By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
Insights & Stories

Risk Analytics: Invest in Your Infrastructure

Strong risk analytics capabilities come from investing in building and maintaining a wide verity of capabilities. In this article we dive deep into some of the capabilities we think are worth investing in.

Risk analytics is not about fighting fires - or it shouldn’t be. The nature of the risk management process, however, can make it feel that way. Risk teams and leaders need to ensure that they’re tracking the latest evolution of threats against their business, and that their system is robust and flexible enough to handle new problems and attacks. 

The reality that underlies that focus is that the more robust, well-monitored and user-friendly your system is, and the more confident you can be that it’s working with reliable and well-tagged data, the easier it will be to ensure that your organization is protected against whatever comes. You will be able to make better decisions and recommendations, much faster, if you are prepared.

That means that although the latest fire can feel urgent, it’s just as important to invest in your risk analytics infrastructure. 

Investing in Infrastructure

Building up your capabilities across the board makes every aspect of your department’s work easier, more efficient and more effective. It’s important that your team understands the value of well maintained infrastructure. The process of regularly reviewing, analyzing and improving your infrastructure should be a part of their work, and so they need to appreciate the value that they get from it. 

Investing in infrastructure is not a one-off activity. The initial effort to set things up or refresh things may well be a one-time project requiring multiple stakeholders, but after that, or if you’re in a company that already has strong existing capabilities, what matters is to make it a regularly scheduled priority. 

Some organizations have a team dedicated to infrastructure, while others have quarterly milestones and time set aside to review their systems and see where improvements can be made. Often, there’s an annual review where teams take a step back and look at the bigger picture. This is when you try to identify improvements or enhancement leads that should be put on the team’s roadmap.

However your organization chooses to structure it, it’s vital to track your progress so that you can communicate the value of this investment. 

Invest in Your Decisioning Dataset

We can all improve our decision dataset. You might instinctively think, this isn’t relevant to me, our data set works fine - but let’s consider just a small number of the many different avenues that you could explore. 

  • It’s not just data from the places where your system makes decisions; it’s also all the data points available to you from every checkpoint in your system. Make sure you’re considering the entire journey. 
  • You can bring in new data providers to obtain more (external) information about a customer, user, event, or element. Anything from IP geolocation to user behavior biometrics to fraud consortiums, the variety of available data providers is ever-replenishing. There are always new opportunities to get more informed.  
  • You can build custom-made data features, for instance one that measures the distance between the IP geolocation at login, and the home address. 
  • You can build custom statistical models for diverse meaningful questions - for example, the level of risk of different IP geolocation distances for different customer types and event types. 
  • You can build bad lists (e.g. IPs you know were used for fraud), and batches (lists of public location IPs, broken down by types). 
  • You can create trust tags (e.g. this IP is a good IP for this specific customer).
  • You can create risk tiers, (e.g. based on past activity this is a high risk customer, and therefore this high risk IP is even more high risk). 

All of this investment allows risk teams to make more accurate and highly tailored data-informed customer-facing decisions.

I’ve never come across a team with a decisioning dataset that was optimized in every possible way. Not only is that near-impossible given the amount of resources such an optimization would take, but also companies' data and data needs change over time. What could be nearly perfect can become highly insufficient in just 18 months. 

That said, I sympathize with everyone I’ve come across over the years who has an “it’s not broken, so don’t fix it” mentality, because this data set is so crucial to all the work we do. There is risk in making changes, and it takes meaningful effort to ensure those changes are implemented and deployed in a responsible way that does not introduce bugs or result in unintended consequences.

In fact though, it’s because your decisioning dataset has such a significant impact on your ability to reach your business goals that it’s worthwhile taking the time to think through how it could be improved - and then taking the relevant steps to drive those improvements.

Invest in Your Tagged Data

Tagged datasets are your decisions and classifications, that your team and system make after the fact of an event. The tagging might apply to an event, a data point, or a customer, and it all helps you and your system to understand your data better and use it more effectively in the future. 

The more robust you make your classifications, the easier it will be for you to understand and explain in a structured, large-scale way, what has happened before, and therefore what is likely to happen in the future. This is the capability that allows us to make sophisticated data-informed business decisions. 

It’s important to note that while we often talk about tagged data in the context of fraud specifically, and risk teams are likely to invest in their datasets in that area, investing in tagged datasets has an impact well beyond fraud. All other types of loss suffered by the business, churn, understanding customer stories and journeys (for sales, product and marketing purposes, as well as fraud), and tracking evolving trends in a variety of areas, are all important to ensuring the health and robustness of the business. 

Some tags you can work on include:

  • Your is_fraud tag
  • Your loss metrics
  • Your churn or customer activity level metrics
  • Your stories, trends, and attacks (classifying customers and events into a larger business context)
  • Classifying various user statuses

Invest in Your Monitoring Capabilities

Tagged data is after the fact. Risk teams, by nature, also need to be able to react quickly to evolving threats or trends. In order to do that you need to invest in your monitoring capabilities. 

The key goal here is to improve what you can spot, making sure that you’re tracking the variety of things that matter to your business, and also how quickly you can spot it. This allows you to react faster and to identify the direction in which things are moving before anything becomes a real problem for your business. 

There’s no perfect template for monitoring, because what really matters to your business is impacted by factors such as your industry, the types of products you sell, your main audience, the geographical market you sell to, the risks for which your team is responsible, the bad actors and threat types you typically see, and the balance your organization aims for between customer experience and risk avoidance, and so on. 

However, there are types of factors that every team should consider when it comes to monitoring - and in my experience, every company would benefit from investing in improving their monitoring capabilities. Even if you had the perfect monitoring system set up a year ago, things will have changed. Make sure you’re revisiting this challenge regularly and tweaking things accordingly. 

