RiskSkill Attends WebShield’s RiskConnect Conference 2019 in Warsaw

Webshield RiskConnect Conference 2019 Warsaw

The team at Riskskill were both honoured and pleased to attend and support our friends at Web Shield and yet another successful networking conference for risk management people, this time at RiskConnect 2019 in Warsaw.

Over the 19th and 20th November, Web Shield hosted some 250 risk practitioners from across Europe and many from further afield.

There was a superb group of presenters at the event, who rewarded the audience with powerful presentations; such as:

– Keynote presenters from Süddeutsche Zeitung (Obermayer and Obermaier – who were the original ‘Panama Papers’ 2017 pulitzer-prize winners) who signed copies of their book at the conference.

– Mastercard and Visa executives who presented their visions and key changes to global chargeback and fraud rules.

– USA-based; Better Business Bureau: on the extent of global Deceptive Marketing Practices (also the title of a new publication from our hosts at Web Shield)

– G2A.com and the Belgian Gaming Commission: who presented massively engagingly upon loot boxes.

– The Royal Canadian Mounted Police talking about significant investigations into malpractice

– Deloitte and Deloitte RegTech Lab, MarketScape, Nethone, Bankingblocks, Ethoca and Crystal Blockchain all produced extraordinary presentations about current, interesting and informative topics, as did great people from Web Shield too – who also announced the launch of its multi-language training academy courses on risk management.

Fuller agenda and details on the event can be found on the Web Shield / RiskConnect website.

Bill Trueman from Riskskill moderated a lively and fascinating panel discussion on Day-1 on the rapidly emerging and poorly understood issue of loot boxes (aka loot crates) and the various views taken by individual national regulators, the card schemes and the ultimate need for a greater understanding and potential need for further clarifying regulation. The panel comprised Peter Naessens (Belgium Gaming Commission), Olav Leonov (G2A) and Markus Prause (Web Shield).

Webshield RiskConnect Conference 2019 Warsaw attended by Bill Trueman

Kevin Smith moderated a panel discussion on Day-2 on the thorny topic of deceptive marketing. The panel comprised Steve Baker (Better Business Bureau), Kyle Smith (Ethoca) and Iveta Korenciakova and Chris West (Bankingblocks). They provided further guidance, experiences and emerging challenges that pulled together a lot of the content from their earlier presentations and the entire event overall. The discussion highlighted the growth and global expansion of the ‘tricks’ used against consumers and the risk of harm (or worse) that, for example counterfeit products can cause, as well as those of unlicensed pharma and neutra products – and their often inert, harmful or even illegal ingredients.

Webshield RiskConnect Conference 2019 Warsaw attended by Kevin Smith

Christian Chmiel chaired the event in his usual calm, confident and professional manner. The common theme remains industry collaboration in what is becoming an ever complex and diverse environment.

The quote of the conference, first introduced by Peter Bayley from Visa was: “What are the brakes on a car for? …. To make the car go faster”

Books from Christian Chmiel and Markus Praus, edited by Joyrene Thomas – also available at the conference): https://about-fraud.com/author/christian-a-chmiel/
Panama Papers book on Amazon: https://www.amazon.co.uk/Panama-Papers-Breaking-Story-Powerful/dp/1786070707/ref=sr_1_1?keywords=panama+papers&qid=1574442501&sr=8-1

Bill Trueman and Kevin Smith are leading payment, risk & fraud specialists who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit websites at RiskSkill, and AIRFA.

How do we Need to Attack the Fraud Losses as They Arise and Rise?

corporate fraud prevention

Increasing fraud losses are one of the main concerns of most of the organizations worldwide. But if we take care of some points then we can minimize such fraud losses. I am mentioning some important points to minimize such fraud losses in any organization.

