Cracking the Fraud ROI Maturity Curve: The Path to Sustainable Growth

Successful fraud prevention programs look different at every company. But there are certain markers of efficacy and maturity you can measure as you move up the ROI curve.

Most companies see fraud prevention as an operational expense, which makes proving ROI at every stage of your fraud program’s growth essential. I’ll break down each phase of the fraud prevention journey and the wins you experience along the way.

Walk: Get to know the business and create a fraud prevention plan

At this stage, it’s all about research, planning, and visibility. Focus on explaining what your team does, why they do it, and how they plan to get results. Here are a few ways to build a solid foundation for your fraud prevention program.

Learn the types of fraud your industry experiences

Before you can set goals, you need to know what types of fraud are common in your industry. It can be helpful to leverage others’ hard-earned intelligence as opposed to learning from fraud events at your own business. In finance, you may be fighting account takeover fraud. In retail, you may be monitoring and shutting down gray markets. Once you understand the fraud and have an initial hypothesis on how you can capture, identify, and quantify fraud events, you can collaborate with internal teams and stakeholders on a prevention strategy.

Raise awareness and educate stakeholders

Educate adjacent teams on what you’re doing and why you’re running certain programs, and be sure to document this information and make it readily available. While you may not be ready for external input or collaboration to your team’s work yet, it is critical to create a baseline understanding of what your team is doing and why. Even at a company with thousands of employees, people will have questions about your work. The more they can educate themselves and self-correct their assumptions about your efforts, the better.

Pull relevant data, set risk tolerance, and align on goals

If you are a recent fraud leader or at a new organization, you might not have reliable historical data. To get started, you can use publicly available data based on your industry to benchmark fraud loss and plan accordingly. The Association of Certified Fraud Examiners and Merchant Risk Council are good places to look. As you gather data unique to your business, expect to see your fraud KPIs and ROI diverge from industry standards.

And before you can talk about ROI, you need to understand your company’s risk tolerance and define thresholds. These are the foundational components that ultimately feed into ROI. 

Smaller teams are usually focused on financial loss mitigation. They want to reduce the number of chargebacks, fraud events, etc. Set expectations with leadership and the finance team to make sure reduction is the goal. 

Clearly define ROI calculations

If you don’t have a way to track and document your successes, it can be challenging to secure resources. To jumpstart ROI calculations of your fraud prevention program, consider tracking these common benchmarks:

  • False positives, false negatives: track how many good users you are deflecting vs. how many bad users you are letting through
  • Block rates: document the percentage of fraudulent transactions you block
  • Chargeback rates: share trends in chargebacks and note how you handle historical influxes

Run: Evaluate and onboard the resources you need 

After seeing consistent improvements in the foundational metrics that matter to your business, focus on advancing your tech stack to catch more complex fraud and streamline manual processes, and building relationships with revenue-generating teams.

Automation and the technology needed to fight fraud  

Regardless of the size of your business, fraudsters pop up at all hours. Identify the technology that can monitor activity on your platform 24/7, ease your team’s workload, and make investigations easier.

If you have someone looking at thousands of IPs all day until their eyes glaze over, find a tool to remove that work so they can focus on the more fulfilling aspects of the job. They will be grateful and able to tackle more cases each day, a new ROI metric you can report on in this phase.

Cross-team communication 

As your company grows, your marketing and growth teams may start to question fraud team activities that appear to counter their initiatives. Maybe you are actively deactivating accounts and blocking transactions that impact marketing’s growth targets. Communicate early and often with these teams to explain what you’re doing and why. 

From this point on, your metrics will be understood as contributors and detractors to other teams’ goals. You should easily be able to report on the ROI of your tech stack and how it supports sustainable growth, which puts you in a good position to advance to the next stage when you’ll begin to have shared cross-functional goals.

Fly: Fine-tune your processes and localize to global markets

As your business expands globally, you can balance reactive and proactive fraud fighting by fine-tuning your existing processes, localizing your programs, and providing more granular ROI analysis.

Goals get more complex (and so does the fraud)

At first, the goal was to show how your team tamped down on fraud. Then you increased efficiency with the right tech and team investments. Now, as a global business, you need to build predictability into your programs based on the data you’ve collected.

For instance, if you’re a US-based food delivery app or offer other on-demand services, you’ll need to account for the fact that your users in other parts of the world may not have credit cards and prefer to use cash. How do you account for and manage fraud in an offline context when you’ve only been responsible for the online world to date? The combination of cash transactions facilitated in the digital world introduces complexity — a challenge that product, fraud, risk, and finance teams generally align on. This is what you’ll find when you’re “flying” with fraud ROI maturity: the problems left to solve are inherently the more difficult ones.

Luckily, you’ve already built excellent cross-functional relationships. Leaders of these teams should be accustomed to seeing your analysis of how fraud impacts growth and revenue. In this phase, you’ll need to get more granular in your reporting with complex data visualizations, automated reports, and multiple dashboards showing how fraud impacts your business globally, and what you’re doing about it. As opposed to simply reporting on historical metrics, forecasts are increasingly common at this stage of development. You’ll have to get comfortable with programs that run at different speeds and thus will deliver what may appear to be inconsistent returns on the surface. As always, communication is key so little comes as a surprise to your stakeholders.

Specialized team members

To help with the complexities of building localized, predictable fraud models and educating other teams on what this means for their work, you may need to hire individuals with more unique skill sets across geographies. Some people are great with data or verbally communicating ideas. Quality control becomes more important, so you need someone to audit your work. And you always need people to conduct investigations.

This group of specialists adds a layer of depth to your work and provides richer reporting, enabling the teams that depend on yours to focus on increasing legitimate users and boosting revenue.  

Assume positive intent and provide support

Each stage along the ROI maturity curve is a win. Plotting where you are now will pay dividends in the future in the form of stronger ROI and most importantly, happier teams. Fraud fighting can feel like a thankless job, but the more you advocate for your team’s needs — with the data to back it up — the fewer surprises you’ll encounter along the way.

You know the value of your work and your team. Let your ROI prove it.

Tagged with: , ,
Posted in: ,
Author: Jeff Sakasegawa

Jeff Sakasegawa is Persona’s Trust & Safety Architect. With over a decade of experience in the Trust & Safety space across companies such as Google, Facebook, Square, and Sift, Jeff is an expert on Risk Management and Compliance. He is passionate about ensuring safe online experiences for all users.