Tag: risk management

Risk Mitigation for Facebook with Questions for Advertisers/Investors

Privacy Roadmap v2Poor internal controls, political impacts, and lack of data usage transparency at Facebook have elevated privacy concerns for regulators, advertisers, and investors globally. The broad use of social media has desensitized most Americans to the risk of exposing vast amounts of personal information to companies like Facebook and Google. Will this event materially harm Facebook?

Facebook has the technical skills to fix it going forward and will be a much better company if it does so. The problem is the historical data provided to third parties is not recoverable, and there will be regulatory fines and regulation. “Facebook began in 2007 letting outsiders access its ‘social graph’ – the friend connections, interests, and ‘likes’ that links its user base together.  By 2015, Facebook had largely stopped access to users’ friend connections, though political campaigns could still find would-be supporters by buying ads and using Facebook’s targeting tools” (Tau).

I have managed a Privacy function for more than seven years, so I have a road map of activities that Facebook should consider.

1)    Establish an internal Data Governance team for data control, capture consent for data collected, provide transparency for data given to third parties, and improve news/reporting integrity. Most financial institutions have established data owners and data stewards for data governance.

2)    Recognize that all consumers have different privacy expectations varying from indifference to protective. Create a system to capture user’s preference at the data element level and honor each user’s choice.

3)    There are numerous ways of masking personal data: using pseudonyms; encrypting certain sensitive data elements tagged by the user; and aggregating numerous users’ data into an autonomous virtual identity with similar characteristics (NOTE: the old rule of thumb of 10 aggregated individuals with similar behaviors is completely inadequate given today’s Big Data models). Additionally, “Computer Scientists have developed algorithms, sometimes called ‘differential privacy’ that randomizes or modifies data in ways that make them useful for academic research but not for other purposes. Apple has pioneered the use of this tool” (Duan).

4)    Utilize data mining to review partners’ Privacy Notices and ensure that data is used according to the most current and restrictive Privacy Notice policy. Ensure that all contracts have data usage audit requirements or data is stored on a jointly-managed protected server.

5)    Establish computer system requirements with partners that allow Facebook to delete Facebook’s user data on partners’ systems, thereby allowing user data to “be forgotten” as required under the EU General Data Protection Regulation.

6)    Verify that Facebook and third-party developers are adhering to all regulatory requirements. Democratic Sens. Mark Warner of Virginia and Amy Klobuchar of Minnesota are the co-authors of the Honest Ads Act bill that would subject online political ads to the same rules and restrictions as those for TV, radio, and satellite” (Swartz).   Mark Zuckerberg is supportive of the Honest Ads Act.  Facebook is already under investigation by Canada’s privacy commissioner (Seetharaman).

Mr. Zuckerberg and Ms. Sandberg have proactively defined an approach to determine what data has been captured and misused. “In an interview with CNN, a contrite Zuckerberg vowed to mount a ‘full investigation’ of thousands of apps with access to wide swaths of data ‘before we locked down our platform in 2014.’ ‘There will always be bad actors’ trying to misuse the platform, his No. 2 Sheryl Sandberg, told CNBC. ‘We are taking aggressive steps to be more transparent’” (Swartz).

Facebook’s greatest regulatory problem is securing user data collected by data miners and developers in the past to build apps and services. Facebook said it would audit apps that show suspicious patterns on how they pulled data. Developers, who have misused data or refuse to submit to an audit, will be banned from Facebook and their users notified (Seetharaman).

Investor Concerns

“Trillium Asset Management suggested establishing a risk oversight committee at the Board level. The New York State Common Retirement Fund asked Facebook to review and report on ‘the efficacy of its enforcement of its terms of service, related to content policies and assessing the risk posed by content management controversies,’ such as election interference, hate speech, and sexual harassment” (Norton).

These fund managers made solid suggestions, but there are questions that many investors should consider in evaluating these recommendations.

1) Why should we allow dual shares that protect leaders and diminish the role of shareholders and the Board? “Mr. Zuckerberg and insiders control over 60% of the voting rights, owing to Facebook’s dual share class structure” (Norton).

