Industries

By: Kari Michel Are you using scores to make new applicant decisions? Scoring models need to be monitored regularly to ensure a sound and successful lending program. Would you buy a car and run it for years without maintenance -- and expect it to run at peak performance? Of course not. Just like oil changes or tune-ups, there are several critical components that need to be addressed regarding your scoring models on a regular basis. Monitoring reports are essential for organizations to answer the following questions: • Are we in compliance? • How is our portfolio performing? • Are we making the most effective use of your scores? To understand how to improve your portfolio performance, you must have good monitoring reports. Typically, reports fall into one of three categories: (1) population stability, (2) decision management, (3) scorecard performance. Having the right information will allow you to monitor and validate your underwriting strategies and make any adjustments when necessary. Additionally, that information will let you know that your scorecards are still performing as expected. In my next blog, I will discuss the population stability report in more detail.

By: Tracy Bremmer It’s not really all about the credit score. Now don’t get me wrong, a credit score is a very important tool used in credit decision making; however there’s so much more that lenders use to say “accept” or “decline.” Many lenders segment their customer/prospect base prior to ever using the score. They use credit-related attributes such as, “has this consumer had a bankruptcy in the last two years?” or “do they have an existing mortgage account?” to segment out consumers into risk-tier buckets. Lenders also evaluate information from the application such as income or number of years at current residence. These types of application attributes help the lender gain insight that is not typically evaluated in the traditional risk score. For lenders who already have a relationship with a customer, they will look at their existing relationships with that customer prior to making a decision. They’ll look at things like payment history and current product mix to better understand who best to cross-sell, up-sell, or in today’s economy, down-sell. In addition, many lenders will run the applicant through some type of fraud database to ensure the person really is who they say they are. I like to think of the score as the center of the decision, with all of these other metrics as necessary inputs to the entire decision process. It is like going out for an ice cream sundae and starting with the vanilla and needing all the mix-ins to make it complete.

-- By Kari Michel What is your credit risk score?  Is it 300, 700, 900 or something in between?  In order to understand what it means, you need to know which score you are referencing.  Lenders use many different scoring models to determine who qualifies for a loan and at what interest rate. For example, Experian has developed many scores, such as VantageScore®.  Think of VantageScore® as just one of many credit scores available in the marketplace. While all credit risk models have the same purpose, to use credit information to assess risk, each credit model is unique in that each one has its own proprietary formula that combines and calculates various credit information from your credit report.  Even if lenders used the same credit risk score, the interpretation of risk depends on the lender, and their lending policies and criteria may vary. Additionally, each credit risk model has its own score range as well.  While the score range may be relatively similar to another score range, the meaning of the score may not necessarily be the same. For example, a 640 in one score may not mean the same thing or have the same credit risk as a 640 for another score.  It is also possible for two different scores to represent the same level of risk. If you have a good credit score with one lender, you will likely have a good score with other lenders, even if the number is different.

As I've suggested in previous postings, we've certainly expected more clarifying language from the Red Flags Rule drafting agencies.  Well, here is some pretty good information in the form of another FAQ document created by the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS), and Federal Trade Commission (FTC). This is a great step forward in responding to many of the same Red Flag guidelines questions that we get from our clients, and I hope it's not the last one we see.  You can access the document via any of the agency website, but for quick reference, here is the FDIC version: http://www.fdic.gov/news/news/press/2009/pr09088.html

We at Experian have been conducting a survey of visitors to our Red Flag guidelines microsite (www.experian.com/redflags). Some initial findings show that approximately 40 percent of those surveyed were "ready" by the original November 1, 2008 deadline.  However, nearly 50 percent of the respondents found the Identity Theft Red Flag deadline extension(s) helpful. For those of you that have not taken the survey, please do so.  We welcome your feedback.  

