“Each day looks wildly different.”
Tom Frantz, risk manager at Airbase, told PYMNTS that in an uncertain macro environment, as companies move increasingly online and cybercriminals become increasingly wily, the risk manager must wear a variety of different hats.
“You’ve got to get your hands dirty a bit — getting involved in all operations,” said Frantz.
The ultimate goal is to deal effectively with all manner of risk — operational risk, fraud risk, regulatory risks, credit risk … and the list goes on.
Depending on the day, and even the hour, the executive may have to pivot between acting as full-time data analytics manager to working on product launches — to perhaps even working with end customers to solve various end-user issues.
Running through it all, of course, is the payment itself, which means the risk manager has to be knowledgeable about the payments that have been made (across platforms on behalf of customers) or transactions that have not been reconciled.
Risk management, in other words, isn’t just about fighting fraud, as Frantz described it. It’s also about grappling with pretty much anything that might adversely affect a firm, from losing money to losing reputation … and risk management is also about protecting customers, too.
See also: Real-Time Insight on Costs Gives Corporates Better Line on Financial Health
To tackle those threats head on, and to do it all successfully, there’s at least some quantifiable measures to consider.
As Frantz described it, all enterprises need to set the thresholds — the dollar amounts — that they feel comfortable losing, whether in terms of losses tied to lending and credit products or through fraud. Anything up to, and including, that dollar amount can be considered a “successful run” of risk management, he said.
There’s also the advantage of collecting and analyzing data tied to past risk-and-fraud events. At a high level, a risk event is a culmination of decisions that play out at companies and platforms over time. The output might be the loss itself, but the inputs are the decisions that wind up leading to that loss, where gaps in knowledge or strategies might lie.
Plugging the Gap
“Analysis helps you plug that gap,” he said, and analysis helps craft a series of early warnings/indicators to keep executives alert to external and internal threats.
As Frantz noted, there’s also value to be gleaned from parsing the Securities and Exchange Commission filings of public companies in order to pinpoint where their own losses and risk mitigation strategies lie (which, in turn, can lead to some new approaches).
Going into more detail, he said that a truly preventative mindset involves proactively considering how and why a customer might not pay a bill or repay a loan — and how they might exploit a given platform in order to skirt their obligations.
Risk management professionals can shore up their lines of corporate defense by examining the ways bank accounts are linked, the ways prepaid debit cards may be in use and the ways in which synthetic IDs can be crafted.
Related: Voices of the CFO: Finance Leaders Flex With Strategic Demands
It’s also important to monitor the channels within companies where sensitive information is being sent and how that data might be exposed to and co-opted by fraudsters. With those real-time insights, he said, companies can more effectively decide how to allocate time, money and technology in the ever-present battle against them.
A consortium approach can also be beneficial, as competitors share data and intelligence on emerging threats that keep commerce ecosystems as safe as possible.
Looking forward, Frantz said, “You have to have an open mind and realize that risk and loss is a part of doing business — but you can make sure that ‘bigger’ and more costly events don’t have to happen in the future.”