2) Both of these funds are examples of sustainable funds that market their investments within the framework of ESG (Environmental, Social, and Governance). The very nature of Facebook’s lack of social consciousness over the use of its data by political operatives, and the lack of governance over third-party contracts points to governance weakness, especially due diligence, at ESG funds that chose technology as one of their primary investment sectors.

Advertisers Realize that Facebook has a Unique Product

“Facebook was, for a time, exfiltrating massive amounts of data about its users to developers and data miners of every stripe.” Facebook allowed this data access, hoping to build a business-like Apple Inc.’s iPhone App store” (Mims).

Facebook and Google command 63% of the $83 billion digital-ad market in the U.S. Mobile advertising generated more than 86% of Facebook’s $40.7 billion total revenue in 2017” (Swartz).

P&G said it cut its digital-ad budget by $200MM last year. Digital-ads account for a third of P&G’s $7.1 billion ad budget” (Swartz).  However, $200MM is only 2.8% of the budget so how impactful will the reduction be to Facebook or Google? I would argue as a P&G investor that their ads follow established brand loyalty and quality messages but are ineffective against cheaper store brands and innovative competitors that use digital ads more effectively. If you type “P&G” or “Proctor and Gamble” into the Apple Store or Google Play Store, you will see a few consumer apps for products like Pampers, Charmin or Tide laundry service amidst a host of other non-consumer apps. My recommendation for certain advertisers is look carefully at the value provided by Facebook versus subscription services or cross-product loyalty programs tied to consumers’ phone apps rather than providing ad content that Facebook can leverage with competitors on social media response data.

Blog Author Email: bphelan@riskdirector.com

LinkedIn Profile: http://www.linkedin.com/in/bob-phelan



Duan, Charles, and Weissmann, Shoshana. “How could Facebook Have Been So Careless?” The Wall Street Journal, 26 Mar. 2018.

Mims, Christopher. “Facebook Confronts Identity Crisis.” The Wall Street Journal, 21 Mar. 2018.

Norton, Leslie P. “Facebook Shareholders Force Data Privacy Vote.” Barron’s. 26 Mar. 2018

Seetharaman, Deepa. “Lax Data Policies Haunt Facebook.” The Wall Street Journal, 21 Mar. 2018.

Swartz, Jon. “Facebook under Seige”, Barron’s. 26 Mar. 2018


Tau, Byron. “Data Blowback Pummels Facebook.” The Wall Street Journal, 20 Mar. 2018.


Customer Risk in Cryptocurrency and Florida Payday Lending

There are new risks that might evade detection by the current risk management machine learning models used in financial institutions. I wanted to share some interesting observations that could impact risk in credit card portfolios.
Florida is a state dominated by small business services. All small businesses rely to some degree on credit cards for their payments and working capital. I want to highlight recent changes that could increase credit risk and should be explored by risk management departments of financial institutions.
1) Florida is the only state in the US that changed the law in March 2018 for payday lenders to offset the CFPB rule on interest rates. “The state currently allows loans of up to $500 paid off in a lump sum within 31 days, with annual interest rates often exceeding 300%… To get around the CFPB rule, Florida will permit loans of up to $1,000, to be paid back in installments in 60 days or 90 days. The federal regulation doesn’t generally cover loans lasting 45 days or longer” (Hayashi). The high-interest rate for a longer period could accelerate delinquencies with small businesses and consumers in Florida that are accustomed to payday loans but unaware of the additional interest due.
2) To maintain a home, consumers use a network of small businesses that provide services ranging from lawn care to home repair. My experience is that many of the small business owners are now accepting payment in cryptocurrencies that they say increase their margins (similar to cash payments). In January 2018, Citibank, Chase, Bank of America, and Capital One stopped customers from purchasing cryptocurrencies on their credit cards (Andriotis). Risk management should reassess the debt to payment pattern for the segment of cryptocurrency buyers given the 50% decline in value of their cryptocurrency assets. This risk segment is small for most financial institutions, but preemptive line reductions for heavily indebted customers could help them better manage their finances and avoid default.
3) Given that most financial institutions in 2018 have prohibited cryptocurrency purchases with their credit cards, the risk of a fraudulent merchant activity is reduced for those institutions. However, credit risk remains as numerous posts on the internet explain how to buy cryptocurrencies with PayPal or other payment processors that could enable customers to continue to create credit risk for their financial institution (Martindale).

