First-Party Fraud a Growing Risk

Experian Research: Institutions Must Refine Definition, Detection
First-Party Fraud a Growing Risk
First-party fraud ranks among the top three fraud events financial institutions face. But most institutions don't accurately quantify and qualify their risks, says Keir Breitenfeld, senior director of fraud for Experian Decision Analytics.

The primary challenge: defining first-party fraud. "Everybody agrees first-party fraud is big," Breitenfeld says. "The problem is that there are so many different definitions, we have a hard time getting our hands around it."

The textbook definition of first-party fraud refers only to fraud perpetrated through the opening of new accounts with no intention of repayment. But in a new report, "First-Party Fraud - Trends, Challenges and Outlook," Experian says financial institutions should broaden their perspective.

Experian estimates first-party fraud accounts for at least 25 percent of total consumer credit charge-offs in the United States. TowerGroup supports that estimate, claiming that between 5 percent and 35 percent of card issuers' total bad-debt write-offs result from first-party fraud and/or credit abuse.

The Federal Reserve estimates charge-off rates account for nearly 10 percent of all outstanding revolving consumer credit.

Based on those figures and internal findings, Experian claims first-party fraud results in annual losses that top tens of billions of dollars.

'Isolate and Segment' First-Party Fraud

Banks and credit unions rely too heavily on credit scores for the categorization of first-party fraud. "Financial institutions don't have a good handle on first-party fraud," Breitenfeld says. That's why the report's findings are based on various credit-reporting facts, rather than survey opinions offered by card-issuing institutions.

"We did not think conducting a survey would offer much insight," he says. "Instead, we based it on our own observations and opinion, as a credit-reporting bureau."

An overreliance on credit scores highlights why institutions need different analytics to review bad debt. "We're not trying to redefine the world," Breitenfeld says. "We're just trying to add some clarity."

Experian expands first-party fraud to include:

  • Synthetic identity: The creation of a fictitious identity that's used to access credit or other financial services. Synthetic identity also can comprise altering a true name or the use of a legitimate but stolen Social Security number.
  • Default payment schemes: Allowing credit loans to intentionally default to avoid payments.
  • Bust-out: After building good credit history, the perpetrator opens several new accounts and suddenly stops making payments on the various accounts.
  • Straight-roller: An account that becomes delinquent and never shows attempt to make a payment.
  • Never pay: A form of straight-roller that becomes delinquent within the first two months of opening the account.

That more inclusive view of first-party fraud is supported by analytics, Experian says.

"First-party fraud, whether originating from individual actors or more organized crime syndicates, is quite difficult to detect via traditional application screening and account management processes," the new report states. "The difficulty arises from the fact that the identities either are legitimate or appear legitimate."

To catch fraud early, institutions need to integrate binary rules and basic identity verification with predictive and targeted analytics. "You don't wait for it to be in the collections queue," Breitenfeld says. "By that time, the losses will be too great."

First-party fraud often involves a combination of events, but fraud managers don't see overall losses because first-party fraud is classified as a charge-off or credit loss.

"The [regulatory] compliance definition of first-party fraud requires that the fraud involve bad payments," Breitenfeld says. "But we think many accounts that are first-party fraud don't have bad payments. ... Operationally, it's important for institutions to not rely solely on the regulatory definition of first-party fraud, or they risk missing a lot."

While regulatory restrictions typically prohibit formal reclassification of first-party fraud from anything that falls outside credit loss, institutions should realign their internal classifications.

Scoring each part of an account's and an accountholder's lifecycle is key. "Scoring has to be tailored," Breitenfeld says. "We have to do that, too, because we are working with so many different entities. Everyone is trying to get this to a centralized process. We will get there, but for now it's challenging."

About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by, ABC News, and MSN Money.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.