How do Stripe Connect Custom customers manage SMB risk?

March 19, 2024

If you’re a software company trying to offer embedded payments quickly, you’ve probably considered using a white-labeled payments offering such as Stripe Connect Custom.

Stripe Connect Custom makes it significantly easier for software companies to offer embedded payments to their SMB customers. However, Stripe doesn’t manage or own fraud and credit risk. This means that software companies have to take on these responsibilities themselves, often for the first time.

We wrote a quick guide on how software platforms can complement Stripe Connect Custom with best-in-class risk management strategies.

What is Stripe Connect Custom?

Stripe Connect Custom offers software companies such as Shopify a much easier way to integrate payments into their offering versus other embedded payment models. It also allows software companies to own more of the customer experience: they control customer support, brand experience, and commercial strategy, while Stripe Connect Custom only controls compliance obligations (e.g., AML/KYC and card network requirements).

Software companies using Stripe Connect Custom are responsible for SMB risk management after onboarding. This includes underwriting, anti-fraud strategies, and merchant monitoring.

Key risk responsibilities

Stripe Connect’s risk management support is pretty limited after SMB onboarding. Since its tools only cover transaction monitoring, it can miss some important signals for holistic SMB risk decisioning.

Let’s walk through some of the key risk management responsibilities a typical software platform faces when offering Stripe-powered embedded payments to an SMB customer.

Onboarding & underwriting

Onboarding responsibilities are owned by Stripe. Stripe provides KYC and AML checks of key management, including identity verification and prohibited business checks. It also conducts sanctions screening (OFAC) and TIN matching.

Software companies often own business entity verification & underwriting responsibilities:

  • Business entity verification: Does the business purpose stated in the SMB’s application match statements in public datasets? Does the contact information in the application match information available publicly? Stripe usually does not have access to this data, which lives in government databases and SMBs’ websites.
  • SMB fraud: Does it seem like the application was submitted by the true business owner, or does it appear like someone impersonated a real business without their consent? Separately, does the business owner’s application intent seem questionable (e.g., based on their previous business history)?
  • Underwriting: How is the business performing? What key business indicators can the software platform use to underwrite risk?

Software companies have a unique advantage when underwriting existing SMB customers. They can leverage internal data on these customers to accelerate business verification and more accurately assess their risk profile for payments. 

For example, salon software providers often collect information on a salon’s booking volume. This is a valuable data point in the underwriting process. If a salon is experiencing consistent booking volume growth with few cancellations, that could suggest strong business health and lower chargeback risk. The software provider can provide a more frictionless onboarding experience (shorter decisioning time) and underwriting experience (more flexible payment volumes) to this business than if they had just relied on Stripe data.

Monitoring

Once a business is onboarded, software companies are responsible for continuously monitoring it for any changes in business health. Stripe Connect is largely hands-off at this point. Companies can choose to use a separate Stripe product, Radar, to assess transactional payments risk, but it doesn’t monitor overall risk.

Software companies should monitor businesses for key credit and fraud risk signals on an ongoing basis:

  • Credit risk: The biggest loss drivers from embedded payments programs stem from non-fraud losses owing to credit risk. This happens when an SMB customer goes out of business because they can’t manage their business operations anymore. Proactively managing SMB credit exposure can help drive down these types of losses.
  • Fraud risk: The rise in account takeovers (ATOs) and first party fraud means that software platforms need to stay vigilant when monitoring their merchant customers. To mitigate these risks, software platforms need to systematically build profiles of their customers’ steady state behavior (e.g. average payment volumes and dispute rates). They can then set up alerts for abnormal behavior, and send these cases to manual review if necessary.

Coris streamlines risk management

Many software companies using Stripe Connect Custom are managing SMB risk management in a piecemeal, manual process. Their risk team manually searches the internet collecting data on each SMB that’s applied, build spreadsheets to keep track of key SMB risks, and use a generic CRM like Salesforce for case management. They have valuable payments data in their Stripe instance, but it’s siloed from other tools and difficult to make use of in a holistic risk management strategy.

Coris automates SMB risk management and allows teams to act on Stripe data in realtime with our bidirectional Stripe integration. Teams can leverage Coris throughout their risk management process.

Onboarding & underwriting

Coris complements Stripe Connect’s onboarding procedures with MerchantProfiler, our unique KYB offering. MerchantProfiler includes data on business registration, GPT-powered industry classification, analysis of business websites, aggregated reviews from 3rd party platforms such as Google and Yelp, and other comprehensive data for SMBs in 46 countries.

MerchantProfiler has helped teams at Mindbody reduce their onboarding processes by 80%, and has helped other customers prevent merchant fraud at sign-up (business impersonation fraud).

