|ABN AMRO: improving collections productivity by more than 70%|
|Dunfermline Building Society chooses Hunter|
|Clarima Banca manages credit cycle with Experian|
|Data reporting with Grameen America|
|A new credit bureau in Nigeria with Creative|
|How did the US subprime downturn impact the UK & Europe?|
|Connect business goals to each and every customer decision|
|Customer management for Retail Banking|
|Tackling the issue of bust-out fraud|
|How to successfully manage the credit risk in Russia and CIS|
|Experian Decision Analytics Client Forum 2008|
|MEFTEC 08 - The Middle East banking & financial technology event|
|Fraud… a hot topic|
|Basel II: is your rating system working?|
|Tackling the issue of bust-out fraud|
This article originally appeared in Retail Banker International magazine, 24 July 2007.
Imagine you work in a retail bank where you have responsibility for new business. You have decisioning systems, fraud controls and credit bureau links and you feel confident you can protect yourself against customers who could expose your organisation to every type of risk.
One day, a potential customer walks into your branch requesting to open a current account. You follow all the processes, making the necessary checks and the account is opened. Over the following months the customer lodges their monthly salary, credits and debits are made and the account always has a positive balance, although they do take up your offer of an overdraft facility. They set up a savings account and maintain a healthy balance. With such a good customer, you want to balance risk with reward and increase value, so you cross-sell them a credit card. They run this account well, revolving a balance and never missing a payment so after six months the credit limit is increased. You offer a personal loan, which is taken up, leaving your organisation exposed to up to £10,000 of potential lending. However, they are a low risk customer… or are they?
Suddenly, overnight, the current account is emptied and the overdraft used to the limit. The credit card is over limit. You try to contact the customer with no success. Payments are subsequently missed on the loan and credit card and no credits are made to the current account. The account holder disappears without trace and you realise you have been the victim of a calculating fraudster.
Whatever you call this type of fraud, bust-out, advances fraud, runaway spenders or sleeper fraud, this type of first party, open account fraud is becoming a significant issue to the financial services industry. Unlike application fraud, it involves a long-term plan, deliberately manipulating banking behavioural systems to maximise the value of the fraud, posing as a good customer before seizing the full credit facility and disappearing.
Losses on these accounts, while not small, are not as significant as bust-out schemes carried out by criminal gangs, often involving identity theft and links to organised crime and terrorist financing.
In the US, card issuers estimate losses from bust-out fraud to be over $1.5 billion annually (Credit Risk International, September 2004). In the UK, it is felt that bust-out fraud is a much more significant problem, with some sources attributing 25% of credit losses directly to this type of fraud (Experian Credit Card Bust Out Workshop, Jan 2006). Some UK banks have even publicly acknowledged that the growth in this type of fraud has contributed to their recent increases in bad debt provisions.
How to commit bust-out fraud
Firstly, you need to get a bank account. You can simply use your own accounts but these are easily traced, so the fraudster sometimes chooses from a number of other options; identity theft, collusion or an account takeover.
Identity theft as a fraud method in its own right is one of the fastest growing trends in the UK (CIFAS Annual Report 2006). Fraudsters will steal an identity from an individual or group of individuals and use this to gain access to credit. It often takes more than 16 months for the victim to discover the fraud, leaving plenty of time for the fraudster to develop the accounts and bust out, leaving the victim with the task of proving their innocence. Alternatively, the fraudsters can build a new identity, based on an individual, living or dead, using this information to access a range of documentation, including a passport, utility bills and other proofs of identity.
Identity theft can also be perpetrated with the collusion of the individual, where their identity is ‘bought’ by the fraudster. Often, those about to leave the country or who are particularly financially distressed will sell their personal and account details, knowing that when the financial institution contacts them about the fraud they can prove they were not involved. With no proof of collusion, the financial institution has no choice but to expunge their record of fraud.
Dormant accounts are also a target for takeover and subsequent bust-out. Often carried out by someone known to the victim, the fraudster can access the account and then run it in the victim’s name before committing the fraud.
So, you have a bank account. Now you need to understand how the credit decisioning process works in order to maximise the value of the fraud. Financial organisations use automated scoring and decisioning systems to understand and measure the behaviour of individuals. ‘Good’ behaviours such as paying on time, keeping a credit balance on a current account, transacting in full on a credit card and not going overlimit positively influence the decision to increase a limit, offer another product and determine lending levels.
