ai’s CEO, Mark Goldspink, recently posted an article about zero ambiguity fraud management which discussed the problem with accountability based on varying operational business models. Since then, an analysis has been carried out on one existing client to review long term rule performance. This charted the rule creation activity and rule durability over time since ai first engaged with the client in question. The below extract from the analysis serves to evidence Mark’s point that the technology creators are best placed to manage the service on a day-to-day basis; although it is imperative to conduct this in parallel with efficient vendor management so that strategy and setting of KPIs remains with the client, aligning with overall business objectives. While there is not a one-size fits all operating model, an outsourced approach with clear communication channels has naturally created a clear delineation of accountability in this instance, resulting in improved business outcomes.
With the blue areas showing rule activity on a monthly basis; the yellow line indicates rule durability. The first activity peak on the chart shows when all rules created by the client prior to September 2013 were loaded into ai’s RiskNet® system, a total of 1,124 rules with rule durability showing around 9% (i.e. 9% of rules created in September 2013 are still in use today). This rule volume is 17% more than the 959 rules active as of today, proving that regular checks to remove ineffective rules is an important part of fraud management, mitigating unnecessary volumes that could otherwise create additional management burden.
Healthcheck. An assessment covering technical, business (Fraud) and operational aspects. Including but not limited to: optimisation of serv-ers/licenses, aligning processes with industry best practice, and analysing high/low performing fraud rules with suggested enhance-ments.
Alert Management. Monitoring of alerts generated by rules the client has set up within ai’s RiskNet® system. All alerts are triaged by the ai team to decide if client escalation is required. Emerging trends are also identified and reported to the client fraud team.
Fraud Rules Management. The implementation of an optimized fraud prevention strategy in RiskNet® through business rules. Identification and prioritisation of fraud risks, performance analysis and mitigation, rule implementation and unpostable transaction management.
2014 and 2015 were the years where ai’s involvement was most limited, with only sporadic healthchecks requested by the client. For the healthchecks in April 2014, April 2015 and December 2015, there is a subsequent, albeit slight increase in long term rule durability; with a major healthcheck in June 2016 creating a significant spike. Although the low increases may not appear like something ai should be bringing attention to, especially when compared to 2017 and 2018 levels of durability for example; fraud trends change over time, causing a natural erosion in the effectiveness of some historical rules. This partly explains why durability levels in 2014 and 2015 are comparatively lower, but still demonstrates that ai’s rules are more durable than when rule management is done purely by the client in-house. This can be seen on the timeline as improved durability is not sustained when ai resume their ‘light touch’ role in between healthchecks.
In July 2017, rule activity evidently increases as ai becomes involved in rules management as part of a fully managed service (Alert Management became active in April 2016). Not only are more rules being created, but the durability of the rules shows a sustained increase with a 2018 low of 22% in April being more than twice as durable as the rules created back in 2013 (rule durability also averages 4.03% pre-July 2017, 33.33% post-July 2017). Although durability can be volatile on a month-by-month basis, the general trend is one of gradual and sustained improvement.
Timeline of Commercials / Operating Model
Up until July 2017, rule creation was conducted by the client based on a legacy (pre-2013) rule strategy, with ai’s role primarily as the provider of the RiskNet® system and to provide healthchecks when requested. Although this approach may be optimal for some clients, it can be more expensive in the long term as the time between healthchecks can create a buildup of ineffective rules which then need to be assessed through a time-consuming exercise. This one-off exercise can involve analysing months’ worth of rule rationale while incurring T&M professional service charges which can be relatively expensive due to the ad hoc nature of the work. A further analysis of the commercials supports this thinking, which compares ROI for each service add-on, up to and including the full managed service. By taking 2014 as the baseline year (Full year and with the client serviced by the RiskNet® platform only), 2015 did not provide a positive return despite increased expenditure on T&M projects. 2016 did provide a positive return, but this was not proportional with the level of investment made, suggesting the operating model was performing sub-optimally. It wasn’t until moving to a fully managed service in 2017 that significant returns were obtained, with a 128% increase in investment since the baseline year resulting in a 206% increase in rule activity and a 141% increase in rule durability; both proportionally more than the increased investment outlay. 2018 has seen the largest proportional increase in gains, but with the year still to run and the rules needing more time to prove their effectiveness, it could be misleading to read too much into this until more time has passed to enable better judgement.
By moving to a managed service, ai clients can see better value for their money due to leveraging expert operational knowledge (knowledge shared is knowledge gained by the client, not lost) and a model where removing ineffective rules is more efficient due to a continual review cycle. Cynics may argue that recent rules are more likely to be active than rules created 3,4,5 years ago due to the changing landscape of fraud, and that the rule may not have been implemented long enough to test its effectiveness. However, the increased rule activity alone is enough to show more concentrated operational efforts regarding fraud prevention and detection. Another counter to this view is that rules created by ai over a year ago have had enough time to prove themselves, with the result still demonstrating an increased trend. Anecdotally, 2017 and 2018 have also required more skimming rules than usual which purposely have a limited lifespan. This would skew the data towards zero which would also compensate for any ‘time to prove’, so it appears that when factoring this in the analysis still proves its validity. Bottom line: Leveraging the fraud expertise of the ai team and RiskNet® means rules have a higher likelihood of being fit for purpose and gives our clients the ability to ‘simply stop fraud’.