Credit Risk Modeling

--by Tom Hannagan

I was hoping someone would ask about these risk management terms…and someone did. The obvious answer is that the “A” and the “O” are reversed. But, there’s more to it than that. First, let’s see how the acronyms were derived. RORAC is Return on Risk-Adjusted Capital. RAROC is Risk-Adjusted Return on Capital. Both of these five-letter abbreviations are a step up from ROE.

This is natural, I suppose, since ROE, meaning Return on Equity of course, is merely a three-letter profitability ratio. A serious breakthrough in risk management and profit performance measurement will have to move up to at least six initials in its abbreviation. Nonetheless, ROE is the jumping-off point towards both RORAC and RAROC.

ROE is generally Net Income divided by Equity, and ROE has many advantages over Return on Assets (ROA), which is Net Income divided by Average Assets. I promise, really, no more new acronyms in this post.

The calculations themselves are pretty easy. ROA tends to tell us how effectively an organization is generating general ledger earnings on its base of assets.  This used to be the most popular way of comparing banks to each other and for banks to monitor their own performance from period to period. Many bank executives in the U.S. still prefer to use ROA, although this tends to be those at smaller banks.

ROE tends to tell us how effectively an organization is taking advantage of its base of equity, or risk-based capital. This has gained in popularity for several reasons and has become the preferred measure at medium and larger U.S. banks, and all international banks. One huge reason for the growing popularity of ROE is simply that it is not asset-dependent. ROE can be applied to any line of business or any product. You must have “assets” for ROA, since one cannot divide by zero. Hopefully your Equity account is always greater than zero. If not, well, lets just say it’s too late to read about this general topic.

The flexibility of basing profitability measurement on contribution to Equity allows banks with differing asset structures to be compared to each other.  This also may apply even for banks to be compared to other types of businesses. The asset-independency of ROE can also allow a bank to compare internal product lines to each other. Perhaps most importantly, this permits looking at the comparative profitability of lines of business that are almost complete opposites, like lending versus deposit services. This includes risk-based pricing considerations. This would be difficult, if even possible, using ROA.

ROE also tells us how effectively a bank (or any business) is using shareholders equity. Many observers prefer ROE, since equity represents the owners’ interest in the business. As we have all learned anew in the past two years, their equity investment is fully at-risk. Equity holders are paid last, compared to other sources of funds supporting the bank. Shareholders are the last in line if the going gets rough. So, equity capital tends to be the most expensive source of funds, carrying the largest risk premium of all funding options. Its successful deployment is critical to the profit performance, even the survival, of the bank. Indeed, capital deployment, or allocation, is the most important executive decision facing the leadership of any organization.

So, why bother with RORAC or RAROC? In short, it is to take risks more fully into the process of risk management within the institution. ROA and ROE are somewhat risk-adjusted, but only on a point-in-time basis and only to the extent risks are already mitigated in the net interest margin and other general ledger numbers. The Net Income figure is risk-adjusted for mitigated (hedged) interest rate risk, for mitigated operational risk (insurance expenses) and for the expected risk within the cost of credit (loan loss provision).

The big risk management elements missing in general ledger-based numbers include: market risk embedded in the balance sheet and not mitigated, credit risk costs associated with an economic downturn, unmitigated operational risk, and essentially all of the strategic risk (or business risk) associated with being a banking entity. Most of these risks are summed into a lump called Unexpected Loss (UL). Okay, so I fibbed about no more new acronyms. UL is covered by the Equity account, or the solvency of the bank becomes an issue.

RORAC is Net Income divided by Allocated Capital. RORAC doesn’t add much risk-adjustment to the numerator, general ledger Net Income, but it can take into account the risk of unexpected loss. It does this, by moving beyond just book or average Equity, by allocating capital, or equity, differentially to various lines of business and even specific products and clients. This, in turn, makes it possible to move towards risk-based pricing at the relationship management level as well as portfolio risk management.  This equity, or capital, allocation should be based on the relative risk of unexpected loss for the different product groups. So, it’s a big step in the right direction if you want a profitability metric that goes beyond ROE in addressing risk. And, many of us do.

RAROC is Risk-Adjusted Net Income divided by Allocated Capital. RAROC does add risk-adjustment to the numerator, general ledger Net Income, by taking into account the unmitigated market risk embedded in an asset or liability. RAROC, like RORAC, also takes into account the risk of unexpected loss by allocating capital, or equity, differentially to various lines of business and even specific products and clients. So, RAROC risk-adjusts both the Net Income in the numerator AND the allocated Equity in the denominator. It is a fully risk-adjusted metric or ratio of profitability and is an ultimate goal of modern risk management. 

So, RORAC is a big step in the right direction and RAROC would be the full step in management of risk. RORAC can be a useful step towards RAROC. RAROC takes ROE to a fully risk-adjusted metric that can be used at the entity level.  This  can also be broken down for any and all lines of business within the organization. Thence, it can be further broken down to the product level, the client relationship level, and summarized by lender portfolio or various market segments. This kind of measurement is invaluable for a highly leveraged business that is built on managing risk successfully as much as it is on operational or marketing prowess.

Please refer to my blogs five and six for more information about ROE and the term “unpredictable variability:”  http://www.decisionanalyticsblog.experian.com/blog/risk-based-pricing-2

RORAC versus RAROC ?
--by Tom Hannagan

I was hoping someone would ask about these risk management terms…nd someone did. The obvious answer is that the “A” and the “O” are reversed. But, there’s more to it than that. First, let’s see how the acronyms were derived. RORAC is Return on Risk-Adjusted Capital. RAROC is Risk-Adjusted Return on Capital. Both of these five-letter abbreviations are a step up from ROE. This is natural I suppose since ROE, meaning Return on Equity of course, is merely a three-letter profitability ratio. A serious breakthrough in risk management and profit performance measurement will have to move up to at least six initials in its abbreviation. Nonetheless, ROE is the jumping-off point towards both RORAC and RAROC.

