Know Your Fraudster Q&A with Robert Reynolds
Know Your Fraudster Q&A with Robert Reynolds
copy gray iconlinkedin graytwitter grey

Know Your Fraudster Q&A with Robert Reynolds

June 14, 2023

This Q&A is part of the Fraud Fighters Manual, a collective set of stories from Fintech fraud fighters. Download your copy of the Fraud Fighters Manual here to read the full version.

Are there people or organizations more likely to be targets of fraud?

I think it tends to be concentric around where there’s somewhat of a fungibility in the asset that they’re stealing. So, lending is always a high-risk profile for fraud because the outcome is receiving cash, which is very easy to move and get away with. 

There can be high-value, very fungible physical goods that are easy to move. And I think those are known as high fraud-risk items. A diamond necklace, for example. There are complications with that type of fraud that require the fraudster to have reshipping fraud as a part of their process, in terms of having a valid address to ship the item to and then ship it overseas or wherever the fraud is occurring. 

So, physical fraud increases logistical complexity and improves failure rates. But it really is just a kind of basic economic calculation of what’s the gross margin on the stolen identity that I have. Anywhere where that calculus becomes net positive, I think you’re going to find fraud. People are willing to take things for free regardless of how low value you may perceive them to be. Free is still free. 

Have you ever been surprised by a fraud?

Earlier in my career, I’d think of physical documents as being maybe fakeable but obvious when they are faked. And now I think that is wildly untrue. 

Any physical documentation requirement upload—like a pay stub or a bank statement—to accomplish anything, there will always be a boatload of fraud in those environments. You can see really advanced editing methods and/or finding valid formats for distributing that information. 

When I was a little younger, I was very surprised to find the amount of effort that the fraudsters would and could put into making those documents appear to be pure and valid. And you know, you have companies like Pinwheel today that give you access to the “source of truth” information that makes it that much more difficult for frauds. You kind of take out the middleman. You’re not uploading documents; you’re receiving them from the source. 

But on the other side of the equation, something that really, really surprised me was that fraudster ring that was extorting actual people to take out loans. You have these cohorts of consumers who are objectively good and show no fraud patterns. They have normal behavioral characteristics; they don’t fit into any of the normal first-party fraud characterizations. 

And you are just questioning: Why are there so many problems with this cohort of users? 

When you figure out what’s going on, it’s somewhat terrifying. It’s a movie scenario: someone essentially with a gun to their head, being told to do fraudulent things. That is happening in the real world, and it’s very hard to stop. 

What are the most vulnerable processes fraudsters most frequently target? 

They target physical documentation. They target humans as a point of weakness. 

They will actively try and get pushed into call center operations or customer service agents to evade policies that are in place and try to reverse engineer them. And they are boisterous, and people fold under the pressure of someone being boisterous and maybe give them information that they shouldn’t have. 

I think humans are always the greatest point of failure—anywhere where human process is involved. And that tends to be like physical documentation in person or contact center interactions. 

Fraudsters are becoming better and better, and the digital detection side of it is becoming more difficult. 

How do you see fraud continuing to evolve in the future? 

I think the fraud prevention strategies that most people have available, and the types of data sources that most companies use to try and verify identities, have been relatively stagnant for quite a long time. 

Outside of the behavioral characteristics, I have your email address that I can maybe verify the longevity of and the quality of. I have your phone number that I can verify the longevity and quality of, and I can even potentially call it. 

But I think the prevention tactics become more well-known, and people rely very heavily on those types of passive verification tools and things like device fingerprinting to stop large fraud rings. But the more well-known the tools are, the more readily available ways to evade those tools become. 

And I do personally worry that the innovation on the prevention side is slower than the innovation on the attack side. The tactics that currently exist are somewhat in terms of their effectiveness, and people need to start becoming a lot more invested in things like AI and machine learning to help really stop fraud in a more effective manner. Basic business logic is no longer going to cut it. 

Are there any common mistakes or assumptions you commonly run into regarding fraudsters or fraud? 

Organizations tend to not have dynamic enough policies in place to stop fraud. I think the fraud is going to adapt very quickly to the choices that you’ve made to prevent it, and you may feel great about the fact that you’re preventing a known set of fraud, but I think it gives you a false sense of security. And I think for companies that I’ve worked for or worked with to try and help them build better strategies for fraud prevention, you find that they think fraud is more of a “set it and forget it” type of relationship. I think that is very disingenuous to the state of the ecosystem. 

On a more tactical level, I’ve encountered companies that think that certain types of verification tools can be relied on very heavily, things like biometric authentication, or take a picture of yourself, take a picture of your driver’s license. They think that it’s not possible for fraud to exist in channels where those tools exist. And I think that is also like a fatal assumption to assume that any of your tools are perfect in their ability to prevent fraud. 

Tell us a little about the different types of fraud you encounter in digital environments.

Broadly speaking, everyone says first-party fraud and third-party fraud, but I think there’s a lot more nuance to that. 

There’s true first-party fraud where the person has no intent to repay. In a lending environment, it’s sometimes called friendly fraud as well. 

There’s also family fraud, but it doesn’t feel quite honest to place it next to true ID theft or actual fraud rings. Family fraud is when you have someone who is very close to the victim and can easily represent their identity, misrepresenting the state of their interest or needs. And that could be a spouse, caregiver, or another family member. 

Then you have true third-party fraud, obviously with ID theft. It can manifest primarily digitally—in the form of information gleaned from the dark web or stolen information from phishing websites—but it can also manifest physically in the real world. 

And I’ve actually had experience with this where we had fraud rings that were operating in different states in the United States. They were going to people and putting weapons to them and saying, “Apply for these loans, and we’re going to take the proceeds and run away with them.” So, it’s, in some sense, first-party fraud because it was real information, but it truly was a third-party fraud ring that was manipulating first-party actors into committing the fraudulent deed. 

