Uncategorized

-- By Kari Michel What is your credit risk score?  Is it 300, 700, 900 or something in between?  In order to understand what it means, you need to know which score you are referencing.  Lenders use many different scoring models to determine who qualifies for a loan and at what interest rate. For example, Experian has developed many scores, such as VantageScore®.  Think of VantageScore® as just one of many credit scores available in the marketplace. While all credit risk models have the same purpose, to use credit information to assess risk, each credit model is unique in that each one has its own proprietary formula that combines and calculates various credit information from your credit report.  Even if lenders used the same credit risk score, the interpretation of risk depends on the lender, and their lending policies and criteria may vary. Additionally, each credit risk model has its own score range as well.  While the score range may be relatively similar to another score range, the meaning of the score may not necessarily be the same. For example, a 640 in one score may not mean the same thing or have the same credit risk as a 640 for another score.  It is also possible for two different scores to represent the same level of risk. If you have a good credit score with one lender, you will likely have a good score with other lenders, even if the number is different.

As I've suggested in previous postings, we've certainly expected more clarifying language from the Red Flags Rule drafting agencies.  Well, here is some pretty good information in the form of another FAQ document created by the Board of Governors of the Federal Reserve System (FRB), Federal Deposit Insurance Corporation (FDIC), National Credit Union Administration (NCUA), Office of the Comptroller of the Currency (OCC), Office of Thrift Supervision (OTS), and Federal Trade Commission (FTC). This is a great step forward in responding to many of the same Red Flag guidelines questions that we get from our clients, and I hope it's not the last one we see.  You can access the document via any of the agency website, but for quick reference, here is the FDIC version: http://www.fdic.gov/news/news/press/2009/pr09088.html

As most industry folks are aware, the FTC recently pushed out their Red Flags Rule enforcement deadline to August 1, 2009.  It is important to note, however, that this extension does not apply to the specific requirement that institutions with covered accounts detect and respond to address discrepancies related to consumer credit profiles.  The original November 1, 2008 deadline is, and has been, the line in the sand for this requirement.  I recommend that those institutions still working toward a compliant written and operational Identity Theft Prevention Program ensure that they have in place today a process to detect and respond to address discrepancies noted on credit profiles.

How is your financial institution/organization working to improve your collections work stream?What are some of your keys for collections efficiency?What tools do you use to manage your collections workflow?

The Federal Trade Commission announced on April 30, one day before the intended May 1 Red Flags Rule enforcement deadline, a third extension of that deadline to August 1, 2009.  It's like showing up to class without your homework and the teacher is out sick that day….kind of.  The first extension from November 1, 2008 to May 1, 2009 seems to center on the general confusion among many market sectors around their level of coverage under the Identity Theft Red Flags Rule.  This latest delay seems to be a result of pushback from businesses with a lower risk of identity theft occurrences and a more "known" consumer base.So, it looks like we have at least three more months of preparation time.  This can be a good thing for all institutions regardless of their current Red Flag guidelines readiness status.  Those who scrambled to get a program in place now have time to fine tune it.  Those that were hoping for another extension have it.  Those who still question what their program should look like or if they are even covered can look forward to some more clarifying information out soon.Some key takeaways from the announcement:The FTC announcement does not impact other federal agency enforcement deadlines dating back to November 1, 2008.Specific to institutions that may have a perceived lower risk of identity theft, or businesses that generally know their customers personally, the Commission will be publishing more clarifying language and sample process (in the form of a template) to help those types of businesses comply with the Rule.Finally, this quote from the announcement sums it up:  “Given the ongoing debate about whether Congress wrote this provision too broadly, delaying enforcement of the Red Flags Rule will allow industries and associations to share guidance with their members, provide low-risk entities an opportunity to use the template in developing their programs, and give Congress time to consider the issue further,” FTC Chairman Jon Leibowitz said. 

