The Credit Scoring Toolkit

This page intentionally left blank

The Credit Scoring ToolkitTheory and Practice for Retail Credit RiskManagement and Decision Automation

Raymond Anderson

1

3Great Clarendon Street, Oxford OX2 6DPOxford University Press is a department of the University of Oxford.It furthers the Universitys objective of excellence in research, scholarship,and education by publishing worldwide inOxford New YorkAuckland Cape Town Dar es Salaam Hong Kong KarachiKuala Lumpur Madrid Melbourne Mexico City NairobiNew Delhi Shanghai Taipei TorontoWith ofces inArgentina Austria Brazil Chile Czech Republic France GreeceGuatemala Hungary Italy Japan Poland Portugal SingaporeSouth Korea Switzerland Thailand Turkey Ukraine Vietnam

Oxford is a registered trade mark of Oxford University Pressin the UK and in certain other countries

Published in the United Statesby Oxford University Press Inc., New York

Raymond Anderson 2007

The moral rights of the author have been assertedDatabase right Oxford University Press (maker)

First published 2007

All rights reserved. No part of this publication may be reproduced,stored in a retrieval system, or transmitted, in any form or by any means,without the prior permission in writing of Oxford University Press,or as expressly permitted by law, or under terms agreed with the appropriatereprographics rights organization. Enquiries concerning reproductionoutside the scope of the above should be sent to the Rights Department,Oxford University Press, at the address above

You must not circulate this book in any other binding or coverand you must impose the same condition on any acquirer

British Library Cataloguing in Publication DataData available

Library of Congress Cataloging in Publication DataData available

Typeset by Newgen Imaging Systems (P) Ltd., Chennai, IndiaPrinted in Great Britainon acid-free paper byBath Press Ltd., UK.

ISBN 9780199226405

10 9 8 7 6 5 4 3 2 1

To Nofunisela Mirriam NyikizaHousekeeper and Friend, for your many years of service

This page intentionally left blank

Contents

List of gures xiiiList of tables xvList of equations xixPreface xxiiiAcknowledgments xxviiOutline xxix

Module A Setting the scene 1

1 Credit scoring and the business 31.1 What is credit scoring? 31.2 Where is credit scoring used? 71.3 Why is credit scoring used? 141.4 How has credit scoring affected credit provision? 211.5 Summary 25

2 Credit micro-histories 272.1 History of credit 282.2 History of credit scoring 382.3 History of credit bureaux 442.4 History of credit rating agencies 512.5 Summary 53

3 The mechanics of credit scoring 553.1 What are scorecards? 553.2 What measures are used? 633.3 What is the scorecard development process? 733.4 What can affect the scorecards? 833.5 Summary 90

Module B Risky business 93

4 The theory of risk 954.1 The risk lexicon 954.2 Data and models 1014.3 Conclusion 107

5 Decision science 1095.1 Adaptive control 110

5.2 Be the master, not the slave 1125.3 Summary 118

6 Assessing enterprise risk 1216.1 Credit risk assessment 101 1226.2 SME lending 1286.3 Financial ratio scoring 1326.4 Credit rating agencies 1416.5 Modelling with forward-looking data 1496.6 Conclusion 155

Module C Stats and maths 159

7 Predictive statistics 101 1617.1 An overview of predictive modelling techniques 1637.2 Parametric techniques 1657.3 Non-parametric techniques 1727.4 Critical assumptions 1787.5 Results comparison 185

8 Measures of separation/divergence 1878.1 Misclassication matrix 1908.2 Kullback divergence measure 1918.3 KolmogorovSmirnov (KS) 1958.4 Correlation coefcients and equivalents 1988.5 Chi-square (2) tests 2088.6 Accuracy tests 2128.7 Summary 219

9 Odds and ends 2239.1 Descriptive modelling techniques 2239.2 Forecasting tools 2259.3 Other concepts 2319.4 Basic scorecard development reports 2359.5 Conclusion 240

10 Minds and machines 24310.1 People and projects 24310.2 Software 25010.3 Summary 252

Module D Data! 255

11 Data considerations and design 25711.1 Transparency 25711.2 Data quantity 259

viii Contents

11.3 Data quality 26211.4 Data design 26911.5 Summary 273

12 Data sources 27512.1 Customer supplied 27612.2 Internal systems 28012.3 Credit bureaux data 28412.4 Summary 296

13 Scoring structure 29913.1 Customisation 29913.2 Hostinginternal versus external 30413.3 Integrating data 30613.4 Credit risk scoring 31013.5 Matching! 31113.6 Summary 313

14 Information sharing 31514.1 Credit registries 31514.2 Do I or dont I? 32114.3 Summary 326

15 Data preparation 32915.1 Data acquisition 32915.2 Good/bad denition 33515.3 Observation and outcome windows 34415.4 Sample design 34715.5 Summary 353

Module E Scorecard development 355

16 Transformation 35716.1 Transformation methodologies 35716.2 Classing 36116.3 Use of statistical measures 36716.4 Pooling algorithms 37016.5 Practical cases 37216.6 Summary 376

17 Characteristic selection 37917.1 Considerations for inclusion 37917.2 Statistical measures 38217.3 Data reduction methods 38417.4 Variable feed 38917.5 Summary 393

18 Segmentation 39518.1 Segmentation drivers 395

Contents ix

18.2 Identifying interactions 39718.3 Addressing interactions 39818.4 Summary 399

19 Reject inference 40119.1 Why reject inference? 40219.2 Population ows 40319.3 Performance manipulation tools 40619.4 Special categories 40819.5 Reject inference methodologies 40919.6 Summary 417

