There is always a risk associated to credit cards: security measures, innovative products and strict regulations have been successful in limiting the growth of fraud in developed economies. However, recently emerged economies such as China and Russia have been slow in adopting countermeasures. CI reports
A research by Timetric, 2020 Foresight: Best Practices in Managing Credit Risk Cycle, shows that, among the developed markets, the value of card fraud was highest in the US, where it increased from $3.17bn in 2008 to $3.55bn in 2012, growing at a CAGR of 2.9% during the review period. It was followed by France, whose card fraud value increased from $471m in 2008 to $583.3m in 2012, recording a CAGR of 5.5% during the review period. Among the emerging markets, the value of card fraud in China increased from $50.2m in 2008 to $173.3m in 2012, at a staggering CAGR of 36.3%. China was followed by Brazil with a card fraud value of $150.3m in 2012 while, in terms of growth, Russia gained the second spot with a CAGR of 28.2%.
Go deeper with GlobalData
Access deeper industry intelligence
Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.
The challenges
Timetric’s study identifies three major challenges in managing credit card risks: macroeconomic challenges, regulatory challenges and operational challenges. Macroeconomic challenges represent factors such as weak economic growth and high unemployment rates that affect the population’s financial abilities. Regulatory challenges are the result of change in rules and regulations and the legal environment of a country, while operational challenges are associated with the operational structure of an organization such as its policies, infrastructure and investments.
The macroeconomic barriers are well known: according to the International Monetary Fund’s (IMF) World Economic Outlook (WEO) October 2012, economic growth across the globe remained muted. Global GDP expanded by 3.3% in 2012, down from 3.8% in 2011 and significantly below the 5.4% expansion recorded in 2007.
The slowdown observed in the global GDP was driven by the deceleration of GDP growth in developed and emerging economies. Developed economies grew by 1.3% in 2012, down from 1.6% in 2011, while emerging economies expanded at 5.3% in 2012, down from 6.2% in 2011.
Unemployment in the major economies of the world has remained high as a result of the US subprime crisis and eurozone debt crisis. The financial debacle as a result of these crises has restricted economies from performing well and posting robust growth, thereby limiting job prospects and supporting high unemployment rates. For example, unemployment rates increased from 4.6%, 5.4% and 8.3% in 2007 (pre-crisis level) to 8.1%, 8.0% and 25.1% in 2012 for the US, the UK and Spain respectively.
US Tariffs are shifting - will you react or anticipate?
Don’t let policy changes catch you off guard. Stay proactive with real-time data and expert analysis.
By GlobalDataRegulatory challenges
One of the key risk management tools used by card issuers is to charge high interest rates and fees in order to recover losses and to serve as a deterrent for late payments and non-payments. However, regulations around the world are tilted towards the cardholder and governments are coming up with new strict regulations to limit the interest rates that can be charged to a cardholder and in cases where a change is made, it should not be without prior intimation to the cardholder. For example:
Regulators in the US require card issuers to follow the guidelines mentioned below:
– Must send a notice 45 days before a planned increase of rates or fees
– Cannot increase interest rates for the first year of the account
– In case a rate is increased, it can apply only to new charges and old charges must be billed on previous rates
– Annual fees and application fees cannot be more than 25% of the initial credit limit
– Late payment fees cannot exceed US$25, unless one of the last six payments was late or the card issuer can show that the cost incurred by the company due to the late payment justifies the higher charges. In such cases, the penalty charged can reach up to US$35.
– Late payment fees cannot be greater than the minimum monthly payment
– One-time over-limit transactions cannot be penalized and in other cases, it cannot be more than the amount that was over the prescribed limit
– Issuers cannot charge an inactivity fee, i.e. charging a cardholder for not using his or her card
Canada:
– Credit card issuers cannot charge over-the-limit fees on temporary hold of funds on a credit card. However, the restriction is not applicable in case of purchases.
– Provide minimum 21 days of grace period on new purchases, i.e. they cannot charge interest rates for the next 21 days from the date of issuance of the card statement.
– Give an advanced notice of the increase in fixed interest rates and the reason for it.
