Running a marketplace, like many other things, involves a degree of risk. For example, unfair or abusive behaviors can scare off legitimate merchants and customers. And dealing with dangerous or illegal commodities can attract the attention of authorities, who may shut the marketplace down.
As marketplaces move to the online world, they become more diverse and convenient but also become vulnerable to new forms of risk. Outside actors can attack a marketplace’s technological infrastructure to cripple it or cause other disruptions by appearing as different people (or even multiple seemingly unique people). This can be dangerously simple, as physical ID documents, payment cards, and even money are often not needed.
In this article, we discuss common sources of risk in a marketplace, focusing on eCommerce and other digital marketplaces. As part of that, we also offer some strategies that marketplace Trust and Safety teams can use to minimize these types of risks.
Let’s first talk a bit more about what online marketplace risk is, and how it relates to the role of the Trust and Safety team in a marketplace.
Online marketplace risk refers to potential threats against an online platform that facilitates exchanging money, goods, and/or services. These threats could be aimed at disrupting the platform’s functionality or abusing its users, and could be technical, financial, or emotional in nature.
Trust and Safety teams for online marketplaces are tasked with minimizing this risk. By keeping a platform working as intended and protecting its users (who may be both customers and merchants), a Trust and Safety team helps the marketplace stay in business—at least partially—through retaining existing users and attracting new ones.
Some threats to online marketplaces are common to other types of marketplaces and businesses (including financial institutions). Others are unique to eCommerce and other marketplaces in the digital world.
Here are five common categories of online marketplace risk: how they work; what impact they have on marketplace users and owners; and some ways marketplace Trust and Safety teams can mitigate them.
As online marketplaces facilitate exchanging money and other assets, they are at risk of actors using their services dishonestly for illicit financial gain. Many types of fraud can happen on marketplaces, including:
- Using fake coupons, or intentionally exploiting errors in real ones
- Redeeming a promotion more times than allowed, especially through referral programs
- Dishonestly returning a product for a refund to gain an advantage
- Completing transactions using off-channel communications
On one level, this lowers users’ trust in a marketplace if they see actors being allowed to use unfair advantages to get ahead. On another level, it makes marketplace users feel unsafe if they are the ones being targeted for exploitation. Both of these things can cost an organization business, especially to competitors. It may also get marketplaces in trouble with financial regulators.
There are a couple of ways for organizations to avoid this type of risk. One is by assessing customers during onboarding for signs of financial risk. Another is creating accessible and clear policies regarding what is and isn’t allowed on the marketplace. Another is to employ transaction monitoring and case management to catch fraud schemes. And another is to give users a mechanism for reporting suspected cases of financial crime.
Compliance Regulations and Laws
Much like financial institutions and other businesses, online marketplaces have a wide array of regulatory compliance laws that apply to them. And to maintain compliance with those laws, organizations need to follow a series of different standards, including data privacy, consumer protection, and AML compliance regulations.
Online marketplaces will need to research what regulations apply to their organizations, and then make sure they have adequate policies in place to meet those standards. More than that, they’ll need to monitor for changes to these regulations to ensure they continue to adhere to regulatory requirements as they change and adapt.
This is especially challenging for marketplaces that operate globally, as laws (and their corresponding rules and regulations) vary based on jurisdiction. Having a Regtech—regulatory technology—solution support teams on this objective is extremely important, as it streamlines these operations and eliminates the chance of error.
Some marketplace users may perform actions intended to disrupt the way the marketplace normally operates. An example is making repeated unsolicited posts (i.e. “spamming”) as a form of unauthorized advertising, or as a way of spreading scams and other misinformation. Another is hijacking another user’s account, or creating or modifying an account to appear as another person. And another is creating multiple similar accounts, or sharing accounts with others (including selling them), to cause problems.
Such actions can cause even legitimate users to interact with the marketplace in unintended ways. In severe cases, it can cause a user—or even all users—to be unable to use the marketplace at all. This can cause problems ranging from losing a few users due to trust issues all the way to having a marketplace abandoned due to lack of functionality or uptime.
That’s why marketplaces must have mechanisms in place to detect and act on activities that are meant to deliberately cause disruptions. They should also have policies outlining how disruptions are not allowed, and the consequences of making them (such as account penalties that can’t be avoided by simply making a new account). User reporting mechanisms, and contingency plans for protecting users should these disruptions occur, are also essential.
Listing of Illegal or Controlled Goods and Services
Some categories of products and services are not allowed on certain kinds of marketplaces, or at least are heavily regulated. That includes intellectual property that a user falsely claims to own, or fails to indicate that another entity owns it properly. It also includes goods that are misrepresented or counterfeit.
Such classes of products are often under the purview of regulatory agencies or law enforcement. So allowing them on a marketplace not only makes the marketplace less safe for customers but can also get it in very serious legal trouble.
Marketplaces should explicitly spell out what kinds of items are or are not allowed to be listed, and under what circumstances. They must also have mechanisms for detecting and removing these types of listings swiftly, such as scanning for certain keywords and allowing users to report prohibited items.
There are all kinds of behaviors on marketplaces that can make users feel mentally, emotionally, or even physically unsafe. These include:
- Threatening or encouraging violence against other users
- Posting explicit sexual or violent content, especially related to minors
- Facilitating, encouraging, or glorifying criminal or self-destructive behavior
- Sharing someone’s personal information (or threatening to) without their permission
- Posting content intended to harass or promote hate against a person or group
- Using excessive profane language
Having to deal with these types of uncomfortable situations can push users away from a marketplace almost as fast as dishonest business practices or other disruptive behaviors. A marketplace having problems with these sorts of behaviors can also draw the attention of regulatory or law enforcement groups, who may deem some of these behaviors as criminal.