Monitoring

Credit exposure: Software platforms can monitor SMB credit exposure through Fuzio, our centralized risk monitoring platform. Fuzio’s rule engine blends merchant data from Stripe, our MerchantProfiler product, and data integrations to write custom rules and trigger alerts on merchants that need to be reviewed for credit or fraud risks. 

Additionally, Fuzio offers an exposure calculator and merchant rollups. These tools allow risk teams to keep tabs on key risk signals (payment volumes, chargebacks, authorization rates, etc.) at the aggregate and individual level.

Automated Stripe alerts and actions: Sometimes, Stripe and software platforms differ on how to handle exceptions with SMB customers. For example, Stripe might reject an SMB customer’s payout request when it’s valid

Currently, risk teams don’t have an easy way of finding out about these exceptions, so they typically pull manual queries in Excel spreadsheets in order to keep tabs on them. Fuzio streamlines this notification process with its automated rules and actions. Now, risk teams can create automated alerts in the event of a payout rejection, and can automatically pause an SMB customer’s payment offering or payout in Stripe in the event of a negative balance.

Sign up today

Contact us if you’d like to join forward-thinking Stripe Connect customers like Mindbody and automate your SMB risk management. 

Wrapping Up

We hope this guide is helpful for getting started with the OS1 and Google Cartographer. We’re looking forward to seeing everything that you build. If you have more questions please visit forum.ouster.at or check out our online resources.

This was originally posted on Wil Selby’s blog: https://www.wilselby.com/2019/06/ouster-os-1-lidar-and-google-cartographer-integration/

Related Resources

Alloy partners with Coris to automate SMB risk & fraud intelligence
How does GPT-4-powered merchant industry classification compare to a risk analyst?
Introducing Account Graph
Introducing Adverse Media Insights
How do Stripe Connect Custom customers manage SMB risk?
Recap: Perspectives on Scaling Embedded Payments
Introducing our Adyen Integration
Introducing MerchantVision, powered by GPT-4 with vision
Mindbody reduces manual SMB onboarding by 80% in 45+ countries
Announcing our fundraising, new SMB fraud model & KYB
New year, same risks?
Reducing fraud through MerchantProfiler
Recap: Risk management as a growth lever in a downturn
Introducing Account Tags
Our feature in the "Leaders in Payments" podcast
Recap: How to successfully manage embedded payments
Announcing our SOC 2 Type 2 Compliance
How to build a risk program for your payments product
Introducing IndustryMark
Introducing Fuzio, the first Merchant Risk Operating System
How to choose a payments model for your software platform
Introducing Case Management
Announcing our integration with Stripe Connect
Announcing our expansion to 42 additional countries
Announcing Coris’s SOC 2 Type I Compliance
Going global: Expanding to the U.K., Canada, and Australia
Automating Merchant Underwriting with Coris’s SiteRating
Coris AI launches Merchant Real Industry using GPT-4
Risk 101: Everything You Need to Know
The 5 Levels of Automating Small Business Underwriting
Automation of Merchant Risk Monitoring is Essential
Strong Infrastructure is the Key to Scaling SMB Underwriting
Why Monitoring Merchant Risk Needs to be Elevated
Explore
IntegrationsDevelopersAbout UsResources
legal
Privacy PolicyTerms & Conditions
connect
LinkedInTwitter
©2024 Coris, Inc. All Rights Reserved

How do Stripe Connect Custom customers manage SMB risk?

March 19, 2024

If you’re a software company trying to offer embedded payments quickly, you’ve probably considered using a white-labeled payments offering such as Stripe Connect Custom.

Stripe Connect Custom makes it significantly easier for software companies to offer embedded payments to their SMB customers. However, Stripe doesn’t manage or own fraud and credit risk. This means that software companies have to take on these responsibilities themselves, often for the first time.

We wrote a quick guide on how software platforms can complement Stripe Connect Custom with best-in-class risk management strategies.

What is Stripe Connect Custom?

Stripe Connect Custom offers software companies such as Shopify a much easier way to integrate payments into their offering versus other embedded payment models. It also allows software companies to own more of the customer experience: they control customer support, brand experience, and commercial strategy, while Stripe Connect Custom only controls compliance obligations (e.g., AML/KYC and card network requirements).

Software companies using Stripe Connect Custom are responsible for SMB risk management after onboarding. This includes underwriting, anti-fraud strategies, and merchant monitoring.

Key risk responsibilities

Stripe Connect’s risk management support is pretty limited after SMB onboarding. Since its tools only cover transaction monitoring, it can miss some important signals for holistic SMB risk decisioning.

Let’s walk through some of the key risk management responsibilities a typical software platform faces when offering Stripe-powered embedded payments to an SMB customer.