Blog Author Email: bphelan@riskdirector.com

LinkedIn Profile: http://www.linkedin.com/in/bob-phelan




Hayashi, Yuka. “Florida Gives Payday Lenders a Boost.” The Wall Street Journal, 19 Mar. 2018. Web. 21 Mar. 2018.

Andriotis, AnnaMaria. “Bitcoin Investors Had a Tough Week. Credit Card Companies are about to make it Tougher. ” The Wall Street Journal, 3 Feb. 2018. Web. 21 Mar. 2018. .

Martindale, John. “How to Buy Bitcoin with Paypal.” DigitalTrends.com. 20 Feb. 2018.
Web. 22 Mar. 2018.

Recognizing Diversity and the Evolution of Risk Management

Bob Phelan

Financial Risk / Asset Management / Advisor

One advantage of a long career in one business function is the ability to provide perspective on how the function has evolved. This year, I have taken the time to explore risk management options in different industries, evaluated the risk needs of corporate boards, and identified pricing of risk assets as part of my investment oversight role.

Risk management has improved over the last 15 years by:

1)    Expanding the role of risk management to cover the full spectrum of potential risks

2)    Collaborating with Compliance, Audit, Finance, Human Resources, and the Board

3)    Embraced diversity of leadership within risk management which is providing more opportunities for Women, Minorities, and Veterans

4)    Improving transparency and reporting of risks to all levels of management and the Board

5)    Providing trusted due diligence on new products, M&A activity, and strategic decisions

6)    Building a diverse risk culture with increased communication venues to discuss shareholder goals, customer engagement, employee satisfaction, competitive threats, and social impacts

When I started as a risk manager with Bankers Trust in the late 1980s, we leveraged data and analytics to identify risk drivers, determine P&L volatility (value-at-risk (VaR)), and estimate return on credit and market risk-adjusted capital (RAROC) as a framework for strategic decisioning. Almost every risk manager was quantitatively trained and a programmer. Risk management functions continue to use the latest technology to support profitable business opportunities. At the start of my career, I utilized a Cray Computer and a 3rd Party database of all collateralized mortgage obligations to monitor valuations of arbitrage positions and provide independent risk assessments which gave the firm a competitive advantage. Recently, my teams used text-mining to take action on customer feedback, implemented realtime data updates for transaction processing, controlled targeting using social media data, and leveraged BigData with machine learning models to improve prediction of risk and customer preferences.

Over the past 15 years, Risk Management has expanded its remit with broader assessments within the three main risk categories: credit, market, and operational risk. All have been influenced by regulatory requirements such as Basel and CCAR capital planning, as well as Dodd Frank resolution planning, Volker rule, and numerous other requirements. However, regulatory capital requirements have been hard to rationalize especially for operational risk. That said, risk leaders have engaged in improving operational risk processes and systems as they were trying to lower the risk capital requirements. We have made progress across operational risk by improving processes for 3rd party risk, anti-money laundering & sanctions, regulatory adherence, compliance, technology risk, reputational risk, fraud, cybersecurity, privacy, litigation risk, and human resource risk. The recent coordination with compliance and audit functions eliminates costly redundancy in assessing operations and systems. Due to the integration of risk management with other control functions, risk management teams now come from a variety of backgrounds and diverse cultures that benefits the entire organization.

There are some concerns that accompanied the evolution of Risk Management:

1)    The recent regulatory environment drove the creation of three lines of defense and created a higher cost structure that does not effectively drive risk-balanced decisions with clear accountability. On the positive side, the three lines of defense enhanced regulatory relationships as regulators relied upon the second line of defense to be the internal regulator that supplies analysis to them. The challenge role of the second line of defense can alter first line decisions but has been inefficient because it may: require extra documentation of challenge resolutions, address issues late in a new initiative execution plan, and lack measures of success.