ROE is generally Net Income divided by Equity, and ROE has many advantages over Return on Assets (ROA), which is Net Income divided by Average Assets. I promise, really, no more new acronyms in this post.

The calculations themselves are pretty easy. ROA tends to tell us how effectively an organization is generating general ledger earnings on its base of assets.  This used to be the most popular way of comparing banks to each other and for banks to monitor their own performance from period to period. Many bank executives in the U.S. still prefer to use ROA, although this tends to be those at smaller banks.

ROE tends to tell us how effectively an organization is taking advantage of its base of equity, or risk-based capital. This has gained in popularity for several reasons and has become the preferred measure at medium and larger U.S. banks, and all international banks. One huge reason for the growing popularity of ROE is simply that it is not asset-dependent. ROE can be applied to any line of business or any product. You must have “assets” for ROA, since one cannot divide by zero. Hopefully your Equity account is always greater than zero. If not, well, lets just say it’s too late to read about this general topic.

The flexibility of basing profitability measurement on contribution to Equity allows banks with differing asset structures to be compared to each other.  This also may apply even for banks to be compared to other types of businesses. The asset-independency of ROE can also allow a bank to compare internal product lines to each other. Perhaps most importantly, this permits looking at the comparative profitability of lines of business that are almost complete opposites, like lending versus deposit services. This includes risk-based pricing considerations. This would be difficult, if even possible, using ROA.

ROE also tells us how effectively a bank (or any business) is using shareholders equity. Many observers prefer ROE, since equity represents the owners’ interest in the business. As we have all learned anew in the past two years, their equity investment is fully at-risk. Equity holders are paid last, compared to other sources of funds supporting the bank. Shareholders are the last in line if the going gets rough. So, equity capital tends to be the most expensive source of funds, carrying the largest risk premium of all funding options. Its successful deployment is critical to the profit performance, even the survival, of the bank. Indeed, capital deployment, or allocation, is the most important executive decision facing the leadership of any organization.

So, why bother with RORAC or RAROC? In short, it is to take risks more fully into the process of risk management within the institution. ROA and ROE are somewhat risk-adjusted, but only on a point-in-time basis and only to the extent risks are already mitigated in the net interest margin and other general ledger numbers. The Net Income figure is risk-adjusted for mitigated (hedged) interest rate risk, for mitigated operational risk (insurance expenses) and for the expected risk within the cost of credit (loan loss provision).

The big risk management elements missing in general ledger-based numbers include: market risk embedded in the balance sheet and not mitigated, credit risk costs associated with an economic downturn, unmitigated operational risk, and essentially all of the strategic risk (or business risk) associated with being a banking entity. Most of these risks are summed into a lump called Unexpected Loss (UL). Okay, so I fibbed about no more new acronyms. UL is covered by the Equity account, or the solvency of the bank becomes an issue.

RORAC is Net Income divided by Allocated Capital. RORAC doesn’t add much risk-adjustment to the numerator, general ledger Net Income, but it can take into account the risk of unexpected loss. It does this, by moving beyond just book or average Equity, by allocating capital, or equity, differentially to various lines of business and even specific products and clients. This, in turn, makes it possible to move towards risk-based pricing at the relationship management level as well as portfolio risk management.  This equity, or capital, allocation should be based on the relative risk of unexpected loss for the different product groups. So, it’s a big step in the right direction if you want a profitability metric that goes beyond ROE in addressing risk. And, many of us do.

RAROC is Risk-Adjusted Net Income divided by Allocated Capital. RAROC does add risk-adjustment to the numerator, general ledger Net Income, by taking into account the unmitigated market risk embedded in an asset or liability. RAROC, like RORAC, also takes into account the risk of unexpected loss by allocating capital, or equity, differentially to various lines of business and even specific products and clients. So, RAROC risk-adjusts both the Net Income in the numerator AND the allocated Equity in the denominator. It is a fully risk-adjusted metric or ratio of profitability and is an ultimate goal of modern risk management. 

So, RORAC is a big step in the right direction and RAROC would be the full step in management of risk. RORAC can be a useful step towards RAROC. RAROC takes ROE to a fully risk-adjusted metric that can be used at the entity level.  This  can also be broken down for any and all lines of business within the organization. Thence, it can be further broken down to the product level, the client relationship level, and summarized by lender portfolio or various market segments. This kind of measurement is invaluable for a highly leveraged business that is built on managing risk successfully as much as it is on operational or marketing prowess.

Please refer to my blogs five and six for more information about ROE and the term “unpredictable variability:”  http://www.decisionanalyticsblog.experian.com/blog/risk-based-pricing-2

--by Keir Breitenfeld
 
Many compliance regulations such the Red Flags Rule, USA Patriot Act, and ESIGN require specific identity elements to be verified and specific high risk conditions to be detected. However, there is still much variance in how individual institutions reconcile referrals generated from the detection of high risk conditions and/or the absence of identity element verification. With this in mind, risk-based authentication, (defined in this context as the “holistic assessment of a consumer and transaction with the end goal of applying the right authentication and decisioning treatment at the right time") offers institutions a viable strategy for balancing the following competing forces and pressures:

• Compliance – the need to ensure each transaction is approved only when compliance requirements are met;
• Approval rates – the need to meet business goals in the booking of new accounts and the facilitation of existing account transactions;
• Risk mitigation – the need to minimize fraud exposure at the account and transaction level.