And then, an entirely separate type of fraud, synthetic fraud, combines real and/or fabricated identity characteristics to effectively spoof the credit reporting agencies into creating “Frankenstein” identities. And that’s a separate problem that is generally more resolvable through vendor relationships and/or data analysis. 

What is the most common type of fraudster seen in fraud prevention?

The most common that people quantify is third-party fraud because it tends to come with the strongest external dependent variable, which is people filing things like ID theft claims. 

The things that go most underrepresented are likely first-party fraud. In a typical lending environment, they will often get rolled into normal delinquencies because it’s very difficult to suss out the difference between credit risk, for example, and unwillingness to pay in the context of a loan environment. 

Synthetic fraud is very difficult to identify purely because there is no one adversely affected by the fraud. There is no true identity that is kind of potentially exposed to loss, and the recourse of marking up someone’s credit report is nothing when that person doesn’t exist. 

Are there any atypical types of fraudsters that you’ve encountered or that you see emerging? 

You allow normal good people to open accounts, take loans, whatever it may be in whatever the context of your business. And then, those individuals get phished, and fraudsters take over their accounts or manipulate call centers or operation centers to take negative action against those accounts. 

I think there’s definitely an uptick in that threat vector, primarily because a lot of the prevention methods tend to exist at the top of the funnel for businesses. So, once an account is open and the person seems to be good, it’s tough to reevaluate that constantly, and it creates opportunity for fraud when the focus is elsewhere. 

Do you think companies have robust enough KYC/KYB policies? Why or why not?

Generally speaking, in my experience, if you take KYC as an example, the regulatory requirements for KYC are fairly broad: “Do you feel confident that you know the person who is applying for a loan?” The methods that companies use to satisfy their KYC requirements vary quite widely and, in my experience, tend to be somewhat derivative—or at least additive to actual fraud prevention methodologies. 

How do you say that the person that you are looking at is not falling into any of the groups discussed above? The legal requirements are fairly thinly veiled in terms of whether you feel reasonably confident that you know who the person is and that this is the person who they say they are. The only way to really accomplish that is to layer multiple types of fraud strategies into place. You have to create a tiered approach, layered approach, and targeted approach to stop all these different kinds of fraud.

In the case of KYB, where you’re verifying the legitimacy of a company or organization to assess the risk of doing business with them, that’s more acutely associated with the actual legitimacy of the business. In that sense, just meeting the bare minimum of the legal requirement is not going to be nearly enough actually to prevent and mitigate fraud. 

What provides the most friction when companies create KYC/KYB policies? 

I think the main friction point is that if you want no fraud, you’ll have no volume run through your business. 

Where do you decide the right management point is for acceptable risk tolerance beyond meeting the KYC requirements? I think every business activity does meet those requirements. But if we’re truly talking about fraud prevention above and beyond, the friction really exists. And how much friction do I want to introduce to my process to try and become incrementally savvier to fight against the different types of fraud? Managing those cutoffs and trying to get accurate dependent variables to model and/or evaluate against is very, very difficult. 

What real fraud looks like can be hard to determine. In the case of first-party fraud, how do I know someone is defrauding me? How do I know they had an unwillingness to repay? Creating a definition to surmise that is very hard because the person won’t tell you, “Oh yeah, at the time that I applied for this, I had no intention to repay.” 

I think, on the KYB side, it’s largely that institutions are somewhat disincentivized from wanting to weed out potential clients or potential vendors. So, you have to create a system of true governance. One that can have the right kind of checks and balances in place to ensure that the motivations of individual employees to solve a specific problem are not the antithesis of what your KYB strategy needs to be successful.

What do you think organizations most commonly get wrong about their KYC/KYB policies or strategies? 

I think organizations on the KYC side don’t put enough effort into evaluating. And I think this requires true human intervention, like evaluating and categorizing fraud into different categories and coming to good definitions. Like, this is what happened to this application or this consumer and putting them into those buckets: this was true third-party fraud; this was true first-party fraud. And being diligent about sampling enough of your consumer data is not just to trust the definitions you have in place but staying vigilant and trying to observe new types of fraud. 

Understand that you need to be constantly updating and changing your strategies to have a real, solid KYC strategy, especially when you’re dealing with third-party fraud. You’re effectively fighting against an enemy with unlimited time and unlimited resources. The idea that they’re not going to change their strategies in response to your tactics is somewhat foolhardy. You need dedication to updating and changing. 

I think KYB success relies very, very heavily on governance and process control to ensure compliance. Because the incentives of the business are not against the objectives of KYB, but they can be at odds with each other. People tend to want to get stuff done and get it done quickly. This type of governance to prevent fraud and make sure you don’t get juked is just an additional process that people need to follow. 

Are there any behavioral characteristics that you think should be watched regarding how a fraudster would behave?

Behavioral fraud prevention is easily one of the most effective forms of fraud prevention. 

I know what a good customer looks like, how they act, how much time they spend doing things, how often, and how they communicate with me. And I think one of the hardest things for fraudsters to determine is what the profile of a normal consumer looks like and to mirror it. 

So, when you look at event tracking or behavioral tracking and building models around it, the behavioral characteristics are some of the most indicative data sources that exist to mitigate some of the more advanced fraud tactics. 

Could you give an example of how a fraudster’s behavior would differ from an ordinary user’s? 

They’re going to spend just different amounts of time doing different things on your application or doing different things on your site. They’re going to click their mouse in different ways. Typically, if they’re a large third-party fraud ring that needs to automate the flow through your application process, their ability to create normal patterns of traffic for large amounts of volume is going to be relatively challenging—or can be challenging for certain types of fraud. 

So, the locations where they click on buttons or mouse movement, whether they tab through applications or prefill data, the types of devices they use, or the way they use those devices through the application processes, I consider all of those to be behavioral in a sense. 

