Acknowledge the strategic significance – and convene an Authorizations Committee
Most fundamentally, your organization should acknowledge the strategic significance of your approach to authorizations – and the fact that your authorizations strategy should be directly aligned with your organization’s broader strategic response to the COVID-19 crisis. More specifically, the way you manage your authorizations should be a direct reflection of your organization’s risk appetite, its customer service ethos, and its digital ambitions.
If you have not already done so, you should therefore form an Authorizations Committee with representatives
from key teams from across the business – and ensure that it is empowered to implement the necessary
Review your Stand-in Processing (STIP) parameters
If you have not already done so, now would be a good time to review and re-fresh your STIP parameters.
Through these parameters, you give VisaNet some very clear instructions of how to deal with your transactions
at peak times and/or if your own systems are unavailable. In the face of the COVID-19 crisis, your approach will
almost certainly be different in some way – and your STIP parameters should be adjusted accordingly.
Speed up your reporting cycles
– both for authorizations and for
Your authorizations log gives you a direct line-of-sight to what is happening in your market – including the shifts in consumer behavior, the way payment volumes are changing, the migration to digital channels, and the experience your customers are receiving. So, speed up the reporting cycles (for example, from monthly to weekly, or weekly to twice-weekly, or even daily). If you do not already have them, create dashboards to track payment volumes, average ticket values, transaction frequencies, and those all-important approval and decline rates. Pay particular attention to
decline reasons and merchant concentrations – as these will be key to determining your response. Similarly, you should build new fraud reports for card not present (CNP) transactions, and review them on at least a daily basis (and possibly more frequently). By understanding what types of transactions are fraudulent, you can better understand the type that are not, and update your rules accordingly
Conduct a deep-dive into digital
With the mass migration to digital transactions, you are likely to be deluged by the type of declines that are characteristic of digital channels, and it is important to put fixes in place. So, keep an eagle-eye on all of the related condition codes and response – like 08 (recurring transactions), 51 (account verification transactions), 59 (ecommerce transactions), 54 (expired card) and 14 (invalid account). Meanwhile, re-check your rules for recurring payments or card-on-file transactions. Also, re-visit your approach to expired card transactions. Check whether your system has a “blanket decline” approach to account verification transactions. Whenever you do decline an expired card transaction, you should tell your customer about it, ideally with a real-time message. If the transaction is genuine, it will give them a chance to update their details and rescue the transaction accordingly – which benefits everyone. Again, the COVID-19 crisis is accelerating the shift to digital, and their experience could determine whether your customers stay loyal to your brand or begin to migrate to another issuer.
Take a long, hard look at your peak
It is likely that, in response to the crisis, transactions may become concentrated during particular times of the day –
or night. You should run a time-analysis of transaction counts and average ticket values and check for any issues.
Look in particular at the percentage of declined-versusapproved transactions by hour. It could be that your velocity checks need to be reviewed in both your authorization and your fraud detection systems.
Review your over-limit strategies,
and think more creatively about
With more customers using their cards for more of their everyday spending, it is likely that an increasing number
and proportion of your declines will be due to “insufficient funds.” Some of these may represent an unappetizing level of credit risk – and some further investigations may help to reveal customers who are getting into difficulty.
However, in many cases, these transactions should be perfectly affordable and you can consider several
strategies. For example, if you use a behavioral scoring system, this is likely to automatically assign a recommended incremental credit limit (or overdraft limit) to each of your cardholders. But, for such a limit to take effect, the cardholder will need to give their explicit consent. So, consider how you could automate the process. For example, if a transaction is declined, you could send a real-time message offering a temporary credit limit increase, and give cardholders a quick and easy way to follow-through. You should also take a closer look at how you deal with
so called ‘shadow’ limits. For example, you could segment cardholders according to their risk profile, and either
increase or reduce the shadow limit accordingly. Or you could perhaps be more lenient in your approach to essential transactions (based on merchant category codes, such as pharmacies or grocery). In each case, it is a delicate matter of weighing up customer experience versus credit risk. By thinking laterally, you should be able to make well informed decisions.
communicate (and, wherever
possible, take advantage of twoway communications)
Whenever you decline a transaction, it is always best practice to tell your customers why (indeed, you could think of it as a common courtesy). This could also turn into an opportunity for you to enhance the customer experience, rescue transactions that could otherwise be lost, and build customer loyalty. If you are not already doing so, you should make use of your existing cardholder messaging engines. Because they are already used to generate real-time or near-realtime transaction alerts, these messaging platforms are already plumbed-in to many issuer authorization systems. Operationally, it is a small step to use cardholder messaging to resolve (or at least relieve) the declines dilemma. At the very least, you should tell customers why a transaction has been declined (it could, for example, be
due to a simple mis-typing of an expiry date or CVV2, or because a card-on-file has expired). You could go one step further and give them some proactive suggestions. For example, you could encourage them to apply for a temporary credit limit increase, ask if they would like to transfer additional funds to their account, or ask them if they would like to increase any daily spending or transaction caps. Again, declines can be a big irritant to all parties in the
transaction chain. By intervening with some appropriate communications, it can possible to turn an issue into an