Fighting Fraud with Frank - October 8, 2009 - Don't build your house on sand.

Lenders that take time now to build the tenets of fraud risk management into their new organizations are building their houses on solid foundations of rock.

Have you ever heard the parable of the two builders? The story involves two different builders that wanted to build a house for themselves and their descendents. The first builder took many months choosing an ideal place located on solid rock for his house. He realized this solid foundation would help his house stand for hundreds of years. He then spent many more months digging into that rock and building a structural foundation. Finally he built his sturdy house on the foundation. Following this painstaking process, it was years before he could move into the house.

The second builder had a different approach, but one that was far easier. He built a house on an easy to find location (sand) and didn't bother digging a deep foundation. He ended up moving into his comfortable house in a matter of months. He was contented and happy. Well, one day years later, a big storm came to the region that resulted in floods. The first builder was rewarded for his efforts as his house stood strong; the second builder's house broke apart and floated away.

Welcome to the 12th edition of Fighting Fraud with Frank. As always, I will address some of the recent trends in the industry and provide commentary on best practices. Many of you know I have had a chance to work with over 70 banks and lenders throughout the world. This has provided me the opportunity to see many best practices in action. Conversely, I have also witnessed first-hand a fair number of mistakes which we can learn from as an industry.

The story of the two builders seems particularly relevant to me right now because the mortgage industry is in a period of re-building after the nearly catastrophic subprime meltdown. As you know, many lenders did not survive the meltdown in part due to fraud risk policies, practices and prevention processes that were not built on the solid foundations of risk management.

In this edition, I provide three tenets of fraud risk management that are part of the very foundation that most industries rely upon to stop fraud. I'm not sure that the US Mortgage Industry has fully grasped the importance of these foundational elements since I still see some of the old practices and habits being built into the "new better way" of doing things. These are not new techniques or even particularly brilliant – they are standards of fraud risk management that work over and over again.

Tenet #1 – Use a Score to Target Fraud Risk Prior to Funding

Given good historical data, a good fraud score will always outperform other techniques in predicting fraud and risk. In particular I am referring to Pattern Recognition type scoring which is not merely a scorecard approach but rather a predictive technique refined and quite successfully used in most areas of fraud prevention. A score based approach consistently outperforms both alert-based approaches and rule-based approaches in detecting the most fraud at the lowest review rates. And by the way, I am not just relying on data that I have compiled from the mortgage industry, but every other industry as well – Cards, Retail Banking, and Internet Payments. The score approach flat out works better.

Why does it work better? It's simple, because it doesn't rely on a single data point to make a prediction of risk. A score looks at the complete risk of the loan file and provides a single prediction of risk based on potentially hundreds of risk factors in the application.

Why should a lender use a score-based approach? Again, it's really simple. Because lenders hate false positives and a score-based approach gets rid of most of the false positives that you get with other approaches. I have seen examples of lenders working alerts that have false positives of 100:1 or more. A classic example of this is those alerts that many lenders work when the Social Security Number appears not to match the borrower. Inevitably these turn out to be typographical data entry errors. A good score could incorporate this information as a variable in the model and only present this case if there was a combination of other factors that made the loan risky enough to warrant a fraud review.

Do alerts have a place? Yes, absolutely. Alerts are great tools for understanding specific issues on the loan file that might need to be addressed during a fraud review process. An example of this would include an alert that would warn you that the borrower lives 100 miles from their place of employment. This would be useful information to know when reviewing a loan file, but taken on its own may not warrant a fraud review.

Do rules have a place? Yes, and I am a big fan of rules when they are used properly. Intuitive rules should be used to address very specific flash fraud trends that emerge very quickly. Score based approaches rely on historical data. In those cases when you have a newly emerging flash fraud trend that may not be seen in the historical data, a good intuitive rule is a great approach to stopping the fraud right then and there.

Tenet # 2 – Create a Consistent Effective Fraud Review Process on the Targeted Loans

As I've mentioned in prior articles, it's clear that the fundamental fraud risk management issues for the mortgage industry are: 1) the time consuming nature of analyzing loan files for fraud risk, and 2) the reliance on human judgment to classify a loan file as fraud.