20 Scorecard calibration 41920.1 Score banding 42020.2 Linear shift and scaling 42420.3 Reconstitution using linear programming 42920.4 Summary 431

21 Validation 43321.1 Components 43521.2 Disparate impact 43921.3 Summary 440

22 Development management issues 44122.1 Scheduling 44122.2 Streamlining 44222.3 Summary 444

Module F Implementation and use 445

23 Implementation 44723.1 Decision automation 44723.2 Implementation and testing 45223.3 Summary 456

24 Overrides, referrals, and controls 45724.1 Policy rules 45724.2 Overrides 45824.3 Referrals 46024.4 Controls 46324.5 Summary 466

25 Monitoring 46725.1 Portfolio analysis 46925.2 Performance tracking 47325.3 Drift reporting 48025.4 Selection process 48425.5 Summary 493

x Contents

26 Finance 49526.1 Loss provisioning 49526.2 Direct loss estimation 49726.3 Loss component estimation 50126.4 Scoring for prot 51226.5 Risk-based pricing 51926.6 Summary 525

Module G Credit Risk management cycle 527

27 Marketing 52927.1 Advertising media 52927.2 Two tribes go to warquantity versus quality 53027.3 Pre-screening 53227.4 Data 53427.5 Summary 536

28 Application processing 53728.1 Gatherinterested customer details 53828.2 Sortinto strategy buckets 54328.3 Actionaccept or reject 54628.4 Summary 551

29 Account management 55329.1 Types of limits 55429.2 Over-limit management 55629.3 More limit and other functions 56029.4 Summary 564

30 Collections and recoveries 56730.1 Overview 56730.2 Triggers and strategies 57030.3 Scoring 57230.4 Summary 575

31 Fraud 57731.1 Types of fraud 57931.2 Fraud detection tools 58431.3 Fraud prevention strategies 58631.4 Fraud scoring 58831.5 Summary 591

Module H Regulatory environment 593

32 Regulatory concepts 59532.1 Best practice 595

Contents xi

32.2 Good governance 59632.3 Business ethics and social responsibility 59832.4 Compliance hierarchy 60032.5 Summary 601

33 Data privacy and protection 60333.1 Background 60333.2 Data privacy principles 61033.3 Summary 619

34 Anti-discrimination 62134.1 Discriminationwhat does it mean? 62134.2 Problematic characteristics 62434.3 Summary 625

35 Fair lending 62735.1 Predatory lending 62835.2 Irresponsible lending 62935.3 Responsible lending 63135.4 Summary 632

36 Capital adequacy 63536.1 Basel capital accord 1988 (Basel I) 63736.2 New Basel capital accord 2004 (Basel II) 63836.3 RWA calculation 64436.4 Summary 647

37 Know Your customer (KYC) 64937.1 Due diligence requirements 65037.2 Customer identication requirements 651

38 National differences 65338.1 United States of America 65338.2 Canada 65538.3 United Kingdom 65638.4 Australia 65838.5 Republic of South Africa (RSA) 659

Glossary 663Bibliography 709Appendices 721Index 723

xii Contents

List of gures

1. Module ow xxixE.1 Scorecard development process xlivG.1 Credit risk management cycle l1.1 Scoring aspects 91.2 Historical data use 233.1 Bias and at maximum 593.2 Bad rate by score 663.3 Cut-off strategies 663.4 Score distributions 683.5 Power and accuracy loss 683.6 Development process 743.7 Environmental drift 844.1 Risk linkages 964.2 Risky business 974.3 Ease of measurement 1024.4 Risk assessment revolutions 1034.5 Volumes and prots 1045.1 RIsk strategies 1105.2 Adaptive-control process 1115.3 Optimisation 1176.1 Default rates and mean reversion 1436.2 Rating migration matrix 1507.1 Linear regression 1667.2 Logistic function 1717.3 Decision tree 1738.1 Misclassication graph 1918.2 Weight of evidence 1938.3 Population stability 1958.4 KolmogorovSmirnov 1968.5 Lorenz curve 2038.6 ROC curve 2078.7 Chi-square distribution 2108.8 Degrees of freedom 2109.1 Markov chain illustration 2269.2 Monotonicity/classing 2339.3 Strategy curve 23910.1 Software strategies 25111.1 Application/Behavioural Trade-off 267

13.1 Independent scores 30613.2 Discrete scores 30713.3 Integrated scores 30813.4 Customer scoring 31115.1 Outcome points 33315.2 Data assemblyow diagram 33515.3 Good/bad denition 33615.4 Application scoringsample window 34517.1 Stepping 39018.1 Segmentationclassication tree 39718.2 Segmentationstrategy curve comparison 39919.1 Population ows 40419.2 Bivariate visualisation 41519.3 Bivariate inference process 41620.1 Scorecard features 42724.1 Credit policy/score matrix 45825.1 Scorecard performance drift 47325.2 Life cycle effect 47725.3 New account effect 47825.4 Score misalignment 47925.5 Final decision and score overrides by score 49125.6 Override reason codes by score 49326.1 Loss-timing curves 50326.2 LGD distribution 50826.3 Example LGD distribution 51226.4 Time to write-off 51226.5 Risk versus prot per account 51527.1 Response versus acceptance 53127.2 Risk versus return 53227.3 Risk versus response 53327.4 Risk, response, value scoring 53427.5 Data mart 53528.1 Gather 53928.2 Sort 54328.3 Action 54729.1 Limit strategies 55529.2 Pay/no pay 55729.3 Card authorisations 55929.4 Risk versus usage 56230.1 C&Rowchart 56930.2 Entry versus sequential denitions 57431.1 UK plastic fraud losses 57836.1 Basel I versus Basel II 639

