By Fair Isaac Corporation
About this podcast
Fair Isaac Tech Talks are short interviews designed to empower consumers, business managers and analytic scientists with breakthrough ideas and technology from Fair Isaac, inventor of the FICO® score and a leader in analytics and Decision Management technology. Get helpful information for managing your personal credit profile, learn about the latest tools and techniques for managing risk, fraud and customer satisfaction, and discover the latest advances in credit scoring, business rules management, predictive analytics and optimization.
In this podcast

Podcasts like "FICO"   · View all

By By the people at FICO™
By Path to Cube
By Elizabeth Chance
By Cleburne Bible Church
Latest episodes
Every day I see headline-worthy stories of convictions and legal settlements for fraud and abuse in health care around the world. Many health care payers’ SIUs or forensics teams spend their days “grinding it out” in the fight against health care fraud, waste and abuse — they may only aspire to these kinds of headline results. So how does a health care payer measure success in payment integrity? How much is enough? Each payer tends to have their own point of view. Here are four examples of “How much is enough?” Some years ago, a payer came to us with a simple goal. With just one employee in their SIU shop and very simple tools, they had suffered a significant fraud loss while their one SIU employee was away during the Christmas – New Year’s holiday. In response to this loss, their Board of Directors defined “How much is enough?” as “Let’s not have that happen again.” Historically, RFPs for administration of government-funded health care insurance programs in the United States have included a requirement that the administrator fight fraud. Since this kind of administration contract is often awarded to the bidder with the lowest price, it’s possible that a small, low cost SIU shop which produces any kind of result will be “enough.” We did a one-off project for a payer that unexpectedly identified significant fraud and abuse committed by an extremely powerful provider. For this payer, “enough” did not include addressing the behavior of this powerful provider. We have a client in a country that is publicly agonizing over a culture of corruption which permeates every industry, including health care. For this payer, “enough” will probably be the day that they are recognized as having achieved a level of payment integrity which defies that norm. They are on their way! So how do you set your goals in the fight against losses to fraud, waste and abuse? How much is enough? Whether your goal is to achieve structural change, or your goal is incremental improvement, we recommend that you do the following things. Recognize that payment integrity includes attention to a range of types of losses, not just fraud, but also to waste (unintentional or unnecessary payment) and abuse (manipulation). Fraud is traditionally addressed by the SIU or forensics. Engage your stakeholders to mitigate losses to waste and abuse. Quantify your losses with a project that validates the integrity of your historical paid claims so that you can establish a baseline of losses which is relevant to your business. Establish achievable goals for measurable results that impact your organization’s bottom line. Be prepared to balance your goals and the needs of your stakeholders. Challenge your stakeholders to make the case for their interests in measurable terms. Be prepared for change, because the people who inappropriately take your money are entrepreneurial. Benchmark your losses and your results against industry best practices, for celebration of success and to support your case for the resources that you need to achieve your goals. In my next blog on health care fraud, waste and abuse, I'll ask: “Who Do You Task with Responsibility for Payment Integrity?” I welcome your comments.The post Reducing Health Care Fraud, Waste & Abuse: How Much Is Enough? appeared first on FICO.
