Executives in the legal and compliance departments at companies are key partners for risk management teams as they look to combat fraud. If a business is hit with fraudulent activity — whether from outside or inside the organization — legal and compliance issues are bound to arise.
Partner: Legal and Compliance
Main responsibilities: Legal and compliance departments are responsible for making sure organizations properly discharge their business affairs. They handle tasks such as adopting and executing rules and regulations, providing legal consultation and advice, drafting resolutions and other documents, and participating in administrative decision-making.
Compliance managers are responsible for ensuring companies comply with government and industry rules and regulations. In recent years, this function has come under particular focus from a data privacy standpoint with the emergence of new regulations such as the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA).
Whom you should be working with: Risk managers should aim to work with the executives who oversee legal and compliance functions and systems within the organization, including people with titles such as general counsel; chief legal officer; in-house counsel; vice president, legal; chief compliance officer; and vice president, compliance.
How fraud can impact this function: The legal and compliance functions are important components in an organization’s attempts to address the threat of fraud.
A January 2020 report by research firm Gartner, “How to Create a Payment Fraud Detection Strategy at the Organizational Level,” notes several challenges these areas face. One is gaining an understanding of how the organization is using multiple fraud tools, each of which might be storing customer information, including personally identifiable information (PII).
Another is making sure the organization is complying with the various data privacy regulations. Given the penalties for noncompliance with these rules, companies need to ensure they handle customer data correctly and securely. And that includes data generated by or stored in anti-fraud tools.
In addition, legal might be involved in the selection of vendors for anti-fraud tools based on privacy considerations and the impact the tools might have on customers.
Solutions to consider: Risk management executives can work with legal and compliance executives in several ways to help reduce or eliminate fraud or to minimize its impact. Following are some best practices:
- Take advantage of tools such as Email Risk Score to vet customers, vendors and other business partners, and to help confirm user identity and reduce fraud risks and losses.
- Leverage a global intelligence network that delivers immediate access to fraud signals associated with more than 40 million unique email addresses connected to IP addresses, domain names and phone numbers.
- Understand and continually review state, federal, and international data privacy and protection regulations to ensure compliance.
- Deploy a layered anti-fraud solution approach that addresses identity authentication, as well as transaction verification.
- When needed, hire outside expertise with deep data and analytics resources to help identify any legal and compliance issues related to fraud.