Kind of the sum of the parts is that you find clusters of users who tend to have behavior that is atypical. Those clusters of users tend to be related, and the relationship is usually fraud.

One of the cool things that I think more businesses should do is to not necessarily decline or weed out the fraud as early as possible. You identify it and just kind of let them do their thing, and then at the very last moment, you prevent it. That just allows you to acquire more behavioral information about the fraudsters themselves and use that for clustering or analytical purposes to identify future fraud with this same kind of risk profile. 

What do you think is the single most important thing a company can do to identify potential bad actors?

I think the most important thing is to be aware of the types of fraud that exist and put great, great, great concerted effort into things like manually vetting loans, accounts, and customers that have been a part of your system for a long time. Manually reviewing them and putting actual thought into it. Is this person actually good? Is this person actually bad? And why? Categorizing things in a way that gives you better data for analysis. 

You can represent uncertainty in that data and evaluate against uncertainty; that’s fine. But you have fraud, for example, that will open accounts and pay loans for nine straight months and then blow the account out, or open bank accounts and be a normal deposit user for a year and then wait for their moment and over-leverage the account. 

And there are definite patterns in those accounts where you would look back and realize the stupidity of not noticing what they were doing previously. But I think it’s because people tend to think, “If I don’t have a problem at day zero, I’m going to be happy and not think more critically about this book of consumers that exist within my ecosystem.” 

You have to be very vigilant about putting human effort into analysis and critical thought—really evaluating things.

linkedin gray logotwitter gray logo
Insights

Know Your Fraudster Q&A with Robert Reynolds

Insights

Know Your Fraudster Q&A with Robert Reynolds

Challenge

checkmark icon
Solution

Ready to discover what Pinwheel can do for you?

Get Started ➔

This Q&A is part of the Fraud Fighters Manual, a collective set of stories from Fintech fraud fighters. Download your copy of the Fraud Fighters Manual here to read the full version.

Are there people or organizations more likely to be targets of fraud?

I think it tends to be concentric around where there’s somewhat of a fungibility in the asset that they’re stealing. So, lending is always a high-risk profile for fraud because the outcome is receiving cash, which is very easy to move and get away with. 

There can be high-value, very fungible physical goods that are easy to move. And I think those are known as high fraud-risk items. A diamond necklace, for example. There are complications with that type of fraud that require the fraudster to have reshipping fraud as a part of their process, in terms of having a valid address to ship the item to and then ship it overseas or wherever the fraud is occurring. 

So, physical fraud increases logistical complexity and improves failure rates. But it really is just a kind of basic economic calculation of what’s the gross margin on the stolen identity that I have. Anywhere where that calculus becomes net positive, I think you’re going to find fraud. People are willing to take things for free regardless of how low value you may perceive them to be. Free is still free. 

Have you ever been surprised by a fraud?

Earlier in my career, I’d think of physical documents as being maybe fakeable but obvious when they are faked. And now I think that is wildly untrue. 

Any physical documentation requirement upload—like a pay stub or a bank statement—to accomplish anything, there will always be a boatload of fraud in those environments. You can see really advanced editing methods and/or finding valid formats for distributing that information. 

When I was a little younger, I was very surprised to find the amount of effort that the fraudsters would and could put into making those documents appear to be pure and valid. And you know, you have companies like Pinwheel today that give you access to the “source of truth” information that makes it that much more difficult for frauds. You kind of take out the middleman. You’re not uploading documents; you’re receiving them from the source. 

But on the other side of the equation, something that really, really surprised me was that fraudster ring that was extorting actual people to take out loans. You have these cohorts of consumers who are objectively good and show no fraud patterns. They have normal behavioral characteristics; they don’t fit into any of the normal first-party fraud characterizations. 

And you are just questioning: Why are there so many problems with this cohort of users? 

When you figure out what’s going on, it’s somewhat terrifying. It’s a movie scenario: someone essentially with a gun to their head, being told to do fraudulent things. That is happening in the real world, and it’s very hard to stop. 

What are the most vulnerable processes fraudsters most frequently target? 

They target physical documentation. They target humans as a point of weakness. 

They will actively try and get pushed into call center operations or customer service agents to evade policies that are in place and try to reverse engineer them. And they are boisterous, and people fold under the pressure of someone being boisterous and maybe give them information that they shouldn’t have. 

I think humans are always the greatest point of failure—anywhere where human process is involved. And that tends to be like physical documentation in person or contact center interactions. 

Fraudsters are becoming better and better, and the digital detection side of it is becoming more difficult. 

How do you see fraud continuing to evolve in the future? 

I think the fraud prevention strategies that most people have available, and the types of data sources that most companies use to try and verify identities, have been relatively stagnant for quite a long time. 

Outside of the behavioral characteristics, I have your email address that I can maybe verify the longevity of and the quality of. I have your phone number that I can verify the longevity and quality of, and I can even potentially call it. 

But I think the prevention tactics become more well-known, and people rely very heavily on those types of passive verification tools and things like device fingerprinting to stop large fraud rings. But the more well-known the tools are, the more readily available ways to evade those tools become. 

And I do personally worry that the innovation on the prevention side is slower than the innovation on the attack side. The tactics that currently exist are somewhat in terms of their effectiveness, and people need to start becoming a lot more invested in things like AI and machine learning to help really stop fraud in a more effective manner. Basic business logic is no longer going to cut it. 

Are there any common mistakes or assumptions you commonly run into regarding fraudsters or fraud? 

Organizations tend to not have dynamic enough policies in place to stop fraud. I think the fraud is going to adapt very quickly to the choices that you’ve made to prevent it, and you may feel great about the fact that you’re preventing a known set of fraud, but I think it gives you a false sense of security. And I think for companies that I’ve worked for or worked with to try and help them build better strategies for fraud prevention, you find that they think fraud is more of a “set it and forget it” type of relationship. I think that is very disingenuous to the state of the ecosystem. 