Feb. 13, 2018
Led by Amazon in the US, which accounted for nearly half of all of American ecommerce sales in 2017, online sales are a growing part of consumers’ buying habits, worldwide. These changing habits also present increased opportunities for fraudsters, who use evolving tactics and stolen payment card information to commit e-commerce fraud. FICO’s European Fraud Map shows that card-not-present (CNP) fraud, which includes ecommerce, represents some 70% of the card fraud in Europe, and we see similar high percentage rates seen in many parts of the world. The risk of CNP fraud, like e-commerce sales, is going in only one direction: up. According to data from Statista, ecommerce sales will reach $4.5 trillion in 2021, from around $2.3 trillion in 2017. Our new CNP models for FICO® Falcon® Fraud Manager combat this trend with advanced machine learning (ML) algorithms. The new ML-enhanced fraud detection models show strong improvement in the real-time value detection rate, which measures the percentage of total fraud dollars detected by these models. Machine Learning Finds More CNP Fraud Faster The new CNP fraud detection models have been developed to detect fraudulent e-commerce fraud transactions as quickly as possible, to prevent significant fraud loss from an account. Organizations using Falcon will notice a much more aggressive Falcon score for the first high-value suspect transaction in a fraud episode, allowing earlier detection. Specifically, FICO’s simulation shows clients can expect an average score increase of 40% in the first high-value CNP fraud transaction using the new enhanced CNP machine learning models. The new models have been quantifiably proven to improve the real-time value detection by at least 30% without increasing the genuine transaction decline rate. By building strategies that take into account the more aggressive Falcon score for the first high-value CNP fraud, Falcon clients can see a significant reduction in their fraud losses. E-commerce and CNP fraud are just a couple of the many topics I explore on Twitter. Follow me @ScottZoldi.The post E-Commerce Fraud: Machine Learning Speeds Detection appeared first on FICO.
Feb. 12, 2018
For all the talk in the UK about disruptors and fintechs and new entrants to the credit market, and about how banks and card issuers need to manage customers in arrears, there’s one group that seems strangely absent from this focus: retailers. It is estimated over £200 billion of UK household debt is in unsecured retail credit. Much of this is covered by credit and debit cards, and we have seen upwards of 86% of car sales funded through finance schemes and upwards of 40% of online shopping being done through credit instruments. Paying at your local “on tick” (putting your drinks on a tab, in the American parlance) was part of the fabric of our communities in years gone by. That tick still exists, but today the customer is faceless to many retailers and the means by which the tick gets settled is multi-faceted. Now there is plenty of evidence that consumers are pulling in their belts as real wage levels have fallen but inflation rises. Whilst retail sales in many areas fell, online ecommerce continued its upward trend and through 2018 is expected to cater for more than 25% of all retail spending in the UK. Most ecommerce is in some form of credit for a large number of the online shoppers. Those providing or facilitating retail credit have a worrying enough back drop, as the FCA focuses on the 3.3 million borrowers in persistent debt, falling consumer confidence affects retail sales, and banks and financial institutions brace themselves for the result of both their IFRS 9 compliance and the potential impacts of Brexit. In this uncertain environment, are retailers doing enough to manage the vast amount of “tick” consumers have amounted? I suspect the answer is no, at least at the industry level. There are world-class collections operations in the retail space, of course. Are you one of them? Here are five questions for retailer collections, risk management and credit operations professionals managing retail credit: How prepared are you for a PSD2, IFRS 9, GDPR, NPLG world? Even if you don’t believe you need to be, these requirements are pushing your banking, fintechs and disruptor competitors to be far more efficient and effective than they were previously in how they manage their collections and recovery portfolios. They may turn compliance to their advantage — and your disadvantage. Have you moved from descriptive analytics (BI, clustering) to predictive analytics? If not, then you are likely to be over-working some accounts and not working others when and how you should. Have you moved from predictive to prescriptive analytics? If you are not among the growing group of UK risk teams deploying true mathematical, solver-based optimization across your collections and recovery capabilities, then you are likely to be missing opportunities to reduce losses, cost and unnecessary customer attrition. Can your team make changes to your strategies without a heavy reliance on IT? If not, then you are unlikely to have the agility and flexibility you need to compete against your peers. Do you rely on collections staff for all your customer contact? If so, then you are probably not maximizing the use of omnichannel customer engagement. Even if you are one of the very few organizations that have all of the above covered, you may just want to find out what else the lead organizations in your and other global markets are doing to ensure their collections capability is seen as a business profit determinant, generating significant value whilst also meeting the many demands of customer satisfaction, seasonal and economic change, and regulator and accounting standards. We at FICO work with leading providers of retail credit, and every other kind of credit. We welcome the opportunity to share our experience, solutions and services that more than 8,000 clients in 100+ countries have selected to manage their credit risk. Give us a call.The post How Are UK Retailers Managing the £200 Billion Credit “Tick”? appeared first on FICO.