2)    The current risk management environment primarily relies upon regulatory models as they are drivers of firm capital requirements. The regulatory models may increase systematic risk because the regulatory guidelines create similar models across the industry, and they use similar time periods of data to develop the models.

3)    Almost all risk assessments are based on models, historical data and typical risk scenarios impacting company assets, liabilities, and processes. However, there are numerous scenarios that are atypical but are not considered in current risk scenarios. In today’s world, the list of possible risk events is long and the world is unstable. There are competitive threats (Amazon, Fintech, foreign competition from China and India), disruptive technologies ( self-driving cars, automation/robots displacing workers, expanded mobile and digital capabilities), and government/political risks (trade wars, taxes, tariffs, sanctions, Federal Reserve raising short interest rates and impacting segments, Fed reducing its $4.5 trillion balance sheet and raising long interest rates and impacting segments, cybersecurity and impact on the electric grid, financial system, food systems), military risks (war, nuclear incident, impacting various geographic locations), social risks (decline of small business profitability impacting local communities, outsourcing of jobs to low-cost countries, minimum wage issues, moral and political suasion on financial obligations like debt repayment, changes in debt and bankruptcy forgiveness, tax policy implications especially mortgage and interest deductions, and healthcare cost implications).

Risk leaders have an obligation to preserve their firm value and drive profitable growth for the company, employees, customers, and society. There has been great progress and risk management is well-represented across many industries today. Risk leaders must continue to work with senior management and the board to establish a clear risk appetite framework and develop strategies to manage through whatever the future might bring, good or bad, from the unexpected.


Broadband is the best choice in Final Four against Facebook, Alphabet, Microsoft #FCC, #FTC,#BigData, #Privacy

Broadband is the best choice in Final Four against Facebook, Alphabet, Microsoft #FCC, #FTC,#BigData, #Privacy

A poem to research the impact of changing referees has on the investments game as the opportunity for high dividends and a higher foothold in BigData Marketing Competition.


Wake now! what light through FCC window breaks?
It is Ajit Pai, and broadband is the sun.
Arise, investors, this buffets the FAM* guns,
Who are already sick and pale with grief,
That Pai has made FCC Privacy more fair than FTC:
Be not so quick consumers to judge this win,
Our choice on personal data to 3rd Parties is a sin.
But on a comparison of valued added by data capture,
AT&T, Verizon, and Comcast delivers rapture.
Any investor should immediate consider in the latter,
And none but fools do wait, or else end up sadder.

* FAM = Facebook, Alphabet, Microsoft



McKinnon, John. “Privacy Provision Eases for Telecom” Wall Street Journal, 29 March 2017.

Fintech Eagles Soar with Consumer and Small Business Data

Article Topics:

How is data driving innovation and fueling the Fintech space?

What Risk Managers and Board Directors should worry about?


Blog Author Email: bphelan@riskdirector.com

LinkedIn Profile: http://www.linkedin.com/in/bob-phelan

Date: March 5, 2017


How is data driving innovation and fueling the Fintech space?