xiv List of gures

List of tables

G.1 CRMC versus process components matrix lii1.1 A day at the races 61.2 Aspects of customer behaviour 121.3 Impact on business areas 151.4 Credit growth drivers 222.1 History of credit, scoring, reporting, rating 272.2 Usuryancient prohibitions 312.3 Usuryancient limitations 312.4 Genealogies and milestonescredit cards 352.5 Genealogies and milestonescredit scoring consultancies 382.6 Early bureau score developments 422.7 Genealogies and milestonescredit bureaux 452.8 Genealogies and milestonescredit rating agencies 513.1 Application scorecard example 563.2 Odds and bad rate calcs 643.3 Inferred performance for rejects 653.4 Economic changes 855.1 Philosophies of science 1135.2 Experimental design frameworks 1146.1 Data versus the ve Cs 1236.2 USA Firms by size (assets) 1996 IRS data 1246.3 Company size versus data 1246.4 Models versus data 1266.5 Financial ratio analysis 1356.6 Moodys credit research databasepredictive characteristics 1366.7 Financial statement characteristics 1366.8 Moodys KMVCRD 1406.9 Letter grades 1426.10 Speculative grade recovery rates19822000 1446.11 Modelling approaches using forward-looking data 1496.12 One-year transition matrix 1516.13 Five-year transition matrix 1517.1 Notation examples 1627.2 Bayes theorem proof 1627.3 Predictive statistics overview 1637.4 Comparison of resultspercentage of cases correctly classied 1858.1 Measures of separation 188

8.2 Misclassication matrix 1918.3 Information value calculation 1948.4 Correlation 1998.5 Income inequality 2048.6 Scorecard effectiveness 2058.7 Chi-square calc 2098.8 Chi-squaregood/bad odds test 2118.9 Binomial accuracy tests 2158.10 Log likelihood 2198.11 Use of statistical measures 2219.1 Descriptive models and forecasting tools 2239.2 Transition probabilities 2269.3 Credit quality survival function (S&P) 2309.4 Interactions 2329.5 Characteristic analysis report 2369.6 Score distribution report 2389.7 Strategy table 23911.1 Effect of opacity 25811.2 Inaccuracies and their effects 26311.3 Bureau report inaccuracies 26811.4 Categorical variablesincreasing dimensions 27312.1 Application form characteristics 27712.2 Financial statement items 27912.3 Account management data 28112.4 Bureau data types 28613.1 Hostingin-house versus vendor 30513.2 Decision matrix 30914.1 Registry penetration in 2003 31714.2 Benets of positive data (Barron and Straten (2003)) 32415.1 G/B denitionroll rates to NPL 34215.2 Reweighting for time effect 34615.3 Uneven sampling 34715.4 Sample types 34915.5 Stratied sampleapplication 35215.6 Behaviouralno oversampling 35315.7 Behaviouralwith oversampling 35316.1 Dummy variable example 36016.2 Risk measure substitute 36116.3 Characteristic analysis report 36316.4 Fine classcategorical 36416.5 Fine classcontinuous 36516.6 Characteristic comparison 36816.7 Coarse classinginput 36916.8 Coarse classinganalytics 369

xvi List of tables

16.9 Non-adjacent pooling algorithm 37016.10 Adjacent pooling algorithm 37116.11 Monotone adjacent pooling algorithm 37216.12 Court judgmentscoarse class 37316.13 Industrycoarse class 37416.14 Occupationcoarse class 37617.1 Measures of predictive power 38217.2 Information value (F-statistic) benchmarks 38317.3 Information value comparison 38517.4 Correlation matrix 38617.5 Variable clusters 38818.1 SegmentationGini comparison 39819.1 Reject inference 40419.2 Reject inferencecharacteristic analysis 40519.3 Known versus inferred 40519.4 Augmentation 41219.5 Extrapolation 41320.1 Rating agency grade benchmarks 42120.2 MAPA-based calibration 42520.3 Log reference 42820.4 Linear transformation 42920.5 Odds doubling 43021.1 Scorecard presentation 43721.2 Score shiftscorecard drift report 43821.3 Score shiftcharacteristic drift report 43922.1 Streamlined redevelopment 44225.1 Report types and applications 46825.2 Front- and back-end reporting 46825.3 Delinquency distribution report 47025.4 Transition matrix 47025.5 Past duetransition matrix 47125.6 Past dueMarkov process 47125.7 Scorecard performance report 47425.8 Cohort/vintage analysisby bad rate 47625.9 Score misalignment 47925.10 Population stability report 48125.11 Score shift calculation 48325.12 Characteristic analysisbooking rates 48425.13 Override monitoring 48625.14 Through-the-door and not decisioned 48725.15 Score decision 48925.16 System decision 48925.17 Overrides and refers 48925.18 Final decision and take ups (booking) 490