Feb. 9, 2018
Yesterday I had the pleasure of speaking at the Chief Data & Analytics Officer (CDAO) Winter event in Miami. If you’ve ever been to CDAO, you know it is quite a gathering of some of the smartest minds in analytics. Everyone I met had great stories to tell about the innovative work being done with analytics, artificial intelligence (AI) and machine learning (ML).  My keynote was focused on using AI, ML and prescriptive analytics to improve business impact and drive optimal outcomes. In partnering with FICO clients, I have found that combining ML with prescriptive analytics solutions delivers the best results when the strategic business outcomes are at the center and are the foundation that influences execution moving forward.  Defining a business outcome seems simple enough, but the more prescriptive you can be about what you want to achieve, the more positive impact the solution will have on the business. As part of my presentation I shared best practices, a road map if you will, on putting this into action. For those of you who weren’t in Miami, I’ll share the key take-aways:  #1 Outcomes should always be in the hands of the business owner; meaningful action from data and analytics is based on business involvement.  #2 The power of machine learning and artificial intelligence must be unlocked, but also understood. The business objective and the output needs to be understood by the business user.  #3 Don’t let operational trade-offs limit the predictive elements of the analytics decision.  #4 Extend beyond human limits to find the optimal. The combination prescriptive analytics, AI and ML,     when applied to a real and desired business outcome, are able to extend way beyond human initiated       capabilities.  I call this the intersection of AI and HI. I encourage analytics and operation professionals to attend the next CDAO this spring in San Francisco. There are so many people all focused on data analytics all in one place, it’s a great investment of time!The post Better Business Outcomes with Prescriptive Analytics and Machine Learning appeared first on FICO.
Feb. 8, 2018
As a kid, I was a big fan of “Peanuts,” the legendary comic strip by Charles Schulz. Linus was, and still is, my favorite Peanuts character. Linus always had the thoughtful answer and the confidence to tell his friends the truth, despite the silly security blanket.  Schulz said, "Linus, my serious side, is the house intellectual, bright, well-informed — which, I suppose, may contribute to his feelings of insecurity." As an adult with a serious professional interest in security, I am surprised as to why bright, well-informed data and cybersecurity professionals don’t feel more insecure about the efficacy of biometric information as a security device. Is it because biometrics are today's security blanket? The Myth of Biometric “Security Blankets” I have been a contrarian about biometrics for some time. As I blogged last year: To protect against consumer financial fraud, there’s a lot of buzz now about using biometric information — fingerprints, iris and facial recognition, and other unique physical characteristics — to authenticate payment card transactions… Like encryption, however, biometrics are not a silver bullet to stop hackers. As a defense mechanism, biometric authentication is actually worse because it can create a false sense of security. But once that information is corrupted or stolen by hackers, how do you prove who you really are? This excellent article in Scientific American captures the high-level privacy and cybersecurity implications that should be central to any discussion of biometrics: “… [O]nce your face, iris or DNA profile becomes a digital file, that file will be difficult to protect. As the recent NSA revelations have made clear, the boundary between commercial and government data is porous at best. Biometric identifiers could also be stolen. It’s easy to replace a swiped credit card, but good luck changing the patterns on your iris.” Since I posted that blog a year ago, Apple released Face ID as the mechanism to unlock its new iPhone X. Almost as quickly, stories began to appear about how Face ID could be effectively fooled by twins, kids and dudes with beards (almost). Facial Recognition Imparts a False Sense of Security The most serious and obvious argument against biometrics is this: They are really no more secure than any other form of authentication. Whether it’s your face, fingerprint, iris or even your heartbeat, biometric data is imminently hackable. If stolen, the cybercriminal isn’t going to make his or herself look like you. They’re going to associate their digitized face, fingerprint, iris or heartbeat with your account. This is what makes biometrics more risky than other forms of authentication comes after a compromise has occurred; once your biometrics are corrupted, how do you prove you’re really you? In the wake of the first big biometric hack earlier this year, of India’s