Author: Steve Hindle, Director, Global Security Operations
This is the third post in the security series. The first post discussed human nature in the contact center in regard to fraud prevention and detection. The second post highlighted the importance of an appropriate response, along with additional steps used to create a closed-loop security process.
Fighting fraud in the contact center needs to be about more than opposing human weakness. Preventing and detecting fraud can also be accomplished by advocating for the best in people. An integrity program based on building a culture of empowerment by doing the right thing is also a motivational and coaching tool for improving excellence in service.
An integrity program should be administered by a variety of constituents across the contact center, including operations, human resources, quality assurance, and others. This cross-functional committee emphasizes that fraud is everyone’s responsibility. The committee serves as a process for peer review and is based on communicating with people. Due to the variety of expertise of those involved, it also provides input from differing perspectives that can be helpful for detecting gaps or issues that could lead to fraud.
In the case of fraud, it’s imperative to figure out how your contact center can get ahead of the problem. One place to look is to what you know—what data you collect. This includes handle times, number of calls and cases. If the number of calls is 200 and the number of cases is 201, then there’s a case without a call and it could point to a fraud event.
Let’s say that the agents are reaching but not exceeding targets at a contact center. All of a sudden, the data shows that one, or a group of agents, is outperforming and exceeding targets by a good margin. Obviously, this change should be on your radar if processes and systems have not been modified at the site. The best case scenario is that the agents have found a more effective way to serve customers. If so, you want to know how they’re doing it and modify processes to recognize and reward achievement in order to replicate those results across all the teams.
Finding a Best Case Scenario
The intent of the Integrity program is to review shifts in patterns or ‘outliers’ in the reporting which would suggest that the system is being worked to someone’s advantage—either the fraudsters, which would require an appropriate investigation and termination, or those top performers who identify means to make themselves more productive.
In one example, agents discovered that they could work thought the call documentation process faster when they changed the pattern of data entry. When the data of the outperformers in the example above were investigated, it was found that they had discovered a way to cut handle times simply by altering the way they entered information into the system. The agents started with the screens that called for the most intensive data entry first and then finished with the lighter screens that didn’t require customer input while chatting with the customers. This change in process enabled them to cut the average handle time from two minutes to one minute – fifty percent shorter! The result was increased call volume which increased the money agents earned, as well as improving the productivity of the account.
This process can then be routed through the education step and used to modify processes, as well as to encourage agents to look for additional ways of serving customers faster. Even though this particular finding did not uncover fraud—thankfully—security processes will still need to be updated to reflect the modifications. For example, the expectations from monitoring will need to be adjusted to new levels as the norm as the process changes take effect.
It’s important to update all policies, processes and expectations in relation to changes to ensure your security team isn’t spending time chasing known improvements as indicators of potential events, and thus false-positives, instead of actual anomalies.
As I’ve emphasized in this series of security posts, it’s important to focus on the people more than the technology. Data is secured as a matter of course and good business practice, but there has been little innovation across the industry to date to secure the human. Technology is too often emphasized over people because the data breach is emphasized as a technology problem in media coverage.
Case in point, of the publicized data breaches and credit card fraud incidents within the last few years, the root cause has been both involuntary human error and deliberate perpetration by an individual to exploit weaknesses both inside and outside the affected companies. If we as data custodians are unable to de-scope and remove the temptation, securing the human remains the biggest challenge to any organization.
Fight Fraud in Contact Centers