Application Fraud – Does Canada Need a New Approach?

What do your customers think about how you are protecting them? And what does that mean for the future of your fraud management solutions? To find out FICO surveyed 1,000 Canadians. The results show that Canadians want slick onboarding processes, where fraud controls work but don’t delay account opening.

Processes that Balance Customer Experience and Fraud Protection

Fraud teams fight a constant battle to balance fraud prevention with customer experience. Make fraud controls and identity checks too difficult and customers get frustrated and take their business elsewhere, but loosen them a little too much and losses to fraud increase, or you fall foul of KYC regulation.

When opening new accounts, the biggest point of friction is likely to be the identity checking process. To prevent third-party fraud, synthetic identity fraud and meet KYC obligations, this is a vital step in onboarding new customers.  Our survey shows that if you make it too difficult or time-consuming, it can end the relationship before it has started.

For some products almost 1 in 5 people say they have abandoned opening an account because they found identity checks too difficult or time-consuming. As you would expect, those products that are ubiquitous, such as credit cards (18%) and chequing accounts (19%) had the most respondents say that they had given up on opening an account. However, even with products being opened by far fewer people, such as mortgages and car loans, 12% had abandoned an application because of identity checks.

How Do You Identify More Application Fraud Without Upsetting Legitimate Customers?

According to Statista, the rate of identity fraud in Canada has risen from 0.32 cases per 100,000 people in 2008 to 59.45 per 100,000 in 2020. With increases in the fraud rate every year since 2008, lowering defences isn’t an option. But making checks so difficult that customers walk away isn’t the answer either.

So, what can be done? Not every customer is the same and you can utilize the information you have about them and their application to ensure that you treat them as individuals. Only place necessary and appropriate barriers in their way where fraud risk is high and your risk appetite demands it. But how would that work in practice?

• Have the right decisioning data: This can be from internal sources, for example understanding the source of the application can tell you much about the level of risk. An unsolicited application delivered from a Google search will have a different risk profile compared to a customer responding to a targeted advert you sent to them. This can be combined with data from identity verification providers or providers of data such as negative data scores. The key is to be able to access all this internal and external data and unite it in a single decision point that gives appropriate weight to each factor.
   
• Deploy the analytics: Models that look for anomalies suggestive of fraud and linkages between applications and accounts can help accurately detect fraud. Fraudsters using stolen or synthetic identities frequently attack at scale, submitting hundreds if not thousands of applications. Managing the data for those applications is a headache for them and forces them to re-use data elements.
  
  For example, a fraudster submitting multiple applications is unlikely to have a different telephone number, account holder name or address they can use for each. While they may mix and match the data they have available, and make slight changes such as in the spelling of a name or the format of an address, ultimately the connections will be there. The ability to detect, visualize and understand the relative risk of these fraud networks and map them across account and application portfolios is a step-change for financial institutions that want to understand their application fraud risk both pre- and post-book.
   
• Inform, involve and automate with customer communications: Most customers are not fraudsters, and investigating every potential application fraud case is resource intensive and can place unnecessary barriers in the way of legitimate customers. Frequently, case resolution requires just a little more information from the applicant. Deploying two-way automated customer communications means that points needing clarification can be resolved more quickly, customers can be kept informed about the status of their application and much of the necessary information gathering can be automated to reduce the burden on staff.

Fraud Controls Are Important to Canadian Customers

Fraud protection is an important factor for Canadians when they select a new financial services provider. Application fraud detection may do more to protect the organization and the victims of identity theft, than the individual customer; however, most see fraud protection as a vital component of the trusted relationship they have with their banking providers. 

We asked our survey respondents to rate eight factors by importance to them when they select a new account provider. Good fraud protection was the most important factor: 31% ranked it as their number one concern and 69% had it as a top three concern. Given that other factors we asked them about included value for money and ease of use, this strong desire for fraud protection is notable.

Fraud fighters should be proud of the position they hold within their financial institution. Not only is the work you do recognized by customers, but when it comes to acquiring new customers you are providing competitive differentiation as customers look to build trust.

More About our Survey

FICO’s survey covered 1,000 people in each of 14 countries: Canada, USA, UK, Sweden, Germany, South Africa, Brazil, Colombia, Peru, Mexico, Thailand, Indonesia, Malaysia and Philippines. We asked a range of questions to uncover people’s attitudes to fraud, identity and the customer experience of digital applications for financial institutions. Across all 14 countries surveyed we found:

• 30% will abandon opening a personal bank account such as a chequing account, if identity checks are too difficult or time-consuming.
• Biometrics have become a favourite security choice – 36% have a strong preference to use them to secure their financial accounts and another 40% like them. 78% rate fingerprint security as either good or excellent.
• Fraud protection was the number ONE consideration people have when selecting a provider for a new financial account in 12 out of 14 countries surveyed. 61% of respondents had good fraud protection as a top three consideration.
• 10% of people say they know their stolen identity has definitely been used by fraudsters to open a financial account. An additional 8% think it’s probable, and 14% that its possible.
• First-party fraud is a real risk (particularly given the stresses of the cost-of-living increases). 20% say it’s OK in some circumstances to exaggerate income in an application for a bank account and an additional 18% say its normal to do so. 24% even think it’s normal or acceptable in some circumstances to add items to insurance claims that weren’t lost/stolen/damaged!

To learn more about the results from Canada, download: Consumer Survey 2022: Fraud, Identity and Digital Banking in Canada.

How FICO Helps You Fight Application Fraud

For more information about application fraud and FICO’s response to it:

• Changing Face of Application Fraud Whitepaper: With new attack vectors, evolving customer expectations and data proliferation is now the time for a new strategy?
• Combatting First-Party and Synthetic Identity Fraud: Five best practices you need now.
• Application Fraud – Hot topic Q&A: learn from Andy Pollock, our application fraud expert about the impact of first-party, third-party and synthetic identity fraud.