  • The regulatory requirements for financial institutions requires a strict 3rd party control environment for Privacy, Information Security, Compliance Disclosures, and Fair Credit Reporting (Federal Reserve). The Fintech control standard is generally weaker and usually relies upon a customer granting authority to the Fintech company to have access to their bank account data. The Payment Services Directive version 2 (PSD2) in the European Union as well as Dodd-Frank Section 1033 in the USA – allow consumers to access and convey rights to 3rd parties to access their personal and business financial records. Therefore, checking account and other bank financial data can be transferred to Fintech companies to run surveillance and analysis of customer financial data, enabling Automated Clearing House payments, marketing, and credit decisions, which is fueling innovation.
  • Why are the large data sets captured by Fintech companies stirring the strong interest of investors and financial institutions? Simply said, Fintech companies know how to use the social networks, bank, credit bureau, and other 3rd party data better than traditional financial institutions. They have designed improved credit processes delivered through mobile, social networks, and cloud-services using BigData and machine-learning models.
  • What are some examples of outcomes? Fintech has found a way to tap the finite pool of credit-worthy customers with accounts at banks, acquire them cheaply, and offer them a product that is either emotionally or rationally superior. No small feat given that the banks have been doing this for 50+ years. Please see the excerpt below from a letter written by Benjamin Franklin to his daughter that defines behavior of our national symbol, the Bald Eagle, that could be analogous to outcomes mentioned above by Fintech Lending companies. However, there are many other Fintech successes ranging from customer friendly mobile apps and wallets, crowd-sourced funding, peer-to-peer marketplace, and blockchain technology for digital authentication.



Excerpt from Benjamin Franklin’s Letter to His Daughter


“For my own part I wish the Bald Eagle had not been chosen the Representative of our Country. He is a Bird of bad moral Character. He does not get his Living honestly. You may have seen him perched on some dead Tree near the River, where, too lazy to fish for himself, he watches the Labor of the Fishing Hawk; and when that diligent Bird has at length taken a Fish, and is bearing it to his Nest for the Support of his Mate and young Ones, the Bald Eagle pursues him and takes it from him.”


“For the Truth, the Turkey is in Comparison a much more respectable Bird, and withal a true original Native of America . . . He is besides, though a little vain & silly, a Bird of Courage, and would not hesitate to attack a Grenadier of the British Guards who should presume to invade his Farm Yard with a red Coat on.”


What Risk Managers and Board Directors should worry about?

  • I know that these days it seems that everyone wants less regulation. However, there are core regulatory practices in financial institutions that protect consumers and small businesses as well as the liquidity and sustainable credit worthiness of financial institutions. Financial institutions have built complete acquisition, underwriting, servicing, and collection systems, mostly on legacy platforms, but tested and refined through numerous macroeconomic conditions. They also have MIS that provides evidence of regulatory adherence for compliance, credit, and operational risk. Risk managers should evaluate risks when integrating a Fintech product with their systems. As part of oversight and due diligence, risk assessments should consider relevant risk exposures given the narrow specialization of most Fintech companies. Areas to consider include money laundering, fraud, payment and collection practices, disparate credit treatment/fair lending, truth in lending disclosures, 3rd party management, privacy choices and data sharing, information security, and other operational risks.


  • In addition to the usual risks covered above, Consider the following scenarios:
    1. The next economic downturn may be driven by changes in fiscal policy, monetary policy, or regulatory changes creating an unexpected credit impact to certain segments. The following are some examples:
      1. Consider the impact of non-deductibility of interest expense for small businesses. The firms that have low margins and high debt will clearly be at risk. Resellers of wholesale goods are the largest users of short term credit and the most vulnerable to a loss of interest deductions as they already have low margins.  In addition, consider the risk if cash advances are billed as fees and could these fees be recharacterized as interest and non-deductible. Either way, truth in lending will be a focus by the regulators.
      2. Since consumers cannot deduct credit card or loan interest today, a tax law change here may be no impact to consumers. However, watch out as mortgage interest deductions may be cut massively.  I will bet that very few financial institutions or Fintech companies have modeled the scenario where wealthy small business owners with large residential or commercial mortgages may not have enough income to offset the loss of deductions by the forthcoming tax cut. Historical analysis shows that if the small business owner defaults on their mortgage or consumer debt, there is a 70%+ chance their small business will also default.
  • There may be certain segments seriously impacted by a border adjustment tax. There is so much financial uncertainty around retail given the threat from online and potential non-deductible imported cost-of-goods-sold. Can retail produce low margin goods and clothing in the US? Probably not.  And, there is no export offset as most retailers are generally NOT large exporters.
  1. Funding – watch what happens when default rates and interest rates rise at the same time. Funding may dry up for Fintech lending portfolios but not for financial institutions.