List of tables xvii

25.19 Final decision and take-ups by score 49125.20 Policy rulesaccept/reject 49226.1 Provision calculation 49626.2 Bad debt charge 49726.3 Net-ow model 49826.4 Transition matrix with money values 50026.5 Transition matrix with roll rates 50126.6 Markov chain for past due 50126.7 Vintage loss analysis 50426.8 Risk extrapolation 50726.9 Expected loss summarymoney values 51026.10 Expected loss summaryaverages 51126.11 Prot drivers 51326.12 Risk by prot drivers 51526.13 Prot-based cut-off 51626.14 Matrix approach to risk versus revenue limit setting 51927.1 Advertising media 53027.2 Data extraction 53528.1 Strategy tables 54629.1 Borrower types 55430.1 Collections strategy table 57130.2 Collection scoring summary 57330.3 Bespoke versus prior stage 57433.1 Data privacy legislation 60534.1 Unfair discrimination legislation 62435.1 UK survey results 63035.2 UK over-indebtedness 63136.1 Basel IIIRB approach 64036.2 Basel risk-weighted asset calculation 64538.1 National differences 653

xviii List of tables

List of equations

3.1 Regression formula y b0 b1 x1 b2 x2 . . . bn xn e 55

3.2 Linear probability modelling y G/(G B) 57

3.3 Logistic (logit) regression y eGB 58

3.4 Expected loss $EL PD% $EAD LGD% f(M) 69

6.1 Distance to default 153

6.2 Black and Scholes, and Mertons models 153

6.3 Credit spread 155

7.1 Simple linear regression 166

7.2 Linear probability modelling 167

7.3 Standard error 168

7.4 Coefcient of determination 169

7.5 Logit regression 170

8.1 Divergence statistic 189

8.2 Weight of evidence 192

8.3 Information value 193

8.4 Population stability 194

8.5 KS statistic 196

8.6 Pearsons correlation 199rNXYXY

N(X2(X)2)(Y2(Y)2)

DKSmax{abs(cpYcpX)}

Fn

i1 OiO

Ei

ELnOi

O EiEF

n

i1 NiN

Pi

PWoEi

WiLn NiN Pi

P

D2(GB)

2

(G2 B

2)/2

ln p(Good)1p(Good)b0b1x1b2x2 . . . bkxkeR21

(Yi Yi)2(YYi)2

se(YiYi)2

n1k

P(Good)i0p

j1j xijei

yi01xi1ei

(1r)T (1r )T (1q)q

ADA

8.7 Fishers z transformation 201

8.8 Spearmans rank-order correlation 202

8.9 Gini coefcient 204

8.10 AUROC 207

8.11 Pearsons chi-square 208

8.12 Factorial 214

8.13 Number of combinations 214

8.14 Binomial probability 214

8.15 Critical binomial 215

8.16 Binomial normal approximation 216

8.17 HosmerLemeshow statistic 217

8.18 Total log-likelihood 218

8.19 Likelihood 218

8.20 Nave TLL 218

8.21 Accuracy 218

8.22 Power 218

9.1 Matrix multiplication 227

9.2 Transition cell calculation 228

9.3 Survival function 230stPr(T t)sts0

tn1

(1n)

si1,k m

j1(si,j pj,k)

m0*m

i1Pi

Power LE LELE 1

Accuracy 1 (LE LO)

LE

TLLNave P ln TP N ln T N L expTLL

T/2

TLL T

i1 Pi ln(Pi /Pi) Pi 0, Pi 0Ni ln(N/Ni) Ni 0, Ni 0

HL g

k1nk (pk pk)

2

pk (1 pk) g

k1z2k

z knp

np (1 p)

ka min(k Pr(X k) )

Pr(X k) nCk pk (1 p)nk

nCk nk n!k!(nk)!

n!11 . . . n if n 0if n 0, n 1, 2, 3, . . .

2 n

i1(OiEi)2Ei

cP,N Pr[STP STN] 0.5 Pr[STP STN]

D1n

i1((cpYicpYi1)(cpXicpXi1))

rS16 (xRyR)2

N3N

z0.5 ln 1r1r

xx List of equations

9.4 Hazard function 231

15.1 Time-effect reweighting 346

15.2 Random sampling 349

16.1 Cumulative bad rate 372

16.2 MAPA Vk max{v|Ck,v max{Ck,v}} for all v Vk1 372

17.1 Residual modelling eK1, i yi yi, K1 SK,i eK,i 393

19.1 Known-to-inferred odds ratio 402

19.2 G/B reweighting 406

19.3 Augmentation assumption P(Y |X) P(Y |X, A) P(Y |X, R) 411

19.4 Augmentation reweighting 411

19.5 Required bads 412

20.1 CH-statistic 420

20.2 Benchmark breakpoints 422

20.3 Threshold score 422

20.4 Marginal bad rate 423

20.5 Score alignment 425

20.6 Log reference 428

20.7 Linear transformation 429cs1s2s2s1

s2s1, i

(s2s1)s2s1

, scsi

i Dln(G)

s c ln(DOrig) i

c S*ln(D G) (S I) ln(D)

ln(G)

f(TARGET) b0b1 Score

bi Bi (ui li 1) where Bi ui

jli

Bj

Sk max{si ri Rk}, i N

mins1,,sk1

g

k1nkln 1 pk

b

pkb ln 1 pkpk

2

CH(g) BSS/(g1)WSS/(ng)

g

k1nk(pk p)

2 / (g 1)

g

k1

nk

i1nk(Pi,k pk)

2 / (n g)

BI NR 1

1 (GK/BK)

KI

Wi Wi Aj Rj

Aj, where Si Lj . . . Uj

Wi Wi (R 1) (11/(R1))/R Pi 0(1/(R1)) Pi 1

KI (GK / BK)(GI / BI)

