Fraud Protection & Compliance
As my colleague TJ Horan says in his post, the worlds of fraud and compliance are moving closer together. A critical meeting point for these disciplines is the identity proofing of customers, particularly using digital channels.
The current COVID-19 health crisis makes digital interactions obligatory for many activities, and this accelerates the pace of digital adoption. Those organizations that don’t ensure efficient and effective digital onboarding, in ways acceptable to their customers, will not remain competitive.
The objectives of the fraud department are different from those of the compliance team and traditionally they have come at the thorny issue of accurately identifying and understanding their customers from different angles.
Compliance teams want to:
- Be compliant with anti-money laundering regulations to protect their reputation and avoid fines.
- Assess money laundering risk based on customer identity and geography and appropriate to the product they are looking to provide.
- Apply the appropriate level of due diligence, taking into account if the customer is a Politically Exposed Persons (PEPs) or a subject of adverse media or offshore leaks.
- Ensure they do not break regulations by offering services to denied parties such as those that appear on sanctions lists.
Fraud teams want to:
- Ensure that losses to fraud remain low by not opening accounts for fraudsters using stolen or synthetic identities.
- Balance the need for loss reduction with providing customers with a sufficiently good experience so that account openings are not abandoned.
- Combine identity proofing with the subsequent authentication process to ensure future authentication needs are met without negatively impacting customer experience.
While objectives differ, both fundamentally need the same things – to verify that the customer is who they say they are and that they can reliably confirm certain attributes about them. This involves collecting much of the same information and carrying out many of the same processes, including profiling, detection, case management and transaction monitoring. For it to work well, both teams need to be involved in the customer journey from the beginning to avoid any risks and ensure alignment with the business from the start.
Despite these similarities, the two departments often invest in different processes and technology when it comes to identity checking and eKYC. This comes at a cost to customer experience that means lost business and poor customer satisfaction scores. Customers are unlikely to welcome part of an organization asking them for information or proofs of their identity when their perception is that they have already provided it.
How they are asked to provide proof of identity also frustrates customers. A recent FICO survey shows that for digital account openings, asking customers to take action out of channel (for example by visiting a branch, or taking a phone call) is very unwelcome. Almost a quarter of people will abandon an account opening completely, or go to a competitor to open their account when asked to do so.
The answer for both fraud and compliance teams is to put the customer at the heart of their identity proofing process. They can work together to ensure that the needs of both functions are met, and that regulatory compliance and fraud prevention don't come at the expense of legitimate customers.
Our white paper ‘Digital now – the role of eKYC in customer acquisition’ provides the information you need to understand how organizations can meet customer expectations and streamline identity processes.
