A global picture, a deep dive, and the bits and pieces of risk management intelligence
Why the way in which risks are managed is poor?
Because data, methods, and software is lacking
Every day, many e-commerce services struggle when managing risk. They have to figure out ways to prevent risk themselves. They lack data, methods, and software to make the right decisions. This wastes so much time and leads to bad decisions.
Because of slow and ineffective decisions
Too often, risk operation analysts have to resort to intuition because they don’t have access to the information they need. Frequently, executives have to explicitly demand audit reports by verbalizing their need, waiting for the reports to materialize, and making decisions. This is slow and ineffective.
And because of limited and inconsistent reports
Analysts spend a lot of time making audit reports and showing information, but what is the basis of these reports? How much data are they based on? What can we conclude? Are the conclusions justified? Often, reports are developed inconsistently over time and based on limited data samples. They miss the big picture and make it worse.
Who is to blame?
Should we blame the analysts who juggle different IT systems and need to justify their work to upper management? Maybe the wrong metrics are used to measure productivity.
We also blame the fraud detection software, but that is just one component. Usually, it's possible to build something on top of what exists.
Risk management under-valued
The expected benefits of risk management are often underestimated, probably because it’s new for most businesses—usually, it’s reserved for financial institutions or large companies.
To add to the problem, although everyone knows what a chargeback or fraud is, how to call a customer to confirm an order, or what a blacklist is, few know what a risk is, how it’s calculated, and how to translate it back to the e-commerce service—this book provides answers to these questions.
Who is the book for?
The process components and methods are relevant to all levels of seniority in the business. They’re not just for those who carry out payment verifications or make audit reports.
They're also relevant to those who need to understand the terms being used and a vision of the whole process, such as executives, lawyers, or investors.
What's in the book?
What's in the book? These are the problems and outlines of each of the 5 book parts.
1. Payment processing intermediaries and processes
Given the diversity of the regulations, payment methods, intermediaries, and payment scenarios available, how are payments engineered and orchestrated?
In this part we review some of the payment methods used to pay for items online. We investigate the different entities that carry out payments online. And we describe the three steps required for online payments.
2. Payment fraud’s origins
Although the online payment process goes right most of the time, in some scenarios it fails. Some reasons why a payment may fail are legitimate, but others are not. In this part, we describe what happens when things go wrong, particularly when payment fraud occurs.
We look at why things may go wrong when processing online payments. We discuss how things go wrong (the processes used to commit payment fraud). And we identify the factors influencing payment fraud.
3. Today’s fraud prevention
Here we focus on how to detect, manage, and prevent payment fraud when processing payments online, and we also look at the existing solutions.
We first describe the landscape of fraud prevention solutions. Then we provide a bird’s-eye view of the payment fraud prevention process. We dive deep into the bits and pieces of fraud detection. And we describe the feedback loop, i.e., fraud prevention process auditing.
4. Big data and statistical learning
Here we focus on the application of big data, artificial intelligence (AI), and machine learning (ML) to boost the prevention, detection, and management of payment fraud.
We review the preliminary conditions to carry out data analyses for fraud prevention. Second, we describe the essential methods used to measure risk and test hypotheses. Finally, we discuss how it is possible to teach machines to predict a concept like payment fraud.
5. Financial risk management
We review the application of corporate financial risk management methods to prevent, detect, and manage fraud prevention for e-commerce services.
We review ideal fraud detection systems for e-commerce services. We describe risk classification, the concept of escalation time, and risk ratings. We suggest to use value at risk (VAR) to pilot risk in e-commerce services.
Read the first application
The first application.
A travel agent
I once worked for a major online travel agent that sold two billion euros of airline tickets per year. The company had seen payment fraud spin out of control, and for several months it focused on reducing it by strengthening fraud prevention rules. Also, the company had just put together a team to configure the fraud prevention system, verify payments, and manage chargebacks.