Ck,v v

iVk11Bi viVk11(BiGi)

si1 if Ri Ci0 if Ri Ci where CiS

i1

j1sj

N i1

wiWi B/TBm /Tm mim andyi 0t,tt1sttst

1t

List of equations xxi

20.8 Scorecard normalisation using linear programming 430

20.9 Relative log2 odds 431

20.10 Reference score 431

20.11 Linear programming: 431

25.1 Attribute score shift 482

26.1 PD% maturity adjustment 504

26.2 Expected loss 507

26.3 Exp. Loss Exposure Interest (Recovered Costs Mitigation) 507

26.4 LGD rate 508

27.1 Expected Prot P(Good) R (1 P(Good)) B 531

30.1 Net return value prob. of recovery cost of action 572

36.1 Basel I RWA (0% S) (20% B) (50% R) (100% O) 637

36.2 Minimum capital reserve requirement 638

36.3 Basel II minimum requirement 639

36.4 Correlation 644

36.5 Size adjustment 645

36.6 Capital requirement 646

36.7 Maturity adjustment 646

36.8 Future margin-income adj. 646

36.9 Double-default adj. 646

36.10 Risk-weighted assets 646RWAK%12.5EAD

K%K% (0.15160PD%Guarantor)

K%K%0.75PD%LGD%

K%K%(1 (M2.5)b)

(11.5b)

K%LGD%1(PD%)1(99.9%)

1

0.041 S545

Lq1eQPD%1eQ Hq1 1eQPD%

1eQ

8% T1T2

RWACreditOperationsMarketing

8% T1T2

RWACredit

LGD% (E I (RCM))

E

EL EAD PD% f(M) LGD%

f(M) T

tM1Dt D

Si OiO Ei

E i

Minimise aN

i1ei a1

M1

V1(d1V

d1V) a2

M2

V1(d2V

d2V)

si SV dV dV

L LOG2(rR)

xxii List of equations

Preface

When people ask me, What do you do for a living? they often note my hesitation, and add,It is not a trick question!, as I pause to phrase my answer. Most people are in the enviableposition of being able to say doctor, plumber, secretary, bus driver, or rat catcher, and it is usu-ally fairly clear what they do.

My rst response is usually banker even though I have not been through the normalbankers training routine, but I think it is a better description than statistician, computer pro-grammer, business analyst, or any other term that comes to mind. When children ask me, theymay well stop after that simple answer; but with adults, I often see a smile crossing theirfaces, as the oft-repeated collective-noun joke crosses their mindsassuming they do notautomatically start lambasting me about their latest problems with their robber band ofbankers.

Thereafter, assuming they are not already bored enough to change the conversation to thestock market (during a bull run), global warming, local politics, or the latest news on skir-mishes in the East, they might actually ask, What is it that you do . . . exactly? It took me along time to come up with an adequate response, When the bank turns down your loanrequest, and you blame the computer, blame me! I am the guy telling the computer what to do.Well, I cannot really take full credit for that. The task is a little bigger, with a lot more peopleinvolved.

The Scorecard Builders Prayer (ver. 3.01)

O scoring, who art in regression,Guessing be thy name.Thy assumptions come,Thy will be done in future as it was in the past,Give us this day our expected bad rates,And forgive us our lousy model weights,As we forgive those who supply us with poor data.Lead us not into write-offs,And deliver us from the auditors.For thine is the #NAME, the #DIV/0,and the #VALUE!Forever and ever, Amen.

Background and literature

Credit scoring is a discipline that has developed, and been widely adopted, since theearly 1960s. Today, these models are the grease that supports decision-making in countlessbusinesses around the world, yet the amount of literature available about the eld is lim-ited. As can be seen from the list below, prior to 2000, there were very few books on thetopic; but since then, the list has been growing at the rate of about one per year. Even so, as at2005, there were still less than 15 (some are not mentioned), and each varied in terms of thefocus area, how up-to-date it was, the background of the authors, target audience, andwhether the book was still in print. Of the available books, the following comments canbe made:

1992Lewis, E. An Introduction to Credit Scoring. Thirty years of experience was sum-marised into the rst, and one of the more readable, texts dedicated to credit scor-ing, which is still widely used as a reference work.

1995Hoyland, C. Data-Driven Decisions for Consumer Lending. Much like the above,except it focuses more on the practical application of the scores. It is also useful, inthat it is well illustrated, with examples and tables.

1998Mays, E., ed. Credit Risk Modelling: Design and Application. Collection of arti-cles by various well-respected authors, on different aspects of the topic.

2000 2nd edn 2003McNab, H., and Wynn, A. Principles and Practices of ConsumerCredit Risk Management. A summary of practices within the consumer creditindustry, largely credit cards, that was originally developed as a set of course notes.The primary focus is business practices, with credit scoring secondary.

2001Mays, E., ed. Handbook of Credit Scoring. Similar to the 1998 book, with repeatsof several of the articles.

2002Thomas, L., Edelman, D., and Crook, J. Credit Scoring and its Applications. Verycomprehensive, but highly academic and inaccessible to the layman. Prior knowl-edge of statistical and mathematical notation is assumed.

2003Thomas, L., Edelman, D., and Crook, J., eds. Readings in Credit Scoring. A col-lection of topical papers from various sources, especially the Credit Scoring andControl conferences in Edinburgh.

2004Mays, E., ed. Credit Scoring for Risk Managers: The Handbook for Lenders. Acollection of articles, mostly by Ms Mays, covering various aspects of credit scor-ing. While accessible, it does not hang together as a coherent whole.

2005Siddiqi, N. Credit Risk Scorecards: Developing and Implementing IntelligentCredit Scoring. Focuses on the development of in-house scoring capabilities,covering a broad range of development and implementation issues. Very fewreferences.

