Fraud in Loyalty program

Algorithms Curent Affairs Enterprise Risk Management Fraud InternalAudit MembersOnly Retail Industry Robotic Process Automation RPA Uncategorized

Loyalty programs are the in thing and almost every organised retailer and large number of service providers runs the program.

The intention behind running this program is to provide reasons (being discount, future benefits, exclusivity, part of a fraternity, community, etc) to customer to shop again and again.

Besides the usual operational uncertainty regarding .. “are we attracting enough customer” to “customer need to have privacy” to “balancing SMS promotions with nuisance value”, a retailer also need to watch for misuse of the loyalty program.

Following types of misuse/ abuse are prevalent:

  1. Employee are using their account for converting walk-in to sale to loyalty customers to take benefit of points
  2. Employee are recording any loyalty customer account to convert walk-in to sale to loyalty customers to reach targets for new loyalty customers.
  3. Certain promoters (read tourist guides/ cabbies) are allowed to take the benefit of points for customer brought in by them.

Weak controls/ testing also leads to misuse/ abuse of the system:

  1. Not tracking the “Discount Code” Or “Gift Voucher”: Nothing stops a consumer to trying the same discount code or gift voucher again to get the benefits. is this benefit is person specific or transaction specific or person/ transaction from a geography specific? (unless you want customer to take the benefit)
  2. Ability to transfer the points from one account to another account: This may involve either moving rewards from one account to another or changing the credentials of the account. e.g. Now a days your mobile number is your account number. How easy is to change the mobile number in the account.
  3. Weak identity verification: Do you really know your customer? is the person is the person who S/he claims to be?
  4. Is the person doing the transaction and person earning loyalty points are the same Or they are related (how do you know that?) or they belong to same organization (how do you know that?) and who should be earning the points?
  5. Timing gap between transaction time and recording time in loyalty system.
  6. Manual discount (Ability to bypass the system based controls) due to connectivity issues.

Ways to control such frauds:

Automation

Automating the process of analytics. Your fraud program can give you alert based on certain frequency as determined by past experience. e.g. Alerts for transactions earning more points than permitted, earning of points by a customer on a single invoice more than once, performing analytics at single customer as well as organization level to ensure system is working.

Setting up the right tone:

  1. Communicating again and again.
  2. Demonstrating that fraudsters will not be tolerated.
  3. Having policies, procedures and mechanism to ensure that frauds are being detected, action taken and actions are communicated, instances are getting discussed in business meeting.

References:
http://blog.cxloyalty.com/detecting-and-preventing-loyalty-fraud-our-new-whitepaper

Call for action:
Inputs/ comments/ suggestion: I welcome inputs/ comments / suggestions from readers on how to approach this issue. Feel free to correct me, educate me.

Share the Article: If you like it, share it. If you share it with others, and they comment, we all will get more learned.

(Disclaimer: The views expressed constitute the opinion of the author and the author alone; they do not represent the views and opinions of the author ’s employers, supervisors, nor do they represent the view of organizations, businesses or institutions the author is, or has been a part of.)