Part 2: How to Think About Risk Management During a Downturn

Risk management, particularly in FinTech, is a strong lever that can be pulled to meet financial goals. When a bleak economic outlook sends businesses & markets into cost cutting, risk management can be used to quell the panic & help steer financials towards more sustainable metrics.

In Part 1, I discussed ways to think about risk management team headcount and loss metrics/ forecasting during a downturn.

Part 2 will cover
-Part 2: Growth through risk management
-Part 2: Vendor spend

Potential Part 3
-Part 3: Automation & Scalability

Growth through risk management

Most organizations consider risk management to be a bottleneck to growth. Given a particular org structure, this may be true (and I’ll explain why it shouldn’t be later on). It takes constant efforts to align Product and GTM teams with risk management.

Fundamentally, Product/ GTM explicitly work to add more customers while retaining and growing current customers. On the other hand, risk teams are sometimes pegged specifically to a loss metric - particularly gaged at reducing and controlling that metric.

A basic example of this relationship in the structure described is a sales team trying to close a prospect on a credit product, but the Risk team can’t justify the credit limit the customer demands. The dilemma is now: lose the prospect or accept more risk. Neither team will budge on their stance, as their priorities are at odds.

How do you manage this contrast between team goals? And how does this tie into risk management during a downturn?

Adjusting the Incentives for Risk Teams

Instead of a risk team focusing solely on losses, there should be additional key metrics. These metrics should incentivize both loss control and growth - and can be flexed in order of importance during different stages of the company or economic cycle.

In order to do this, however, clear loss metrics need to be established and communicated. “As a business, we are okay losing $x in y ways - and this has been baked into the financial forecast and signed off by all stakeholders.”

This allows a risk team to manage up to that metric by placing strategic bets on accepting areas of risk that allow for additional growth (that would have otherwise been turned away). If your losses are nearing that metric, it’s a clear parameter to reduce some of the added exposure.

Once this has been established, risk teams should be tied to hitting growth numbers. A scenario would be: If your company is losing less than budgeted, keep loosening risk policy, operational criteria, and thresholds in a way that allow for more healthy growth.

In 2019, the company I was working for was slightly behind our projected growth. That delta wasn’t trending in the right direction - and every team had to look internally at what could be contributed.

My team had a fairly rigorous fraud underwriting process, that included requesting documents from “high risk” prospects at onboarding. We knew there was a ~30% drop off in conversions for that bucket of prospects, so we targeted this area. We ran an A/B test that requested documents from half of these prospects, and removed the request for the other half (instead relying on our own internal scoring and monitoring). The results were stellar, and there was a ~7% increase in conversion among those prospects. This contributed to a ~2% overall improvement in the company’s growth metrics. Losses did not materially increase, as we turned our investments into improving our internal scoring and monitoring systems.

Adjusting Enablement for GTM Teams

Clear risk parameters should be communicated to GTM teams. These considerations can then be baked into product development from the start, marketing efforts, and sales enablements.

A basic example could be time in business requirements. Maybe your credit product isn’t ideal for inception businesses, and your risk policies have been optimized for businesses with operating history that can be analyzed. Projecting this requirement to, for example, marketing would allow campaign efforts to be targeted at the right companies. Wording on your website can include these basic requirements for customer awareness, and sales teams can make customers aware of this upfront.

Lastly, enabling GTM teams to identify “high risk” characteristics early in the sales cycle is key. Training for BDR’s, AE’s, Support, Sales around fraud and credit risk signals is key. Their only focus shouldn’t be closing deals, it should also be closing legitimate, long term deals.

I’ve seen where this was not a consideration. I saw trends where 2-3 reps contributed customers that accounted for the majority of fraud and credit loss. My team hadn’t enabled them to spot risk properly, and the incentives weren’t there for them to care. If we had shared our insight and incentivized with this as a consideration, I’m sure certain prospect sourcing areas would have been reconsidered - and red flags would have been relayed to the risk team sooner.

Applying These Lessons in a Downturn

When times are good and money is flowing, growth is the mandate. Since your risk team should answer to two metrics: growth and loss - risk policies and processes can be configured to enable growth. Reducing friction, extending more favorable terms, increasing approval rates, and focusing on backend risk management systems will all contribute to growth.

When times are uncertain, it becomes crucial to contain and manage losses, especially if they’re creeping towards your pre set forecasted threshold. You can tighten how you derive and extend credit terms, begin flagging additional risk signals that have surfaced in prior loss events, and add some friction if additional verification is needed.

Risk Vendor Spend

Like many teams, risk teams contract with vendors to fill a gap that they’ve decided won’t be built in-house.

Risk vendors generally charge for products in a number of different ways, usually a combination:

• Implementation Fees (cost to stand up the tool)

• Platform fee (flat fee to use the product)

• Per call, check, transaction, or use (variable cost based on volume use of the product)

• Support fee (Payment for white glove service and support)

Since all expenses are under the microscope during a downturn, risk vendor fees are no different. How can you manage and reduce these expenses while still plugging gaps the product was intended for?

Implementation Fees

Likely this is already a sunk cost. However, if you’re negotiating a contract with a new vendor, you have leverage.

Determine where you’ll be implementing the product and where you’ll be expanding to in the future. What volume can you expect to send through the vendor this year and in future years? Is your company growing fast? Your vendor might not know these details - educate them on this.

Vendors are (or should be) more interested in the future growth you can bring through variable costs and usage expansions- leverage the strength and trajectory of your company to reduce or eliminate implementation fees altogether.

If you’re not a fast growing company, there are likely other vendor alternatives that deliver a similar service. This is your leverage.

Platform Fee

Be wary - once this number is agreed on - it’s hard to alter until the contract expires. If you’re looking to reduce expenses - smaller, newer risk vendors are likely to be your best bet. They need you more than you need them, and will be willing to give on this cost. In return you’ll provide helpful data and feedback for them to grow their product. Your price is likely transferred to dealing with gaps in the product, bugs, and a smaller scope of capabilities. Can you afford this cost? Does your team have bandwidth to manage this?

Variable Costs: Per call, transaction, check

This is likely the largest portion of the vendor cost - and an area your business has much more control over. Outside of negotiating these fees in the contract, you have a huge opportunity to leverage your product’s data to reduce the sheer volume of checks being made.

At the beginning of a vendor relationship, it’s fairly common to run 100% of a certain transaction or signal through the vendor for review. You want to catch all potential negative signals and help train the vendor’s model to improve it’s future accuracy.

As the relationship matures, the vendor’s models should be better trained at spotting anomalies in your transaction. You also begin having significant historical data from your product or platform - and start seeing similar trends and characteristics in risk events. This gives companies the ability to begin eliminating certain buckets or characteristics of transactions that have never resulted in issues or negative risk events.

Eventually, you can scope these transaction checks down to the ones with only the highest likelihood of risk - and eliminate the rest.