Like with illegal or controlled goods, marketplaces should list types of behaviors that are not allowed, and what punishments will be meted out to users who engage in such conduct. They also need systems for quickly spotting and taking down this sort of content. This should include avenues for users to report abusive activity themselves.
Marketplaces must be careful in this regard, though. Certain actions could be considered abusive in some contexts and not in others. So marketplace administrators need to tune activity monitoring tools—and occasionally conduct manual reviews—to consider both the content itself and how (and where) it’s presented.
They should also set up a system for appealing punitive actions in order to let users explain themselves. This helps a marketplace keep users feeling safe while not frustrating and driving away users who commit minor and/or unintentional rules violations on an infrequent basis.
Many marketplaces have rating and review systems so customers can point out what they liked or didn’t like about products and services. Some feedback systems also allow merchants and customers to indicate what their experiences were like in dealing with each other. Unfortunately, users sometimes abuse these systems for various purposes:
- Spamming and being annoying
- Artificially inflating ratings for themselves or merchants they like
- Attacking rival merchants’ reputations
- Bribing or extorting merchants into complying with demands outside their policies
- Holding wares hostage from customers
This makes it difficult for merchants to have reputations on the marketplace that reflect their actual performances. It also makes customers wary of trusting ratings and reviews—or even merchants themselves—at all. This lack of transparency can cause slowdowns in business, or even prompt users to leave the platform.
A pre-emptive step to deal with this is for a risk team to collaborate with a product team to design a feedback system that accounts for how it might be manipulated. It’s also good to spell out and enforce policies regarding prohibited ways to use a feedback system. Monitoring for suspicious activity—including rapid, automated, and/or anonymized actions—can also be helpful. And giving users a method to report suspected instances of feedback manipulation is usually a sound idea as well.
Managing marketplace risk is a constant challenge, as it’s extremely difficult to keep pace with the barrage of threats organizations face. Below, we cover some of the top features to look for in an online marketplace risk management solution.
Risk Identification and Assessment
For risk and compliance teams to manage marketplace risk, they need to be able to identify and assess the threats they face. That fact is, threats are constantly changing—and so too should the risk team’s strategies and tactics.
To do this effectively and stay on top of the biggest threats your organization faces, teams need to be able to perform fruitful risk assessments and properly identify the risks in the first place. Teams will need to rely on a solution that allows them to detect risks, assess them, and prioritize them based on the impact they could have on their online marketplace.
Alert Scoring and Prioritization
Effectively managing risk and optimizing your team’s efficiency comes down to how well you can prioritize the risks your organization faces. To do this properly, teams need to devote resources to the most impactful threats, which can be extremely challenging without the right tools at their disposal.
Alert scoring systems provide easy to understand values on fraud and compliance risks, empowering teams to easily assess what risks pose the biggest threat. Risk and compliance teams can use these scores to prioritize the alerts that matter most—effectively mitigating risk and leveraging their resources efficiently for best results.
Transaction and Data Monitoring
Unfortunately, much of risk management is reactive—risk and compliance teams are looking to identify instances of fraud and react to them. This makes it exceedingly difficult to actually prevent fraud and protect your marketplace.
Fortunately, transaction and data monitoring tools that allow teams to analyze both transactions and customer behavior enable teams to be proactive—empowering them to actually prevent fraud before it happens (or while it’s in progress). True data monitoring will give risk and compliance teams the information they need to predict fraudulent activity and stop it in its tracks.
Suspicious Activity Reporting
A crucial component of keeping an online marketplace safe is reporting suspicious activity to the proper authorities. This ensures that criminal activity can be addressed and—when necessary—prosecuted. Without this step, financial crime will never truly be stamped out.
Organizations are also required to report suspicious activity by law. Failing to do so could lead to substantial fines and penalties, and will only allow this behavior to persist on the marketplace. Having a system that streamlines and automates suspicious activity reporting will allow you to meet regulatory requirements and ensure all cases are escalated accordingly. It’ll also free up risk and compliance team members’ time for more important tasks.
While there are a wide array of resources that help with risk management, we share a couple of the top resources for supporting your efforts—our own Trust & Safety dictionary resource and the leading conference in the industry.
Unit21’s Trust & Safety Dictionary
Our very own Trust & Safety dictionary covers some of the main topics relevant to operating an online marketplace or digital platform, and serves as a great reference for T&S professionals. Not only do we explore leading topics, but we also provide information on how Trust & Safety teams can leverage this information to improve their risk management efforts—ultimately allowing them to clamp down on the biggest threats they face.
Marketplace Risk Conference
The Marketplace Risk team hosts an annual conference and an annual global summit, bringing together the best and brightest in the world of marketplace risk. Hosting a wide array of speakers from leading companies in the industry, they help companies—and the market as a whole—understand, plan for, and tackle the biggest problems facing them from a risk perspective. With an advisory board composed of experts from leading companies in the global marketplace and digital platform ecosystem, they focus on what’s most important to companies in the industry.
Utilize Unit21’s Tools to Secure Your Marketplace Against Risks
The technology component of online marketplaces can make running them seem fraught with more risk than regular ones. However, thanks to technology—specifically Regtech—you don’t have to be disadvantaged when handling that risk.
For example, Unit21’s Data Monitoring helps marketplace risk teams understand the contextual signals (like if a user performs a certain behavior that has been deemed as potentially suspicious) that may point to abusive activity. Examples include action velocity, device fingerprints, IP geolocation, behavioral history, and activity elsewhere online. Couple it with our Case Management solution, and you’ll have a consolidated dashboard of visualized information. Analyze activity from a broader perspective, and then take appropriate action.
Contact us today for a demonstration of how our systems help keep your marketplace safe.