Highlights
- High-Load Automated Risk Management Solution: our system performed successful underwriting of 5+ million applications in a single year.
- Significant Security Boost: the merchant termination rate doubled based on true positive alerts and issues registered by our risk system.
- 2x Improved Capability of Handling Issues Manually: in addition to an effective automated solution, issues that require manual intervention can now be managed more effectively thanks to our risk management UI tool.
Client
The client is a Fintech industry leader with 10,000+ employees all over the world, providing innovative solutions in online and offline payments. We, at SPD Technology, have a long history of working with this company, providing several dedicated development teams to cover business-critical areas. This particular partnership has been continuing for over 5 years now and is set to extend with further development of new features and functionality.
Product
The product is a risk management solution for a payment online platform, and it’s targeted at the risk analyst teams. It offers a wide range of functionality, providing additional security for underwriting during the merchants’ onboarding process, real-time assessment, and ongoing monitoring of payment transactions. The product allows management of applications, merchant accounts, alerts, and issues via Warhammer, a risk Front-end application.
Key components of the product include:
- Underwriting service including business process models based on the Camunda platform with integrations of 3rd-party providers.
- Payment transactions real-time processing and ongoing monitoring services.
- In-house counters engine.
- In-house scoring risk rules engine.
- Front-end application for risk analysts.
Goals and objectives
- Automate the Underwriting Process: Develop algorithms and subsystems that can analyze various data points provided by merchants during the onboarding process, including financial records, business history, and credit scores. The purpose is to automate the decision-making process as much as possible, reducing the need for manual intervention during the onboarding of new merchants.
- Provide Manual Decisioning Tool: Deliver a tool for underwriters or administrators, allowing them to review the applications manually and make informed decisions, in case the automated solution cannot make a clear decision due to incomplete information or unusual circumstances.
- Implement Real-Time Transaction Monitoring: Leverage algorithms that can analyze transaction data in real time to detect any suspicious patterns or anomalies. This involves setting up rules and thresholds based on historical transaction data and previously detected fraud patterns.
- Develop Fraud Detection Functionality: Enable the solution to compare transaction details with known fraud indicators, such as unusual purchase locations and large transaction amounts. Once a potentially fraudulent transaction is identified, the system should automatically reject or flag it for further review.
- Introduce Post-Transaction Monitoring: Add functionality to continuously monitor completed transactions to identify any fraudulent activity that may have gone undetected during the real-time assessment.
- Deliver an Alert Management Tool: Provide a centralized tool for fraud analysts to manage alerts generated by the system and prioritize alerts, investigate them further, as well as take appropriate actions.
- Allow for Comprehensive Merchant Account Management: In case the fraudulent activity is confirmed, the system should provide tools for managing merchant accounts, including actions like suspending accounts, initiating investigations, and communicating with merchants regarding suspicious activities.
Project challenge
- Data Quality and Availability: access reliable data sources and deal with inconsistent and incomplete data for the successful implementation of our automated system.
- Algorithm Accuracy Tuning: achieve the right balance of data sensitivity while minimizing false positives.
- Adhering to Regulatory Compliance: ensuring that the automated underwriting and fraud detection functionality comply with relevant regulations, such as Know Your Customer (KYC) and Know Your Business (KYB).
- Scalability and Performance: prepare the system for efficiently handling increasing amounts of load and future integrations and improvements.
Solution
To implement the project, we assembled a team of 4 Back-end developers, 2 Full-stack developers, and 2 Quality Assurance specialists. Overall, if we consider experts on the client’s side, 16 experts were involved, including an additional Project Manager, Back-end developers, and QA engineers.
We started with an analysis of new product initiatives and clarification of requirements with the client. After conducting market research, stakeholder interviews, and several workshops, our team began the active design and development phase.
To build the Risk Management system’s Back-end services, we choose the Java Platform and Spring Boot. Java seemed like a natural solution, since this programming language is great for versatile enterprise-level applications, and our team has extensive experience with it, building cutting-edge solutions for our clients. Spring Boot is a popular framework for building Java-based microservices, and we decided to use it for features like dependency injection, autoconfiguration, and easy setup of RESTful APIs. Using REST APIs, as well as Kafka events, was critical for us, as they were the main way to collaborate between microservices of our system.
For modeling and automation of underwriting business processes, our experts decided to choose Camunda Platform. This platform provides tools to model, execute, and monitor business processes, and allows us to streamline various tasks and decisions involved in merchant onboarding and risk assessment.
To perform effective Know Your Customer/Know Your Business, personal and business sanctions, geolocate postal addresses, IP addresses, phones, and emails we decided to integrate with several 3rd-party providers.
Our Risk Management system also includes in-house solutions for a counters engine and a score rules engine. The counters engine is responsible for defining, initializing, updating, and resetting business counters, which are used to track various metrics and thresholds relevant to risk assessment. The score rules engine allows for the creation, configuration, and execution of score-based risk rules, enabling dynamic and customizable risk scoring logic tailored to the organization’s specific requirements.
Finally, for building user interfaces, we decided to use Node.js and React. These technologies allow us to create interactive and responsive user interfaces, facilitating a seamless user experience.
Tech Stack
- React
- Java
- Spring
- Spring Boot
- Express.js
- Elastic Search
- MySQL
- Redis
- Camunda Platform
- AWS ECS
- AWS Lambda
- AWS S3
Our results
We successfully developed a versatile Risk Management solution for our client, conducting a rigorous unit/integration, as well as automated functional testing to make sure everything is functioning as planned.
- Effective Assessment of Payment Transactions in Real-Time: we helped the client to identify and mitigate potential fraudulent activities promptly, reducing financial losses from 77 Basis Points (BPS) to 24, as well as decreasing the chargeback rate from 1% to 0.5% due to risk rules and counters optimizations in a single year.
- Extended Service Coverage: the client launched the underwriting process for merchants in Canada, while previously it was available only in the United States.
- Continuous Improvement of the System: we continue to improve underwriting processing and rules, as well as payment transactions’ real-time processing and ongoing monitoring rules. Our team plans to integrate Machine Learning models into real-time processing and ongoing monitoring of payment transactions, launch beneficial owners’ verification during onboarding of registered companies, and increase the scalability and reliability of the system. We continue to analyze and assess 3rd-party rule engines for further integration into the risk system.
Highlights Client The client is a well-established provider of business funding and real-time financing services. At the start of...
Explore Case