Indonesia:
– Bank Indonesia capped credit card interest rates at 2.95% from January 2013 in order to protect customers from high interest rates charged by credit card companies. However, it will re-examine capped rates at least once in every six months to monitor the program’s efficiency.
India:
– Minimum of 14 days of grace period on new purchases, i.e. interest rates cannot be charged for the next 14 days from the date of issuance of the card statement.
– Give an advanced notice of at least 30 days in case of any increase in the fixed interest rates or any other account policies.
Australia:
– Card issuers cannot charge over-limit fees, unless and until they have written permission from the customer to do so.
– Card issuers are now required to duly inform cardholders if they step over their limit which restricts their ability to earn extra charges.
UAE:
– The Central Bank of UAE capped credit card interest rates at 18% per annum and 1.5% a month in 2013 from the current interest rates that range between 2.25% to 2.99% a month (27-35.88% per annum).
Authorities in other countries have either already adopted tougher regulations, or are deciding on their own versions of customer-friendly regulations. The report also dwells on the restriction on collection efforts to protect customers from harsh treatment.
Operational challenges
A lack of resources, proper technology and high investment costs are considered by the report to be causing problems in contrasting risk.
Among the problems identified by the report there is the dynamic nature of fraud techniques and rapidly changing technologies
However, another less looked-at ‘big issue’ is the detection and prevention of first-time fraud and defaults.
A lack of proper data is indeed a problem for credit card companies. Every year, a large number of people enter the market with no previous credit history. Collecting and verifying information about them is a troublesome task, both in terms of strain on resources and costs for the company. Emerging markets are prone to these kinds of issues due to the loose regulatory environment and aggressive marketing strategies by card issuers which prompts their sales executives to reach out to high-risk customers. Aggressive marketing by card companies has also turned out to be problematic in highly developed markets such as the US and Europe.
Moreover, the setting up of a dedicated infrastructure (including those with IT requirements) and allocation of resources for risk and collection management involves huge investments with no guarantees of recovery and therefore serves as a deterrent in the establishment of an effective system. The problem is more intense in emerging markets due to a lack of basic infrastructure which further adds to a company’s costs.
In developed markets, this problem is mostly faced by small merchants or startup organizations. However, the situation is more severe in emerging markets that are characterized by an unorganized retail sector, low incomes and low penetration of technology.
The retail sector in emerging economies mostly consists of small shops with limited turnovers and marginal profits. This significantly reduces the adoption of high-end security systems to detect and prevent fraud.
Issuers and acquirers
How are then banks and credit unions coping with the risk?
Issuers and acquirers are increasingly adopting modern technology to enhance their screening process for the approval of the applications for the issuance of credit cards and underwriting of merchant accounts. A number of analytical firms have developed frameworks and applications that leverage data from financial institutions and credit bureaus, based on pre-defined parameters to speed up the application approval process and at the same time make it more effective and efficient.
Some of these applications are more comprehensive and continue to analyse an account once it has been approved. This continued analysis helps in controlling fraudulent activities by monitoring expenditure patterns and highlighting any suspicious behaviour. Integration of these applications and scores built by them increases a financial institution’s precision and accuracy of fraud detection and also reduces the manual labour required in handling credit card accounts.
Use of such tools and applications have become an integral part of the business operations of card issuers in developed markets such as the US, Canada, Japan and the UK, and is becoming popular in emerging economies such as China, India and Russia as well.
Apart from building models and scorecards with the help of sophisticated business tools, credit card companies are also engaged in the behavioural analysis of customers. Several banks have lowered the credit limits of their customers, even though they scored a healthy number on scorecards and have never defaulted on their payments. These actions have been based on consumer behaviour such as where they shop (if risky borrowers frequent this shop), their debt relationship with certain financial institutions, location of their stay (high foreclosure rate or not) and if they make full payments or minimum payments at the end of the billing cycle.
Emergence of contactless payments makes skimming virtually impossible
Contactless payments are an extension of the bank cards business. This technology depends on a secure microcontroller, internal memory, and a small antenna rooted in a device which broadcasts with a reader through a contactless radio frequency (RF) interface. Contactless chips can manage, store and provide access to information on the device in which they are rooted in a highly secure environment.