Onboarding & underwriting

Onboarding responsibilities are owned by Stripe. Stripe provides KYC and AML checks of key management, including identity verification and prohibited business checks. It also conducts sanctions screening (OFAC) and TIN matching.

Software companies often own business entity verification & underwriting responsibilities:

  • Business entity verification: Does the business purpose stated in the SMB’s application match statements in public datasets? Does the contact information in the application match information available publicly? Stripe usually does not have access to this data, which lives in government databases and SMBs’ websites.
  • SMB fraud: Does it seem like the application was submitted by the true business owner, or does it appear like someone impersonated a real business without their consent? Separately, does the business owner’s application intent seem questionable (e.g., based on their previous business history)?
  • Underwriting: How is the business performing? What key business indicators can the software platform use to underwrite risk?

Software companies have a unique advantage when underwriting existing SMB customers. They can leverage internal data on these customers to accelerate business verification and more accurately assess their risk profile for payments. 

For example, salon software providers often collect information on a salon’s booking volume. This is a valuable data point in the underwriting process. If a salon is experiencing consistent booking volume growth with few cancellations, that could suggest strong business health and lower chargeback risk. The software provider can provide a more frictionless onboarding experience (shorter decisioning time) and underwriting experience (more flexible payment volumes) to this business than if they had just relied on Stripe data.

Monitoring

Once a business is onboarded, software companies are responsible for continuously monitoring it for any changes in business health. Stripe Connect is largely hands-off at this point. Companies can choose to use a separate Stripe product, Radar, to assess transactional payments risk, but it doesn’t monitor overall risk.

Software companies should monitor businesses for key credit and fraud risk signals on an ongoing basis:

  • Credit risk: The biggest loss drivers from embedded payments programs stem from non-fraud losses owing to credit risk. This happens when an SMB customer goes out of business because they can’t manage their business operations anymore. Proactively managing SMB credit exposure can help drive down these types of losses.
  • Fraud risk: The rise in account takeovers (ATOs) and first party fraud means that software platforms need to stay vigilant when monitoring their merchant customers. To mitigate these risks, software platforms need to systematically build profiles of their customers’ steady state behavior (e.g. average payment volumes and dispute rates). They can then set up alerts for abnormal behavior, and send these cases to manual review if necessary.

Coris streamlines risk management

Many software companies using Stripe Connect Custom are managing SMB risk management in a piecemeal, manual process. Their risk team manually searches the internet collecting data on each SMB that’s applied, build spreadsheets to keep track of key SMB risks, and use a generic CRM like Salesforce for case management. They have valuable payments data in their Stripe instance, but it’s siloed from other tools and difficult to make use of in a holistic risk management strategy.

Coris automates SMB risk management and allows teams to act on Stripe data in realtime with our bidirectional Stripe integration. Teams can leverage Coris throughout their risk management process.

Onboarding & underwriting

Coris complements Stripe Connect’s onboarding procedures with MerchantProfiler, our unique KYB offering. MerchantProfiler includes data on business registration, GPT-powered industry classification, analysis of business websites, aggregated reviews from 3rd party platforms such as Google and Yelp, and other comprehensive data for SMBs in 46 countries.

MerchantProfiler has helped teams at Mindbody reduce their onboarding processes by 80%, and has helped other customers prevent merchant fraud at sign-up (business impersonation fraud).

Monitoring

Credit exposure: Software platforms can monitor SMB credit exposure through Fuzio, our centralized risk monitoring platform. Fuzio’s rule engine blends merchant data from Stripe, our MerchantProfiler product, and data integrations to write custom rules and trigger alerts on merchants that need to be reviewed for credit or fraud risks. 

Additionally, Fuzio offers an exposure calculator and merchant rollups. These tools allow risk teams to keep tabs on key risk signals (payment volumes, chargebacks, authorization rates, etc.) at the aggregate and individual level.

Automated Stripe alerts and actions: Sometimes, Stripe and software platforms differ on how to handle exceptions with SMB customers. For example, Stripe might reject an SMB customer’s payout request when it’s valid

Currently, risk teams don’t have an easy way of finding out about these exceptions, so they typically pull manual queries in Excel spreadsheets in order to keep tabs on them. Fuzio streamlines this notification process with its automated rules and actions. Now, risk teams can create automated alerts in the event of a payout rejection, and can automatically pause an SMB customer’s payment offering or payout in Stripe in the event of a negative balance.

Sign up today

Contact us if you’d like to join forward-thinking Stripe Connect customers like Mindbody and automate your SMB risk management. 

Explore
IntegrationsDevelopersAbout UsResources
legal
Privacy PolicyTerms & Conditions
connect
LinkedInTwitter
©2024 Coris, Inc. All Rights Reserved