On a more tactical level, I’ve encountered companies that think that certain types of verification tools can be relied on very heavily, things like biometric authentication, or take a picture of yourself, take a picture of your driver’s license. They think that it’s not possible for fraud to exist in channels where those tools exist. And I think that is also like a fatal assumption to assume that any of your tools are perfect in their ability to prevent fraud. 

Tell us a little about the different types of fraud you encounter in digital environments.

Broadly speaking, everyone says first-party fraud and third-party fraud, but I think there’s a lot more nuance to that. 

There’s true first-party fraud where the person has no intent to repay. In a lending environment, it’s sometimes called friendly fraud as well. 

There’s also family fraud, but it doesn’t feel quite honest to place it next to true ID theft or actual fraud rings. Family fraud is when you have someone who is very close to the victim and can easily represent their identity, misrepresenting the state of their interest or needs. And that could be a spouse, caregiver, or another family member. 

Then you have true third-party fraud, obviously with ID theft. It can manifest primarily digitally—in the form of information gleaned from the dark web or stolen information from phishing websites—but it can also manifest physically in the real world. 

And I’ve actually had experience with this where we had fraud rings that were operating in different states in the United States. They were going to people and putting weapons to them and saying, “Apply for these loans, and we’re going to take the proceeds and run away with them.” So, it’s, in some sense, first-party fraud because it was real information, but it truly was a third-party fraud ring that was manipulating first-party actors into committing the fraudulent deed. 

And then, an entirely separate type of fraud, synthetic fraud, combines real and/or fabricated identity characteristics to effectively spoof the credit reporting agencies into creating “Frankenstein” identities. And that’s a separate problem that is generally more resolvable through vendor relationships and/or data analysis. 

What is the most common type of fraudster seen in fraud prevention?

The most common that people quantify is third-party fraud because it tends to come with the strongest external dependent variable, which is people filing things like ID theft claims. 

The things that go most underrepresented are likely first-party fraud. In a typical lending environment, they will often get rolled into normal delinquencies because it’s very difficult to suss out the difference between credit risk, for example, and unwillingness to pay in the context of a loan environment. 

Synthetic fraud is very difficult to identify purely because there is no one adversely affected by the fraud. There is no true identity that is kind of potentially exposed to loss, and the recourse of marking up someone’s credit report is nothing when that person doesn’t exist. 

Are there any atypical types of fraudsters that you’ve encountered or that you see emerging? 

You allow normal good people to open accounts, take loans, whatever it may be in whatever the context of your business. And then, those individuals get phished, and fraudsters take over their accounts or manipulate call centers or operation centers to take negative action against those accounts. 

I think there’s definitely an uptick in that threat vector, primarily because a lot of the prevention methods tend to exist at the top of the funnel for businesses. So, once an account is open and the person seems to be good, it’s tough to reevaluate that constantly, and it creates opportunity for fraud when the focus is elsewhere. 

Do you think companies have robust enough KYC/KYB policies? Why or why not?

Generally speaking, in my experience, if you take KYC as an example, the regulatory requirements for KYC are fairly broad: “Do you feel confident that you know the person who is applying for a loan?” The methods that companies use to satisfy their KYC requirements vary quite widely and, in my experience, tend to be somewhat derivative—or at least additive to actual fraud prevention methodologies. 

How do you say that the person that you are looking at is not falling into any of the groups discussed above? The legal requirements are fairly thinly veiled in terms of whether you feel reasonably confident that you know who the person is and that this is the person who they say they are. The only way to really accomplish that is to layer multiple types of fraud strategies into place. You have to create a tiered approach, layered approach, and targeted approach to stop all these different kinds of fraud.

In the case of KYB, where you’re verifying the legitimacy of a company or organization to assess the risk of doing business with them, that’s more acutely associated with the actual legitimacy of the business. In that sense, just meeting the bare minimum of the legal requirement is not going to be nearly enough actually to prevent and mitigate fraud. 

What provides the most friction when companies create KYC/KYB policies? 

I think the main friction point is that if you want no fraud, you’ll have no volume run through your business. 

Where do you decide the right management point is for acceptable risk tolerance beyond meeting the KYC requirements? I think every business activity does meet those requirements. But if we’re truly talking about fraud prevention above and beyond, the friction really exists. And how much friction do I want to introduce to my process to try and become incrementally savvier to fight against the different types of fraud? Managing those cutoffs and trying to get accurate dependent variables to model and/or evaluate against is very, very difficult. 

What real fraud looks like can be hard to determine. In the case of first-party fraud, how do I know someone is defrauding me? How do I know they had an unwillingness to repay? Creating a definition to surmise that is very hard because the person won’t tell you, “Oh yeah, at the time that I applied for this, I had no intention to repay.” 

I think, on the KYB side, it’s largely that institutions are somewhat disincentivized from wanting to weed out potential clients or potential vendors. So, you have to create a system of true governance. One that can have the right kind of checks and balances in place to ensure that the motivations of individual employees to solve a specific problem are not the antithesis of what your KYB strategy needs to be successful.

What do you think organizations most commonly get wrong about their KYC/KYB policies or strategies? 

I think organizations on the KYC side don’t put enough effort into evaluating. And I think this requires true human intervention, like evaluating and categorizing fraud into different categories and coming to good definitions. Like, this is what happened to this application or this consumer and putting them into those buckets: this was true third-party fraud; this was true first-party fraud. And being diligent about sampling enough of your consumer data is not just to trust the definitions you have in place but staying vigilant and trying to observe new types of fraud. 

Understand that you need to be constantly updating and changing your strategies to have a real, solid KYC strategy, especially when you’re dealing with third-party fraud. You’re effectively fighting against an enemy with unlimited time and unlimited resources. The idea that they’re not going to change their strategies in response to your tactics is somewhat foolhardy. You need dedication to updating and changing. 

