All senior business executives are aware of the threat of fraud facing their organizations—or at least they should be aware. But how many actually grasp the total cost of fraud (TCOF) to their enterprises or to the economy in general?
Risk and fraud management leaders need to understand what TCOF is and how to get other stakeholders in their organizations to understand its impact on their areas of the organization. Fraud can affect so many different aspects of business, so therefore it’s important to know the total costs.
Some recent industry research sheds some light on what fraud is costing companies in some industries. For example, a report by LexisNexis Risk Solutions, the 2019 True Cost of Fraud Study: E-commerce/Retail Edition, notes that for every dollar of fraud committed, U.S. retailers incur $3.13 of costs. That’s a 6.5% increase from 2018, when the cost to retailers was $2.94 for every dollar of fraud committed.
These figures were determined using the LexisNexis Fraud Multiplier, which estimates the total amount of losses a merchant incurs based on the actual dollar value of a fraudulent transaction. Fraud costs encompass dispute costs, fees, merchandise redistribution, labor, legal prosecution, and IT/software security.
The rise in mobile shopping is contributing to the growth of fraud in the industry. Among the key challenges retailers face with regard to mobile commerce are verifying the identities of cardholders; determining the source of a transaction when selling goods internationally; differentiating between a real customer and a bot; and finding a balance between preventing fraud and creating too much friction for consumers.
The mobile impact could grow substantially, as more people order goods online in the midst of the coronavirus pandemic and in the coming months.
Digital merchandise, such as gift cards, downloadable software, and cloud-based applications, appears to be a growing target for those perpetrating fraud, according to the LexisNexis Risk Solutions report. That’s because the nature of digital products makes it easier to receive the goods without the need to provide a physical address for product delivery.
Over the past year, credit card fraud has increased for merchants that sell digital goods, the report notes. Mid-sized and large ecommerce retailers that sell digital goods saw credit card fraud rise from 47% of fraud losses in 2018 to 64% in 2019.
Another report, the Global Economic Crime and Fraud Survey 2020 by consulting firm PwC, notes that fraud is a continuing threat with rising costs. The firm surveyed more than 5,000 respondents across 99 territories about their experience of fraud over the previous 24 months.
Nearly half (47%) of the organizations in the survey had experienced fraud in that time period, with an average of six frauds reported by each organization. The most common types of fraud were:
- customer fraud
- cyber crime
- asset misappropriation
There was a roughly even split between frauds committed by internal and external perpetrators.
The total cost of these crimes was a stunning $42 billion. Of those organizations that had experienced a fraud, 13% said they had lost more than $50 million.
How to Measure the Costs
In order to gain a true perspective of the impact of fraud, companies need to have ways to effectively and accurately measure the total costs.
Research firm Gartner, in its report “How to Create a Payment Fraud Detection Strategy at the Organizational Level,” provides some guidance on how risk managers can calculate the total cost of fraud and share this information with stakeholders across the organization.
The firm suggests companies develop a total cost of fraud model by taking a holistic view of all costs associated with fraud, and align this with organizational goals to determine tolerable fraud rates. In order to build an effective fraud detection strategy, Gartner says, fraud leaders must first attempt to quantify how much fraud is costing their organization.
Doing this will lead to informed discussions about how much to invest in detecting and preventing fraud, and how best to align a fraud strategy to organizational goals, the firm says.
In Gartner’s total cost of fraud model, the total cost equals fraud losses plus the tools and headcount needed to combat fraud, plus the impact on customer lifetime value.
Fraud losses include funds stolen from accounts, stolen goods and services, and chargeback costs. Tools and head count includes costs of detecting and mitigating fraud, internal systems and vendor tools, and human resources. And customer lifetime value impact includes customers directly impacted by fraud who shop or bank elsewhere, genuine customers who experienced friction or declined transactions due to overly strict fraud policies, and false positives.
The cost components in the fraud losses and tools and headcount categories should be able to be quantified to a reasonably accurate degree, Gartner says. The cost components within the customer lifetime value impact category might need to be estimated, or at least calculated with some assumptions.
“It is reasonable to assume that, in most organizations, the primary goal will be to maximize profits or revenue,” the report says. “Following on from this, it’s reasonable to assume that, in most organizations, the primary goal of the fraud detection strategy will be to minimize the total cost of fraud.”
The total cost of fraud model is just that, a model that can be shared with and used by multiple stakeholder departments within an organization to assess the impact of fraud.
As the fraud rate increases, then intuitively the TCOF will increase as well due to the growing contribution of costs attributed to incurred fraud. But if a company’s fraud detection strategy attempts to reduce the fraud rate to unrealistically low levels, the Gartner report says, this also increases the TCOF due to the costs incurred from the tools and headcount required to achieve such low fraud rates.
Customer lifetime value costs due to false positives from fraud detection attempts can also contribute to increasing the TCOF, the report notes.
As a result of these factors, there is an “optimal zone” where a degree of fraud can be considered acceptable with a view toward minimizing the TCOF for the organization, and thus aligning with the most likely organizational goal of maximizing profits or revenue.
Gartner says some organizations may, with some assumptions and modeling, be able to quantify the fraud rate and TCOF in this optimal zone. “Others may consider it a more notional concept to guide discussions around fraud detection strategy objectives,” it says. “Either way, the model serves its purpose in empowering fraud leaders to align all internal stakeholders around a shared philosophy for fraud detection.”