Canadian Imperial Bank of Commerce (CIBC) is a leading North American financial institution with annual revenues of over $3.7 billion. CIBC Retail Markets provides a full range of products and services to almost 11 million personal, business and wealth management clients served through 1,058 retail branches, over 3,780 ABMs and 24/7 through online and telephone banking services.
The strategic objectives of the project
Debit card fraud is a reality that all retail banks are faced with in today’s marketplace. Historically, loss trends due to debit card fraud were increasing year over year culminating in an F2007 increase of 30%. As fraud techniques and fraudsters’ behaviours have evolved and become more sophisticated, CIBC has been faced with an increased number of fraud instances and an increased level of complexity in the fraud prevention process. The mitigation of reputation, financial, and client risks were seen as the major strategic objective for the debit card fraud project.
The amplified fraud activity had increased the workload activity within the time sensitive/critical role of the Common Points of Purchase (CPP) team. As a result, the National Risk Monitoring (NRM) team engaged the Process Engineering group to investigate the current Common Points of Purchase process and identify key root causes and solutions for mitigating financial and reputational risk relating to debit card fraud.
The CPP process consists of four major steps:
1. A suspect transaction is identified by other teams monitoring the debit cards and that particular transaction is referred to the CPP team.
2. As there are multiple identification sources, the referrals are queued for investigation to determine if the suspect transaction is fraudulent or not. Confirmed fraud on multiple cards at the same transaction location are required to identify a compromised Common Point of Purchase (CPP).
3. Once a compromised CPP is identified, the suspect cards are extracted and blocked to prevent further fraud from occurring.
4. Every card is then messaged and the card holder is informed of his or her card being blocked and new cards/ passwords are activated.
In August 2008, a project was initiated, a project team was formed (including 1 Black Belt, 2 Green Belts and 2 Process Experts) and project governance was established with sponsorship at executive level from Integrated Business Control Services within Retail Markets. A cross-functional team was formed with members from the core Retail Markets Process Engineering group, in partnership with business subject matter experts from NRM. The team followed a lean Six Sigma (LSS) methodology adopted by CIBC in 2002.
Assessing the current state, the project team identified that lengthy queue and process times involving numerous applications and multiple sources of non-prioritized referrals (suspect transactions that require further investigation) can delay the assessment of the next referral, causing also a delay in finding other CPPs. This, in turn leaves fraudsters with a larger timeframe and opportunity to defraud more compromised cards, and has caused NRM’s average loss per card to increase (average 15% in F2007).
The goal of the project was to leverage LSS methodology to evaluate current state, identify root causes, design and implement non-technology improvements of CPP process and identify technology-related improvements that will help reduce the debit card fraud losses. Specific goals were established to reduce the process end-to-end cycle time, reduce loss amount per incident, and quantify potential benefits as result of implementing technology automation.
In order to reduce the financial risk exposure while quickly improving the client and employee experience, the project focused initially on improving existing CPP process without any technology change. This allowed benefits to be realized through the process reengineering by identifying and removing waste, as well as removing non-time sensitive activities.