One of the handful of mandatory elements in the Red Flag guidelines, which focus on FACTA Sections 114 and 315, is the implementation of Section 315.  Section 315 provides guidance regarding reasonable policies and procedures that a user of consumer reports must employ when a consumer reporting agency sends the user a notice of address discrepancy.  A couple of common questions and answers to get us started: 1.  How do the credit reporting agencies display an address discrepancy? Each credit reporting agency displays an “address discrepancy indicator,” which typically is simply a code in a specified field. Each credit reporting agency uses a different indicator. Experian, for example, supplies an indicator for each displayable address that denotes a match or mismatch to the address supplied upon inquiry. 2.  How do I “form a reasonable belief” that a credit report relates to the consumer for whom it was requested? Following procedures that you have implemented as a part of your Customer Identification Program (CIP) under the USA PATRIOT Act can and should satisfy this requirement. You also may compare the credit report with information in your own records or information from a third-party source, or you may verify information in the credit report with the consumer directly. In my last posting, I discussed the value of a risk-based approach to Red Flag compliance.  Foundational to that value is the ability to efficiently and effectively reconcile Red Flag conditions…including addressing discrepancies on a consumer credit report. Arguably, the biggest Red Flag problem we solve for our clients these days is in responding to identified and detected Red Flag conditions as part of their Identity Theft Prevention Program.  There are many tools available that can detect Red Flag conditions.  The best-in-class solutions, however, are those that not only detect these conditions, but allow for cost-effective and accurate reconciliation of high risk conditions.  Remember, a Red Flag compliant program is one that identifies and detects high risk conditions, responds to the presence of those conditions, and is updated over time as risk and business processes change. A recent Experian analysis of records containing an address discrepancy on the credit profile showed that the vast majority of these could be positively reconciled (a.k.a. authenticated) via the use of alternate data sources and scores.  Layer on top of a solid decisioning strategy using these elements, the use of consumer-facing knowledge-based authentication questions, and nearly all of that potential referral volume can be passed through automated checks without ever landing in a manual referral queue or call center.  Now that address discrepancies can no longer be ignored, this approach can save your operations team from having to add headcount to respond to this initially detected condition.  

Back during World War I, the concept of “triage” was first introduced to the battlefield.  Faced with massive casualties and limited medical resources, a system was developed to identify and select those who most needed treatment and who would best respond to treatment.  Some casualties were tagged as terminal and received no aid; others with minimal injuries were also passed over.  Instead, medical staff focused their attentions on those who required their services in order to be saved.  These were the ones who needed and would respond to appropriate treatment.  Our clients realize that the collections battlefield of today requires a similar approach.  They have limited resources to face this mounting wave of delinquencies and charge offs.  They also realize that they can’t throw bodies at this problem. They need to work smarter and use data and decisioning more effectively to help them survive this collections efficiency battle. Some accounts will never “cure” no matter what you do.  Others will self-cure with minimal or no active effort. Taking the right actions on the right accounts, with the right resources, at the right time is best accomplished with advanced segmentation that employs behavioral scoring, bureau-based scores and other relevant account data. The actual data and scores that should be used depend on the situation and account status, and there is no one-size-fits-all approach.  

What are your thoughts on the third extension to the Identity Theft Red Flags Rule deadline? Was your institution ready to meet Red Flag guidelines? 

  Does the rule list the Red Flags? The Identity Theft Red Flags Rule provides several examples of Red Flags in four separate categories: 1. alerts and notifications recieved from credit reporting agencies and third-party service providers; 2. the presentation of suspicious documents or suspicious identifying information;   3. unusual or suspicious account usage patterns; and 4. notices from a customer, identity theft victim or law enforcement.    

Optimization is a very broad and commonly used term today and the exact interpretation is typically driven by one's industry experience and exposure to modern analytical tools. Webster defines optimize as: "to make as perfect, effective or functional as possible". In the risk/collections world, when we want to optimize our strategies as perfect as technology will allow us, we need to turn to advanced mathematical engineering. More than just scoring and behavioral trending, the most powerful optimization tools leverage all available data and consider business constraints in addition to behavioral propensities for collections efficiency and collections management. A good example of how this can be leveraged in collections is with letter strategies. The cost of mailing letters is often a significant portion of the collections operational budget. After the initial letter required by the Fair Debt Collection Practice Act (FDCPA) has been sent, the question immediately becomes: “What is the best use of lettering dollars to maximize return?” With optimization technology we can leverage historical response data while also considering factors such as the cost of each letter, performance of each letter variation and departmental budget constraints, while weighing the alternatives to determine the best possible action to take for each individual customer. n short, cutting edge mathematical optimization technology answers the question: "Where is the point of diminishing return between collections treatment effectiveness and efficiency / cost?"  