Aadhaar, the world’s largest biometric identification system, the general public is becoming increasingly aware that fingerprints are as easy to steal as passwords. And for the criminal fraudster or hacker looking to gain improper access to information or systems, associating their biometrics with your credentials is really no more difficult than changing your password, or any number of other tried-and-true account takeover tactics that have been around for years. The scary difference is the misplaced faith that people are putting in biometrics. Like a security blanket, this technology makes people feel good but provides no substantive improvement in protection. I view biometrics as a trending fashion in security, not a credible long-term contender for materially improving security outcomes. What difficulty might consumers face (no pun intended) in reestablishing their own physical provenance when the inevitable hack takes place? Stay Safe, Stay Vigilant As I said in my biometrics blog last year, when it comes to ever-more resourceful and clever hackers, there is no single technology that can stop criminals in their tracks. As with other applications of security technology, the best defense for your financial life is constant vigilance, such as monitoring of activity on all of your cards and accounts, and setting up alerts with your bank’s mobile app and credit bureaus. If your bank offers card freeze technology, learn to use it so it’s available when you need it. All defenses can be compromised, and when that happens, enterprises need to know about it, quickly. FICO® Cybersecurity Solutions deliver exactly that, allowing organizations to anticipate risks, identify emerging cyber threats, quantify cyber exposure, and fight cyber crime in real time. If you’re looking for a real security blanket, visit the Charles Schulz Museum in Santa Rosa, California. And follow me on Twitter @dougoclare.The post Facial Recognition: The Latest Biometric Security Blanket appeared first on FICO.
Feb. 7, 2018
Meeting the separate AML compliance requirements of multiple countries can be a nightmare, not only because of differences in rules but differences in data sources. To meet this challenge, global fintech 4finance, based in the Baltics, turned to FICO, and their results earned them a FICO Decisions Award for regulatory compliance. Here's what they did. Meeting the EU ML Directives Being under the regulation of the EU, 4finance had to comply with the 4th EU ML directive as well as the upcoming 5th EU ML directive. Speed was an issue because the risk of non-compliance was high and their reputation had to be secured. Complying with the EU’s ML directive means: Identifying politically exposed persons (PEP) Preventing sanction persons and entities from doing business with 4finance Detecting loan applications and businesses related to money laundering Detecting any kind of unusual behavior From a technical perspective, 4finance faced a distributed environment, with the need to support 10 countries with 20 data source systems. The compliance needed to be fulfilled at low impact to the business: A goal of less than 0.5% user interference had been defined. As a fintech, short application cycles had to be considered - 4finance has a goal to issue a loan within 15 minutes. How FICO TONBELLER Helped Due to the short timeline for compliance, 4finance decided to use an in-the-cloud implementation of the FICO TONBELLER Siron solution, leveraging Amazon Web Services (AWS). We defined a project plan to support any phase of the project with senior staff members. These included: A project manager to align with 4Finance on the milestones, achievements and also the escalation process. A technical consultant to work on data interfaces during onboarding – how to integrate Siron®KYC into the existing application process. For transaction monitoring with Siron®KYC, we also defined a data mapping to 4finance's 20 data systems. Experienced AML experts to understand 4Finance’ business, the local regulations and to define the individual mitigation strategy against any ML risks. That has been very important, because 4Financ’s business differs from a normal bank. Working closely with 4finance, we overachieved against the deadlines and went live with a cloud-based implementation in less than four months. Reacting to New Threats Today 4finance is capable of using the solution without our support. If new money laundering risks show up, 4finance's team can quickly refine detection scenarios and define new ones. And they can do all of this with just one FTE per country! From my point of view, that’s a great success story. I am proud to be giving a presentation on that at our FICO World 2018 conference in April, together with 4finance. Join us! Our Siron customers are also invited to listen to 4finance during our annual Siron® User Group Conference in Berlin on March 15-16.The post How 4Finance Meets AML Rules in 10 Countries appeared first on FICO.