A flexibly-designed risk-based authentication strategy incorporates a robust breadth of data assets, detailed results, granular information, targeted analytics and automated decisioning. This allows an institution to strike a harmonious balance (or at least something close to that) between the needs to remain compliant, while approving the vast majority of applications or customer transactions and, oh yeah, minimizing fraud and credit risk exposure and credit risk modeling.

 Sole reliance on binary assessment of the presence or absence of high risk conditions and identity element verifications will, more often than not, create an operational process that is overburdened by manual referral queues. There is also an unnecessary proportion of viable consumers unable to be serviced by your business. Use of analytically sound risk assessments and objective and consistent decisioning strategies will provide opportunities to calibrate your process to meet today’s pressures and adjust to tomorrow’s as well.
 
 
 

--by Roger Ahern

The value of a good decision can generate $150 or more in customer net present value, while the cost of a bad decision can cost you $1,000 or more.  For example, acquiring a new and profitable customer by making good prospecting and approval and pricing decisions and decisioning strategies may generate $150 or much more in customer net present value and help you increase net interest margin and other key metrics.  While the cost of a bad decision (such as approving a fraudulent applicant or inappropriately extending credit that ultimately results in a charge-off) can cost you $1,000 or more.

Why is risk management decisioning important?

This issue is critical because average-sized financial institutions or telecom carriers make as many as eight million customer decisions each year (more than 20,000 per day!).  To add to that, very large financial institutions make as many as 50 billion customer decisions annually.  By optimizing decisions, even a small 10-to-15 percent improvement in the quality of these customer life cycle decisions can generate substantial business benefit. 

Experian recommends that clients examine the types of decisioning strategies they leverage across the customer life cycle, from prospecting and acquisition, to customer management and collections.  By examining each type of decision, you can identify those opportunities for improvement that will deliver the greatest return on investment by leveraging credit risk attributes, credit risk modeling, predictive analytics and decision-management software.

--by Kelly Kent

When reviewing offers for prospective clients, lenders often deal with a significant amount of missing information in assessing the outcomes of lending decisions, such as:

• Why did a consumer accept an offer with a competitor?
• What were the differentiating factors between other offers and my offer, i.e. what were their credit score trends?
• What happened to consumers that we declined? Do they perform as expected or better than anticipated?
• What were their credit risk models?

While lenders can easily understand the implications of the loans they have offered and booked with consumers, they often have little information about two important groups of consumers:

1. Lost leads: consumers to whom they made an offer but did not book
2. Proxy performance: consumers to whom financing was not offered, but where the consumer found financing elsewhere

Performing a lost lead analysis on the applications approved and declined, can provide considerable insight into the outcomes and credit performance of consumers that were not added to the lender’s portfolio.

Lost lead analysis can also help answer key questions for each of these groups:

• How many of these consumers accepted credit elsewhere?
• What were their credit attributes?
• What are the credit characteristics of the consumers we're not booking?
• Were these loans booked by one of my peers or another type of lender?
• What were the terms and conditions of these offers?
• What was the performance of the loans booked elsewhere?
• Who did they choose for loan origination?

Within each of these groups, further analysis can be conducted to provide lenders with actionable feedback on the implications of their lending policies, possibly identifying opportunities for changes to better fulfill lending objectives. Some key questions can be answered with this information:

• Are competitors offering longer repayment terms?
• Are peers offering lower interest rates to the same consumers?
• Are peers accepting lower scoring consumers to increase market share?

The results of a lost lead analysis can either confirm that the competitive marketplace is behaving in a manner that matches a lender’s perspective.  It can also shine a light into aspects of the market where policy changes may lead to superior results. In both circumstances, the information provided is invaluable in making the best decision in today’s highly-sensitive lending environment.

 

--by Tracy Bremmer

There has been a lot of hype these days about people strategically defaulting on their mortgage loans. In other words, a consumer is underwater on their house and so he/she makes a strategic decision to walk away from it. In these instances, the consumer is current on all of their non-mortgage accounts, but because the value of their home is less than what they owe, they make the decision to default on their mortgage loan.

Experian and Oliver Wyman teamed up to really dig into this population and determine these issues:

• Does this population really exist?
• If so, what are the characteristics of this population, such as assessing credit risk or bankruptcy scores?
• How should loan modification strategies be differentiated based on this population?

This blog will be one of a three-part series that addresses these questions. Let’s begin with the first question.

1.  Does this population really exist?
The quick answer is yes – this population does indeed exist. In fact, in 2008 strategic defaulters represented 18 percent of all mortgage defaults, up 500 percent from 2004. When we conducted our study we found there were varying populations that also existed when it came to mortgage defaults. In fact, we classified mortgage defaulters into five categories: strategic defaulter, cash flow manager, distressed defaulter, no non-real estate trades, and pay-downs.

We defined these populations as follows:

• Strategic defaulter - Borrowers who are delinquent on their mortgages, even when they can afford the payment, because their loan balance exceeds the value of their home,
• Cash flow manager - Borrowers facing delinquency issues with their mortgage because of temporary distress, but continue to make payments on all credit obligations,
• Distressed defaulter - Borrowers facing potential affordability issues that go delinquent on their mortgage along with other credit obligations,
• No non-real estate trades – Borrowers who are delinquent on their mortgage, however they do not have any other non-mortgage trades to evaluate if they have strategically defaulted or are in distress,
• Pay-downs – Borrowers who pay down their mortgage loan.

In my next blog, I will address the characteristic differences in behavior between these populations. Specifically, I will evaluate what characteristics make strategic defaulters stand out from the rest and what is unique about the cash flow managers.