  1. Valuation of Fintech companies: The aggregate Fintech space consists of over 1000 companies with $105 Billion invested. The current estimated market valuation of the Fintech space is $867 Billion, which is larger than the combined market capitalization of Chase/JPM ($323B), Wells Fargo ($290B), and Bank of America($242B) on February 26, 2017 (Su).  Another interesting sign of potential Fintech exuberance is the success of the LendIt and Fintech Conference in NYC on March 6-7, where there are 20+ main speakers and over 200 speakers for the exhibitors. The number of sponsors of the conference is approximately 83 which is in addition to the exhibitors (LendIt USA 2017).


  • Customer engagement happens through good communication, trust, service, financial security, and transparency. The current environment is enamored with technology innovation as evidenced by the large valuation and success of the social networks and technology companies.  The sharing of data across the technology ecosystem can have negative implications in cybersecurity, fraud, and privacy. Certain lending customer segments prefer long-standing business relationships, while millennials and other younger segments prefer the latest mobile technology and instant model-driven decisions that Fintech and leading financial institutions are providing.


The amount of data being captured today fuels faster decisions and better targeting, but certain customer segments want more transparency and control of their data in the future of risk management.


This blog reflects personal views, opinions and positions associated with my role in RiskDirector, LLC. and those providing comments on this blog are theirs alone, and do not necessarily reflect the views, opinions or positions of the companies discussed, current or former employer companies, nor of the authors in the works cited. I make no representations as to accuracy, completeness, timeliness, suitability or validity of any information presented and/or commenters on my blogs and will not be liable for any errors, omissions, or delays in this information or any losses, injuries or damages arising from its display or use.

I reserve the right to delete, edit, or alter in any manner I see fit blog entries or comments that in my sole discretion, deem to be obscene, offensive, defamatory, threatening, in violation of trademark, copyright or other laws, of a commercial proprietary nature, or otherwise unacceptable.



Department of Commerce. 2016 Top Markets Report Financial Technology (n.d.): n. pag. 2016 Top Markets Report Financial Technology. U.S. Department of Commerce, 2016. Web. Feb. 2017. <http://trade.gov/topmarkets/pdf/Financial_Technology_Executive_Summary.pdf&gt;.

Federal Reserve. “Fair Credit Reporting Act.” Consumer Compliance Handbook (2016): FCRA, SourceMedia. Nov. 2016. Web. Feb. 2017. <https://www.federalreserve.gov/boarddocs/supmanual/cch/200611/fcra.pdf&gt;.

“FinTech Landscape.” VB Profiles. Spoke Intelligence, 2017. Web. Feb. 2017. <https://www.vbprofiles.com/markets/fintech-landscape-56fa295534d34989ae001be9&gt;.

Franklin, Benjamin. “Turkey Quotes – The Eagle, Ben Franklin, and the Turkey.” Quotes Famous Quotes – Famous Sayings. WordPress.com, 22 Nov. 2008. Web. Feb. 2017. <https://quotes.wordpress.com/2008/11/22/turkey-quotes-the-eagle-ben-franklin-and-the-turkey/&gt;.

“LendIt USA 2017.” LendIt USA 2017. Lendit Conference LLC, 2017. Web. 03 Mar. 2017. <http://www.lendit.com/usa/2017&gt;.

“Ranking the Top Fintech Companies.” The New York Times. The New York Times, 06 Apr. 2016. Web. Feb. 2017. <https://www.nytimes.com/interactive/2016/04/07/business/dealbook/The-Fintech-Power-Grab.html?_r=0&gt;.

Su, Jean Baptiste. “The Global Fintech Landscape Reaches Over 1000 Companies, $105B In Funding, $867B In Value: Report.” Forbes. Forbes Magazine, 28 Sept. 2016. Web. Feb. 2017. <https://www.forbes.com/sites/jeanbaptiste/2016/09/28/the-global-fintech-landscape-reaches-over-1000-companies-105b-in-funding-867b-in-value-report/#3013f07b26f3&gt;.