By: Tom Hannagan As I'm preparing for traveling to the Baker Hill Solution Summit next week, I thought I would revisit the ideas of risk-based loan pricing. Risk Adjusted Loan Pricing – The Major Parts I have referred to risk-adjusted commercial loan pricing (or the lack of it) in previous posts. At times, I’ve commented on aspects of risk-based pricing and risk-based bank performance measurement,  but I haven’t discussed what risk-based pricing is -- in a comprehensive manner. Perhaps, I can begin to do that now, and in my next posts. Risk-based pricing analysis is a product-level microcosm of risk-based bank performance. You begin by looking at the financial implications of a product sale from a cost accounting perspective. This means calculating the revenues associated with a loan, including the interest income and any fee-based income. These revenues need to be spread over the life of the loan, while taking into account the amortization characteristics of the balance (or average usage for a line of credit). To save effort (and in providing good client relationship management), we often download the balance and rate information for existing loans from a bank’s loan accounting system. To “risk-adjust” the interest income, you need to apply a cost of funds that has the same implied market risk characteristics as the loan balance. This is not like the bank’s actual cost of funds for several reasons. Most importantly, there is usually no automatic risk-based matching between the manner in which the bank makes loans and the term characteristics of its deposits and/or borrowing. Once we establish a cost of funds approach that removes interest rate risk from the loan, we subtract the risk-adjusted interest expense from the revenues to arrive at risk-adjusted net interest income, or our risk-adjusted gross margin. We then subtract two types of costs. One cost includes the administrative or overhead expenses associated with the product. Our best practice is to derive an approach to operating expense breakdowns that takes into account all of the bank’s non-interest expenses. This is a “full absorption” method of cost accounting. We want to know the marginal cost of doing business, but if we just apply the marginal cost to all loans, a large portion of real-life expenses won’t be covered by resulting pricing. As a result, the bank’s profits may suffer. We fully understand the argument for marginal cost coverage, but have seen the unfortunate end-result of too many sales -- that use this lower cost factor -- hurt a bank’s bottom line. Administrative cost does not normally require additional risk adjustment, as any risk-based operational expenses and costs of mitigating operation risk are already included in the bank’s general ledger for non-interest expenses. The second expense subtracted from net interest income is credit risk cost. This is not the same as the bank’s provision expense, and is certainly not the same as the loss provision in any one accounting period.  The credit risk cost for pricing purposes should be risk adjusted based on both product type (usually loan collateral category) and the bank’s risk rating for the loan in question. This metric will calculate the relative probability of default for the borrower combined with the loss given default for the loan type in question. We usually annualize the expected loss numbers by taking into account a multi-year history and a one- or two-year projection of net loan losses. These losses are broken down by loan type and risk rating based on the bank’s actual distribution of loan balances. The risk costs by risk rating are then created using an up-sloping curve that is similar in shape to an industry default experience curve. This assures a realistic differentiation of losses by risk rating. Many banks have loss curves that are too flat in nature, resulting in little or no price differentiation based on credit quality. This leads to poor risk-based performance metrics and, ultimately, to poor overall financial performance. The loss expense curves are fine-tuned so that over a period of years the total credit risk costs, when applied to the entire portfolio, should cover the average annual expected loss experience of the bank. By subtracting the operating expenses and credit risk loss from risk-adjusted net interest income, we arrive at risk-adjusted pre-tax income. In my next post we’ll expand this discussion further to risk-adjusted net income, capital allocation for unexpected loss and profit ratio considerations.

1.       Portfolio Management – You should really focus on this topic in 2009.  With many institutions already streamlining the origination process, portfolio management is the logical next step.  While the foundation is based in credit quality, portfolio management is not just for the credit side.  2.       Review of Data (aka “Getting Behind the Numbers”) – We are not talking about scorecard validation; that’s another subject.  This is more general.  Traditional commercial lending rarely maintains a sophisticated database on its clients.  Even when it does, traditional commercial lending rarely analyzes the data.  3.       Lowering Costs of Origination – Always a shoe-in for a goal in any year!  But how does an institution make meaningful and marked improvements in reducing its costs of origination?  4.       Scorecard Validation – Getting more specific with the review of data.  Discuss the basic components of the validation process and what your institution can do to best prepare itself for analyzing the results of a validation.  Whether it be an interim validation or a full-sized one, put together the right steps to ensure your institution derives the maximum benefit from its scorecard. 5.       Turnaround Times (Response to Client) –Rebuild it.  Make the origination process better, stronger and faster.  No; we aren’t talking about bionics here -- nor how you can manipulate the metrics to report a faster turnaround time.  We are talking about what you can do from a loan applicant perspective to improve turnaround time. 6.       Training – Where are all the training programs?  Send in all the training programs!  Worry, because they are not here.  (Replace training programs with clowns and we might have an oldies song.)  Can’t find the right people with the right talent in the marketplace?  7.       Application Volume/Marketing/Relationship Management – You can design and execute the most efficient origination and portfolio management processes.   But, without addressing client and application volume, what good are they? 8.       Pricing/Yield on Portfolio – “We compete on service, not price.” We’ve heard this over and over again.  In reality, the sales side always resorts to price as the final differentiator.  Utilizing standardization and consistency can streamline your process and drive improved yields on your portfolio. 9.       Management Metrics – How do I know that I am going in the right direction?  Strategize, implement, execute, measure and repeat.  Learn how to set your targets to provide meaningful bottom line results. 10.    Operational Risk Management – Different from credit risk, operational risk and its management, operational risk management deals with what an institution should do to make sure it is not open to operational risk in the portfolio. Items totally in the control of the institution, if not executed properly, can cause significant loss. What do you think? As the end of April approaches, are these still hot topics in your financial institution?