Some factors to consider include:

  • Anomalies
  • Spikes
  • Bugs
  • Gaps
  • Vulnerabilities
  • Trends
  • Measures to track the impact of changes you make

There’s a lot to say about monitoring, and we dive into it in greater detail in this article. For the purposes of this piece, though, the main message to take away is that even though because of its function monitoring feels like it should be a “set and forget” type of event - it really isn’t. 

Invest in Your Investigation Tools

It’s not true that we’re only as good as our tools. But having a well-designed tool sure does make a big difference. What we can do, how much we can do, how well we can do it, and how far we can reach, depends a lot on the tools available to us. 

If you have an experienced and intelligent risk management team, who understand your business and its risks in detail, and you don’t equip them with effective tools for investigation, there’s a limit to what they’re going to be able to tell you about the ongoing risks your company is facing, and what can be done about them. 

Whereas, the more you build your capabilities to investigate, the easier it will be for you to investigate quickly and accurately when needed. This matters in the moment, when something anomalous is happening that needs to be examined right away, and also to ensure that longer term trends are understood properly and treated as required. 

In a sense, investing in your investigation tools is a form of investment in your team. It’s important, therefore, for their opinions, priorities and experiences to be a part of the process by which you work out what you have, and what’s needed. Your strategy for investment in this area should be grounded in their day-to-day experience. 

These are some of the first areas I look at, when I’m evaluating whether an organization has the risk analytics investigation tooling that it needs:

  • Case review tools
  • Rule engine for automation capabilities
  • Graph engine for case-networks review
  • Simulator for business results impact analysis
  • Sample generator
  • A/B testing tool

Invest in Training

If we’re talking about investing in your team, we have to mention training as well. This is something that is often overlooked when we talk about infrastructure, but it ought to be seen as part of the broader effort to ensure your organization’s risk analysis resilience and effectiveness. 

Let’s say that you go through a full process of optimizing all the aspects we’ve discussed so far in this article. But let’s also say that you don’t educate your risk management team about the changes, or how they can use new tooling to find out more, faster, or the ways in which they can explore your expansion of tagged data or richer decisioning data, or the valuable new insights they can gain from your refreshed monitoring capabilities. 

In that scenario, you have radically diluted the impact of all the hard work you invested into improvements. Continuous education and training is vital to ensure that your team can make the most of the full range and depth of capabilities available to them. 

In the same way, it’s worth making sure that your risk professionals can prioritize time in their quarter to keep track of broader trends in your industry and in risk more generally. Incentivize them to share interestings learnings, both internal and external, so that everyone benefits and efforts are not duplicated. 

As we said about investing in infrastructure more generally, it’s important that investment in training be a regular commitment, not a one-off. This should be partly based in frequent evaluation of the gaps within the team. 

For instance, I’ve often seen that there’s certain material covered at the time of onboarding which is never reinforced later on. Most employees are somewhat overwhelmed during the “drinking from a firehose” experience of onboarding, and are likely to forget tricks and tips that are not reinforced later on. If you discover a gap of that kind, and can solve it with training, you can dramatically increase your team’s efficiency over time. 

Invest in Understanding and Refining Policies and Guidelines

Your risk management infrastructure is part of your broader organizational infrastructure - and that includes the company’s policies and guidelines. They impact the work and priorities of your own department, and the fact is that if you know the parameters of the game, it’s much easier to play.

There will be some areas where it makes sense for risk management to proactively raise an issue, have strong opinions and investigate trends and try to influence policy. There are others where risk should simply accept guidelines they receive. And there’s the full spectrum in between. 

This varies tremendously from business to business, impacted by factors including company age and culture, business type, industry, employee demographics and so on. There’s no one right answer to how to do this right. 

What is consistent, however, is that risk leaders and teams need to be aware of the impact of policies and guidelines on their own work, and willing to play an active role in this wider organizational conversation. 

More than that, it’s appropriate to draw on the risk analysis skills and investigative abilities that come naturally to risk teams, to work out which questions need to be asked in relation to a specific policy, determine what the best approach is for that, explore, analyze the data, and present the findings. 

Invest in Cross-Departmental Collaboration

One last area which is also often left out of infrastructure discussions is cross-departmental collaboration. This relates to the organization’s overall infrastructure, rather than the risk infrastructure specifically, but the two are closely entwined and optimizing the latter requires awareness of the former. 

There are 3 key areas to be aware of as part of this effort:

  • Ways in which other departments’ work impacts you.
  • Ways in which your work impacts other departments. 
  • Ways in which collaboration opens up more opportunities. 

By investing in cross-departmental collaboration, you’ll be able to make all three of these areas smoother and better leveraged across the entire organization, which in turn improves the effectiveness and efficiency of the risk team. 

It’s important to note once more that cross-departmental collaboration is something that requires continuous small investment. Regularly scheduled check-ins, lunch and learn sessions, frequent (but not too frequent!) internal communications, encouraging relationships between individual team members and so on are all important elements in establishing trust-filled, functional cross-departmental relationships. 

This foundation of respect and trust is crucial for the times when you need to work with departments who may have different priorities to yours, or have different ways of working, or when you need something urgently that doesn’t help them.  

Regular, Sustained Investment

If there’s one theme that unites the different aspects we’ve explored in this article, it’s that investing in your risk analysis infrastructure is not a single project, no matter how in-depth. 

It may start with examination, analysis and strategy for improvement, followed by a roll-out of steps to make that improvement possible. However, what makes investment meaningful and effective long-term is ensuring that it is supported by regular, sustained steps to check what’s going on, work out what’s needed to make it better, and ensure that the necessary measures are taken. 

If you’d like to talk through any of the topics in this article, or how they relate to your work, or see how we might be able to be of help to you - contact us.

We’d love to chat. We’d love to help.