In-depth articles, interviews and debates covering local and global topics related to the Experian business expertise.
How Can Organisations Counter their Fraud Risk?
Fraud Business Consultant
Experian Decision Analytics
Fraud is a multi-billion Euro international industry. With the availability of the internet, increasingly sophisticated technology and freedom of movement across borders, criminals are able to target and exploit organisations in multiple countries, increasing their gains whilst reducing the likelihood of being identified and subsequently caught.
As well as operating in multiple countries, fraudsters appear to be migrating from application fraud to identity fraud. Account takeover has become of particular concern in the payment card and current account industries. Although this is not a new fraud type, it has become more prevalent in recent times. The fraudsters perpetrating this have changed their modus operandi from changing address and requesting additional cards to adding themselves as authorised users onto the account.
As well as the traditional and emerging third party fraud types, first party fraud should also be of concern to organisations. In any time of financial hardship the number of first party fraud attempts increases. This may be due to the withdrawal of financial products aimed at high risk customers, therefore directing them to use false details with mainstream lenders, or may be just an attempt to stay solvent by falsely inflating their income or failing to disclose adverse credit by providing a false address history. Organisations should compare previous applications in order to identify any inconsistencies or discrepancies which may indicate potentially fraudulent behaviour.
There is a need for all organisations to counter fraudulent activity from both internal and external sources, in order to meet not only regulatory requirements, but also to avoid reputational and financial losses. Organisations can do this by a number of different methods. They should have an adequate structure in which to operate and which is correctly set up to manage fraud. Where possible, organisations should have a fraud team which is independent from targets such as sales and volume enabling it to concentrate on counter fraud activity. Where this is not possible, organisations should at the very least have an individual or individuals with direct responsibility for fraud.
The importance of systems and processes in fraud detection
Organisations should also have automated systems which can identify fraudulent activity. These can be sophisticated data matching systems utilising simple and complex rules, matching against an application universe, confirmed fraud databases and other added value datasets, or it can be as simple as automated reports or databases which can identify suspicious behaviour and refer it through via a workflow functionality to the appropriate channel.
There should be robust, tested and proven processes and procedures in place to identify fraudulent activity. These should be published and readily available to those staff that require them, and should be reviewed and amended on a regular basis. It is important that these processes and procedures should not be communicated outside of the fraud area of operations, in order to reduce the risk of internal compromise and subsequent exploitation by fraudsters.
Underpinning all elements of an organisation’s anti-fraud activities should be a comprehensive fraud and financial crime policy. It will detail how to report fraud, what happens to the report once it has been made, and also who has accountability and responsibility for counter-fraud measures. All employees within the organisation should be aware of this policy, and it should be readily available in a central location. Organisations should also be aware that all employees have a responsibility to prevent fraudulent activity, not just those working in a fraud team.
When dealing with 3rd parties, robust due diligence should take place in order to ensure that any business that is being passed through is legitimate. As well as checking them when they are originally taken on, monitoring of brokers should take place on a regular basis; this could be something as simple as the number of deals which have subsequently turned bad or fraudulent per broker.
As well as these types of checks, regular analysis of fraud and bad debt within the business should be undertaken. This will provide an indicator of exactly how the business is performing. Bad debt levels should be monitored regularly as a lot of the fraudulent business will end up being written off. Resource can be wasted in collections areas trying to chase debts which are not genuine. The analysis will also be able to identify trends and weaknesses in processes. Once identified, these can be mitigated against in order to close the gaps being exploited by fraudsters. This analysis will also allow any fraud strategies and rules to be managed effectively.
Encourage an anti-fraud culture
All of the points raised are important; however, above all each organisation should have and encourage an anti-fraud culture. This is the type of environment where individuals are encouraged to report fraud without fear of reprisal (whistle blowing), where staff members are aware of their responsibilities and anti-fraud training occurs on a regular basis, which updates individuals on the latest trends and what to look out for.
If organisations follow some of these simple steps, and take a holistic view of fraud prevention, detection and investigation, they can reduce their exposure significantly, and therefore protect their direct revenue. This will also engender a positive culture within the organisation which is of direct benefit to its staff members, management, investors and regulators.
Contact us if you think Experian can help you.