IdentityMind, a RegTech company, reports that according to its analysis, fraud caused 12% of losses in P2P online lending in 2014. That translates to almost 1.2% of total funding which is 2-3 times as compared to banks or retail cards.
The alternative lending industry is facing concerns around data accuracy and data verification.
Besides internal company controls, the big issue facing the MPLs of all size is online fraud.
The lack of physical interaction, lower underwriting standards due to higher competition and tens of thousands of dollars in plunder in a single hit is luring many sophisticated fraud rings to this industry. Even if one group can demonstrate that it can circumvent the algorithms of a lender at will, it can practically bankrupt the company in no time. This issue has become vital not only for the profitability but the continuity of the industry. It is important to understand the size of the problem:
Source: IdentityMind Global
The MPL industry’s grappling with the issues of online fraud has led to the birth of multiple risk management solutions and KYC validation agencies looking to add a layer of protection to the existing fraud detection systems of alternate lenders. Ideally, the first step for fraud protection should be multiple KYC checks so as to ensure the authenticity of the applicant. The originator should verify the social security number and whether the data provided by the prospective borrower can be connected to any public record which will authenticate the same. The physical address can be a treasure trove of information, not only it helps understand the socioeconomic position of the client, it also can assist in unmasking scams. Experts agree that addresses associated with prisons, hospitals, universities, warehouses etc are a potential source of fraud. The MPL should also have access to private database providers to ascertain that the applicant is not on any kind of blacklist.
3rd party companies like Microbilt offer existing and proven proprietary anti-fraud tools. For example, Microbilt’s Instant Bank Verification (IBV) product allows lenders to verify that a bank account as reported by the borrower is correct and accurate.
Experian, one of the three largest credit agencies in the US along with Equifax and TransUnion, has launched Hunter – a fraud detection technology for financial institutions. It relies on its extensive databases to cross-link applications and find patterns of fraud. It has been successfully incorporated in the credit monitoring systems of multiple banks and has helped save its clients millions of dollars. There are other fraud detection systems reliant on databases like Contego; it recently partnered with LendInvest for enhancing its due diligence process. Contego enables real-time identity verification by aggregating ‘best of breed’ data from a variety of sources, including law enforcement agencies, commercial suppliers and open data sources. KYC authentication and database scouring for any red flags should be the first line of defence for any MPL looking to fight fraud.
KYC Database authentication is important but the history of the device and the email address from which the application has been made can be a rich source of information. Devices can provide insights which can help deduce the intentions of the person behind the device. Technological solutions exist which identifies and continues to recognize devices over time without requiring personal information. Emails are the first point of contact today and as such a lot of information can be gleaned from the users email ID. Companies like Emailage provide transactional risk assessment by assessing and scoring email data for organizations around the world. It is able to provide advanced information like whether the customer’s name matches the email owner’s name, instances of email tumbling, velocity of the email and other unique characteristics which are not available from a simple online application. Iovation and ThreatMetrix work in the field of device authentication and their tools are being used by multiple banks, credit card companies and online lenders to catch fraud before it takes place.
Proxies and Tor
Proxies and Tor network help not only the office staff to bypass company firewalls for accessing Facebook incognito, but are increasingly used by anonymous online groups focussed on committing fraud continuously. It is extremely vital that an online lender reviews the IP address of its online applications to analyse the geolocation of a borrower by triangulating IP address, phone number and billing information. Also essential is to understand the flow of traffic to the website; is the traffic coming from non-corporate proxies, is it originating from the Tor network or is it being initiated by a bot? All the above should raise a red flag in the credit department. Companies like Neustar , Kount, IdentityMind have the ability to IP pierce to identify the real location of the user. Being able to examine the real location of an IP in conjunction with billing address and KYC adds another dimension to fraud prevention.
Marketplace originators have revolutionized the business of lending. They have been able to facilitate tens of billions of dollars in additional funding and have entered the mainstream after the IPO of LendingClub and OnDeck. But their soaring popularity and online exclusive approach have made them a prime target for online fraudsters looking to make a quick buck. The industry has emerged to provide a hassle free experience to borrowers and pass on the savings from a non-brick and mortar structure to the investors. It is unlikely they will revert to physical checks to solve fraud. With multiple SaaS providers emerging to provide tools like KYC authentication via multiple databases, email and device identification and geolocation analysis by IP piercing, targeting scams by augmenting existing in-house fraud protection systems is a no-brainer for online originators.
Author: Heena Dhir and George Popescu