The way in which you communicate with your customers really does impact the effectiveness of your collections operation. At the heart of any collections management operation is the quality of the correspondence and, in particular, the tone of voice adopted with the debtor. In short, what you say is important, but how you say it has a critical impact on its effectiveness. To help guide best practice in this area and provide areas for consideration when designing and implementing customer letters within a collections strategy, Experian commissioned a study to explore how consumers react to the words used to communicate with them about their debt. Key findings:An appropriate tone, clear detail of the consequences and a conciliatory approach are effective in the early phases of collection  Fees and charges and negative impacts on credit ratings were key motivators to pay Charges applied to an account for issuing a letter is disliked and likely to encourage many to contact the organisation to express their frustration After 3 months a strong emphasis on serious action is appropriate, including reference to legal action or debt collection agency involvement  Support should be offered, wherever possible, to aid those in difficulty  Letters should avoid an informal and patronising tone Lengthy letters have a low impact and are often not fully read, resulting in important messages being missed Use of red to highlight and focus on a specific point is effectiveUse of red to highlight more than one point is counter-effective To download the entire paper* and view other best practice briefings, follow the link below to the global Experian Decision Analytics collections briefing papers page: http://www.experian-da.com/resources/briefingpapers.html * Secure download account required. You can sign up for one today - FREE.

Due to the recent economic events, increased collections workloads are straining client infrastructures and resources. Most clients in North America operate their delinquent accounts on legacy collections systems that are inflexible and expensive to manage and maintain. A recent and abrupt spending shift has drifted toward collections tools, data, operational, efficient workflow and decisioning systems.On the information technology front, the collections workflow software industry is on the brink of a technology shift from legacy systems to modern next generation offerings that are typically coded in Java. Very few collections software vendors have actually released and implemented their next generation products and are preparing to do so over the next six to 12 months. Clients are aware of this technology shift and the interest of many end users has been heightened and many are actively researching and shopping.Reducing operational costs is an urgent priority for most financial institutions and utilities. Legacy systems do not allow management to change strategies or flows quickly or in a cost effective manner, which leaves most collections departments unable to keep up with rapidly changing environments and business objectives. Clients also have critical business needs to reduce losses, improve cash flow and promote customer satisfaction. Many clients maintain multiple systems and it is common that these disparate systems do not communicate with each other. Consolidating collections operations and databases into one central system is strongly desired and presents an opportunity for significant financial gain. 

We’ve stopped taking phone applications and are using the out-of-wallet questions for Internet credit applications. Are we going overboard?The Red Flags Rule does not preclude phone applications or otherwise limit the manner in which you m ay accept applications for covered accounts. However, different methods to open covered accounts present different identity theft risks, and you must consider those differing risks in identifying the relevant Red Flags for each type of covered account that you provide.  

