![Native[risk]](http://images.squarespace-cdn.com/content/v1/65704856a75e450a6d17d647/f3aa0ca7-8a4d-4034-992f-9ae514f1127e/Native+risk_logo-invert.png?format=1500w){kind=logo}
#36 - Why leaders choose worse fraud tools
A few weeks ago I was in Amsterdam for M20/20 Europe.
I figured that I’d take advantage of being in town and visit some friends over at the Mastercard office.
As I was about to book my Uber, I noticed that the invite mistakenly included the MC office address in Rotterdam.
I googled the address for the Amsterdam office and was on my way.
Interestingly, as I was stepping out of my ride, I noticed the Uber app was welcoming me to the infamous red-lights district.
“Uhm… Am I in the right place?”
I gingerly poked my head around some corners until, with a sigh of relief, I noticed the smallest-ever sign reading: “Mastercard”.
What’s even more important than performance
Catching up with friends is one of my favorite “business” activities.
When I was a tech founder, I never had the time. It was all planning sessions, 1:1s, and endless emails.
But as an advisor, catching up with friends is 50% of the job. What’s even nicer is that I get to meet a lot of interesting new people as well.
So here I was in the MC offices, catching up with a friend, but actually meeting them in person for the first time.
“I see that you recently started pushing a new narrative in your writing”, he said with a smile.
“Oh? Which one’s that?”
“That rules are better than AI.”
“Ah. Here’s the thing - people say they care about performance, but mostly they really care about control.”
Why leaders hesitate to optimize
I tend to write quite often about the ongoing debate of “Rules vs. AI”.
That’s because there are a lot of things to unpack here: accuracy, coverage, speed, explainability, costs, performance degradation, etc.
The list is long, and many of these points I already addressed in previous issues.
But it all comes down to one point: control.
Or, to put it more accurately, the sense of control.
Here’s what we tend to forget: in fraud prevention we touch the most sensitive business processes - money movement and customer acquisition.
Mismanage one of those and you kill the business.
Why do we tend to forget about this fundamental reality?
Because all we see in front of us is optimization. Shaving a few milliseconds here and a few basis-points there.
The tension between small optimization gains versus the risk of complete business disruption is exactly what drives paralysis.
And I get it. Sometimes the “gamble” seems too high.
It’s all about control
Fraud teams, both internal and external, often fail to realize that. They focus on what can be gained and ignore what can be at risk.
Often, this translates to integrating complex tech in a business that isn’t used to it. And let’s face it, the vast majority of companies out there don’t use AI/ML as part of their core product.
If they are not used to handling AI/ML, they won’t understand it.
If they don’t understand it, they won’t trust it.
If they don’t trust it, they won’t feel like they’re in control.
And how can we expect a business to give up control over its most critical processes?
No wonder then, that companies choose to utilize rules over AI.
It’s not about understanding the score of a specific event, it’s about having a solid understanding of how decisions are being made as a whole.
Rules offer exactly that: simple heuristics, deterministic outcomes, transparent monitoring, straightforward KPIs.
Are rules always more accurate? Are they always catching more fraud? Do they adapt well to mutating fraud patterns?
Absolutely not.
But they are safe. And “safe” wins RFIs.
Side note: Yes, you might be utilizing an AI vendor, or even built your own models in-house. But are you really using it more than rules? I saw many cases where glorified AI vendors are being used as “dumb” rule engines only.
How do we gain control with AI?
That’s the million dollar question for anyone building fraud prevention tech. At least I hope so.
I’ve seen some vendors who take a servicing approach. Either by offering “bring your own model” configurations or by letting users train models directly on their platform.
And indeed, being more familiar with the model definitely increases trust.
But teams that will take advantage of such approaches are the minority: these are the teams that can–and are–used to handle complexity.
What about the ones that don’t?
That’s the one-hundred million dollar question.
I find that a big part of it is helping the user understand which strategies are available for them, and what would be the effect of each one on the business.
For example: choosing a KPI to optimize around and then suggesting low, medium, and high risk strategies that will be defined by the user.
Let’s be more concrete: Say a user wants to optimize around chargeback rate and they set the different risk appetites to be: 0.2% for low, 0.3% for medium, and 0.5% for high.
Imagine if after setting these requirements, you are presented by the following table:
This seems quite basic, but truth be told, you won’t find it in most fraud AI suits. In-house or of vendors.
And these are just the basics. Imagine you can double-click on a chosen strategy and explore it further, segmented by regions, flows, or products.
This is the explainability that matters, not why a certain case got a fraud score of 12.
Because like with rules, the decisions we implement with AI are about top-level KPIs. Without knowing exactly how I change those, there’s no chance in hell that I’m going to make any changes.
So how do we retain the sense of control while using AI?
We let the user dictate which KPIs are important for them.
We allow them to explore a number of alternatives.
We help them monitor the performance.
No complex heatmaps, no overlapping ROCs, no fancy graph networks.
Just plain answers anyone could understand. Because it’s that “anyone” who will end up making these decisions. Not the data scientist that trained the model.
Agree / Disagree? Hit the reply button and share your thoughts!
In the meantime, that’s all for this week.
See you next Saturday.
P.S. If you feel like you're running out of time and need some expert advice with getting your fraud strategy on track, here's how I can help you:
Free Discovery Call - Unsure where to start or have a specific need? Schedule a 15-min call with me to assess if and how I can be of value.
Schedule a Discovery Call Now »
Consultation Call - Need expert advice on fraud? Meet with me for a 1-hour consultation call to gain the clarity you need. Guaranteed.
Book a Consultation Call Now »
Fraud Strategy Action Plan - Is your Fintech struggling with balancing fraud prevention and growth? Are you thinking about adding new fraud vendors or even offering your own fraud product? Sign up for this 2-week program to get your tailored, high-ROI fraud strategy action plan so that you know exactly what to do next.
Sign-up Now »
Enjoyed this and want to read more? Sign up to my newsletter to get fresh, practical insights weekly!