There is also information available on the Internet, but it unfortunately resides in countlessscattered articles, and it is very difcult to get a full picture. Much of it is also couched in

xxiv Preface

specialist jargon that is difcult to interpret. One also has to endure umbongi fatigue1 fromreading countless marketing blurbs, while trying to nd something meaningful.

Purpose of this book

This books purpose is to provide an overview of credit scoring and automation of credit deci-sion processes. When I rst started writing it in 2003, only four of the above books were avail-able to me, and there seemed to be a distinct gap in the market, for some not-quite-so-lightbedside reading, for people outside the eld who needed some knowledge of the topic. I hadtaken up writing as a hobby four years earlier, including travel and history articles, personalanecdotes, and open-mike poetry, and when someone suggested the possibility of writing atextbook, I was curious about whether my skills could be used to this end. These wereenhanced by an underlying desire simultaneously to inform, entertain, inuence, and somehowcapitalise on my own anal retentiveness, which has consistently fostered attention to detail inwhich nobody else is interested (thats supposed to be a joke!).

The intended audience for the book was initially second or third year university students,studying towards business degrees, who needed an overview of predictive statistics and theirapplication in the consumer-credit industry. At the same time, it was hoped that propeller-heads . . . uhhh, I mean the statisticians and mathematicians that develop the score-cards . . . would get some value from learning about how their scoring models t within thebusiness. By the way, no offence is meant here, as the author falls within this category.Propeller-heads rule!

One of the titles considered for an early version was The Working Mans Guide to CreditScoring, but this was trashed because of potential political incorrectness, and because, overtime, the content became more sophisticated. The audience broadened to include academics,managers, directors, and even regulators and law-makers, who are increasingly required tounderstand credit processes, and the statistical models used to support them. From an initialfocus on consumer credit, it also grew to cover aspects of micro-nance, and lending to busi-nesses ranging from small and medium enterprises, to middle-market companies. From an ini-tial focus on rst-world English-speaking countries, it grew to include non-English-speakingareas and developing countries, albeit most of the focus is still upon the United States and theUnited Kingdom, because of the large amount of available information. This non-geocentricapproach had the advantage of allowing broad principles to be derived, instead of focusingupon country-specic circumstances. For a time, The Credit Scoring MBA was considered asa title, to emphasise the breadth of topics covered; but unfortunately, this was discarded dueto potential confusion with a recognised Masters of Business Administration degree.

Finally, the title morphed to The Credit Scoring Toolkit: Theory and Practice for RetailCredit Risk Management and Decision Automation. The books primary goal is to informreaders regarding the concepts and language used in credit scoring and associated disciplines,so that they can both understand the concepts, and communicate with people with many yearsof experience in their subject areas.

Preface xxv

1 Umbongi is the Zulu word for praise singer.

Writing this book was a learning experience for me not only with regards to the subject mat-ter, but also in terms of writing an academic textbookespecially given that its original pur-pose was to act as course notes. Much time and effort has gone into both nding relevantinformation, and quoting the sources. If the same information was found in three or moreplaces, no specic reference is made, but any books and web-based articles of an academicnature are still cited in the bibliography. In spite of the academic bent, wherever possible,attempts were made to use a conversational writing style, explain specialist jargon, andexplain the heavy maths and stats to the best of my abilities. This was not always feasiblethough. In my defence, a comprehensive glossary cum dictionary has been provided, whichshould assist both English and non-English speakers.

xxvi Preface

Acknowledgments

There are times when you might think you have done it all yourself, but if you think about it,you probably have countless people to thank, many of whom have since moved on to newpositions. The rst person to thank is Harry Greene, who suggested that the book be written,but may have regretted it, after seeing how much of my life it consumed. I would also like tothank Neville Robertson, who invited me into the credit eld in 1996, which totally expandedmy horizons. Thanks must also go to Suzanne Parry, whose challenge provided the impetus forme to take up writing as a hobby, and to Etienne Cilliers, Paul Middleton, and David Hodnett,who provided me with the latitude to carry on with the book as it grew. People working withinthe credit scoring and analytical areas contributed directly to the book, and put up with meduring the time it was being written, by indulging discussions on trivial topics. These wereDenis Dell, Lizelle Bezuidenhout, Suben Moodley, Hanlie Roux, Richard Crawley-Boevey,Derek Doody, Charlotte Crowther, Garth Zietsman, and Derrick Nolan. Others that pro-vided input were Steve Barker, Mike Waiting, Ninian Gordon, Andre Tredoux, PierreKloppers, Dave Brimblecombe, Henrietta van Greuning, and Brian Hutchinson.

A person who must also be acknowledged is Jes Freemantle, a scorecard development con-sultant from whom much was learnt about the process. Without interaction with him, manyof the more technical concepts encountered while researching this book would have beenmuch more difcult to decipher. Likewise, thanks must also go to Helen McNab, who con-sulted on the setting of strategies and use of scoring within the business, and whose book wasthe bible while writing parts of this work. I would also like to thank Mark Schreiner, who isknown as the scoring guru of micro-nance for the third world, which is a totally differentworld to mainstream consumer credit. Conversations with him challenged many of theassumptions I had made in the past, and added new dimensions.

Finally, I would like to thank all of the individuals that I came to know through theEdinburgh Credit Scoring and Control conferences, who have provided support and/or inputover the period. These include, amongst others, Lyn Thomas, David Edelman, JonathanCrook, Ross Gayler, and Graham Platts.