With contactless payments, transactions can be made without swiping the card, making it nearly impossible (based on current technology used by fraudsters) for fraudsters to indulge in the skimming of cards. Contactless cards are gaining momentum in developed markets such as the US, the UK, Japan and Australia, as well as in emerging economies like Brazil and China.
Best Practices Case Study
Managing risk is imperative and some companies managed to do so successfully. A case study presented by Timetric is the adoption of modern tools and analytical applications by SAS and FICO, with Italian national scheme CartaSi.
SAS’s products and services include general and industry-specific business solutions, and integrated technologies for information management, advanced analytics and reporting.
CartaSi is part of ICBPI Group and was established in 1986. CartaSi is one of the most commonly used credit cards in Italy, issued by more than 800 banks throughout the country. The company’s portfolio comprises of fleet cards and prepaid credit between 11m and 24m of debt (national / international), 600,000 merchants, 467,000 POS terminals and 10,000 ATMs. CartaSi partners with banks and other financial institutions for the issuance and management of credit cards, and offers banks the management of the entire issue and card acceptance and handling of transactions made on leading payment networks globally. The company also provides customer care services, prevention and management of fraud and payment solutions online, mobile and contactless.
Challenge
The CartaSi working model uses cash payments to the retailers who make a sale via CartaSi credit cards and at the same time fund the credit cardholder until the amount is debited. This requires the company to tolerate financial charges for at least the next 45 days for each credit card transaction. This used to put the company in a vulnerable place as it left CartaSi exposed to uncertainties before the respective charges could be debited to the cardholders, which takes place on the 15th day of every month following the month in which the purchase was made.
The company explained that it was important to be capable of estimating their current account deficit, after the banks had paid to the retailers. One of the highest costs borne by the organization was in fact the financial charges associated with the funding of credit cardholders until their account statement was issued. Therefore, CartaSi found it strategically important to have a forecasting system in place, specifically for assessing the company’s financial needs in the next 48 hours. However, the present technological infrastructure at the company’s disposal was not developed enough to handle the large volume of data, statistical modelling and forecasting.
Response
CartaSi partnered with SAS to develop a platform for forecasting CartaSi’s current account deficit for the next two days, in order to bring deficits to zero and hence, allowing other technical forms of funding to stay in line with the market.
SAS leveraged its SAS®9 platform as the analysis engine for the development of the forecasting application. The forecasting platform was developed as a joint effort comprising of SAS consultants as well as CartaSi employees. While SAS consultants took care of the statistical aspects and the SAS solution, the CartaSi team took care of SAS’s integration with the company’s information systems and development of the user interface. This joint team also integrated solutions for other requirements that emerged during the developmental phase and were not necessarily linked with short-term forecasts.
Data is collected from thousands of POS terminals in predetermined shops for processing and forecasting. Information from these POS terminals goes to servers identified by the account-holding bank. This overall transaction flow from all servers (different servers of different banks and their merchants) is then fed to the forecasting platform. This is a complex process as payments to retailers are made by hundreds of banks, each using a different procedure. This required a specific statistical algorithm to be developed for each statistical series associated with the different kinds of payments. However, the development team was able to overcome hurdles and put a well-configured system in place within a few months.
Result
CartaSi noticed positive results immediately after incorporating the SAS system in their analytical framework. The forecasting system developed with the help of SAS helped the company in estimating transactions that might occur in the next 48 hours. Moreover, the estimates were recalculated on a daily basis as the SAS system’s database was updated daily, based on the log flows that arrived from various sources. Using the estimated values, the company was able to manage its requirement for advance funds and reduce its deficit. This reduction of financial charges was reflected in terms of considerable savings for the organization.
The company had predicted a saving of EUR400,000 per year based on the prototype model, however, the actual figures were expected to be much higher.
Furthermore, use of SAS also improved the company’s preparation of the annual financial reports and quarterly estimates, which are more connected with long-term analysis.
Figure 1: The Case of CartaSi