  1. Ensure that management are fully behind the need to address the problems and prepared to invest in the solutions even if they will take more than a few months to see pay-back. Often the payback for these things is a matter of weeks, because left without a solution the fraud rises exponentially. We often need to invest to prevent this….. again.
  1. Make sure that the problem is being measured; and any which way. There is no point in investing in a ramped up a POS identity validation or rule-sets in a solution if the problem is in the e-commerce field, and equally little point in spending money on a overseas issue or a portfolio review if we do not identify our new customers properly. So we need to measure the problem to focus our attentions on the solutions needed, but also to ensure that the right management can see the trends and start demanding the right investment in the right direction.
  1. Often we see such problems where there is investment and there is measurement and management, but no-one on the board is responsible i.e. has ‘ownership’ of the rising losses that start to kill the profitability. Someone has to be responsible and someone’s head has to be about to roll if they do not get addressed. And if someone does own the problem, usually they take action and make sure that the right things happen. Hopefully.
  1. Lastly, if the culture is not there, things suffer and fraud goes up and up and up. People have to be hungry to find the liars and cheats and attack them. People have to demand immediate action and take the fight to the crooks and cheats, and we have to be hungry to address the IT challenges, rule corrections, falling staff levels, loss of focus in the management team. We also have to work as teams and both be able to deal with the problems as we find then, to LOOK for the problems that seem to underpin the problems but also to have the function in the business to PREVENT the next possible attacks.

Bill Trueman is a leading payment, risk & fraud expert who provide payment fraud prevention consultancy services to card issuers, banks, and business organizations worldwide. For more information one can visit website at RiskSkill, apart from this Bill is also a permanent member of AIRFA.

RiskConnect 2018: The Anatomy of a Good Risk Management Strategy

Webshield Riskconnect Conference 2018 at Frankfurt

Thought leaders and industry experts met at RiskConnect conference in Frankfurt to discuss the newest challenges that risk professionals face within the payments industry and to provide hands-on knowledge they can use in their daily work. RiskConnect is organised by Web Shield, one of the leading onboarding, underwriting and monitoring solution providers.

The event started with a presentation held by Pulitzer Prize winner Carl Bernstein on fake news, the impact this has on our societies and the way truth is perceived via ‘fake news lenses’. Bernstein has preached the gospel of finding ‘the best obtainable version of truth’, stressing the fact that journalists are similar to data miners, permanently searching for info, and that their ultimate role should be connecting these data to offer the best obtainable version of truth. This ideal can be achieved if we present information in context, as simple facts presented isolated from the bigger picture do not cover the truth. A crucial role in this system is played by the validation of our data sources.

He concluded his presentation by drawing a parallel between the role of journalists and risk management professionals, as both categories use similar investigative principles to grasp the whole picture of a given situation / merchant profile, for instance. When you don’t know/suppose you know the truth you face a risk, the risk of missing out the factors that made that truth happen, of not knowing what will be the right consequences, of being part of a distorted world, hence, facing unreal consequences/facts.

What exactly is risk?

There have been a lot of debates around this concept, as it is not a fix, but a variable one, depending on the degree of risk a business/person is willing to accept, the impact the accepted risk has on the business/consumer, risk appetite, the way it makes a business/consumer feel when they take a particular risk etc.. Nevertheless, risk can be monitored/assessed due to ISO 31000 standard on ‘Risk management – Principles and guidelines on implementation’ that states that the process of risk management consists of several concrete steps, such as establishing the context and identifying potential risks and assessment – once risks have been identified, they must then be assessed as to their potential severity of impact.

According to Shaun Lavelle, Senior Vice President Risk, Payment Processing, Paysafe Group and Bill Trueman, Director, RiskSkill (http://www.riskskill.com/) the concept of high-risk is meaningless if the types of risk are not specified. Moreover, the lack of a proper risk scoring analysis can be caused by not taking into consideration operational risk, currency risk, reputational risk, fraud and regulatory risks.

For instance, at the moment there are too many shady merchants under some acquirers’ custody conducting illegal activities, such as child pornography, nutraceuticals, and unfair billing practices causing great fines applied to these acquirers by the regulators/schemes. Not to mention the different perspectives regulators have over these risks and the vast terminology used within this market (that not everyone understands/has consensus over its meaning). Within this context, risk managers plan hard – and put-in place early –warning processes and measures to avoid their business going bust.

Bitcoin, ICOs, crypto… a risky business?