Source: Experian-Oliver Wyman Market Intelligence Reports; Understanding Strategic Default in Mortgage topical study / webinar. August 2009.

--by Kari Michel

Most lenders use a credit scoring model in their decision process for opening new accounts; however, between 35 and 50 million adults in the US may be considered unscoreable with traditional credit scoring models. That is equivalent to 18-to-25 percent of the adult population. 

Due to recent market conditions and shrinking qualified candidates lenders have placed a renewed interest in assessing the risk of this under served population.  Unscoreable consumers could be a pocket of missed opportunity for many lenders. To assess these consumers, lenders must have the ability to better distinguish between consumers with a clear track record of unfavorable credit behaviors versus those that are just beginning to develop their credit history and credit risk models.

Unscoreable consumers can be split out into three populations:

• Infrequent credit users:  Consumers who have not been active on their accounts for the past six months, and who prefer to use non-traditional credit tools for their financial needs.

• New entrants:  Consumers who do not have at least one account with more than six months of activity; including young adults just entering the workforce,  recently divorced or widowed individuals with little or no credit history in their name, newly arrived immigrants, or people who avoid the traditional system by choice.

• Thin file consumers:  Consumers who have less than three accounts and rarely utilize traditional credit and likely prefer using alternative credit tools and credit score trends.

A study done by VantageScore® Solutions, LLC shows that a large percentage of the
unscoreable population can be scored with VantageScore* and a portion of these are credit-worthy (defined as the population of consumers who have a cumulative likelihood to become 90 days or more delinquent is less than 5 percent).  The following is a high-level summary of the findings for consumers who had at least one trade:

Lenders can review their credit decisioning process to determine if they have the tools in place to assess the risk of those unscoreable consumers.  As with this population there is an opportunity for portfolio expansion as demonstrated by the VantageScore study.

*VantageScore is a generic credit scoring model introduced to meet the market demands for a highly predictive consumer score. Developed as a joint venture among the three major credit reporting companies (CRCs) – Equifax, Experian and TransUnion.

--by Wendy Greenawalt 

In the last installment of my three part series dispelling credit attribute myths, we’ll discuss the myth that the lift achieved by utilizing new attributes is minimal, so it is not worth the effort of evaluating and/or implementing new credit attributes. First, evaluating accuracy and efficiency of credit attributes is hard to measure. Experian data experts are some of the best in the business and, in this edition, we will discuss some of the methods Experian uses to evaluate attribute performance.

When considering any new attributes, the first method we use to validate statistical performance is to complete a statistical head-to-head comparison. This method incorporates the use of KS (Kolmogorov–Smirnov statistic), Gini coefficient, worst-scoring capture rate or odds ratio when comparing two samples. Once completed, we implement an established standard process to measure value from different outcomes in an automated and consistent format. While this process may be time and labor intensive, the reward can be found in the financial savings that can be obtained by identifying the right segments, including:

• Risk models that better identify “bad” accounts and minimizing losses
• Marketing models that improve targeting while maximizing campaign dollars spent
• Collections models that enhance identification of recoverable accounts leading to more recovered dollars with lower fixed costs

Credit attributes
Recently, Experian conducted a similar exercise and found that an improvement of 2-to-22 percent in risk prediction can be achieved through the implementation of new attributes. When these metrics are applied to a portfolio where several hundred bad accounts are now captured, the resulting savings can add up quickly (500 accounts with average loss rate of $3,000 = $1.5M potential savings). These savings over time more than justify the cost of evaluating and implementing new credit attributes.

 

--by Wendy Greenawalt

This blog kicks off a three part series exploring some common myths regarding credit attributes. Since Experian has relationships with thousands of organizations spanning multiple industries, we often get asked the same types of questions from clients of all sizes and industries. One of the questions we hear frequently from our clients is that they already have credit attributes in place, so there is little to no benefit in implementing a new attribute set.

Our response is that while existing credit attributes may continue to be predictive, changes to the type of data available from the credit bureaus can provide benefits when evaluating consumer behavior. To illustrate this point, let’s discuss a common problem that most lenders are facing today-- collections. Delinquency and charge-off continue to increase and many organizations are having difficulty trying to determine the appropriate action to take on an account because consumer behavior has drastically changed regarding credit attributes.

New codes and fields are now reported to the credit bureaus and can be effectively used to improve collection-related activities. Specifically, attributes can now be created to help identify consumers who are rebounding from previous account delinquencies. In addition, lenders can evaluate the number and outstanding balances of collection or other types of trades.  This can be achieved while considering the percentage of accounts that are delinquent and the specific type of accounts affected after assessing credit risk. The utilization of this type of data helps an organization to make collection decisions based on very granular account data.  This is done while considering new consumer trends such as strategic defaulters. Understanding all of the consumer variables will enable an organization to decide if the account should be allowed to self-cure.  If so, immediate action should be taken or modification of account terms should be contemplated. Incorporating new data sources and updating attributes on a regular basis allows lenders to react to market trends quickly by proactively managing strategies. 

 

-- by Keir Breitenfeld

In my previous three postings, I’ve covered basic principles that can define a risk-based authentication process, associated value propositions, and some best-practices to consider.

Finally, I’d like to briefly discuss some emerging informational elements and processes that enhance (or have already enhanced) the notion of risk-based authentication in the coming year.  For simplicity, I’m boiling these down to three categories:

1. Enterprise Risk Management – As you’d imagine, this concept involves the creation of a real-time, cross channel, enterprise-wide (cross business unit) view of a consumer and/or transaction.  That sounds pretty good, right?  Well, the challenge has been, and still remains, the cost of developing and implementing a data sharing and aggregation process that can accomplish this task.  There is little doubt that operating in a more silo’d environment limits the amount of available high-risk and/or positive authentication data associated with a consumer…and therefore limits the predictive value of tools that utilize such data.  It is only a matter of time before we see more widespread implementation of systems designed to look at a single transaction, an initial application profile, previous authentication results, or other relationships a consumer may have within the same organization -- and across all of this information in tandem.  It’s simply a matter of the business case to do so, and the resources to carry it out.