I think KYB success relies very, very heavily on governance and process control to ensure compliance. Because the incentives of the business are not against the objectives of KYB, but they can be at odds with each other. People tend to want to get stuff done and get it done quickly. This type of governance to prevent fraud and make sure you don’t get juked is just an additional process that people need to follow. 

Are there any behavioral characteristics that you think should be watched regarding how a fraudster would behave?

Behavioral fraud prevention is easily one of the most effective forms of fraud prevention. 

I know what a good customer looks like, how they act, how much time they spend doing things, how often, and how they communicate with me. And I think one of the hardest things for fraudsters to determine is what the profile of a normal consumer looks like and to mirror it. 

So, when you look at event tracking or behavioral tracking and building models around it, the behavioral characteristics are some of the most indicative data sources that exist to mitigate some of the more advanced fraud tactics. 

Could you give an example of how a fraudster’s behavior would differ from an ordinary user’s? 

They’re going to spend just different amounts of time doing different things on your application or doing different things on your site. They’re going to click their mouse in different ways. Typically, if they’re a large third-party fraud ring that needs to automate the flow through your application process, their ability to create normal patterns of traffic for large amounts of volume is going to be relatively challenging—or can be challenging for certain types of fraud. 

So, the locations where they click on buttons or mouse movement, whether they tab through applications or prefill data, the types of devices they use, or the way they use those devices through the application processes, I consider all of those to be behavioral in a sense. 

Kind of the sum of the parts is that you find clusters of users who tend to have behavior that is atypical. Those clusters of users tend to be related, and the relationship is usually fraud.

One of the cool things that I think more businesses should do is to not necessarily decline or weed out the fraud as early as possible. You identify it and just kind of let them do their thing, and then at the very last moment, you prevent it. That just allows you to acquire more behavioral information about the fraudsters themselves and use that for clustering or analytical purposes to identify future fraud with this same kind of risk profile. 

What do you think is the single most important thing a company can do to identify potential bad actors?

I think the most important thing is to be aware of the types of fraud that exist and put great, great, great concerted effort into things like manually vetting loans, accounts, and customers that have been a part of your system for a long time. Manually reviewing them and putting actual thought into it. Is this person actually good? Is this person actually bad? And why? Categorizing things in a way that gives you better data for analysis. 

You can represent uncertainty in that data and evaluate against uncertainty; that’s fine. But you have fraud, for example, that will open accounts and pay loans for nine straight months and then blow the account out, or open bank accounts and be a normal deposit user for a year and then wait for their moment and over-leverage the account. 

And there are definite patterns in those accounts where you would look back and realize the stupidity of not noticing what they were doing previously. But I think it’s because people tend to think, “If I don’t have a problem at day zero, I’m going to be happy and not think more critically about this book of consumers that exist within my ecosystem.” 

You have to be very vigilant about putting human effort into analysis and critical thought—really evaluating things.

Always stay up to date

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
View our Privacy Policy   ➔

Up next

Why credit unions have a neighborhood advantage

Why credit unions have a neighborhood advantage

n an era dominated by digital innovation, physical branches remain relevant—and even essential. While many national financial institutions are doubling down on digital channels and closing branches, 60% of new accounts are still being opened in person. This underscores a critical competitive differentiator for credit unions, who maintain a unique home town advantage.

Read more  ➔
The Product Pulse

The Product Pulse

Pinwheel Pulse is where we share recent highlights on our journey to building solutions that drive primacy and unlock the potential of payroll connectivity.

Read more  ➔
Introducing Bill Navigator

Introducing Bill Navigator

A new and powerful tool for banks to leverage in their battle for primacy.

Read more  ➔
PreMatch results are In

PreMatch results are In

We began beta testing our groundbreaking new solution for authorizing payroll accounts in Q1 2024. And we’re thrilled to share that the industry’s only 100% credential-less solution that automatically identifies users’ payroll accounts is living up to the hype.

Read more  ➔
How we achieve the industry’s best conversion rates

How we achieve the industry’s best conversion rates

Pinwheel Prime’s intelligent waterfall covers 100% of U.S. payroll scenarios and delivers 30% more successful conversions than any other provider in the industry.

Read more  ➔
Automated direct deposit is powering the next generation of growth for credit unions

Automated direct deposit is powering the next generation of growth for credit unions

Neo-banks like Cash App and Chime have mastered the art of digital onboarding, leveraging automated direct deposit features as a key driver of customer acquisition and long-term engagement. By investing in payroll integrations that deliver a seamless direct deposit enrollment option during onboarding, these fintech giants have grown their actively funded user base at hyper speeds.

Read more  ➔
Nassau Financial Credit Union Selects Pinwheel As Direct Deposit Switch Partner

Nassau Financial Credit Union Selects Pinwheel As Direct Deposit Switch Partner

Nassau Financial’s mission is to improve the financial well-being of each member in the communities we serve, reflecting the credit union philosophy of "People helping people."

Read more  ➔
Perpay increases direct deposit conversion rate for eligible users by 2.19x with Pinwheel PreMatch

Perpay increases direct deposit conversion rate for eligible users by 2.19x with Pinwheel PreMatch

Implementation of the Pinwheel Prematch feature took Perpay only 3 weeks, after which they saw an immediate performance uplift. For Perpay customers eligible for PreMatch, they saw a 2.19x increase to switch success rate, and an 11% overall switch conversion improvement.

Read more  ➔
Success rate for EECU’s deposit change feature improves by over 50% after switching to Pinwheel PreMatch

Success rate for EECU’s deposit change feature improves by over 50% after switching to Pinwheel PreMatch

Read more  ➔
SafeLink expands access to frictionless experiences

SafeLink expands access to frictionless experiences

In the ever-evolving landscape of banking and fintech, winning the primary banking relationship has never been more difficult. In our recent white paper, Primacy in personalized banking: a moving target, we reveal new consumer insights that emphasize the importance of offering seamless digital experiences to win and keep customers. 