I believe that mortgage lenders need to create a consistent review process that looks at the loan file comprehensively and at the same time creates consistency between fraud analysts so that decisions are correct most of the time.

What do I believe is the most effective Fraud Review Process? I recommend a combination of three processes:

  • First review – The process begins by allowing analysts to familiarize themselves with the loan file and then analyze risk where fraud is likely to occur – income, employment, occupancy, property and identity. In this phase the analyst is forming an opinion based on their experience if the loan file contains fraud.

  • Then investigate – This part of the process involves vetting out the risk by clearing alerts, accessing outside sources of data to corroborate the information supplied on the application.

  • Then resolve – This final part of the process can involve a borrower verification call to confirm the findings, or the placement of a condition on the loan that needs to be satisfied. As you may know, I am a big proponent of borrower verification calls in the loan review process. In the industry, we refer to it as smile and dial, and it works great.

Tenet # 3 – Create Reporting, Measure Fraud, Measure Results

One of the primary issues with mortgage fraud is that it is not reported as a separate financial loss to the institution; rather, it is only considered a contributing (unmeasured and unknown) factor to recognized loss. Losses due to mortgage fraud typically find their way into delinquency, default and foreclosure loss categories. This is a problem.

Institutions need to create a monthly fraud reporting process. With continuous fraud monitoring, institutions can justify fraud prevention programs, and improve their processes through expansion of solutions and techniques that are successful. And by knowing what fraud was missed, institutions can focus resources on additional areas to drive down the cost of fraud.

What are the basic measurements you should consider capturing first?
There are just a few, but it could be a monumental leap in building your prevention programs.

  • monthly fraud loss and cases prevented

  • monthly fraud loss and cases funded

  • monthly fraud to originated ratios (basis point calculations)

  • monthly losses and basis point ratios by loan type and channel

What operational measurements are important to capture? I recommend the same three measurements operationally that every other industry is using to measure their fraud prevention results:

  • Fraud Detection Rate – measures the total percentage of fraud dollars that is detected prior to funding as a percentage of all fraud that occurred.

  • False Positive Ratio – measures the ratio of fraud to non-fraud cases that are worked.

  • Review Rate – measures the total percentage of applications that are flagged by the process or tool for a fraud review. A good fraud tool will find a majority of the fraud in a very small review population. Typically a lender will review less than 10% of their applications for fraud, and find a majority of their fraud dollar exposure in that population.

Build the house on rock, with a solid foundation

Just about the only issue with these fundamentals is that they are harder to adopt and implement than the old way of doing things. It's usually harder to operationalize the use of fraud scores because they are less intuitive. It's harder to implement a comprehensive fraud review that allows analysts to use their own experience in a loan file, rather than pushing alerts to them and having them clear them. It's harder to implement reporting on fraud rather than just lumping it into credit risk. Each of these things is harder to do than the old way of doing things, but in the end they are better. In the end they allow our industry to become rooted in time tested and successful fraud prevention techniques. I want us to build our house on rock with a solid foundation. Let's take the harder route this time and weather any future storms.

About the Author

Frank McKenna was the Co-founder and Chief Fraud Strategist for BasePoint Analytics, based in Carlsbad, CA. He now serves as Vice President of Fraud Strategy for First American CoreLogic. He may be reached at (760) 602-4971 x104 or via email at FMcKenna@BasePointAnalytics.com

Your privacy is important to us. If you no longer wish to receive this e-newsletter,
please email us to be removed from our mailing list.
If you would like to be added to our mailing list, please complete this form.

Additional Information

Ask Frank

Send your questions, comments, and/or ideas for future discussion topics to Frank.

BasePoint Announces Rapid Expansion in Use of Income Verification Solution for Mortgage Loans

Are you at risk for identity theft?
Find out for free at BasePoint's Identity Theft Risk Assessment

Frank McKenna, Vice President, Fraud Strategy, First American CoreLogic

Frank McKennaFormerly Co-founder and Chief Fraud Strategist of BasePoint Analytics, Frank helped develop and introduce advanced predictive technology to detect mortgage fraud. Frank's vast experience in fraud management has enabled him to identify unique and effective tools to manage lender risk through pattern analysis and evaluating other parties in the transaction, such as mortgage brokers.