Feb. 6, 2018
Synthetic identities fraud is where new identities are made by blending elements from multiple individuals, making the uncovering of fraudulent transactions more complicated. Scammers take these new identities and apply for accounts to build validity for these new personas. Products such as pre-paid credit cards, utility bills and personal loans have all been used as a starting point to build credibility and credit-worthiness in a process that can take the criminal many months, sometimes years. At our recent annual FICO Asia Pacific Fraud Forum held in Bangkok, Thailand in October 2017, we surveyed 37 executives from financial institutions across the region.  Six in ten banks in Asia Pacific said that they are experiencing application fraud using synthetic identities and a further one in five banks told us that their fraudulent applications for credit cards now sits between five to 10 percent of all applications. Clearly, identity fraud was a growing problem in 2017. As prevention technologies have improved to stop activities such as card skimming, criminals are now stealing identities or constructing ‘fake people’ to get real credit cards. The availability of personal information online via social media platforms and mobile apps has made it easier for culprits to mix fake and real personal information. Not only are they stealing data from profile information that is open on the web, they are also breaching poorly defended mobile apps that collect personal information. One of the new analytic techniques that is gaining favour as the fraud environment shifts to data breaches and identity theft, is identifying the common point of purchase for compromised cards. This is achieved by using analytics to link transactions that were later determined to be fraudulent. By identifying the common places where comprised cards were previously used, banks can identify the source of leaked card information. Around half of the banks surveyed currently have such a solution in place, but FICO expects this will grow next year. Read more about our fraud survey findings for Asia Pacific in our news release. Discover more about the technology that drives common point of purchaseThe post APAC Banks Say Fraudulent Synthetic Identities on the Rise appeared first on FICO.
Feb. 5, 2018
How is application fraud evolving? And what should fraud leaders be doing to manage fraud risk in a digitally connected world? To answer those questions, we spoke with a man with 25 years of experience in fraud management, Bob Shiflet. Before joining FICO, Bob served as the Global Head of Fraud at both Citibank and Bank of America. In these roles, Bob was a true fraud practitioner, responsible for leading high-performance teams across strategic and operational roles and policies and working closely with his peers in Risk, Compliance, Security, and LOB functions across the business to protect the bank, its clients, and its employees. In this blog, Bob shares insights into best practices he’s found for creating a culture of fraud prevention. In your roles at Citi and Bank of America, what did a day-in-the-life look like? Managing fraud risk for banks is a very dynamic, fast-paced, exciting and complex responsibility, and one day is never the same as the one before. The people, processes and systems must be well-aligned and integrated at all organizational levels to adequately prevent and detect fraud. To execute this critical task of protecting the clients, employees and shareholders requires ongoing collaboration and teamwork between many different internal and external groups. Fraudsters are adapting to the changes in the banking landscape — in fact, they are embracing changes! They constantly evolve tactics to systematically exploit weaknesses and vulnerabilities. For banks, that means the right processes and technology must be managed by knowledgeable people to respond to any fraud scenario immediately and agilely. How did you liaise with other groups within the business? What are your lessons learned and insights into the best way to engage? The fraud function touches and impacts every operational area, function, and channel within a bank. Prevention and detection must extend across the customer lifecycle, and therefore interaction with groups such as Marketing, Legal, Risk, and IT is required to help balance customer experience and top-line growth with operational fraud losses. This balancing act ultimately requires banks to set a fraud risk appetite. A formal fraud management operating model should be collectively defined and adopted by the bank. The roles, responsibilities and business routines must be clearly defined and aligned to business channel, fraud type and control step (prevent, detect or recover). One way to look at it is that every single customer capability, like opening an account, transacting on that account, maintaining and/or updating information on that account, etc., is a capability a bad actor can abuse to commit fraud. How have you see application fraud evolving over your career, and what are the impacts from a technology and operational perspective? Actually, application fraud and identity theft were the primary fraud risk concerns back in the early to mid-‘90s. Then, as fraud protection controls got stronger, the risk migrated to card fraud. However, we’ve now come full circle and are seeing a global resurgence in identity theft (as well as card not present or CNP fraud). This is primarily driven by the large rise in data breaches and the roll-out of EMV and chip cards in the United States. While the flavors of application fraud, such as first-party fraud (including synthetics) and third-party fraud (identity theft) remain the same, the attack methodologies have gotten much more complicated and sophisticated. These methods include brute force attacks and cross-channel social engineering. Additionally, fraudsters are exploiting additional attack vectors online and mobile channels. The good news is that fraud management control technologies, capabilities, solutions and supporting analytics have also gotten more