Several people have taken the time to proofread and provide input on various aspects of thisbook. I apologise if any names are omitted, but would particularly like to acknowledge: GarthZietsman, Denis Dell, Henrietta van Greuning, and Daniel Morais (Standard Bank, RSA),Hanlie Roux (Nedcor, RSA), Riaan de Jong and Tania de la Rey (North West University, RSA),Mark Schreiner (micro-nance scoring consultant, USA), David Edelman (CaledoniaConsulting, UK), Jes Freemantle (Stratus Credit Consultancy, UK), Lyn Thomas (University ofSouthampton, UK), Ross Gayler (Baycorp Advantage, Australia), Graham Platts (Experian-Scorex, Monaco), Anthony Sumner (Experian, UK), Corne Strydom (SAS Monocle, RSA), andBarbara Hulme (practising psychologist, signicant other, and a huge distraction in my life).

This page intentionally left blank

Outline

Many textbooks start off with an outline that tells the reader what is going to be covered, butin many cases, the reader will only appreciate it after the whole textbook is read. That does notmean it is not usefulthe reader can always refer to it, and/or the table of contents, whentrying to track down a topic. It also acts as a useful tool for the author to check whether thesections have been put in a logical order, which ultimately also helps the reader. I am guilty ascharged; these summaries have helped me to organise the sections, and hopefully they willalso provide you with a quick overview of the book, and a quick reference if you lose yourbookmark.

AIntro

DData

Development

EModelling

FUse

GRiskcycle

B Risky business

HRegulation

CTools

Application Environment

Figure 1. Module ow.

This page intentionally left blank

Module A Setting the scene

[The use of credit scoring technologies] has expanded well beyond their original purpose ofassessing credit risk. Today they are used for assessing the risk-adjusted protability of accountrelationships, for establishing the initial and ongoing credit limits available to borrowers, and forassisting in a range of activities in loan servicing, including fraud detection, delinquency inter-vention, and loss mitigation. These diverse applications have played a major role in promoting theefciency and expanding the scope of our credit delivery systems and allowing lenders to broadenthe populations they are willing and able to serve protably.

Alan Greenspan, U.S. Federal Reserve Chairman, in an October 2002 speech to the American Bankers Association.1

Our modern world depends upon credit. Entire economies are driven by peoples ability tobuy-now, pay-later. Indeed, two hundred years ago it was a privilege to borrow money, butin todays industrialised societies it is considered a right. Providing credit is a risky businessthough, as borrowers differ in their ability and willingness to pay. At the extreme, lenders maylose the full amount, and perhaps even get sucked in for more. In other instances, they maylose only a part, or just incur extra costs to get the money back. It is a gamble, and lenders arealways looking for means of improving their odds.

Over the last fty years, automation has extended beyond the back-ofce functions ofaccounting and billing, and moved into the domain of decision-making. Its inuence has beengreatest on credit provision, where the much improved risk assessments have empoweredlenders to lend where they once feared to tread, and improved processes have aided accessibil-ity for the general public. For people applying for credit, it is often a black box thoughtheyknow what goes in and comes out, but not what happens inside. If you apply for a loan, youare told either yes or no. If yes, you are told the amount you can borrow and the repay-ment terms. If no, you either slink away with your tail between your legs, or go to the lendernext door and try again. And if the latter, or if you do not like the repayment terms, it is oftendifcult to get an adequate explanation of Why? Much of the problem arises because of apoor understanding of what goes on behind the scenes, even by lenders own employees. Thistextbook covers the topic, and the rst module has three chapters:

(1) Credit scoring and the businessCovers what credit scoring is, where it ts within thebusiness and the economy, and how it has affected us.

1 http://www.federalreserve.gov, quoted in Mays (2004:4).

(2) History of creditA micro-history of the provision of credit, credit scoring, creditbureaux, and credit rating agencies.

(3) Mechanics of credit scoringAn overview of how credit scoring works, especially asregards scorecard development.

Chapter 1 starts the module, using a FAQs framework to address several questions: (i) Whatis credit scoring?which treats the parts (credit and scoring) before considering the whole(credit scoring), and delves into the economic rationale, including concepts such as asym-metric information, adverse selection, moral hazard, and information rents; (ii) Where is itused?a brief look at the processes, data sources (customer, internal, and external), credit riskmanagement cycle (CRMC), and behavioural propensities (risk, response, revenue, and reten-tion); (iii) Why is it used?especially the quality, speed, and consistency of decisions, and howthese have affected lenders and consumers; and (iv) How has it inuenced the credit indus-try?its broader impact, with particular attention paid to data, risk assessment, decisionrules, process automation, and regulation.

Wherever possible in this textbook, historical background has been provided to put con-cepts in context. Chapter 2 is dedicated to history, including: (i) credit provisionfrom therst documented use of credit in ancient Babylon, through to the evolution of credit cards andrisk-based pricing; (ii) credit scoringfrom the time it was rst proposed in 1941, through theestablishment of Fair Isaac in 1958, to the evolution of bureau scores, and scorings use insecuritisation; (iii) credit bureauxfrom the origins of Dun and Bradstreet in the 1840s,through to the more recent evolution of Experian, Equifax, and Transunion; and (iv) creditrating agenciesincluding Moodys Investor Services from 1909, as well as Standard andPoors and Fitch IBCA.

Credit scoring is a technical area, and Chapter 3 touches on the mechanics: (i) scorecardsform and presentation, development, how good are the predictions?, how does scorecard biasarise?, and what can be done about it?; (ii) measures usedwhether as part of the businessprocess, assessment of scorecard performance, or the default probability and loss severitymeasures used in nance functions; (iii) development processcovering project preparation,data preparation, modelling, nalisation, decision-making and strategy, and security; and (iv)changes that can affect the scorecardsincluding the economy, marketing, operations, andsocietal attitudes towards debt.