Assessing risk strategies against a new Installment Loan product from Goldman Sachs

Blog Author Email: bphelan@riskdirector.com
LinkedIn Profile: http://www.linkedin.com/in/bob-phelan
Date: February 9, 2017

Assessing risk strategies against a new Installment Loan product from Goldman Sachs 

How should risk management assess risk strategies for new competitive products? I will suggest some approaches in this blog. It’s been roughly 3 months since the full launch of the Goldman Sachs

Marcus™ installment loan platform. If you are sitting in either a traditional bank with a large credit card business like Chase, Bank of American and Citibank, or a predominantly credit card company like American Express, Discover or Capital One, you might be asking how the Goldman Sachs’ installment loan offering could change the competitive environment or impact your risk strategies.   In my years running an enterprise risk management group that reviewed new competitive products, I provided early assessments as part of emerging risks to management and the Board until performance data could be analyzed. Is that approach sufficient?


Before I provide some comments, let me try to summarize in the paragraph below the “Marcus by Goldman Sachs” Installment Product (MGS) based on reference material cited below. Please check the MGS website for yourself as it does a thorough job explaining the product (Goldman Sachs).


MGS Trademark: “Debt Happens. It’s how you get out that counts.”

Active Acquisition strategy: Target prime credit card customers with 660+ FICO and interest rates higher than Marcus using a prescreened process that provides an invitation code.

Passive Acquisition through Website: The MGS website is open to all but Maryland residents. APR:  Fixed rate from 5.99% to 22.99% with a positively sloped interest rate term structure.

Term: 24 months to 72 months

Amount: $3,500 to $30,000

Fees: Amazing but true! No late fees. No origination fee. No prepayment fee.

Default Pricing: Given the documentation, I see no ability to increase interest rates without calling the first loan in default and then issuing a second installment loan. Missed payments generate more interest which is payable at maturity.

Default reporting: Credit Bureau reporting is the major stick to encourage repayment.

Multiple Loans: No information provided on limits on multiple installment loans to the same borrower. Payments due: Within 16 days of statement but higher paydowns shorten duration. This is a clever benefit of the product that early paydown enables a higher effective yield relative to the duration of their liabilities.



One approach to monitor the early success of a competitive product is to review the customer commentary on social media as well as the regulatory complaint filings.  This provides insights into the execution of the product launch.  As of January 2017, there was limited customer feedback for MGS on the internet.  One very small sampling of customer feedback from www.supermoney.com, shows that customers that get approved are relatively satisfied with the MGS process, and those that do not get approved are unhappy if they received a letter with the invitation code to apply (SuperMoney).  The application process without the invitation code was simple and straight forward.  Under certain conditions, MGS may require a copy of the driver’s license, W-2’s, or recent bank statements, which can be uploaded seamlessly. Overall, the initial launch website is well-designed and effective and supports a good, albeit not great, customer experience.  My assessment is an opinion given that many existing retail banking, credit card companies, and fintech companies have additional information both in time and depth of consumer relationships and data sources that MGS may not have built as a new entrant into retail banking. Are the customer experience differences important enough to include in your assessment?


Another risk assessment approach looks at the technology platform and financial strength compared to the legacy platforms and funding sources in retail banking. What is the potential financial impact of a new entry into the market?  The MGS platform was impressive as a cloud-based system with phone support and a customer-driven payment structure informing a narrow range of installment loan parameters. There is no question that MGS will have the funding and securitization strength to continue to grow and their expertise will improve.  My assessment is that the launch of Goldman Sachs’

Installment product and acquisition strategy will cannibalize the credit card industry customers and force lower credit card interest rates for consumers with prime credit.  This will lower the yield and net interest margin for all of retail banking.  In addition, the use of 0% balance transfers and low teaser rates will become much less profitable for traditional credit card issuers.  I also think that MGS is well-suited to absorb loans at a discount when poorly funded fintech companies face a recession and want to unload debt.  This risk assessment approach speaks to the sustainability of the competitive and risk management threats of a new competitive product. The MGS installment loan product has a long tail of competitive implications.


