Other parts of this series:
As organizations look toward optimizing (or standing up) their loyalty fraud defenses, here is a simple framework to consider.
Figure 1: Strategic Approach to Layer Loyalty Fraud Defenses
1. Start with what you have.
Though it varies by industry, many organizations have loyalty program platforms with fraud controls that have not been activated, lest it impact customer experience – e.g., ability to freeze account / make it ‘earn only’ upon the fraudulent flag, loyalty account notification for unusual activity, etc. Prioritizing capabilities required to mitigate the risk of the top 20% of loyalty fraud hotspots that drive 80% of the losses (Pareto Principle) would help demonstrate business value and drive better return on investment.
Leverage existing technology to enforce existing policies across all lines of business. Executing manual controls is often cumbersome, expensive in the longer run, mostly detective, and not very efficient. For example, though most clients have a policy limitation on the number of accounts per customer, not many have been able to enforce it due to simplistic onboarding processes. Expanding the set of passive information collected per customer could help uniquely identify a customer, and /facilitate technology-driven policy enforcement across channels, without any customer impact.
2. Strategize your Loyalty Fraud Program.
Defining your strategic vision, guiding principles, and program objectives are critical – not only to envision your target state but also to understand the LOBs/stakeholders you would want to bring with you along the journey. Aligning the governance and accountabilities early on can help provide the required oversight, ownership, and momentum to drive loyalty fraud program.
Explore the operating model (i.e., where would the loyalty fraud team sit within the organization) and delivery models (i.e., in-house, shared service, outsource, etc.) that work best for you to run the loyalty fraud program. Fraud comes in waves and can very quickly result in overworked/dissatisfied employees. Building the right team and capacity to manage loyalty fraud /could aid with faster reaction and turn-around times.
3. Re-think required capabilities.
Enterprises vary in their maturity to manage loyalty fraud. Conduct a risk assessment or Key Performance Indicator benchmarking to gauge your capability maturity across process, policy, data, talent, and technology. Consider how it may impact the aggregated organizational risk. You may have multiple initiatives on the go to strengthen your loyalty fraud program defenses, but test if they comprehensively cover all capabilities required to establish a successful loyalty fraud program. Prioritize capabilities you want to strengthen to define your strategic roadmap.
Understanding the required capabilities to mitigate loyalty fraud and how it fits with the broader organizational fraud management, technology, and data architecture is key to achieving desired outcomes. Emerging data-driven fraud architectures to adopt a single fraud decision engine and enterprise tooling to accelerate fraud model builds and /facilitate efficient and effective interventions.
4. Deploy layered solutions and fraud analytics.
Evaluate solutions that can help meet the prioritized capabilities and augment/layer them. If these solutions already exist within the organization, expand the scope and re-tune to meet capability needs. The key to success is bringing the business stakeholders along the journey. For example, the business may be less enthusiastic to enforce Multifactor authentication using a one-time password as it may increase the abandonment rate / bounce rate but could be very responsive to shifting from Loyalty cards to a mobile application that leverages mobile phone facial recognition which is cheaper, more secure and delivers a great customer experience.
To demonstrate value quickly, identify areas that drive the most fraud losses or processes that drive up the operational costs (e.g., manual reviews for suspicious flags) and elevate them – by better tuning fraud decisioning engine rules or activating additional automation / ML models. Existing gaps in current rules can be uncovered by thinking like a fraudster – e.g., if you use IP address to flag bad actors, a fraudster might use a VPN to mask the IP. Consider expanding the factors considered for device fingerprinting to include other parameters like browser version, VPN, cookies, screen resolution, etc. to strike the right tradeoff between device persistence and specificity.
Often, due to the lack of a comprehensive end-to-end solution for managing loyalty program fraud, and silo-ed data, most organizations struggle with higher rates (~40% – 60%1) of loyalty program fraud being undetected by vendor solutions. These are later flagged by disgruntled customers and result in an increased burden on contact centers and manual/time-consuming investigations by the loyalty fraud team. Deploying behavioral analytics around changes in application/event activity, accounts per device, spend trends, velocity checks, etc. can help cast a wider net to flag suspicious accounts for pre and post fraud occurrence.
As summarized in Figure 3, data availability/completeness, accuracy, and timeliness form the foundation for a successful deployment of the layered defense. Invest time to design hypotheses, conduct exploratory findings, engineer features, and train models to improve fraud prevention / detection precision. Consider using third-party or consortium data to help validate your data. Using external data can transform how you onboard new customers, improving both the customer experience and increasing the detection of fake accounts.
Figure 2: Accenture Model Deployment Methodology
Recognize that new technologies are available to mitigate risk without adversely impacting customer experience and can help build trust. Customer trust and loyalty go hand in hand and are both crucial factors in a brand’s long-term success.
5. Design risk-based intervention strategies.
To strike the right balance between building fraud defense and limiting friction for good customers – designing a risk-based intervention strategy is key. Successful loyalty fraud programs profile customers/devices to risk score them (based on risk appetite and policy) and apply relevant low/medium/ high touch intervention strategies.
Figure 3: Examples of Intervention Strategies
6. Monitor Effectiveness.
Often overlooked, loyalty fraud monitoring and reporting can provide incredible insights on the effectiveness – if designed correctly and executed consistently. Many large organizations struggle with ‘detective only’ reporting that is time-consuming to generate and are not nimble enough to meet the changing business needs. Consider the following to improve monitoring and reporting effectiveness:
Figure 4: Considerations for Monitoring Effectiveness
Use the monitoring outcomes to refine the Loyalty Fraud Strategy or required capabilities.
We would like to thank Philippe Guiral, Kelly Makway, and Akber Merchant for their inputs to this blog.