Currently, financial institutions focus on the existing customer base and prioritize collections to recover more cash, and do it faster. There is also a need to invest in strategic projects with limited budgets in order to generate benefits in a very short term, to rationalize existing strategies and processes while ensuring that optimal decisions are made at each client contact point. To meet the present challenging conditions, financial institutions increasingly are performing business reviews with the goal of evaluating needs and opportunities to maximize the value created in their portfolios.  Business reviews assess an organization’s capacity to leverage on existing opportunities as well as identifying any additional capability that might be necessary to realize the increased benefits. An effective business review covers the following four phases: Problem definition: Establish and qualify what the key objectives of the organization are, the most relevant issues to address, the constraints of the solution, the criteria for success and to summarize how value management fits into the company’s corporate and business unit strategies. Benchmark against leading practice: Strategies, processes, tools, knowledge, and people have to be measured using a review toolset tailored to the organization’s strategic objectives. Define the opportunities and create the roadmap: The elements required to implement the opportunities and migrating to the best practice should be scheduled in a phased strategic roadmap that includes the implementation plan of the proposed actions. Achieve the benefits: An ROI-focused approach, founded on experience in peer organizations, will allow analysis of the cost-benefits of the recommended investments and quantify the potential savings and additional revenue generated. A continuous fine-tuning (i.e. impact of market changes, looking for the next competitive edge and proactively challenge solution boundaries) will ensure the benefits are fully achieved. Today’s blog is an extract of an article written by Burak Kilicoglu, an Experian Global Consultant To read the entire article in the April edition of Experian Decision Analytics’ global newsletter e-news, please follow the link below: http://www.experian-da.com/news/enews_0903/Story2.html  

The debate continues in the banking industry -- Do we push the loan authority to the field or do we centralize it (particularly when we are talking about small business loans)? A common argument for sending the loan authority to the field is the improved turnaround time for the applicant. However reality is that centralized loan authority actually provides a decision time almost two times faster than those of a decentralized nature.  The statistics supporting this fact are from the Small Business Benchmark Study created and published by Baker Hill, a Part of Experian, for the past five years. Based upon the 2008 Small Business Benchmark Study, those institutions with assets of $20 billion to $100 billion used only centralized underwriting and provided decisions within 2.5 days on average. In contrast, the next closest category ($2 billion to $20 billion in assets) took 4.4 days. Now, if we only consider the time it takes to make a decision (meaning we have all the information needed), the same disparity exists.  The largest banks using solely centralized underwriting took 0.8 days to make a decision, while the next tier ($2 billion to $20 billion) took an average 1.5 days to make a decision.  This drop in centralized underwriting usage between these two tiers was simply a 15 percent change. This means that the $20 billion to $100 billion banks had 100% usage of centralized underwriting while the $2 billion to $20 billion dropped only to 85% usage. Eighty-five percent is still a strong usage percentage, but it has a significant impact on turnaround time. The most perplexing issue is that the smaller community banks are consistently telling me that they feel their competitive advantages are that they can respond faster and they know their clients better than bigger, impersonal banks.  Based upon the stats, I am not seeing this competitive advantage supported by reality.  What is particularly confusing is that the small community banks, that are supposed to be closest to the client, take twice as long overall from application receipt to decision and almost three times as long when you compare them to the $20 billion to $100 billion category (0.8 days) to the $500 million to $2 billion category (2.2 days). As you can see - centralized underwriting works.  It is consistent, provides improved customer service, improved throughput, increased efficiency and improved credit quality when compared to the decentralized approach.   In future blogs, I will address the credit quality component.