We have already talked about MGS internal acquisition strategies for organic growth.  Another approach is to assess the competitive threat for external acquisition.  Goldman Sachs has already shown its ability to provide financing for fintech companies, and it is reasonable to assume they may acquire some of the fintech technologies to accelerate their growth.  When a well-capitalized competitor has an appetite to make external acquisitions, it lowers the growth options for existing retail banking companies.


Finally, I have one last suggestion for a risk assessment approach for new competitive products. What would be the pre-mortem risk assessment of the new product in a macro-economic recession or under stress conditions?  I am assuming the existing regulatory environment given that the Trump changes are uncertain.  My experience spans commercial, small business and consumer lending through the Great Recession of 2008, the small business/internet recession of 2001, and the S&L interest rate driven recession of 1990-1991.  Given the MGS structure and lack of restructuring options disclosed today, I assume that the MGS installment loans have a consumer-friendly prepayment advantage over credit card loans given that installment payments stay fixed given there are no late fees and default interest rates.  However, the loss rates in recessions also reflect the rate of growth of balances just before the recession.  Therefore, companies with very predictive customer credit models may encourage customer paydowns funded through balance transfers out to competitor installment loans or other products. My experience is that installment loans usually have higher default rates than the customer’s primary revolving credit facilities since the latter provides ongoing customer funding. There is an adage attributable to small business owners’ view of repayment during recessions, “a dollar borrowed is a dollar earned, and a dollar repaid is a dollar lost.”  The credit card companies provide ongoing liquidity and funding with revolving credit and they can decide based on the probability of a borrower credit default to provide further funding or work with the customer using their recovery products approved within regulatory guidelines. During recessions, the consumer chooses whom to pay when she/he cannot pay all bills.  My experience is that some lenders lose to other competitors based upon the competitor’s commitment for ongoing funding support, which today is untested at MGS.




This blog reflects personal views, opinions and positions associated with my role in RiskDirector, LLC. and those providing comments on this blog are theirs alone, and do not necessarily reflect the views, opinions or positions of the companies discussed, current or former employer companies, nor of the authors in the works cited. I make no representations as to accuracy, completeness, timeliness, suitability or validity of any information presented and/or commenters on my blogs and will not be liable for any errors, omissions, or delays in this information or any losses, injuries or damages arising from its display or use.


I reserve the right to delete, edit, or alter in any manner I see fit blog entries or comments that in my sole discretion, deem to be obscene, offensive, defamatory, threatening, in violation of trademark, copyright or other laws, of a commercial proprietary nature, or otherwise unacceptable.





Crosman, Penny. “Goldman Sachs Reveals Technology Behind Marcus.” American Banker.

SourceMedia, 30 Nov. 2016. Web. 30 Jan. 2017.


Goldman Sachs. “Personal Loans from Marcus by Goldman Sachs.” Personal Loans from Marcus by

Goldman Sachs. Goldman Sachs Bank USA, 2017. Web. 30 Jan. 2017.


“Marcus by Goldman Sachs Deploys Finacle Solution on Cloud for Its New Online Lending Business.”

Infosys Press Releases. Infosys Limited, 30 Nov. 2016. Web. 30 Jan. 2017.


Popper, Nathaniel. “Goldman’s Online Lender, Marcus, Opens (to Those With the Code).” The New

York Times. The New York Times Company, 13 Oct. 2016. Web. 30 Jan. 2017.


PYMNTS. “Goldman Sachs Gets Closer To Consumer Lending.” PYMNTS.com. What’s Next Media and

Data Analytics, LLC, 26 July 2016. Web. 30 Jan. 2017.


PYMNTS. “Goldman To Launch Online Lender Marcus.” PYMNTS.com. What’s Next Media and Data Analytics, LLC, 19 Aug. 2016. Web. 30 Jan. 2017.


SuperMoney. “Marcus by Goldman Sachs Personal Loans on SuperMoney.” Reviews – Personal Loans.

SuperMoney, LLC, 29 Jan. 2017. Web. 30 Jan. 2017.