2. Additional Intelligence – Beyond some of the data mentioned above, some additional informational elements emerging as useful in isolation (or, even better, as a factor among others in a holistic assessment of a consumer’s identity and risk profile) include these areas:  IP address vs. physical address comparisons; device ID or fingerprinting; and biometrics (such as voice verification).  While these tools are being used and tested in many organizations and markets, there is still work to be done to strike the right balance as they are incorporated into an overall risk-based authentication process.  False positives, cost and implementation challenges still hinder widespread use of these tools from being a reality.  That should change over time, and quickly to help with the cost of credit risk.

3. Emerging Verification Techniques – Out-of-band authentication is defined as the use of two separate channels, used simultaneously, to authenticate a customer.  For example: using a phone to verify the identity of that person while performing a Web transaction.  Similarly, many institutions are finding success in initiating SMS texts as a means of customer notification and/or verification of monetary or non-monetary transactions.  The ability to reach out to a consumer in a channel alternate to their transaction channel is a customer friendly and cost effective way to perform additional due diligence.

-- by Kennis Wong

As I said in my last post, when consumers and the media talk about fraud and fraud risk, they are usually referring to third-party frauds. When financial institutions or other organizations talk about fraud and fraud best practices, they usually refer to both first- and third-party frauds.

The lesser-known fraud cousin, first-party fraud, does not involve stolen identities. As a result, first-party fraud is sometimes called victimless fraud. However, being victimless can’t be further from the truth. The true victims of these frauds are the financial institutions that lose millions of dollars to people who intentionally defraud the system.

First-party frauds happen when someone uses his/her own identity or a fictitious identity to apply for credit without the intention to fulfill their payment obligation. As you can imagine, fraud detection of this type is very difficult. Since fraudsters are mostly who they say they are, you can’t check the inconsistencies of identities in their applications. The third-party fraud models and authentication tools will have no effect on first-party frauds.

Moreover, the line between first-party fraud and regular credit risk is very fuzzy. According to Wikipedia, credit risk is the risk of loss due to a debtor's non-payment of a loan or other line of credit. Doesn’t the definition sound similar to first-party fraud? In practice, the distinction is even blurrier. That’s why many financial institutions are putting first-party frauds in the risk bucket.

But there is one subtle difference: that is the intent of the debtor.  Are the applicants planning not to pay when they apply or use the credit?  If not, that’s first-party fraud. To effectively detect frauds of this type, fraud models need to look into the intention of the applicants.
 

-- By Ken Pruett

I find it interesting that the media still focuses all of their attention on identity theft when it comes to credit-related fraud.  Don’t get me wrong.  This is still a serious problem and is certainly not going away any time soon.  But, there are other types of financial fraud that are costing all of us money, indirectly, in the long run.  I thought it would be worth mentioning some of these today. 

Although third party fraud, (which involves someone victimizing a consumer), gets most of the attention, first party fraud (perpetrated by the actual consumer) can be even more costly.  “Never pay” and “bust out” are two fraud scenarios that seem to be on the rise and warrant attention when developing a fraud prevention program. 

Never Pay   
A growing fraud problem that occurs during the acquisition stage of the customer life cycle is “never pay”.  This is also classified as first payment default fraud.  Another term we often hear to describe this type of perpetrator is “straight roller”. 

This type of fraudster is best described as someone who signs up for a product or service -- and never makes a payment.

This fraud problem occurs when a consumer makes an application for a loan or credit card. The consumer provides true identification information but changes one or two elements (such as the address or social security number).  He does this so that he can claim later that he did not apply for the credit.  When he’s granted credit, he often makes purchases close to the limit provided on the account.  (Why get the 32 inch flat screen TV when the 60 inch is on the next store shelf -- when you know you are not going to pay for it anyway?) 

These fraudsters never make any payments at all on these accounts. The accounts usually end up in collections. 

Because standard credit risk scores look at long term credit, they often are not effective in predicting this type of fraud.  The best approach is to use a fraud model specifically targeted for this issue. 

Bust Out Fraud
Of all the fraud scenarios, bust out fraud is one of the most talked about topics when we meet with credit card companies.  This type of fraud occurs during the account management phase of the customer lifecycle.  It is characterized by a person obtaining credit, typically a loan or credit card, and maintaining a good credit history with the account holder for a reasonable period of time.  Just prior to the bust out point, the fraudster will pay off the majority of the balance, often by using a bad check.  She will then run the card up close to the limit again -- and then disappear. 

Losses for this type of fraud are higher than average credit card losses.  Losses between 150 to 200 percent of the credit limit are typical.  We’ve seen this pattern at numerous credit card institutions across many of their accounts. 

This is a very difficult type of fraud to prevent. At the time of application, the customer typically looks good from a credit and fraud standpoint.  Many companies have some account management tools in place to help prevent this type of fraud, but their systems only have a view into the one account tied to the customer.  A best practice for preventing this type of fraud is to use tools that look at all the accounts tied to the consumer -- along with other metrics such as recent inquiries.  When taking all of these factors into consideration, one can better predict this growing fraud type.   

-- By Wendy Greenawalt

When consulting with lenders, we are frequently asked what credit attributes are most predictive and valuable when developing models and scorecards. Because we receive this request often, we recently decided to perform the arduous analysis required to determine if there are material differences in the attribute make up of a credit risk model based on the portfolio on which it is applied.

