of account behaviors/characteristics mapped onto the account lifecycle. Members of the definitions team can provide their own business units with definitions and associated list of predictive behaviors/characteristics to implement appropriate measures for their products and functions. In this way, the bank can adjust its policies to achieve a certain degree of near-term first-party fraud and abuse mitigation, even before the operational capacities to address these problems are in place. 

2. Establish a first-party fraud and abuse management capability

Institutions that are out front in reducing bad debt are generally tapping expertise from their fraud or risk operations. In some cases, they’re doing so by injecting expertise from one organization into others. In other cases, they’re establishing special tasks forces or centers of excellence with experienced staff from multiple lines of business and functional areas. These groups receive specialized training on how to perform proactive interviews, investigations and interventions when first-party fraud or abuse is suspected.

3. Operate from a customer-level view

Because first-party abuse often involves multiple accounts and credit products, effective efforts to counteract it operate from a customer-level view. The task group must have timely access to account information, transactional data and analytic results from all the key decision areas in the customer lifecycle (originations, credit line management, retention, collections) and all pertinent lines of business (credit cards, debit cards, consumer and commercial loans).

4. Use both fraud and risk analytics to drive targeted treatments

With first-party fraud and abuse so varied and subtle in its manifestations, detection based on business rules alone is not very effective. The banks making substantial progress at reducing their losses are using advanced analytics—and promising approaches tend to combine more than one type.

For example, one of Fair Isaac’s clients is fighting first-party fraud with a “two-fisted” solution. The solution begins at originations, where the bank uses an application fraud model trained to detect first-party abuse. High-scoring applications are rejected—and the data and decision shared with other lines of business to thwart subsequent attempts.

Applications scoring in the moderate-to-high range are subsequently monitored closely using an integrated transaction score that incorporates the original application score. As shown in Figure 2, the combined score is far more accurate than either score alone, at all false-positive rates.

Figure 2

The integration of application scores and transaction scores for credit and fraud is far more accurate than either score alone at all false-positive rates.

By analyzing transactions in this way, banks can detect the first signs of delayed first-party fraudulent behavior. If usage starts to accelerate rapidly, for example, transactions will score high for potential fraud, and rules and thresholds will refer the case to an analyst or automatically impose restraints, such as requiring additional third-party data or blocking high-value transactions.

Banks can also minimize their loss exposure to both first-party fraud and abuse by applying risk management treatments to customers whose application fraud scores are in the moderate-to-high range. For example, at originations, a credit score may qualify the customer for a $20,000 line of credit. But the application fraud score, while not warranting rejection, may be suspicious enough for the bank to reduce the credit line to $5,000. Ongoing credit line management—for this account and all others held by that customer—should then be influenced by transaction scores for both credit and fraud risk.

Similarly, banks can improve their defense against first-party abuse by adding transactional insights to conventional credit scoring. Transactional models analyze rich, detailed data from transactions (purchases, payments, customer service inquiries, etc.), revealing the significance of individual events and event relationships that are invisible in end-of-cycle summary data. For this reason, they’re able to quickly detect changes in customer behavioral patterns that may reveal non-responsible use of credit. Scores that indicate an increase in risk for first-party credit abuse could prompt the bank to cap available credit, slow or even suspend other credit offers, or contact customers to assess their intentions.

This type of transactional credit scoring enables banks to more finely and accurately segment their portfolios, providing the framework for close monitoring and targeted treatment, especially of early-life accounts. If a bank is also using a transactional fraud model, it may have even more ability to impose risk-mitigating constraints. Fraud scoring provides a nondiscriminatory basis for taking stricter measures than current FCRA regulations may allow based on credit scores alone. Where there are correlations between fraudulent and abusive first-party behavior patterns, banks may be within their rights to take more targeted and aggressive measures to prevent losses.

5. Continue building predictive insight

To maintain and improve first-party fraud and abuse defenses over time, banks need a feedback cycle for capturing data, scores and decisions from operations. In essence, this is a way of continuing the initial work done by the definitions team to “tag” first-party fraud and abuse cases, and find common characteristics and behaviors between them. As with other types of predictive modeling, the speed with which feedback data can be absorbed into behavioral profiles (mathematically summarized historical data) and used for model and business rule refinement has a big impact on organizational agility to respond to dynamic market conditions and business trends.

Taking aim at two major contributors to bad debt

Today’s advanced analytics enable banks to recognize first-party fraud and abuse for what they are, and efficiently address the problem with targeted treatments. Fair Isaac is working with leading financial institutions to prove that the artificially high levels of bad debt the industry has long labored under are no longer a necessary cost of business. Banks that lighten their loads will have a decided advantage moving ahead.

To learn more about first-part fraud and abuse, download the full Fair Isaac white paper on which this article was based, Reducing bad debt levels by addressing first-party fraud and credit abuse.