advanced and sophisticated. Application fraud controls must evolve quickly to respond to emerging threats in real time while balancing that with customer experience. Today consumers expect that they can apply for a financial relationship at any place, at any time, on any device, from any channel, for any product, while expecting an immediate decision. To meet this demand, application fraud controls — including analytics — have to be targeted and aligned to specific application fraud risk types, whether true-name, manipulated, synthetic or stolen identities, and whether the exit strategy manifests as first-pay default straight-rollers or bust-outs. The offense methodologies differ for each and so should the defense. Leveraging advanced adaptive analytics upfront at the point of application is critical to enabling automated processing, reducing the number of applications alerted for manual review, and minimizing related operational expense. Even more critical, control capabilities must include agility to quickly adjust to rapidly changing attack vectors, complemented with a layered approach where prevention control capabilities are integrated with detection control capabilities in order to minimize loss severity and increase application approval rates. This also requires thinking big across the risk and fraud continuum; these teams need to work together. In today’s digital world, fraud attacks proliferate and exploit weaknesses in our fraud and risk controls quickly. How do you manage fraud risk in a digitally connected world? Faceless transactions make identity verification and authentication even harder. Banks are challenged with balancing between the customer experience and the right level of fraud defense. A key imperative of your fraud management framework must be to understand the risk associated with the channel and product, and deliver with minimal friction. This involves many stakeholders and participants in the digital payments ecosystem, including banks, processors, acquirers, telcos, gateways, merchants, ISOs and MSPs. Fraud managers must understand that there will always be control gaps and must design fraud controls with this assumption in mind. Lastly, the ability to measure and quickly recognize outlier behaviors and new fraud trends is critical in the digital ecosystem. Once risk is identified, the bank must be able to respond quickly and close that gap. The bottom line is that fraud risk controls must be customer-friendly, agile, layered, integrated and enable real-time risk assessment to support the complexity and speed of the digital world. There is no single tool or score that can be effective against the complex and ever-changing risk vectors in the digital space. Improved client experience is a top strategic pillar for many financial institutions. How do you manage the art of detecting fraud while reducing impact for the good clients? Fraud managers should always have two primary business imperatives: the fraud management imperative (protect the clients/bank) and the customer satisfaction imperative (delight the customer). Fraud managers should consider complementary solutions and technology that shift the fraud control strategy from customer-involved or “active” controls to more hidden or “passive” controls (behavior-based analytics, device print, etc.). The sophistication and complexity of fraud control should truly be invisible to the end customer. FIs are innovating at an ever-growing pace. New products, new channels, marketing campaigns… all these business changes have implications for fraud. What are the best ways to manage the moving targets, and help the business foster innovation while protecting the bottom line? It’s critical that fraud managers are organized and structured around acquiring and implementing fraud tools and capabilities. The very first step is to conduct a proper “as-is” control capabilities inventory and gap assessment, and make sure it is well understood across the organization. Fraud tools and control capabilities must align to both the business’s strategic direction (e.g., digital banking/online payments) and current and emerging fraud risks (e.g., real-time payments, fraudulent applications). The secret sauce for fraud management will always be in the convergence of the technology solution, the processes and the people to truly gain the most value out of tools and capabilities, and optimize their effectiveness and efficiency. I have interacted with literally hundreds of financial institutions over the last 25 years, and I would estimate that less than 10% of these organizations have completed a comprehensive fraud capabilities assessment completed, defined the target end-state, prioritized their control capabilities and put in place an execution roadmap. The fraud management team needs to be a core part of an organization’s business strategy and product development processes and routines. It needs to educate, quantify and make recommendations on how to best control the fraud risks associated with any given business strategy or product. A good way to think about the fraud team’s primary focus is that fraud risk should never become the constraint or reason an organization can’t grow the business with any product, channel, or strategy. With the technology and analytics availably today, there are always ways to design the proper prevention, detection, and recovery controls to support any business product or offering. The fraud management team should not be looked at as the team that says “NO” — it should be the expert team that says “YES”. Thanks so much, Bob, for your insights today! We look forward to sharing more about fighting application fraud in next month’s post. For more on application fraud, check out my recent posts here: Trends in Application Fraud – From Identity Theft to First-Party Fraud Best Practices in Establishing Your Fraud Risk Appetite ELI5: What does the Dark Web have to do with Application Fraud What Data Do I Need to Fight Application Fraud?    The post Best Practices in Fraud Management: Q&A with Bob Shiflet appeared first on FICO.
