#31 - Your CEO wants fraud fixed today. Your team needs months.

Here’s what frustrates me the most about fraud:

There’s always an imbalance between how urgent it is, and how soon you can fix it.

Sometimes, a solution becomes clear in days. But implementing said solution can take long months.

This imbalance is not unique to fraud, but it’s often compounded by the volatile nature of it:

When fraud is urgent and you want to invest - you realize meaningful changes take time.

And when it’s not urgent and you have the time - resources tend to be diverted elsewhere.

None of that is new though. If you’re reading this, it’s likely you’ve seen that before.

But here’s the thing:

The worst part is not having to choose between getting resources or low stress levels.

It’s actually the constant switching between the two, as the ebb and flow of fraud influences the priorities of your business.

Going back and forth between strategies harms your business the most. It guarantees poor performance, wasted budget, and eventually - stunted growth.

Let’s talk about it.

Meet Shelly and Tim

Tell me if you've ever taken part in a conversation like this one between Shelly (CEO) and Tim (CFO who owns fraud):

Shelly: Fraud is up 50% YoY and it’s killing our numbers. We need to fix it! NOW!

Tim: Yeah, it’s brutal. But to be fair, we’ve also grown the business by 3x in the past 12 months and the team is the same size as last year…

Shelly: I see where you’re going with this, we’re not going to triple the team’s size. The board will kill me if we do. I’m willing to spend the budget on it, but not 3x.

Tim: I’m with you. If we integrate a real-time AI fraud score, I think we can really reduce our losses for a 20% increase in budget. Thing is, even if we start tomorrow – assessing vendors, contracting, and integration would take six months at best. More likely twelve…

Shelly: So what are you saying? That I should only expect numbers to look better in twelve months?

Tim: Well… I’m not sure what you’re expecting to hear. I’m not a magician. We discussed doing the same last year, but back then we decided not to fund it…

Shelly: OK, so what do we do now?

Tim: We’ll likely need to step-up user authentication to reduce fraud as we go through the vendor selection process.

Shelly: But that would impact our onboarding completion rates for, what… twelve months?

Tim: What can I say? If we would have started with a vendor selection back then we would already be done by now.

Shelly: …

Tim: …

Why no business likes long-term investments into fraud

How painful was it to read this “imaginary” conversation?

Whether you empathize more with Shelly or with Tim, I bet you were just as frustrated reading it. 

I know I was writing it.

At the heart of the conflict between Shelly and Tim lies the core issue with fraud strategy.

As a business, we are focused on achieving growth. But at the same time, we are forced to commit budget in advance to meet potential threats that might manifest in the future.

Investing in fraud can turn out to be the wrong decision if the threats don’t end up materializing. And which business likes to throw funds down the drain?

And yet, by analyzing the–hypothetical, yet common–situation described above, we can make out some mistakes that have been made along the way.

Looking closely at them, we might find ways to reduce the tension between the two positions.

Forecasting fraud growth

If your business grew by 200% (3x) in the last 12 months and your fraud rate grew by only 50%, you might consider that a win.

But apparently, Shelly and Tim didn’t anticipate even such modest fraud growth.

That‘s not so uncommon. Just a few weeks ago I was speaking to a Fintech founder who told me their board has decided to treat fraud as a “fixed cost” in their budget going forward.

The assumption is that fraudsters don’t attack you more just because you have more customers.

Thing is, even if we agree with this assumption (which I don’t), we also assume that growth is organic. Same product lines, same user segments.

In reality, high growth is often achieved by diversification of revenue streams: new products and new market segments.

These bring with them new vulnerabilities, new fraud vectors, and soon enough - new fraudsters.

Increased losses should have been taken into consideration and they weren’t.

Doing the homework

Your fraud roadmap didn’t get budgeted? You’re not allowed to sit on your hands.

If Tim thought contracting a vendor was the right idea twelve months ago, then he should have a headstart on the process today.

Assessing vulnerabilities, researching the market, narrowing down the options to 1-2 vendors, and even scoping integration could all have been done in the last 12 months. And for little resources at that.

It’s true that end-to-end, such a process can easily take six to twelve months.

But with the right preparations, you can halve that time by putting your ducks in a row for when your roadmap is finally funded.

Monitoring actuals vs. budget

It is not common for fraud to manifest as a strategic surprise.

If fraud rates are up by 50% YoY, it’s unlikely that this uptick happened all in one month.

Discussing the issue so late means that Shelly and Tim likely missed many red flags along the way.

Not only were they not tracking fraud rates closely, but they probably weren’t paying attention to early indicators that could have helped them spot the issue when it was much smaller.

To be frank, this happens a lot when fraud isn’t managed by a leader with experience in the field. Then again, I’ve also seen experienced leaders fail at that.

One common contributor to this disconnect which I’ve seen over the years, is when the fraud team isn’t aware of how fraud rates are calculated or forecasted in the budget.

While the fraud team thinks they are “in the green”, the finance team realizes there’s trouble only too late.

The way forward

Alright, so we know what we need to be aware of so our chances of ending up in Shelly and Tim’s shoes are diminished.

But that doesn’t solve their issue.

If they would hire me to help them find a way forward, I can’t just tell them what they’ve done wrong in the past.

So here’s what I’d do next if they were my client:

Short-term: stem the bleeding

1. Analyze their segments and increase friction for high-risk populations only, avoiding a widespread impact on their onboarding numbers.

2. Research simple heuristics that can be implemented as rules, possibly even hard-coded into the system. With this stopgap, we might be able to stop some of the fraud without too much friction.

Mid-term: analyze and plan

1. Audit their business and verify that their assumptions on what they need (real-time AI score) are indeed the most efficient long-term approach. 

2. If so, help them sharpen their vision on how to utilize it: where and how to integrate it, how to operate it, etc.

3. And if not, come up with an alternative long-term plan that suits best their needs

Long-term: execution and stabilization

1. Execute the fraud strategy roadmap we agreed on, making sure we track success metrics over time and not just when all work is done. Progress should be delivered in milestones.

2. Carefully remove stopgap solutions we’ve implemented before to optimize for growth again.

3. Implement the processes that will guard them from encountering the same issue again (forecasting, monitoring, etc.)

What would you have done if Shelly and Tim asked for your help? Hit the reply button and tell me if you think I’ve missed anything.

In the meantime, that’s all for this week.

See you next Saturday.

P.S. If you feel like you're running out of time and need some expert advice with getting your fraud strategy on track, here's how I can help you:

Free Discovery Call - Unsure where to start or have a specific need? Schedule a 15-min call with me to assess if and how I can be of value.
​Schedule a Discovery Call Now »​

Consultation Call - Need expert advice on fraud? Meet with me for a 1-hour consultation call to gain the clarity you need. Guaranteed.
​Book a Consultation Call Now »​

Fraud Strategy Action Plan - Is your Fintech struggling with balancing fraud prevention and growth? Are you thinking about adding new fraud vendors or even offering your own fraud product? Sign up for this 2-week program to get your tailored, high-ROI fraud strategy action plan so that you know exactly what to do next. ​
Sign-up Now »

Enjoyed this and want to read more? Sign up to my newsletter to get fresh, practical insights weekly!