![Native[risk]](http://images.squarespace-cdn.com/content/v1/65704856a75e450a6d17d647/f3aa0ca7-8a4d-4034-992f-9ae514f1127e/Native+risk_logo-invert.png?format=1500w){kind=logo}
#69 - You might already be too late
Most fraud teams have no idea when their vendor contracts expire.
That’s not an exaggeration. It’s a pattern I see repeatedly, and it matters far more than you think.
Here’s why: switching a fraud vendor isn’t like switching a SaaS tool. You can’t just flip a switch. Finding, evaluating, POC-ing, negotiating, and integrating a new vendor takes 9-12 months.
Minimum.
And that’s before you even start sunsetting your old one…
If you realize you’re unhappy with your vendor when the contract is already up for renewal, truth is you’re locked in for another cycle.
Another 2-3 years with a system that’s holding you back.
And this is no joke, I’ve seen a few fintechs that were caught in the “woke up too late” loop, ending up with a vendor they absolutely hated for a decade.
The good news: this is entirely preventable. Not only that - it’s also easy.
Today I want to go over what to do and when to make sure you never get stuck with a vendor you’re disappointed with.
The 12-month vendor renewal framework
The first step is to capture all of your fraud vendors’ contract end dates in one place. This can be a Notion page, an Excel sheet, or even your calendar.
It should be visible to you, not only your legal or finance departments.
The second step is to treat a contract end date as a strategic deadline that determines how much leverage and optionality you have.
Set an alert for 12 months in advance of every contract expiry date. This is the timeline I recommend every fraud team follow. Not just when things feel broken, but all the time and for every vendor.
Third, when a vendor alert pops up, it’s time for you to go through a process designed to:
Assess the vendor
Assess alternatives
Implement your decision without external pressure
The process follows four steps:
Twelve months out: Run your performance review
Pull 6-12 months of data. Start with performance metrics: loss rates, false positive rates, and ROI.
Then collect data on service quality: from general responsiveness to requests from your side, to server uptime.
Don’t do this from memory, use hard data.
Compare the performance to what you’ve been promised or what you expected originally - does it deliver the ROI you had in mind?
Side note: Consider benchmarking against where the market has moved to. Vendors that were market leaders three years ago may now be mid-tier.
If the review shows you’re satisfied, you should consider starting renewal negotiations early.
Vendors also know that you cannot just switch them off at a flick of your fingers. Unfortunately, I’ve seen my share of vendors who would jack prices a month before renewal, leaving clients fuming and helpless.
You want to know if that’s the case in advance, as obviously this would impact how you see the ROI you’re expecting from renewing the contract.
And if you’re not happy with the performance or with the new price? You now have a full year to make a switch.
That’s exactly the runway you need.
Nine months out: Have a shortlist ready
Research alternatives: request demos, get pricing, and talk to peers who’ve used the vendors you’re considering.
Side note: If you don’t know how to get started, here’s a quick guide on how to self-analyze your business fraud needs so you can get a better idea of which vendors you should hit.
This is also the time to get leadership aligned. A vendor switch isn’t just a fraud prevention project - it touches engineering, product, compliance, and finance.
Getting buy-in now prevents the approval bottleneck later, when time is short.
This is especially true when it comes to requesting engineering resources. Make sure you plan it in advance to avoid competing with projects that have closer deadlines.
But also use the deadline you have to create urgency.
Six months out: Run your POCs
Before you sign a new vendor, you definitely want to test them first by running a POC.
Ideally, you’d want to test 2-3 vendors in parallel, but let’s be honest - even testing that one vendor you want is better than nothing.
This can take some time: agreeing with the vendor on how the test would be conducted, preparing the data on your side, running the trial on the vendor side, and analyzing the performance.
Pro tip: Be deliberate about what you’re testing. Don’t just run the vendor’s standard setup - test the workflows your team will actually operate in production. That’s where the real performance gaps show up.
Side note: Here’s a rundown of the three main POC methods fraud vendors offer, together with their pros and cons.
Three months out: Make your decision and start integration
At this point it should be clear to you whether one of the vendors you tested performs better than your current one, and more importantly - gives better ROI.
Considering a two-month integration window is pretty standard, you’d want to lock down the deal and start integrating at this point.
Remember, it’s not just about API implementation. Testing the integration end-to-end in both staging and production environments takes time and resources.
Make sure you flag this in advance when the company is busy with its yearly planning, even if you don’t know which vendor you’ll choose yet.
One month out: Run both systems in parallel
If you’re switching, give formal notice to your outgoing vendor. Most contracts require 30-60 days’ notice of non-renewal, so check yours.
Running both systems in parallel for at least a month before full cutover is optional, but I wouldn’t skip it unless my back is against the wall.
A lot of things can go wrong during integration and go-live of a new vendor. The last thing you want on your hands is a situation where you have no plan B.
The hidden benefit
There’s a second reason to start this process 12 months out that most teams miss.
When your current vendor knows you’re actively evaluating alternatives, the conversation changes: pricing improves, and roadmap items suddenly accelerate.
But if you only begin renewal conversations 60 days before expiry, the vendor knows you have almost no leverage.
And here’s the thing:
Setting up this system requires one thing: pulling all your vendor contract dates into one place and scheduling calendar alerts at each milestone.
That’s an hour or two of work.
The cost of not doing it is years of stunted performance, missed opportunities, and increasing operational costs.
When did you last check when your fraud vendor contracts expire? Hit reply and let me know what you found.
In the meantime, that’s all for this week.
See you next Saturday.
P.S. If you feel like you're running out of time and need some expert advice with getting your fraud strategy on track, here's how I can help you:
Free Discovery Call - Unsure where to start or have a specific need? Schedule a 15-min call with me to assess if and how I can be of value.
Schedule a Discovery Call Now »
Consultation Call - Need expert advice on fraud? Meet with me for a 1-hour consultation call to gain the clarity you need. Guaranteed.
Book a Consultation Call Now »
Fraud Strategy Action Plan - Is your Fintech struggling with balancing fraud prevention and growth? Are you thinking about adding new fraud vendors or even offering your own fraud product? Sign up for this 2-week program to get your tailored, high-ROI fraud strategy action plan so that you know exactly what to do next.
Sign-up Now »
Enjoyed this and want to read more? Sign up to my newsletter to get fresh, practical insights weekly!