Feb. 1, 2018
The introduction of IFRS 9 and persistent debt initiatives in the UK credit card market may see an increase in the promotion and take-up of Direct Debits, and greater flexibility offered to those paying this way. With IFRS 9, issuers will be looking at ways to prevent credit card accounts moving from stage 1, where they must provision for a 12-month expected loss (based on the balance and a proportion of the remaining limit), to stage 2, where this moves to a lifetime losses provision. If issuers are more cautious this could be 100% of the remaining available balance. Stage 2 will occur if an account goes 30 days past due (there may be a mixture within the industry as to whether this means 1 or 2 missed payments), or the level of risk has significantly increased since the account was opened. The latter will be open to interpretation at an individual issuer level. Although accounts can roll back into stage 1, as this may be a lengthy process it is anticipated that more effort will be placed on trying to prevent accounts’ risk levels increasing, including trying to stop accounts moving into delinquency in the first place. This may be achieved by identifying external risk factors more quickly. The provision will need to be all of the balance plus the percentage of the remaining available credit which the issuer thinks will be a loss over the account lifetime. In a previous post, I commented  on the over £90 billion in unused credit sitting on UK credit cards and the anticipation of limit decreases campaigns on inactive or low-utilised accounts. The FCA’s recent release in December 2017 containing their definition of persistent debt may also influence the promotion of Direct Debits.  Issuers will need to monitor accounts over a 12-36 month period to determine if cardholders are paying more in fees and interest than the principal balance, and if so take specific actions. This may particularly impact cardholders who consistently make late payments due to forgetting to make manual payments (“lazy payers”). Other groups potentially impacted include those on minimum payments with a high interest rate, missed or late payments or fees due to exceeding their card limit and those with a large balance transfer fee and an interest-bearing balance. Who Has a Direct Debit? The December 2017 FICO Risk Benchmarking results show that about 37% of all UK card accounts have a Direct Debit in place. For those <5 years on book, the rate is over 45% and for those 5+ years it drops to 30%. This same pattern can be seen for the Classic and Premium card averages, with only 28% of the Classic population having a Direct Debit set-up to pay their credit card balance, and this is where the highest proportion of accounts report. Student cards have the highest overall percentage (56%), with over 80% of new accounts (<12 months on book) having a Direct Debit. This implies issuers are strongly promoting in this sub population. FICO looked in more detail at four clients’ data, and accounts without a Direct Debit had a bad rate (bankrupt, charge-off or 3+ cycles in the following 6 months) of between 1.5 to 3 times higher than that of those with a Direct Debit. This takes into account the fact that subsequently the payment could have bounced in the next few months. Whilst this does not mean that all accounts where you set up a Direct Debit will improve payment behavior, it could cover the lazy payers or those who have payment problems. This would be in the cardholders’ interest too, as this would avoid fees and potentially poor credit information being logged at the credit bureaux. This could also help to improve consumers’ credit scores, making future borrowing easier. There was some evidence that when an account had its statement produced — which influences the payment due date — also impacted bad rates. Issuers could consider a more sophisticated approach to setting the statement date, rather than just linking it to account opening, to ensure it is optimal based on salary date. For existing customers this could form part of a customer service call script. This is a more proactive approach, as currently the majority of issuers rely on the consumer to change the date to suit their circumstances. Our review also showed that consumers <30 years of age were less likely to have a Direct Debit in place, as they may be more likely to use mobile or internet banking options. Flexible Direct Debits After discussions with Bacs, the organisation behind Direct Debit in the UK, it became clear that flexibility in both payment date and frequency can have a significant impact on take-up rates. Offering consumers the option to choose a date, or dates, which suit them best – perhaps to coincide with payday – can have a positive effect. Given the rise of the ‘gig