With the rapid rise of Internet vertical e-commerce, consumer finance and other fields, the risk of fraud for users and Internet and financial platforms has also increased sharply. The Internet black and gray industry has formed a complete and mature industrial chain, with an investment scale of hundreds of billions per year and more than 10 million "practitioners" whose professionalism is also higher than that of most technical personnel, giving rise to offensive and defensive confrontations on the Internet and financial platforms. bring serious challenges.
Through risk control, we can provide one-stop, full-process automated decision-making services for business anti-fraud and credit risk control management in Internet, banking and financial scenarios. Through configuration visualization, business personnel can easily and efficiently configure risk prevention and control strategies for different scenarios and risks. At the same time, it also supports docking with models and data, realizes self-evolution through offline analysis, and better adapts to the changing speed of business risks.
Real-time anti-fraud:
Credit risk control:
Today we will talk about how to arrange risk control strategies in financial scenarios .
01 How do we formulate risk control rules?
At the risk control level, if we want to develop a risk control system, we must consider three points: accuracy, recall and stability .
The accuracy rate means that the proportion of bad users among the hit people should be as high as possible.
The recall rate refers to the number of bad users that are hit. A rule only finds a few people, even if they are all bad users, it is meaningless.
Stability is of course very important. The number of hits and the proportion of bad users among the hits need to be continuously stable. Otherwise, frequent tracking and adjustments are required.
So the details we formulate should:
-
Credit risk rules:
- Based on the customer's credit score or credit history, set the risk level and determine the credit limit based on the level.
- Based on the customer's repayment record and debt burden, set overdue repayment thresholds and trigger corresponding risk alerts or measures.
- Set caps on borrowing rates and loan terms to limit risk exposure.
-
Fraud risk rules:
- Based on historical fraud cases and patterns, set fraud indicators and risk assessment models to identify potential fraud.
- Monitor unusual transaction patterns, such as large transactions, frequent cross-border transactions, etc., and trigger risk alerts for further investigation.
- Establish a blacklist or abnormal behavior database to include known fraud and individuals involved for real-time risk identification.
-
Customer authentication rules:
- Use multi-factor authentication measures, such as passwords, fingerprint recognition, SMS verification codes, etc., to ensure the authenticity and legitimacy of customer identities.
- Set risk levels and limits, and decide whether further verification or restrictions are needed based on the customer's identity verification method and historical transaction behavior.
-
Transaction monitoring rules:
- Monitor abnormal transaction patterns, such as large transfers, frequent fund transfers, etc., and trigger risk alerts for real-time monitoring and investigation.
- Establish rules and models to detect abnormal transaction behaviors, such as abnormal transaction time, location, amount, etc., and take corresponding measures.
Of course, one of them is to comply with compliance regulatory rules, for example, ensuring compliance with anti-money laundering (AML) and counter-financing of terrorism (CFT) requirements, which I will not list here.
02 What should the core capabilities of the strategy include?
The decision engine is a set of decision-making processes, and its elements are a list of rules and the order in which the rules are executed. The former requires comprehensiveness and high differentiation, while the latter is crucial for cost optimization.
Therefore, the core capabilities of our strategy need to be able to use intelligent data analysis technology to efficiently analyze and mine large amounts of data and identify potential risks and abnormal patterns to reduce false alarm rates and costs.
On the other hand, customers are segmented and stratified according to different risk levels and characteristics, and targeted risk control strategies are formulated to avoid one-size-fits-all cost waste.
At the same time, an accurate risk assessment model can be established to accurately predict and evaluate the possibility and severity of different risks to achieve accurate risk differentiation and decision-making.
For example, if the overdue rate in certain months is relatively high and some new rules are added, and later monitoring reveals that the distinguishing ability of these rules has significantly declined, they should be canceled appropriately.
However, whether it is a rule or a model, there will definitely be a lot of manslaughter, but manslaughter is allowed, because the loss of loan principal is often dozens or even hundreds of times the interest income.
Balancing the impact of decision-making on the pass rate and the impact on risks, the impact on costs and the impact on revenue is the core capability that a good risk control system should have.
Case display
Let’s simply write a case:
Suppose we have the following data set to evaluate whether to approve a loan application:
| serial number | age | income | job type | Approval or not |
|---|---|---|---|---|
| 1 | 30 | 50 | self employed | yes |
| 2 | 25 | 40 | office worker | no |
| 3 | 35 | 60 | self employed | no |
| 4 | 40 | 70 | office worker | yes |
| 5 | 28 | 45 | self employed | no |
Based on this simplified data set, we can build a simple decision tree to help decide whether to approve a loan application. Here is an example of a possible decision tree:
年龄 <= 30?
/ \
是 / \ 否
/ \
收入 <= 50? 批准贷款
/ \
是 / \ 否
/ \
批准贷款 工作类型 = 自雇人士?
/ \
是 / \ 否
/ \
批准贷款 拒绝贷款
Decision trees decide whether to approve a loan application by comparing age, income, and job type of a sample. According to the values of different features, the decision tree branches to the corresponding nodes, and finally decides whether to approve the loan. At the same time, a new node was added under the branch where the job type is self-employed for assessing fraud risks . This node can make further judgments based on specific anti-fraud rules and characteristics, such as detecting whether there are fraudulent records, abnormal transaction behaviors, etc.
The case is quite simple and requires detailed analysis.
Conclusion
In fact, returning to our reality, what we lack in the country has never been strategies, but the determination and environment to implement the strategies. However, recent news still gives us a lot of motivation: Fighting against illegal industry across 25 provinces, accepting 183 cases, licensed financial institutions cooperated with the police to arrest 151 suspects
Let’s all work hard together
PS: Understand the risk control system