During our third session of Fraud Office Hours, an attendee asked, "What are the top 5 things we can do to prevent fraud?" Watch this video clip and read below to see how Unit21's Head of Fraud Risk, Alex Faivusovich, responded.
Top 5 Ways to Prevent Fraud
"The best way not to have fraud is not to have customers.
Unfortunately, this isn’t a great business model. That being said, any organization that deals with payments or transactions will need to do their part to prevent fraud.
To help organizations with fraud prevention efforts, we explore the top 5 tips for preventing fraud.
1. Perform Customer Onboarding
In today’s market (with the way fraud is evolving), having a good onboarding policy is probably the most important thing you can have. How many risk signals you ingest around KYC procedures, how you score alerts, and how you treat applicants when they try to onboard is all super important.
If you can eliminate the fraudsters before they even join the platform, that’s the ideal route to go. Once they’re on your platform, preventing them from executing and conducting fraud is much harder. Having a really healthy onboarding strategy is crucial; ensure your team can see all the different signals you can, whether you collect data yourself or you’re using vendors for your KYC and KYB processes.
Try to understand the risk associated with the phone numbers or emails provided by the applicant to truly understand the risk associated with the devices. Look at how all the elements correlate with the entity that is trying to onboard to your platform.
We’re also seeing an increase in the usage of actual identity verification documents. While requesting this type of information from applicants can cause friction in the onboarding journey, requesting applicants to take a selfie or submit a driver’s license or passport serves as an added layer of protection. Don’t be afraid to use it as a waterfall as another step in your strategy.
Be sure to use document verification when investigating edge cases where you’re not fully sure if an entity is real (or if the entity actually belongs to the applicant trying to onboard to your platform). While it does cause some friction during onboarding, it’s really the last line of defense before applicants turn into customers.
2. Build Fraud Strategy with Customer Segmentation in Mind
It’s also imperative that you build your fraud strategy with customer segmentation in mind.
Typically, product development teams design and create the features for everybody. As risk managers and fraud prevention managers, it’s your role to step up and have an open conversation with product teams to try to see which features are more suitable to which customers.
Not every customer who onboards to your platform should get immediate access to all the features. Instead, slowly open additional features to more tenured customers. The more you know the customer, the more you trust them (and the lower the risk). As you understand how they behave on your platform, the more you can allow them to use the different features and products that you offer.
When writing rules and devising your strategy, make sure that the customer segmentation that you have in mind is incorporated into your rules. Tenure is a great way to set up more specific rules for different edge cases, as it enables teams to mitigate risk for new customers.
3. Look Beyond Transactions
The term transaction monitoring is a classic for a reason; 15 years ago that’s all you could monitor and what you’d need to focus on most. Today, the transaction itself is still an essential component to investigate. However, monitoring the movement of the money is not the only component of good fraud prevention.
In today’s world, it’s crucial to incorporate other elements that can help you identify both high and low-risk activities. Really, what you want to do here is actually try to understand how the user behaves.
Use your analytics and any enrichment data that you already have or your vendors offer to get a full picture of the user’s behavior. Don’t just write rules around transactions, but try to see if you can work in risk scoring. A great method is to use the user’s digital locations (such as an IP address) to analyze where the user typically transacts.
Consider all the different risk insights you’re able to filter your users through to make rules more accurate.
4. Have a Great Tech Stack
Fraud prevention efforts are often limited by the capabilities of the risk and compliance teams. It’s important to have a great tech stack so you aren’t fighting fraud by yourself. Rather than running SQL queries all day (which isn’t efficient), many vendors and solutions offer an array of features and services.
Don’t be afraid to test and see how different vendors with different solutions can help you and your specific use cases. The industry is in a great place currently, with many good vendors that offer great value; don’t fight fraud by yourself and instead leverage a great tech stack to help you do the job more efficiently.
5. Define and Enforce Internal Policies
Finally, all of this needs to be built off clear internal policies that make it easy for team members to follow. It’s important that the fraud prevention team develops internal policies that guide decision-making.
Map out the entire customer lifecycle and examine how you treat customers at each stage in that process. If something is happening from a risk perspective, what do you do with the customer? How do you engage with them?
First and foremost, it’s essential to make sure that good customers have a great experience. At the end of the day, we don’t want to create a bad experience for the customer just because we are fighting fraud. The end goal is to make sure that the good customers still have a great way to use our product and features.
Having strong policies and automating those policies as much as possible (through automated emails, IVR calls, and SMS messages) is extremely important for providing this quality experience to the user.
Having a clear internal policy outlined improves the experience for good customers, while empowering teams to take clear action when fraud is occurring. It also defines exactly how users are treated in different situations, so that you don’t compromise their experience to investigate instances of fraud.
Looking for more insights? Check out our third session of Fraud Office Hours on-demand for a deeper dive into current fraud trends and which preventative measures to consider.