The process we used to identify the most predictive attributes was a combination of art and sciences -- for which our data experts drew upon their extensive data bureau experience and knowledge obtained through engagements with clients from all types of industries. In addition, they applied an empirical process which provided statistical analysis and validation of the credit attributes included. Next, we built credit risk models for a variety of portfolios including bankcard, mortgage and auto and compared the credit attribute included in each.

What we found is that there are some attributes that are inherently predictive regardless for which portfolio the model was being developed. However, when we took the analysis one step further, we identified that there can be significant differences in the account-level data when comparing different portfolio models.

This discovery pointed to differences, not just in the behavior captured with the attributes, but in the mix of account designations included in the model. For example, in an auto risk model, we might see a mix of attributes from all trades, auto, installment and personal finance…as compared to a bankcard risk model which may be mainly comprised of bankcard, mortgage, student loan and all trades.  Additionally, the attribute granularity included in the models may be quite different, from specific derogatory and public record data to high level account balance or utilization characteristics.

What we concluded is that it is a valuable exercise to carefully analyze available data and consider all the possible credit attribute options in the model-building process – since substantial incremental lift in model performance can be gained from accounts and behavior that may not have been previously considered when assessing credit risk.

-- By Tracy Bremmer

Preheat the oven to 350 degrees. Grease the bottom of your pan. Mix all of your ingredients until combined. Pour mixture into pan and bake for 35 minutes. Cool before serving.

Model development, whether it is a custom or generic model, is much like baking. You need to conduct your preparatory stages (project design), collect all of your ingredients (data), mix appropriately (analysis), bake (development), prepare for consumption (implementation and documentation) and enjoy (monitor)!  

This blog will cover the first three steps in creating your model! 

Project design involves meetings with the business users and model developers to thoroughly investigate what kind of scoring system is needed for enhanced decision strategies. Is it a credit risk score, bankruptcy score, response score, etc.? Will the model be used for front-end acquisition, account management, collections or fraud?

Data collection and preparation evaluates what data sources are available and how best to incorporate these data elements within the model build process. Dependent variables (what you are trying to predict) and the type of independent variables (predictive attributes) to incorporate must be defined. Attribute standardization (leveling) and attribute auditing occur at this point. The final step before a model can be built is to define your sample selection.

Segmentation analysis provides the analytical basis to determine the optimal population splits for a suite of models to maximize the predictive power of the overall scoring system. Segmentation helps determine the degree to which multiple scores built on an individual population can provide lift over building just one single score.

Join us for our next blog where we will cover the next three stages of model development:  scorecard development; implementation/documentation; and scorecard monitoring. 
 

Some articles that I’ve come across recently have puzzled me.

In those articles, authors use the terms “monetary base” and “money supply” synonymously -- but those terms are actually very different.

The monetary base (currency plus Fed deposits) is a much smaller number than the money supply (M1). The huge change in the “base”, which the Fed did affect by adding $1T or so to infuse a lot of quick liquidity into the financial system late in 2007/early 2008, does not necessarily impact M1 (which includes the base plus all bank demand deposits) all that much in the short-term, and may impact it even less in the intermediate-term if the Fed reduces its holdings of securities.  Some are correct, of course, in positing that a rotation out of securities by the Fed will tend to put pressure on market rates.

Some are equivocating the 2007 liquidity moves of the Fed, with a major monetary policy change. When the capital markets froze due to liquidity and credit risks in August/September of 2007, monetary policy was not the immediate risk, or even a consideration. Without the liquidity injections in that timeframe, monetary policy would have become less than an academic consideration.

Tying the “constrained” (which actually was a slowdown in growth of) bank lending to bank reserves on account at the Fed I don’t think their Fed reserve balance was ever an issue for lending. Banks slowed down lending because the level of credit risk increased. Borrowers were defaulting. Bank deposit balances were actually increasing through the financial crisis. [See my Feb 26 and March 5 blogs] So, loan funding, at least from deposit sources was not the problem for most banks. Of course, for a small number of banks that had major securities losses, capital was being lost and therefore not available to back increased lending. But demand deposit balances were growing.

Some authors are linking bank reserves to the ability of banks to raise liabilities, which makes little sense. Banks’ respective abilities to gather demand deposits (insured by the FDIC, at no small expense to the banks) was always wide open, and their ability to borrow funds is much more a function of asset quality (or net asset value) more than it relates their relatively small reserve balances at the Fed.

These actions may result in high inflation levels and high interest rates -- but it will be because of poor Fed decisions in the future, not because of the Fed’s action of last year. It will also depend on whether the fiscal (deficit) actions of the government are: 1) economically productive and 2) tempered to a recovery, or not. I think that is a bigger macro-economic risk than Fed monetary policy.

In fact, the only way bank executives can wisely manage the entity over an extended timeframe is to be able to direct resources across all possibilities on a risk-adjusted basis. The question isn’t whether risk-based pricing is appropriate for all lines of business, but rather how might or should it be applied.

For commercial lending into the middle and corporate markets, there is enough money at stake to warrant evaluating each loan and deposit, as well as the status of the client relationship, on an individual basis. This means some form of simulation modeling by relationship managers on new sales opportunities (including renewals) and the model’s ready access to current data on all existing pieces of business with each relationship. [See my April 24 blog entry.]

This process also implies the ability to easily aggregate the risk-return status of a group of related clients and to show lenders how their portfolio of accounts is performing on a risk-adjusted basis. This type of model-based analysis needs to be flexible enough to handle differing loan structures, easy for a lender to use and quick. The better models can perform such analysis in minutes. I’ve discussed the elements of such models in earlier posts.