It lacked the necessary software
So the problem wasn’t a lack of security or resources. The problem was also not a lack of reports or payment verifications. The problem was that the fraud prevention system had a poor design, reviewers had no decision support system, and data analyses lacked method and scale. They lacked the necessary software to manage risk.
Peak season for selling tickets
When I joined the company, it was the peak season for selling airline tickets for summer travel. The VP of payments asked me to reduce the daily number of payment verifications. As the risk operation analysts could not review all the payments, part of the workload was absorbed by the customer service team.
A methodical process
Ten days upon arrival, I'd retrieved a dataset of several million transactions from the payment provider, matched those with the fraud history, and identified several ineffective rules—eliminating these reduced the workload.
It was not a one-off chance achievement but the seed result of a methodical process, which I describe in this book. Over the next four months, I developed automation, back tested, audited, and proposed changes, which allowed the company to halve the number of clients who were automatically rejected by the fraud prevention system while maintaining its payment fraud exposure. These changes saved the company tenths of millions of euros in revenue opportunities.
Risk management intelligence
These bottom-line impacting results show that simply having a dedicated fraud prevention system is not enough, even with a team of statistical and risk operation analysts.
In addition it is also necessary to have a software for risk management intelligence. It's not an additional operational cost. Instead, it’s an investment that brings revenue to the company and benefits to the buyers.
See questions and answers.
Here we provide answers to some of the questions you might ask yourself.
1. Where can we get the book?
2. How to give feedbacks?
I'd love to improve the information provided in the book. Shoot me an email; I would be happy to hear from you and fix things.
3. Why did you choose an origami crane for the front cover?
The crane on the cover symbolizes the concept of a bird flying above business's operations. By its very nature, the bird can provide novel perspectives for a company's decision makers, from board members to risk operation analysts.
However, the only way to get these novel perspectives is to fold the crane carefully, which can require significant effort.
Hence, the origami crane parallels the new business perspectives brought by risk management intelligence, while the bird's origami nature parallels all the data gathering, processing, modeling, and rendering needed. The entire process is tedious and it requires know-how and patience.
4. Why risk management intelligence?
The decision came from a Harvard Business Review (HBR) publication, 10 Must Reads On Making Smart Decisions, I read a while back that showed the potential of making smart decisions every single time using big data. I was still an academic at the time, but the HBR's case studies impressed me. Since then, I've become more opinionated about the big in big data, because data doesn't have to be that large! It's just that all the data gets analyzed. Sampling is avoided, and fewer assumptions are made.
5. Have you applied the methods?
Yes, some of the methods have been applied within a medium-size e-commerce service with about 500 employees that processes €2B per year in online payments. The work performed for that company had a direct impact on its bottom line.
6. Do you teach the material?
Professional training is an avenue I've considered but that I haven't engaged into yet. If you want a training on some of the concepts in the book, I would love to hear from you. Just get in touch, and we'll figure things out.
About the author
Fabrice Colas is a scientist, an entrepreneur, and a software engineer who studied in France (Eng. & M.Sc. research) and received a PhD in statistical learning from the Netherlands.
For several years, he worked as a postdoctoral scholar in human genetics and statistics in the United States and the Netherlands. Then he seized an opportunity at an international e-merchant to apply his knowledge towards reducing payment fraud.
Today, he helps businesses throughout Europe to reduce their exposure to financial and operational risks with risk management intelligence.
After spending ten years working throughout Europe, North America, and South America, Fabrice has obtained extensive experience in multiple cultures and languages.
He focuses on empowering the businesses he works for and the people he works with.
Getting in touch
Pages: 200+ (242)
Editor: CreateSpace Independent Publishing Platform
Edition: 2 (1 may 2017)
Dimensions: 6 x 0.6 x 9 inches, 15,2 x 1,4 x 22,9 cm
- One book
- Special gift
- One or more book copies
- Meeting, training on-site
- Expertise in quantitative risk modeling / risk management intelligence
- Governance in payment and payment risk
- Support via email / phone