By: Tom Hannagan Beyond the financial risk management considerations related to a bank’s capital, which would be directly impacted by Troubled Asset Relief Program (TARP) participation, it should be clear that TARP also involves business (or strategic) risk. We have spoken in the past of several major categories of risk: credit risk, market risk, operational risk and business risk. Business risk includes a variety of risks associated with the outcomes from strategic decision making, corporate governance considerations, executive behavior (for better or worse), management succession events (Apple and Steve Jobs, for instance) or other leadership occurrences that may affect the performance and financial viability of the business. Aside from the monetary impact on the bank’s capital position, TARP involves a new capital securities owner being in the mix. And, with a roughly 20 percent infusion of added tier one capital, we are almost always talking about a very large, new owner relative to existing shareholders. The United States Department of the Treasury is the investor or holder of the newly issued preferred stock and warrants. The Treasury Department says it does not seek voting rights, but none-the-less has gotten them in at least some cases. The real “kicker” is embedded in the Treasury’s Securities Purchase Agreement – Standard Form. The most interesting clause, that appears to represent a very open-ended business risk to management decision making, is one relatively small paragraph, named Amendment, in the middle of Article V - Miscellaneous, just ahead of governing law (which is federal law, backed up by the laws of the State of New York). Amendment begins normally enough, requiring the usual signed agreement of each party, but then states: “provided that the Investor may unilaterally amend any provision of this Agreement to the extent required to comply with any changes after the Signing Date in applicable federal statutes.” Wow. My reading of this is that if in the future Congress enacts anything that Treasury finds applicable to any aspect of the previously signed TARP Agreement, the bank is bound to go along. Regardless of whether the Treasury negotiates any voting rights, once the TARP Agreement is executed by the bank, management is not only bound by what is in the document to begin with, it is subject to future federal law as long as the TARP shares are held by the government. As a result, many banks have said no thank you to TARP. At least four banks have recently paid back $340 million to repurchase the government’s shares. And, apparently another bank has offered to pay back $1 billion but, according to Andrew Napolitano at Fox Business Channel, the offer was turned down and the bank was threatened with adverse consequences if it persisted in its attempt to get out. More pointed and public, and much larger in size, is the dance taking place now between Chrysler Corporation, Fiat, the UAW, four lead lenders and, you guessed it, the federal government. The secured loans in question total almost $7 billion and the government wants J.P. Morgan Chase, Goldman Sachs, Citicorp and Morgan Stanley to exchange $5 billion of the loans for Chrysler stock. The banks know they would do better (for their shareholders) by selling off Chryslers assets. This is an example of why bankruptcy exists. The stakes are large and so is the business risk of the influence from the government. It will be interesting to see how things turn out. So, this new major owner does have a voice. If Congress wants certain lending volumes or terms, or they want certain compensation levels, it needs to be enacted into federal law. Short of having to pass a law, there is the implied threat of the big stick in the TARP agreement. The Purchase Agreement covers what the new owner wants now and may decide it wants in the future. This a form of strategic business risk that comes with accepting the capital infusion from this particular source.  

I've previously posted content around an overall risk-based approach to Red Flags compliance. I also want to keep current in mentioning the use of Knowledge Based Authentication (KBA) as an effective component in an Identity Theft Prevention Program.  I get this question often:  "Is KBA a fraud detection tool or a verification tool?"  Short answer:  "It's both."Beyond fraud detection and prevention, KBA implementation can provide your program real returns in a few key areas:Reconciliation of initially detected "Red Flag" conditionsKBA allows you to positively pass consumers who may have some level of initial authentication challenge or high-risk condition.  The reality of identity verification is that regardless of all the data assets potentially leveraged, there are still those cases in which a good consumer identity continues to pose challenges to basic verification checks.Cost reduction in referral / reconciliation processesKBA can replace more subjective decision making and process invocation, turning instead to objective question presentation and performance to drive overall decisioning.Customer experienceConsumers are more willing today than ever before to participate in a KBA session, and most would prefer this activity over provision of documentary evidence, for example.KBA, when used in combination with strong analytics and comprehensive authentication results, can be valued tool in your overall Red Flags Identity Theft Prevention program.

Behavioral scoring is one of the most important tools that allow collections management and account management groups to evaluate accounts in an efficient and cost-effective manner. Although behavioral models are developed in a similar manner as new applicant models, there are several key differences that make behavioral models a better choice for many account management applications and collections workflow systems:By using only internal master file data as opposed to external credit bureau data, for example, accounts can be regularly evaluated without incremental cost. The most common practices are to score accounts on a weekly or monthly basis, which allows for quick strategic responses to a customer’s change in behavior. Frequent evaluations can result in automated or manual actions such as the acceleration or deceleration of collections efforts, adjusting credit limits and changing terms and conditions.The performance definitions of behavioral scores are very specific to each strategy and task, and it is typically not advised to use models in applications for which they were not designed. For example, a new applicant model definition of “bad” may be a high probability of charge off during the initial term of a line of credit. For collections strategy, a more appropriate bad definition might be the likelihood of an account rolling to the next delinquency bucket, regardless of the age of the account. Behavioral models also have a much shorter outcome period of three to four months versus new applicant models that forecast over one to two years. Since behaviors with one creditor can typically be recognized more quickly than with all lending institutions associated with a particular debtor, behavioral models provide a unique and timely evaluation of the ongoing risk once the account is already on the books. 

