A $10-20 billion entertainment company hired Curaxian to conduct a comprehensive audit of their risk management posture. The company asked Curaxian to review and evaluate all systems, processes, and policies connected with managing card acceptance risk across multiple channels and product lines.

• We found that the company received revenue from channels that introduced vulnerabilities to sophisticated fraud schemes that could allow criminals to defraud the company through multi-channel and multi-stage attack vectors.
• We identified forward-looking vulnerabilities by analyzing marketplace trends and the company’s strategic growth objectives against potential attack vectors.
• We worked with the company to collaboratively develop a comprehensive and prioritized series of solutions to support their growth while managing these risks.
• We developed a comprehensive reporting and metrics framework with related training that empowered the team to more effectively monitor and manage their risk and payment operations.
• We received overwhelmingly positive feedback from every member of the management team, all of whom indicated our analysis was on target, detailed, precise, and exactly what they expected from the engagement.

Curaxian was retained by a $30-40 billion communications and information technology company to evaluate its current payment and risk systems and processes then recommend a strategic plan and architecture that would position the company with the capabilities required to meet its strategic growth objectives in a scalable, secure, and cost-effective manner.

• We conducted an extensive audit of current systems, process flows, capabilities, processes, and policies. We discovered that the company’s ability to grow was constrained by the lack of core systems features and furthermore that efficiency and effectiveness of payment operations was compromised by the need to maintain multiple redundant platforms.
• We developed a set of prioritized recommendations which became the basis for a strategic architectural roadmap.
• We developed architectural plans for payment and risk processing that the IT/engineering teams used to guide detailed systems development work.
• We helped the company navigate build vs. buy decisions, and evaluate then choose and negotiate pricing/terms with best of class vendors.
• As is typical for our engagements, we committed to helping the company successfully implement our recommendations by developing detailed functional specifications and other tactical/technical documentation, performing project management work, providing ongoing thought leadership around risk and payments, optimized specific payment problems, and developed payment and risk related policy recommendations.
• As a result of this work, the company has built and launched a scalable payments, risk, and billing platform that is now serving as a catalyst for growth by providing both current and new business lines with efficient best of class payment processing services.

When the fraud rate for a division of a $2-5 billion diversified online services conglomerate that sells music online began to skyrocket, we were asked to investigate, find root causes, and develop an effective mitigation plan. We interviewed divisional staff to ascertain the state of current controls then developed a data request and analysis plan to understand the characteristics of the fraud attack. The client pulled the requested data, performed the analysis, then delivered the results to us for assessment.

• We found that the company lacked best practices controls but had limited time and limited resources to respond to the attack and therefore required a targeted response plan that could produce the fastest possible improvement with the smallest possible amount of effort.
• Our investigation determined that all of the increase in fraud could be contained, at least temporarily, by developing controls to reject orders with certain characteristics.
• We analyzed transaction data to determine the specific criteria that the merchant should block in order to return fraud rates to acceptable levels while impacting the smallest possible number of orders from good customers.
• The company implemented our recommendations and the fraud rate immediately fell to acceptable levels. The company did not experience a drop in good orders or any reports of negative customer experience. No further work was required.