I was recently asked in a comment, "What do we have to do to become compliant?" Great question.  There is not a single path to compliance when it comes to Red Flags compliance.  Effectively, an institution that has covered accounts under the Rule must implement both a written and operational Identity Theft Prevention Program.    The Red Flags Rule requires financial institutions and creditors to establish and maintain a written Program designed to detect, prevent and mitigate identity theft in connection with their covered accounts. The Program is a self-prescribed system of checks and balances that each financial institution and creditor implements to reach compliance with the Red Flags Rule. The goal of the provisions is to drive organizations to put into place a system that identifies patterns, practices and forms of activities that indicate the possible existence of identity theft. The provisions are not designed to steer the market to a “one size fits all” compliance platform. In essence, how businesses choose to meet the requirements will depend on the business size, operational complexity, customer transaction processes and risks associated with each of these characteristics.   A compliant Program must contain reasonable policies and procedures to address four mandatory elements: Identifying Red Flags applicable to covered accounts and incorporating them into the Program Detecting and evaluating the Red Flags included in the Program Responding to the Red Flags detected in a manner that is appropriate to the degree of risk they pose and Updating the Program to address changes in the risks to customers, and to the financial institution’s or creditor’s safety and soundness, from identity theft  The Red Flags Rule includes 26 illustrative examples of possible Red Flags financial institutions and creditors should consider when implementing a written Program. While implementation of any predetermined number of the 26 Red Flag examples is not mandatory, financial institutions and creditors should consider those that are applicable to their business processes, consumer relationships and levels of risk.   The Red Flags Rule requires financial institutions and creditors to focus on identifying Red Flags applicable to their account opening activities, existing account maintenance, and new activity on an account that has been inactive for two years or more. Some mandatory requirements include: Keeping a current, written Identity Theft Prevention Program that contains reasonable policies and procedures to identify, detect and respond to Red Flags, and keeping the Program updated Confirming that the consumer reports requested from consumer reporting agencies are related to the consumer with whom the financial institution or creditor are doing business Reviewing address discrepancies

Our current collections management landscape is seeing unprecedented consumer debt burdens: Total consumer debt o/s is at $14 trillion as of Jan ’09 Revolving debt o/s has reached $1 trillion The unemployment rate is at 7.6% and is expected to continue to rise Credit card and Home Equity Line Of Credit issuers reduced available credit by approximately $2 Trillion last year and more reductions are expected in 2009 There is a continuing rise in delinquencies and chargeoffs.  Here are some examples from our recent research: 8.5% of Prime Adjustable Rate Mortgages are now delinquent which shows an increase of 491% over this time last year 25% of all sub prime mortgages are now 60+ days delinquent Delinquencies for prime bankcard customers have increased 286% over the last 2 years 34% of all scoreable consumers (those who have sufficient trade information to calculate a score) now have a collection account. Compound these by a decline in the relative collectability of these accounts and you see: 9 million households now have negative equity 20% of 401(k) accounts have been tapped for loans (usually at a cost of 45% in penalties and fees to the account holder) According to the Federal Reserve, in late 2006 – at the height of the sub prime mortgage boom - the U.S. experienced a negative savings rate for the first time since the Great Depression.  

  I encourage all of you to have a look at this newly launched Federal Trade Commission Web site dedicated to the Red Flags Rule guidelines.  It is a good resource to that organizes the requirements of the Rule in a user-friendly manner.  It also looks to be an ongoing resource for the posting of updates and related commentary.  I suggest you make this site one of your bookmarks today:     The Federal Trade Commission has launched a Web site to help entities covered by the Red Flags Rule design and implement identity theft prevention programs. The Rule requires “creditors” and “financial institutions” to develop written programs to identify the warning signs of ID theft, spot them when they occur, and take appropriate steps to respond to those warning “red flags.”   Of particular interest, is the "Read the Guide" tab, where you can view and download the new FTC guide to Red Flag Rules.  For those in the telecommunications and utilities spaces, check out the "Publish the Articles" tab where you will find two bulletins on Red Flags in these arenas.  Enjoy.