As stated in an earlier posting, healthcare providers should ensure appropriate compliance with the Red Flags Rule.  There continues to be healthy debate as to what level of applicability the Red Flags Rule has in this market.  That said, the link below, to a recent article by the FTC, highlights some relevant points to think about as healthcare providers consider whether or not they are 'covered' and, if so, the appropriate measures to be taken in developing their Identity Theft Prevention Program.Of note, the article points out that "health care providers are creditors if they bill consumers after their services are completed. Health care providers that accept insurance are considered creditors if the consumer ultimately is responsible for the medical fees. However, simply accepting credit cards as a form of payment does not make you a creditor under the Red Flags Rule."  Based on this definition, it appears to some extent, that the majority of healthcare providers will be covered under the Red Flag Rule as creditors.I encourage you to have a look at this article if you are still on the fence: http://www.ftc.gov/bcp/edu/pubs/articles/art11.shtm

By: Prince Varma Good day all. My last blog revolved around practical approaches to effective client relationship management. It time to get back to a “risk” type conversation. I recently told my wife that if I hear the phrase “…in this economic environment …” uttered as a caveat one more time, I’m going to scream. I have truly come to anticipate the beginning or introduction to interviews and articles to lead in with this sentiment and it’s driving me nuts. In these economic times (you can tell I’m from the sales side, I cleverly changed the phrase), it is clearly not business as usual within most financial institutions. Conversations with CEOs and bank presidents over the past two months have usually followed the same theme, “I’ve got money to lend, but I just can’t find a decent deal” or “I’ve got applications up the wazoo, but the quality just isn’t there.” So, what is going on? The obvious answer is that we are looking at applications more closely and the credit side (risk management guys) is deliriously happy because everytime they make a recommendation about “reviewing the opportunity further” they also don’t hesitate to mention, “in this economic environment.” Really, what is the scoop and how do we adjust on the front line? Clearly, we know that deeper reviews and management of risk is being undertaken. The problem is that the established standards are no longer valid. Yes, the basics ratios still need to be run, but let’s face it, in this economic environment a company’s historical performance is no longer an effective indicator as to their future performance. The playing field is no longer consistent. The past two to three years of financials are based on circumstances that no longer apply. This means that the analysts are having a difficult time establishing effective benchmarks from which to apply credit policy – and we know that those guys are the paragons of adaptability. We are being asked to evaluate risk in an uncertain circumstance. We are looking at projected revenues and earnings and examining receivables. We are also comparing this business to others in the industry, determining which other market segments have a direct (and indirect) impact on the performance of this one, reviewing business plans and evaluating management depth and experience. And, at the end of the day, either saying no, saying yes but not so much or holding our breath and hoping that divine intervention shows us the way. Does any of this should sound familiar to you? It should. We see these type of deals all of the time and we call them the start-ups. Ok, so what am I recommending? Quite simply, that we take a step back from our typical approach to the established business and engage with them the way we would a start-up. When an opportunity or request presents itself, restrain the urge to go down the garden path. Slow down! No... stop! Take a deep breath, put on your “economic development hat ” and approach the deal the way you would if it were a start-up (and I don’t mean running away at top speed in the opposite direction screaming). You should: look for or help them construct a short term (next four to six month) tactical action/priority plan; help them or review their 12-month business plan; o NOTE: If the business hasn’t realized that they need a short-term survival plan and a mid-term business plan… run! Run far and run fast! examine their market and have them explain why they will make it versus the competition; dig into their management expertise (think AIG); have them explain how their tactical and 12-month business plan will keep the doors open and the lights on (since its coming into summer we’ll cut them some slack on the heat); and finally review and revise their projections. If at the end of this, you still feel that the deal has legs, it probably does, and you’ve done a pretty thorough job building the business case for the credit side. Or, you could just lament that there really isn’t much out there in this economic environment.