Card authorizations : A risk management approach
The most fundamental feature of any credit card is its ability to authorize transactions. It requires banks to set up a settlement mechanism where incoming transaction can be sent by merchant in a open loop (Using Visa, Mastercard etc.) network or closed loop (direct link) network. It also has to be set up in a away where transactions being done at various channels (Merchant store location, websites, phone) can be processed in seamless manner.
From a risk management standpoint authorizations present two unique types of risks
- Is the authorization authentic (customer verification) to avoid fraud
- Is customer requested authorization amount be approved based on current credit line availability and account status.
In general sense credit card companies cannot decline an authorization till the point its within credit limit and is able to verify itself (through CVV, OTP etc.). However credit card issues deploy various fraud strategies to decline or refer if there is a high suspicion of fraudulent behavior which is either different from what is expected based transaction history, or is being done with higher velocity and at high risk merchants etc.
Authorization credit strategies on other hand looks at other aspects from credit standpoint. The fundamental check they do is if the request amount is higher than available credit limit, should it approve or decline. Also if the customer is past due, should the bank approve or decline incoming transaction.
The way how the approach works is two pronged. These are
Product /target segment: If the product carries lower lines and is concentrated towards subprime/marginal population, it will have higher events of customer going over limit or delinquent. On other side, products with higher lines and prime population will rarely need to go over limit .Based on risk appetite business may decide to have over limit/delinquent auth approvals.
Customer Risk profile: Customers recent credit history and credit proffile can be used to make a decision if additional credit needs to be given for request authorization. This way bank does not needs to permanently underwrite customer again and increase exposure. It is a win win situation for merchant, bank and customer where they get an optimum outcome.
Based on banks risk appetite, bank can decide to either approve or decline over limit transactions. An important factor to also keep in mind is that a declined transaction is not a great feeling for a customer, and so it can also result in aggrieved customer and attrition. Hence apart from risk, a good customer experience is also something risk managers should be kept under consideration. Its also important to monitor and review the strategies from time to time so as to adjust it for changing portfolio and external factors.
Thanks for reading. Please follow me on medium, linkedin and twitter for regular updates.