Read more  ➔
Primacy in personalized banking: A moving target

Primacy in personalized banking: A moving target

Learn about changes to consumer behavior that have affected financial institutions' ability to achieve and defend primacy.

Read more  ➔
Industry leaders talk consumer bank switching behaviors

Industry leaders talk consumer bank switching behaviors

Are you curious about the latest behavioral trends in consumer banking? Do you want to know how top financial institutions are adapting to meet evolving customer needs? 

Read more  ➔
What drives primacy with today’s consumer?

What drives primacy with today’s consumer?

Discover what consumers believe is needed for bank account primacy, and what really motivates them to switch.

Read more  ➔
Why  are consumers on the move?

Why are consumers on the move?

See what's driving the acceleration of bank switching across generations.

Read more  ➔
The branch of the future

The branch of the future

With most banks focusing investments on digital and reducing branch networks, 60% of new accounts are still being opened in branch. For decades, bank branches have been a cornerstone of everyday life in America’s cities and towns. But these days, branches are getting harder and harder to come by. By the end of 2023, the number of bank branches in the U.S.

Read more  ➔
Giving credit where it’s due

Giving credit where it’s due

Are credit scores missing the point?Despite the lip service in banking pledging fairness and equity, systemic issues can allow discrimination in extending credit to surface in unexpected ways. One glaring example is the industry’s struggle to underwrite those who have non-traditional career histories or those who make their living through self employment or the gig economy. Whether they need to produce two years’ worth of tax returns or a specific credit score, many financially secure Americans still struggle to present the “right” paperwork. As a result, banks cannot deliver an optimal experience for:

Read more  ➔
Trust and Verify

Trust and Verify

Read more  ➔
Citizens & Pinwheel talk primacy

Citizens & Pinwheel talk primacy

A conversation with Chris Powell, EVP & Head of Deposits, Citizens Bank and Kurtis Lin, Co-Founder & CEO, Pinwheel. Last month, Pinwheel hosted a webinar with the Consumer Bankers Association to explore our latest research on The Power of Primacy conducted in partnership with The Digital Banking Report. In a discussion moderated by Pinwheel CMO, Crystal Gopman, Chris Powell, EVP and Head of Deposits at Citizens Bank and Pinwheel CEO, Kurtis Lin, delved deep into the challenges banks are facing today as they compete for share of wealth with the modern consumer. 

Read more  ➔
Be the Amazon of banks  

Be the Amazon of banks  

The next time you’re browsing on your phone, add this idea to your cart: Does your bank need to engage customers less like an overworked teller and more like Amazon?In a climate of exploding technology and regulatory scrutiny, the BAI Banking Outlook: 2024 Trends survey identified the customer digital experience as a top priority for this year, citing technology integration and intuitive platforms as the pathways to engagement that’s personal, frictionless – and even somewhat fun. But as you know, fraud mitigation and other protocols can introduce drag and result in user drop-off. “Somewhat unfairly, customers measure their bank’s digital delivery of services against the practices of world-class online retailers,” the survey concludes. 

Read more  ➔
Enhancing digital trust: Inside Pinwheel's commitment to security

Enhancing digital trust: Inside Pinwheel's commitment to security

Ensuring Digital Security in the rapidly evolving digital world, the importance of security cannot be overstated. As the Chief Information Security Officer at Pinwheel, I'm at the forefront of our battle against digital threats. Our mission is clear: to safeguard our clients' data with the most robust security measures available. This dedication is embodied in our two flagship products: Pinwheel Core and Pinwheel Prime.

Read more  ➔
Who’s making money moves in 2024?

Who’s making money moves in 2024?

Are your new customer acquisition goals higher than ever in 2024? Yes? Then, you’re on trend. Late last year, the BAI surveyed 102 financial services organizations to gain insights for the coming year. The findings of the study, the BAI 2024 Banking Outlook, placed customer acquisition in the top two priorities—just behind deposit growth—for bankers. Coming in third? You can probably guess. Enhanced digital banking experiences. And we’re here for it. 

Read more  ➔
New study confirms direct deposit unlocks primacy

New study confirms direct deposit unlocks primacy

The report highlights a significant disconnect between banks' customer acquisition strategies and consumer behavior. While banks continue to invest heavily in account opening incentives, such as cash bonuses and promotional offers, these efforts often fall short of their intended goal. To the dismay of banks, although they spend high acquisition costs to attract new customers, many of these accounts remain dormant.

Read more  ➔
Consumer bank switching behavior demystified

Consumer bank switching behavior demystified

My january piece on the offer wars got me thinking: what actually motivates consumers to switch banks? Are rich account opening incentives turning heads, or is our industry missing the mark? To answer this question, we partnered with Savanta research to understand the inner dialogue of a consumer contemplating a new banking relationship.

Read more  ➔
The metrics you care about the most are now available in real-time

The metrics you care about the most are now available in real-time

Pinwheel was founded to unlock powerful income data for financial institutions, so that they can better serve their users with more personalized products, driving long term relationships that are proven to deliver better financial outcomes. Introducing the Dashboard Activity Page for Real-Time Engagement Insights.

Read more  ➔
New Jack Henry partnership makes it easier for community banks to take advantage of Pinwheel

New Jack Henry partnership makes it easier for community banks to take advantage of Pinwheel

We are thrilled to announce Pinwheel's new strategic partnership with Jack Henry, a leading financial technology company, which gives their customers a fast path to implementation for the industry's top performing Direct Deposit Switching solution. This collaboration is set to revolutionize the digital direct deposit setup experience for accountholders at community and regional financial institutions.