Over the past few years, cryptocurrency has grown exponentially and it seems that a new cryptocurrency pops up every day (currently there are more than 1500 available). The appeal of making a fortune by joining the cryptocurrency market is enticing with mining facilities multiplying and the emergence of “Initial Coin Offerings” (ICOs). Similar with IPOs, ICOs enable startup businesses to raise capital for their projects by issuing their own digital tokens.

However, fraudsters are also exploiting this new digital asset ecosystem. For instance, there are sites that teach you how to launch an ICO in just 20 minutes, or others that through deceiving advertising trick users into thinking that they are buying ‘the next worldwide crypto’ (when actually they don’t receive anything). Also by co-opting well-known brands, such as card schemes – Mastercard, Visa – or by using celebrity names/faces in a deceiving way, ICOs can gather over 30,000 registrants in just a few days, according to the Canadian Financial Authority investigators Annie Leblanc and Maude Blanchette.

The good news is that there are regulators and authorities throughout the world, such as the North American Securities Administrators Association (NASAA), European Securities and Markets Authority (ESMA), Financial Action Task Force (FATF), and many others that monitor these fund raising activities/transactions, investigate any illegal/illicit/deceiving involvement and prosecute where needed.

How to lower the risk?

Mastercard and Visa are preparing their clients/merchants on how to deal effectively with the evolving risk management challenges. During RiskConnect, Jonathan Trivelas, Director, Customer Compliance and Fraud, Mastercard, covered Mastercard’s Business Risk Assessment and Mitigation (BRAM) program and its latest requirements concerning high risks merchants. These initiatives are called AN 1683—Addition of High-Risk Securities Merchants to the BRAM Program and Revised Standards—High-Risk Securities Merchant Registration and AN 1695—Addition of Cryptocurrency Merchants to the BRAM Program and Revised Standards— Cryptocurrency Merchant Registration and apply mainly to cryptocurrency use and chosen high-risk financial instruments trading. This includes recent developments regarding cryptocurrency merchants, high risk security traders (Binary, Forex, etc.), sports betting and high risk negative option billing merchants.

These standards came into effect on October 12th, though discussions around them have been started by Mastercard in spring 2018. Generally speaking, they apply to high risk merchants. It is also worth mentioning that ESMA (European Securities and Markets Authority) has already taken the intervention measures and temporarily prohibited the marketing, distribution or sale of binary options to retail clients. AN 1683 and AN 1695 also aim to provide legal opinions on the possibility of carrying out cryptocurrency business in a particular country.

In a world where anyone can be a merchant, everyone can be a customer, and the regulatory environment continues to extend their enforcement. Another option to lower this risk is to leverage global data points to automate and revolutionise online verifications and fraud prevention.

There are companies such as 4Stop or IdentityMind that, through the power of data, they can achieve automated risk mitigation, even for … cryptocurrency transactions, as technology has the capability to deanonymize an address on the Bitcoin network, thus attaching it to the real world identity of the person controlling it. Once this happens, all transactions made from and to this address become visible and traceable since the beginning of the blockchain and till the very last block.

Education in risk management is crucial

We have the tools and technology, we have the regulations and best practices examples, but how can risk professionals establish a knowledge base in an industry that lacks an established professional educational path and is evolving as quickly as it is? Clearly, by setting industry standards for professionalism and proficiency for the acquiring industry. There are a few associations, companies, groups like Electronic Transaction AssociationWeb ShieldMerchant Acquirer’s Committee that through programs, trainings, book releases, events, and many more are trying to offer new market players the tools to understand the risks associated with financial services.

We cannot but agree with Jason Oxman, CEO, Electronic Transactions Association who says “Through the ETA Certified Payments Professional program, as well as ETA’s new Self-Regulation Program, we are raising the level of education and professionalism in the payments industry, and events like RiskConnect help us increase awareness of the importance of global partnerships.”

We want to take this opportunity to thank the Web Shield team for inviting us for the RiskConnect event and conclude by adding Christian’s Chmiel, CEO&Founder Web Shield remark: “In the fight against fraud, education and collaboration are at least as important as technology”.

Original Source: https://www.thepaypers.com/expert-opinion/riskconnect-2018-the-anatomy-of-a-good-risk-management-strategy/776286