But, with small business and consumer lending there are other considerations that come into play. The principles of risk-based pricing are consistent across any loan or deposit. With small business lending, the process of selling, negotiating, underwriting and origination is significantly more streamlined and under some form of workflow control.

With consumer lending, there are more regulations to take into account and there are mass marketing considerations driving the “sales” process.

Agreement covers what the new owner wants now and may decide it wants in the future. This a form of strategic business risk that comes with accepting the capital infusion from this particular source.
 

-- By Kari Michel

What is your credit risk score?  Is it 300, 700, 900 or something in between?  In order to understand what it means, you need to know which score you are referencing.  Lenders use many different scoring models to determine who qualifies for a loan and at what interest rate. For example, Experian has developed many scores, such as VantageScore®..  Think of VantageScore® as just one of many credit scores available in the marketplace.

While all credit risk models have the same purpose, to use credit information to assess risk, each credit model is unique in that each one has its own proprietary formula that combines and calculates various credit information from your credit report.  Even if lenders used the same credit risk score, the interpretation of risk depends on the lender, and their lending policies and criteria may vary.

Additionally, each credit risk model has its own score range as well.  While the score range may be relatively similar to another score range, the meaning of the score may not necessarily be the same.   For example, a 640 in one score may not mean the same thing or have the same credit risk as a 640 for another score.  It is also possible for two different scores to represent the same level of risk. If you have a good credit score with one lender, you will likely have a good score with other lenders, even if the number is different.
 

• Which clients are likely to need additional products or services?
• Has your top 15 percent changed?
  • If so, who has dropped out and who should be added?
• Which of your clients have a high potential of leaving your financial institution?
• When do you shift from client retention to credit risk management? 

As I'm preparing for traveling to the Baker Hill Solution Summit next week, I thought I would revisit the ideas of risk-based loan pricing.

Risk Adjusted Loan Pricing – The Major Parts 

I have referred to risk-adjusted commercial loan pricing (or the lack of it) in previous posts. At times, I’ve commented on aspects of risk-based pricing and risk-based bank performance measurement,  but I haven’t discussed what risk-based pricing is -- in a comprehensive manner. Perhaps, I can begin to do that now, and in my next posts.

Risk-based pricing analysis is a product-level microcosm of risk-based bank performance. You begin by looking at the financial implications of a product sale from a cost accounting perspective. This means calculating the revenues associated with a loan, including the interest income and any fee-based income. These revenues need to be spread over the life of the loan, while taking into account the amortization characteristics of the balance (or average usage for a line of credit). To save effort (and in providing good client relationship management), we often download the balance and rate information for existing loans from a bank’s loan accounting system.

To “risk-adjust” the interest income, you need to apply a cost of funds that has the same implied market risk characteristics as the loan balance. This is not like the bank’s actual cost of funds for several reasons. Most importantly, there is usually no automatic risk-based matching between the manner in which the bank makes loans and the term characteristics of its deposits and/or borrowing. Once we establish a cost of funds approach that removes interest rate risk from the loan, we subtract the risk-adjusted interest expense from the revenues to arrive at risk-adjusted net interest income, or our risk-adjusted gross margin.

We then subtract two types of costs. One cost includes the administrative or overhead expenses associated with the product. Our best practice is to derive an approach to operating expense breakdowns that takes into account all of the bank’s non-interest expenses. This is a “full absorption” method of cost accounting. We want to know the marginal cost of doing business, but if we just apply the marginal cost to all loans, a large portion of real-life expenses won’t be covered by resulting pricing. As a result, the bank’s profits may suffer.

We fully understand the argument for marginal cost coverage, but have seen the unfortunate end-result of too many sales -- that use this lower cost factor -- hurt a bank’s bottom line. Administrative cost does not normally require additional risk adjustment, as any risk-based operational expenses and costs of mitigating operation risk are already included in the bank’s general ledger for non-interest expenses.

The second expense subtracted from net interest income is credit risk cost. This is not the same as the bank’s provision expense, and is certainly not the same as the loss provision in any one accounting period.  The credit risk cost for pricing purposes should be risk adjusted based on both product type (usually loan collateral category) and the bank’s risk rating for the loan in question. This metric will calculate the relative probability of default for the borrower combined with the loss given default for the loan type in question.

We usually annualize the expected loss numbers by taking into account a multi-year history and a one- or two-year projection of net loan losses. These losses are broken down by loan type and risk rating based on the bank’s actual distribution of loan balances.

The risk costs by risk rating are then created using an up-sloping curve that is similar in shape to an industry default experience curve. This assures a realistic differentiation of losses by risk rating. Many banks have loss curves that are too flat in nature, resulting in little or no price differentiation based on credit quality. This leads to poor risk-based performance metrics and, ultimately, to poor overall financial performance. The loss expense curves are fine-tuned so that over a period of years the total credit risk costs, when applied to the entire portfolio, should cover the average annual expected loss experience of the bank.

By subtracting the operating expenses and credit risk loss from risk-adjusted net interest income, we arrive at risk-adjusted pre-tax income. In my next post we’ll expand this discussion further to risk-adjusted net income, capital allocation for unexpected loss and profit ratio considerations.

1.       Portfolio Management – You should really focus on this topic in 2009.  With many institutions already streamlining the origination process, portfolio management is the logical next step.  While the foundation is based in credit quality, portfolio management is not just for the credit side. 

2.       Review of Data (aka “Getting Behind the Numbers”) – We are not talking about scorecard validation; that’s another subject.  This is more general.  Traditional commercial lending rarely maintains a sophisticated database on its clients.  Even when it does, traditional commercial lending rarely analyzes the data. 