Read more  ➔
 Pinwheel's CMO discusses bank competition for primacy in 2024

Pinwheel's CMO discusses bank competition for primacy in 2024

Banks rival top brands like Coke and P&G as the highest spending advertisers in the world. And bank marketing teams - channeling their best Cardi B energy - literally make money move with hundreds of millions of dollars at their disposal to hit annual growth goals. While the accounts keep rolling in, there’s a frantic scramble as institutions fumble in their attempts to convert active customers and meaningful engagement through aggressive, unsustainable offers. 

Read more  ➔
Hear from Pinwheel’s Chief revenue officer on growing profitably in 2024

Hear from Pinwheel’s Chief revenue officer on growing profitably in 2024

As the Chief Revenue Officer at Pinwheel, I speak to executives from the world’s top banks every day and I see first hand how rapidly the financial services industry is changing. With approximately 94% of the U.S. population holding bank accounts and a staggering 13 million new accounts opened in 2022, the competitive quest for primacy, or being the primary account for a customer, is more intense than ever. That’s why digital advertising spend is on track to close out 2023 by surpassing $30 billion.

Read more  ➔
Introducing the next generation of Automated Direct Deposit Switching

Introducing the next generation of Automated Direct Deposit Switching

Introducing our first-of-its-kind, reimagined automated direct deposit switching experience, expected to at least double end-to-end conversion.

Read more  ➔
Know Your Fraudster Q&A with Robert Reynolds

Know Your Fraudster Q&A with Robert Reynolds

Read more  ➔
Fraud Fighers Chapter 1: Know Your Fraudster

Fraud Fighers Chapter 1: Know Your Fraudster

Read more  ➔
This is how banks close the loop with branch guests: Introducing Pinwheel Smart Branch

This is how banks close the loop with branch guests: Introducing Pinwheel Smart Branch

Read more  ➔
Meet Pinwheel Smart Branch

Meet Pinwheel Smart Branch

Learn about how Smart Branch enables a new generation of integrated omnichannel campaigns.

Read more  ➔
Introducing Pinwheel Deposit Switch 2.0, a revolutionary upgrade that maximizes coverage and conversion for every US worker

Introducing Pinwheel Deposit Switch 2.0, a revolutionary upgrade that maximizes coverage and conversion for every US worker

Deposit Switch 2.0 allows every US worker to update their direct deposit settings regardless of where their direct deposit comes from.

Read more  ➔
Key factors to consider before implementing a payroll connectivity API

Key factors to consider before implementing a payroll connectivity API

Before integrating a payroll connectivity API, you should evaluate it based on coverage, conversion, implementation, security, and compliance.

Read more  ➔
Lendly improves its loan servicing with Pinwheel’s support

Lendly improves its loan servicing with Pinwheel’s support

Read more  ➔
Enhance credit line management with income data

Enhance credit line management with income data

Read more  ➔
See your customers’ earnings weeks into the future with projected earnings

See your customers’ earnings weeks into the future with projected earnings

Read more  ➔
Demo Video: Pinwheel’s direct deposit switching solution

Demo Video: Pinwheel’s direct deposit switching solution

Read more  ➔
How Pinwheel helped Perpay increase conversion by 29%

How Pinwheel helped Perpay increase conversion by 29%

Read more  ➔
How to reduce default risk with consumer-permissioned data

How to reduce default risk with consumer-permissioned data

Read more  ➔
Digital lending technologies and trends that are shaping the industry

Digital lending technologies and trends that are shaping the industry

Read more  ➔
4 technologies that improve fraud detection in banking

4 technologies that improve fraud detection in banking

Read more  ➔
Why automated income verification is a must-have feature for lenders

Why automated income verification is a must-have feature for lenders

Read more  ➔
December product release: 10% increase in conversion, enhanced security and access to pay frequency data

December product release: 10% increase in conversion, enhanced security and access to pay frequency data

Read more  ➔
A conversation with our Chief Information Security Officer

A conversation with our Chief Information Security Officer

Read more  ➔
Former CFPB Deputy Director Raj Date Joins Pinwheel as an Advisor

Former CFPB Deputy Director Raj Date Joins Pinwheel as an Advisor

Read more  ➔
Cash flow underwriting: Benefits & how to access cash flow data

Cash flow underwriting: Benefits & how to access cash flow data

Read more  ➔
Beyond the Credit Score: Propelling consumer finance into the future with income data

Beyond the Credit Score: Propelling consumer finance into the future with income data

Read more  ➔
Why banks need a payroll connectivity API that prioritizes information security

Why banks need a payroll connectivity API that prioritizes information security

Read more  ➔
How alternative credit data can benefit lenders

How alternative credit data can benefit lenders

Read more  ➔
Tech Spotlight: Implementing your first feature flag

Tech Spotlight: Implementing your first feature flag

Read more  ➔
Pinwheel Welcomes New Advisor, Ethan Yeh, to Advance Pinwheel’s Data Science Strategy

Pinwheel Welcomes New Advisor, Ethan Yeh, to Advance Pinwheel’s Data Science Strategy

Read more  ➔
Tech spotlight: Securing access control across internal services

Tech spotlight: Securing access control across internal services

Read more  ➔
Leading wealth management firm partners with Pinwheel to take its wealth-building solutions to the next level

Leading wealth management firm partners with Pinwheel to take its wealth-building solutions to the next level

Read more  ➔
The anatomy and potential of payroll data: Transforming complex data into insights

The anatomy and potential of payroll data: Transforming complex data into insights

Read more  ➔
Beyond the credit score: Propelling consumer finance into the future with income data

Beyond the credit score: Propelling consumer finance into the future with income data

Read more  ➔
Ayokunle (Ayo) Omojola joins Pinwheel’s Board of Directors

Ayokunle (Ayo) Omojola joins Pinwheel’s Board of Directors

Read more  ➔
Conquering conversion: Engineering practices developed to help customers

Conquering conversion: Engineering practices developed to help customers

Read more  ➔
Boost your direct deposit strategy with earned wage access

Boost your direct deposit strategy with earned wage access

A 12-page guide to leveraging earned wage access (EWA) to incentivize direct deposit switching.

