A report by Kount looks at the pros and cons of buying compared to building a fraud prevention system, concluding that there are instances where companies can benefit by building components in-house. There are two key questions to consider in choosing whether to buy or build a fraud prevention system, according to the report Buy v build: a discussion for today’s mature & competitive vendor market:
- Can your organisation build its own system at an equal or lower cost than a third-party vendor?
- Can you provide the same level of protection with an in-house system?
Although Kount says that most of the time the answer is going to be 'no', it says there are still pockets of value in which companies can benefit by building or managing their own aspects of risk management.
The report compared building a system internally to someone deciding to build their own house. Most people lack specialist, practical and regulatory knowledge of the construction industry, so it's much better to employ a builder, who has specialist tools and skills.
Cost is king
One of the primary considerations in whether to build or buy is cost and the report notes that organisations tend to underestimate the full cost of building a system internally. Companies need to consider the upfront costs involved with purchasing a system, such as integration and implementation costs, and possibly local hosting, compared to the costs of building in-house, such as the labour costs of strategy, design and implementation, as well as the cost of the physical technology and infrastructure. Recurring costs also have to be considered. For buying a system, these recurring costs will include fees, an in-house fraud programme manager and in-house manual review staff, while for a built system, recurring fees will include IT teams and resources, in-house staff, and systems investment and upgrades. Kount summarises these costs in the two tables below:
Over a five-year period, companies could spend much more on an in-house built system compared to a commercially bought programme. The graph below shows one possible scenario in which it would be better for a company to buy rather than build.
The hybrid approach
However, the report also outlines some of the circumstances under which it could be advantageous to build:
- your company can build it for less (e.g., high volume and/or economies of scale);
- your business model has highly specialised needs and data;
- your company has custom integration/implementation requirements;
- your company has the appetite, commitment, resources and experience required to build.
Overall, the conclusion is that the best strategy is to take advantage of the commercial third-party programmes and to add in-house, bespoke components where needed. Kount advocates a hybrid approach, in which companies can use the “strength and competitive pricing of vendor tools and services” with a mix of other techniques or systems they have built or manage in-house: “There are components of a fraud prevention program that can be 'built' to provide greater value, or to address niche and specific risk factors that providers weren’t designed to address.”
CTMfile take: This report goes into quite a bit of detail on the costing of a 'build or buy' scenario, which could be useful if your company is considering implementing a fraud management programme or system.
In fraud & corruption, organisations prone to believe ‘alternative facts’
Study finds large disconnect between perception and reality of fraud in most organisations
Fraud in 2017 is going to get worse for banks and corporates
How to prevent this happening in your organisation
Fraud prevention report: use holistic approach & machine learning + beware DarkNet
Fraud prevention is a combination of processes and systems. Each company has to develop their own strategy for minimising fraud