22/03/21 The main difficulties for startups in risk management

Many companies at the very beginning of the development of the business in the field of payments either pay insufficient attention to the risks that arise or do not pay it at all. One of the most common schemes is an attempt to delegate these risks to related departments. Most often, the IT department acts as such a performer. However, subsequently, the company's management begins to face the first financial losses from fraud or chargebacks, problems of interaction with acquirers or audits from regulators or card schemes.

The second common pattern of behavior among young companies that sell their services through online payments is the lack of an anti-fraud system that can fully ensure the security of both client funds and the company's own money. Practice shows that creating an anti-fraud system architecture, as well as building all the necessary risk processes, is as effective as possible at an early stage. However, it is quite natural that business owners, especially at the start-up stage, have limited funds and try to spend them as economically and efficiently as possible. In this article, the Riskcentr team will give detailed advice to those companies that, for whatever reason, do not yet have anti-fraud specialists and AML employees on their staff. What difficulties and solutions do new participants expect?

Fraudulent transactions

First of all, it is worth noting fraudulent transactions made both using stolen cards on the side, and as a result of phishing your own customers who will try to use your services or products.

The main method of fighting is the use of an anti-fraud system, its own development or an external solution. Each option has its pros and cons, but if you implement an anti-fraud system on your own as a temporary initial solution, you must at least cover the following restrictions and limits:

1

Quantitative and total limits for transactions in different time intervals.

2

Restrictions related to the geography of payments and the client's geolocation, i.e. the definition of the country of card issue, the country of the client's ip address, its country of registration, the country of the phone number and other parameters that are used when interacting with the client.

3

Taking into account behavioral factors, such as making several transactions in a row without obvious economic sense, questionable transactions.

4

Search of bank cards or other payment details on behalf of one client or a group of clients.

5

Mass attempts to register fake accounts, use of one-time email services or phone numbers.

6

Maintaining black and white lists.

7

Transaction monitoring.

Perhaps this is the main minimum set that your anti-fraud system should have at the initial minimum stage of implementing payments in your business.

AML and regulation

In the second place, the most difficult points are found in the field of compliance with the rules of regulators and the requirements of card schemes. And if one specialist is needed to implement AML procedures, then an employee from another field is required to comply with the requirements of the card schemes. However, our recommendation will be as follows: at the initial stage, outsourcing services or non-full-time employees are quite suitable. As a rule, in the first six months of such measures are enough.

Chargebacks losses

In third place, the main financial threat is represented by chargebacks, which are an integral part of any payment using a bank card. We strongly recommend using only 3D Secure payments, otherwise, with a very high probability, chargebacks with codes associated with fraud will be lost. Also, a significant share will be occupied by disputes with customers' disagreement on the services provided or non-delivery of goods and services. It is necessary to pay great attention to the quality of the services provided and to record all agreements with the client, which, in the case of receiving chargebacks, can be provided as evidence to the acquiring bank.

There are other threats, depending on the type of your business, but the ones described above are the most common and unavoidable when starting any startup.

The Riskcentr team wishes you a successful start-up, development and safe business!

  • Contact Us

    Contact Us

    We are absolutely confident that we can
    offer you a quality solution.

    Contact us

  • This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Federation Tower, Presnenskaya nab., 12, Moscow, 103073

We use cookies on our website. Some of them are essential for the operation of the site, while others help us to improve this site and the user experience (tracking cookies). You can decide for yourself whether you want to allow cookies or not. Please note that if you reject them, you may not be able to use all the functionalities of the site.