Read more  ➔
Driving Customer Delight: From implementation and beyond

Driving Customer Delight: From implementation and beyond

Read more  ➔
Pinwheel Supports Open Finance Data Security Standard

Pinwheel Supports Open Finance Data Security Standard

Read more  ➔
How we design Pinwheel to solve real customer problems

How we design Pinwheel to solve real customer problems

Read more  ➔
What is consumer-permissioned data and what are its benefits?

What is consumer-permissioned data and what are its benefits?

Read more  ➔
How payroll data connectivity can help financial service providers in tumultuous market conditions

How payroll data connectivity can help financial service providers in tumultuous market conditions

Read more  ➔
Pinwheel now supports document uploads to supplement payroll data

Pinwheel now supports document uploads to supplement payroll data

Read more  ➔
Brian Karimi-Pashaki joins Pinwheel as Partnerships Lead

Brian Karimi-Pashaki joins Pinwheel as Partnerships Lead

Read more  ➔
Optimizing for conversion with smarter employer mappings

Optimizing for conversion with smarter employer mappings

Read more  ➔
What are super apps and how will they impact financial services?

What are super apps and how will they impact financial services?

Read more  ➔
Increase conversions and maximize share of wallet with Pinwheel's new UX update

Increase conversions and maximize share of wallet with Pinwheel's new UX update

Read more  ➔
Pinwheel announces support for taxes

Pinwheel announces support for taxes

Read more  ➔
Ryan Nier Joins Pinwheel as the Company’s first General Counsel

Ryan Nier Joins Pinwheel as the Company’s first General Counsel

Read more  ➔
The future of enabling earned wage access

The future of enabling earned wage access

Read more  ➔
The ultimate guide to automated direct deposit switching

The ultimate guide to automated direct deposit switching

Read more  ➔
Deliver earned wage access faster with Pinwheel Earnings Stream

Deliver earned wage access faster with Pinwheel Earnings Stream

Pinwheel Earnings Stream provides the necessary data and intelligence to reliably offer earned wage access (EWA) at scale.

Read more  ➔
Digital transformation in banking in 2022: What it means, trends & examples

Digital transformation in banking in 2022: What it means, trends & examples

Read more  ➔
June product release: Expanded connectivity to employers, a custom experience with Link API and more

June product release: Expanded connectivity to employers, a custom experience with Link API and more

Read more  ➔
Pinwheelie Spotlight: LaRena Iocco, Software Engineer

Pinwheelie Spotlight: LaRena Iocco, Software Engineer

Read more  ➔
How Perpay removed friction from its customer journey using Pinwheel

How Perpay removed friction from its customer journey using Pinwheel

Read more  ➔
Build fully custom experiences with Pinwheel’s Link API

Build fully custom experiences with Pinwheel’s Link API

Read more  ➔
Pinwheel expands connectivity to 1.5M employers

Pinwheel expands connectivity to 1.5M employers

Read more  ➔
Robert Reynolds joins Pinwheel as Head of Product

Robert Reynolds joins Pinwheel as Head of Product

Read more  ➔
Pinwheel obtains highest security certification in the industry

Pinwheel obtains highest security certification in the industry

Read more  ➔
Lauren Crossett becomes Pinwheel’s first Chief Revenue Officer

Lauren Crossett becomes Pinwheel’s first Chief Revenue Officer

Read more  ➔
Everything you should know about the role of APIs in banking

Everything you should know about the role of APIs in banking

Read more  ➔
Open finance: What is it and how does it impact financial services?

Open finance: What is it and how does it impact financial services?

Read more  ➔
How automated direct deposit switching benefits traditional banks

How automated direct deposit switching benefits traditional banks

Read more  ➔
Pinwheel Secure: Authentication optimized for market-leading conversion

Pinwheel Secure: Authentication optimized for market-leading conversion

Read more  ➔
Pinwheelie Spotlight: Elena Churilova, Software Engineer, Integrations

Pinwheelie Spotlight: Elena Churilova, Software Engineer, Integrations

Read more  ➔
May product release: Localization and downloadable pay stubs

May product release: Localization and downloadable pay stubs

Read more  ➔
How a payroll API can level up lenders and renters

How a payroll API can level up lenders and renters

Read more  ➔
The power of payroll APIs in consumer finance

The power of payroll APIs in consumer finance

Read more  ➔
Data Talks: Pinwheel’s Fortune 1000 coverage and top employer trends

Data Talks: Pinwheel’s Fortune 1000 coverage and top employer trends

Read more  ➔
April product release: Enabling connectivity to time and attendance data for 25M US workers

April product release: Enabling connectivity to time and attendance data for 25M US workers

Read more  ➔
Tech spotlight: Increasing engineering momentum at a systems level

Tech spotlight: Increasing engineering momentum at a systems level

Read more  ➔
How crypto exchanges can turn direct deposits into a fiat onramp

How crypto exchanges can turn direct deposits into a fiat onramp

Read more  ➔
March product release: Time and attendance coverage and Pinwheel's new online home

March product release: Time and attendance coverage and Pinwheel's new online home

Read more  ➔
Pinwheelie spotlight: Arianna Gelwicks, Tech Recruiting

Pinwheelie spotlight: Arianna Gelwicks, Tech Recruiting

Read more  ➔
What is payroll data and how it benefits proptech companies

What is payroll data and how it benefits proptech companies

Read more  ➔
Earned wage access: What is it and why does it matter?

Earned wage access: What is it and why does it matter?

Read more  ➔
How fintech APIs are transforming financial services

How fintech APIs are transforming financial services

Read more  ➔