economy’ and the number of people being paid weekly,  considering a move away from just a monthly frequency for Direct Debit collection is also worth looking at to encourage more people to opt to pay this way. Find out more about how to promote Direct Debit at It’s also worth addressing another potential misconception, which is that only minimum or full payments can be taken through Direct Debit. In fact, any % or amount is available — this flexibility could be very useful relating to these two initiatives. Some issuers make it easier than others to change to a more flexible payment structure and this is expected to expand. It would also help with demonstrating to the regulators that customers are being treated fairly. Increased Direct Debits may result in a loss of revenue for issuers, but this loss may be far outweighed by the cost of provisioning for stage 2 or for the actions required in a persistent debt situation. This trade-off may help issuers build a business case for incentivising Direct Debit usage. Affordability will have to be taken into account by issuers when determining whether a consumer can increase their monthly payments. Greater use of affordability metrics, including bureau data, is also anticipated. Issuers could consider General Direct Debit education programme More visible promotion at originations stage Offering multiple Direct Debits in a month if appropriate at the consumer level Promoting options for percentages or amounts rather than just minimum or full balance Incentivising Direct Debit adoption with preferential offers, such as reduced interest rates or longer balance transfer periods Ensuring statement and hence payment due date are aligned to customers’ salary dates Targeted campaigns for more mature accounts Targeted campaigns based on consumer age SMS use for promotions Organisations interested in finding out more about how offering greater Direct Debit flexibility can drive take-up rates should contact [email protected] post How Direct Debits Can Help with Persistent Debt and IFRS 9 appeared first on FICO.
Jan. 31, 2018
This year and next sees many regions adopting real-time payment schemes, adding to existing schemes in countries such as the UK, Switzerland and Japan. There’s SEPA CT Inst in the EU, the Clearing House Faster Payments Scheme in the USA and the New Payments Platform in Australia. These countries already have P2P and e-wallet payment mechanisms, which are often called real-time payments. But there is a stricter definition for real-time payment schemes. So when is a real-time payment not a real-time payment? What Is a Real-Time Payment Scheme? When talking about real-time payments it is useful to think of them as payments going directly via a defined real-time payments scheme. These schemes share these criteria: Are defined as a payments scheme and cover both clearing and settlement (only clearing needs to be in real-time, settlement can be periodic) Can be made 24/7 365 Clearing completed within 1 minute Cannot be reversed by the scheme rules Confirm completion or rejection instantly Are open loop, payer and payee do not need an account at the same provider Operate for consumer-to-consumer, business-to-business, consumer-to-business and business-to-consumer payments. Can typically initiate higher-value transactions than other fast payment mechanisms — for example, the UK Faster Payment Scheme’s limit is £250,000, for SEPA CT Inst it’s €15,000 at launch and the Australian New Payments Platform looks likely to have no scheme upper limit. Fast Payments That Aren’t Real-Time Payment Schemes There are three categories of payment that see value transferred instantly, or at least very quickly but are NOT real-time payment schemes: Person-to-person payments, such as Venmo and Dwolla Facilitated payment mechanisms, such as Zelle E-wallet or mobile payments, such as AndroidPay, GooglePay and ApplePay To see how these payment types operate, and why they aren’t real-time payment, read our full brief on real-time payment schemes. Why does this matter? The main advantage of a real-time payments scheme is that it is a direct payments infrastructure. Think of this infrastructure as the rails that payments run on. Scheme-based real-time payments provide the tracks AND the train that runs on it. Other types of payments are trains that run on these rails — and they may not use the fastest track. The factors affecting account opening, customer management and fraud prevention are very different in each type of payment. By articulating the differences it becomes easier to form a strategy that takes account of the needs of each type of payment and look for solutions that can adapt to cover all that you interact with.The post When Is a Real-Time Payment Not a Real-Time Payment? appeared first on FICO.