So a bust-out fraudster will run a ‘clean’ account for anything up to 36 months in order to maximise the available credit. Typically a fraudster will:
When the fraudster has reached their desired level of bust, they will suddenly increase their spending, maximising available credit limits, and take out additional credit products. Spending is often on goods that can easily be sold, such as white goods and other high value disposable items. Cheques are written and cashed, and cards used until they are stopped.
The key to this type of fraud is the speed at which it happens. The draining of the potential credit happens in a matter of days, faster than most banking systems can react to the situation.
What can be done to stop bust-out fraud?
Bust-out fraud is particularly difficult to predict, because the fraudster plays on the established trust between financial institutions and customers and it often involves a single hit. Many financial institutions use models to predict fraud, including bust-out fraud. As discussed, the success of these models to predict bust-out fraud can be limited because of the speed of fraudulent behaviour.
However, this isn’t the end of the story. New research by Experian has uncovered particular behaviours and event triggers that can be used to identify potential fraudsters before the bust-out occurs. These are based on account behaviours, which deviate from the ‘normal’ behaviour of an account holder.
Much of this analysis has been carried out in the US and UK, where, for example, bureau data has been trended across time to identify predictive characteristics and trigger points to assess the likelihood of bust-out fraud. This bureau data, when combined with a client’s own data, can offer a very powerful solution to combating bust-out fraud.
Some of the key predictors identified include:
There are many strong predictors when looking at the current account, such as constant churn of the salary credit or other credits, a lack of utility type transactions or Direct Debits and standing orders, the absence of a council tax payment and specific patterns in the type of merchant transactions, such as a concentration of white good purchases. These could all be indicative of potential bust-out.
In the research focussing on utilising credit bureau trend data and ‘event’ trigger data, it has been identified that trending bureau data from account origination through time can uncover unusual patterns for bust-outs versus non-bust-outs (e.g., changes in consumer indebtedness). Special event triggers which indicate when a new account has been opened or when a limit threshold has been exceeded can be beneficial if this information is captured and scored quickly enough.
The analysis has shown that using bureau-based scoring to try to identify bust-out at the point of application is very difficult. However, continuing to take snapshots of the bureau score thereafter and looking for swings and trends in the score is much more successful. Predictive data trends can also be identified when reviewing other bureau data items, such as the level of consumer indebtedness or credit limit utilisation.
All of this information can be combined to create robust predictive models for bust-out fraud. The effectiveness of the models depends on the timing dimension (high frequency) and a longitudinal perspective (trending). Therefore, it is critical as to how often the accounts are scored as well as how much additional data is included in the scoring process; for example, internal transactional data, bureau data, demographic data and other external fraud data.
The new generation of bust-out fraud detection
It is important to stress that analytical and software solutions to this problem need to be effective in the period of ‘clean’ behaviour leading up to the bust out as, after that, it is too late to stop the fraud and subsequent losses.
The research shows that robust predictive models can be developed, using outcomes that are made up of actual bust-outs and then incorporating multiple sources of data. The models can be implemented into existing customer management systems to create bust-out scores and trigger alerts. Using decision engine technology to score each customer would enable organisations to specify trigger scores/events so that they can manage the number of ‘alerts’ and subsequent bust-out checks they have to perform.
As already mentioned, the amount of data available is critical to accuracy in modelling. Data sharing is critical to detection success, as has been seen in many countries for other types of fraud. Fraudsters will repeatedly hit a number of organisations within a short space of time so, by data sharing, other organisations can benefit from checking their accounts against known fraud information. It is critical that this information is updated and checked on a frequent basis, at least weekly, if not daily, so that when a bust-out event happens to one lender, action can be taken before the fraudster busts out on another account by placing checks and supervision on suspect accounts.
Alternatively, by taking an address level view rather than the traditional consumer level view of current credit activity, addresses with highly ‘suspicious’ levels of credit usage can be pinpointed. This system can be used not only to highlight existing account fraud but also to prevent fraudulent new accounts being opened. Although difficult to quantify at this stage, Experian’s new Suspicious Address Alert system should have a major impact on preventing future bust-out fraud in the UK.
Bust-out fraud is a growing and challenging problem for financial organisations worldwide. With the complexity and speed of the fraud making traditional fraud detection techniques less effective, there is a need for new solutions. The steps made by Experian go a long way to creating a workable and effective solution to preventing bust-out fraud and the often significant losses incurred.
Contact us for further discussions about this article or to request the new bust-out fraud White Paper from Experian Decision Analytics