3.       Lowering Costs of Origination – Always a shoe-in for a goal in any year!  But how does an institution make meaningful and marked improvements in reducing its costs of origination? 

4.       Scorecard Validation – Getting more specific with the review of data.  Discuss the basic components of the validation process and what your institution can do to best prepare itself for analyzing the results of a validation.  Whether it be an interim validation or a full-sized one, put together the right steps to ensure your institution derives the maximum benefit from its scorecard.

5.       Turnaround Times (Response to Client) –Rebuild it.  Make the origination process better, stronger and faster.  No; we aren’t talking about bionics here -- nor how you can manipulate the metrics to report a faster turnaround time.  We are talking about what you can do from a loan applicant perspective to improve turnaround time.

6.       Training – Where are all the training programs?  Send in all the training programs!  Worry, because they are not here.  (Replace training programs with clowns and we might have an oldies song.)  Can’t find the right people with the right talent in the marketplace? 

7.       Application Volume/Marketing/Relationship Management – You can design and execute the most efficient origination and portfolio management processes.   But, without addressing client and application volume, what good are they?

8.       Pricing/Yield on Portfolio – “We compete on service, not price.” We’ve heard this over and over again.  In reality, the sales side always resorts to price as the final differentiator.  Utilizing standardization and consistency can streamline your process and drive improved yields on your portfolio.

9.       Management Metrics – How do I know that I am going in the right direction?  Strategize, implement, execute, measure and repeat.  Learn how to set your targets to provide meaningful bottom line results.

10.    Operational Risk Management – Different from credit risk, operational risk and its management, operational risk management deals with what an institution should do to make sure it is not open to operational risk in the portfolio. Items totally in the control of the institution, if not executed properly, can cause significant loss.

What do you think? As the end of April approaches, are these still hot topics in your financial institution?

Beyond the financial risk management considerations related to a bank’s capital, which would be directly impacted by Troubled Asset Relief Program (TARP) participation, it should be clear that TARP also involves business (or strategic) risk. We have spoken in the past of several major categories of risk: credit risk, market risk, operational risk and business risk. Business risk includes a variety of risks associated with the outcomes from strategic decision making, corporate governance considerations, executive behavior (for better or worse), management succession events (Apple and Steve Jobs, for instance) or other leadership occurrences that may affect the performance and financial viability of the business.

Aside from the monetary impact on the bank’s capital position, TARP involves a new capital securities owner being in the mix. And, with a roughly 20 percent infusion of added tier one capital, we are almost always talking about a very large, new owner relative to existing shareholders. The United States Department of the Treasury is the investor or holder of the newly issued preferred stock and warrants. The Treasury Department says it does not seek voting rights, but none-the-less has gotten them in at least some cases. The real “kicker” is embedded in the Treasury’s Securities Purchase Agreement – Standard Form. 

The most interesting clause, that appears to represent a very open-ended business risk to management decision making, is one relatively small paragraph, named Amendment, in the middle of Article V - Miscellaneous, just ahead of governing law (which is federal law, backed up by the laws of the State of New York).

Amendment begins normally enough, requiring the usual signed agreement of each party, but then states: “provided that the Investor may unilaterally amend any provision of this Agreement to the extent required to comply with any changes after the Signing Date in applicable federal statutes.” Wow. My reading of this is that if in the future Congress enacts anything that Treasury finds applicable to any aspect of the previously signed TARP Agreement, the bank is bound to go along. Regardless of whether the Treasury negotiates any voting rights, once the TARP Agreement is executed by the bank, management is not only bound by what is in the document to begin with, it is subject to future federal law as long as the TARP shares are held by the government. As a result, many banks have said no thank you to TARP.

At least four banks have recently paid back $340 million to repurchase the government’s shares. And, apparently another bank has offered to pay back $1 billion but, according to Andrew Napolitano at Fox Business Channel, the offer was turned down and the bank was threatened with adverse consequences if it persisted in its attempt to get out.

More pointed and public, and much larger in size, is the dance taking place now between Chrysler Corporation, Fiat, the UAW, four lead lenders and, you guessed it, the federal government. The secured loans in question total almost $7 billion and the government wants J.P. Morgan Chase, Goldman Sachs, Citicorp and Morgan Stanley to exchange $5 billion of the loans for Chrysler stock. The banks know they would do better (for their shareholders) by selling off Chryslers assets. This is an example of why bankruptcy exists. The stakes are large and so is the business risk of the influence from the government. It will be interesting to see how things turn out.

So, this new major owner does have a voice. If Congress wants certain lending volumes or terms, or they want certain compensation levels, it needs to be enacted into federal law. Short of having to pass a law, there is the implied threat of the big stick in the TARP agreement. The Purchase Agreement covers what the new owner wants now and may decide it wants in the future. This a form of strategic business risk that comes with accepting the capital infusion from this particular source.

We have talked about: the creation of the vision for our loan portfolios (current state versus future state) – e.g. the strategy for moving our current portfolio to the future vision. Now comes the time for execution of that strategy.

In changing portfolio composition and improving credit quality, the discipline of credit must be strong (this includes in the arenas of commercial loan origination, loan portfolio monitoring, and credit risk modeling of course). Consistency, especially, in the application of policy is key. Early on in the change/execution process there will be strong pressure to revert back to the old ways and stay in a familiar comfort zone.  Credit criteria/underwriting guidelines will have indeed changed in the strategy execution.

In the coming blogs we will be discussing:

• assessment of the current state in your loan portfolio;
• development of the specific strategy to effect change in the portfolio from a credit quality perspective and composition;
• business development efforts to affect change in the portfolio composition; and 
• policy changes to support the strategy/vision.