These provide the 25 tour of credit scoring, after which the reader should have a broadoverview of the topic. It may be enough by itself, or just set the scene for the rest of the book.

xxxii Module A Setting the scene

Module B Risky business

While microprocessors used in workstations are doubling their capacity practically every year,demands posed by the user population grow much faster.

Dimitris Chorafas (1990)

When the term credit scoring is uttered, different people think of different things: customers,the credit application form and the ensuing call to the credit bureau, and possibly the last timethey were refused credit; statisticians, the predictive-modelling tools used to derive the riskrankings; lenders, the cut-off and limit strategies used to improve their bottom line; and for ITstaff, the systems required to calculate the scores, apply the strategies, and deliver the naldecisions.

This section focuses on the business aspectsthe strategic justications for why, when,where, and how it should be used. In some cases, the topics are grouped together just becausethey seem to t together, yet they are quite distinct:

(4) Theory of riskFrameworks for considering risks to the broader organisation, wherecredit risk is only one of them.

(5) Decision scienceCredit scoring allows case-by-case risk management, but use of sci-entic methodologies allows even greater value to be extracted.

(6) Assessing enterprise riskA look at lending to businesses of any size, including tradi-tional frameworks, and recent developments.

Risk is a part of any endeavour, but over the past few decades, it has become a specialist func-tion within organisations. Chapter 4 looks at broader risk frameworks: (i) the risk lexiconhighlighting risk linkages, the playing eld (company proposition, physical resources, andmarket, economic, social, and political factors), and risk types (primarily business, credit, mar-ket, and operational, but also others falling under business environment, business dealings,extraterritorial, personal, and intelligence) and (ii) data and modelslooks at data types(which can vary by source, time, inputs, indicators, and view), and model types (statistical,expert, hybrid, and pure judgement). Some risk types are easier to model than others, andframeworks are presented showing how the type of credit risk model used is typically a func-tion of structure and technology, and the volume of deals and prot per deal.

In order to reduce risk, businesses strive for greater control, which can be aided by havingproper policies, procedures, structure, and infrastructure. Businesses have made increasing useof scientic methods to provide greater structure. Chapter 5 looks at decision science, includ-ing: (i) adaptive controlwhere processes are adjusted to maintain consistent output and (ii)experimentation and analysisincluding champion/challenger, optimisation, simulation, and

xxxiv Module B Risky business

strategy inference. A framework is presented, illustrating that the strategy chosen should bedetermined by an events probability and potential impact.

Credit scoring originated in the consumer credit arena, but is increasingly replacing (or sup-porting) traditional enterprise risk assessments. Chapter 6 covers lending to business enter-prises: (i) basic credit risk assessmentcovering the traditional 5 Cs, data sources (securitiesprices, nancial statements, payment history, environmental assessment, and human input),and risk assessment tools (agency grades, business report scores, and public/private rm, haz-ard, and exposure models); (ii) SME lendingand forces driving lenders from relationship totransactional lending; (iii) nancial ratio scoringcovering pioneers, predictive ratios, ratingagencies, and internal grades; (iv) credit rating agenciestheir letter grades, derivation, andissues (small numbers, population drift, downward rating drift, business cycle sensitivity, andrisk heterogeneity within the grades); (v) modelling with forward looking datacoveringstraightforward historical analysis, structural approaches (Wilcoxs gamblers ruin, Black andScholes options-theoretic), and the reduced-form approach (proposed by Jarrow andTurnbull, which is based primarily on the credit spreads of bonds market prices).

Module C Stats and maths

To chop a tree quickly, spend twice the time sharpening the axe.Chinese proverb

The concept of data mining evolved during the 1990s, as classical statistics, articial intelli-gence (AI), and machine learning techniques were harnessed to search data for non-obviouspatterns, and knowledge. It is similar to conventional mining in that: (i) vast volumes have tobe processed just to yield a few gems and (ii) it requires its own picks and shovels, assayersscales, and people who know how to use them. Credit scoring might have started thirty yearsearlier, but is nonetheless considered part of the same arsenal (under classical statistics).Computing power was limited in the early days though, and the use of predictive statistics todrive production processesespecially selection processesbrought with it new challenges.As a result, some practices are specic to this environment, and may provide a competitiveadvantage. Even so, businesses interest today lies less in statistical tricks, and more in makingbetter use of data, and getting maximum value out of the resulting scores.

Nonetheless, credit scoring cannot be discussed without covering the statistical techniquesused. Such concepts are normally covered when discussing the Scorecard Development Process(Module E), but here they are instead treated as basic building blocks, primarily because manyof them are used at different stages in the process, and thereafter. These include

(7) Predictive statisticsMethods for providing estimates of unknown values, whetherfuture events or outcomes, that are difcult to determine (high cost or destructive).

(8) Measures of separation and accuracyCalculations used to provide indications ofthe power and stability of both predictors and predictions, and the accuracy ofpredictions.

(9) Odds and endsA collection of topics, including descriptive modelling techniques,forecasting tools, some statistical concepts, and basic scorecard development reports.

(10) Minds and machinesA look at the required people (scorecard developers, projectteam, steering committee) and software (scorecard development, decision engines).

As indicated, credit scoring has been built upon predictive statistics. Chapter 7 starts bydescribing some of the statistical notation, and moves on to: (i) on overview of the tech-niquesincluding modelling and data considerations when using them; (ii) parametric tech-niqueslinear regression, linear probability modelling (LPM), discriminant analysis (DA),and logistic regression; and (iii) non-parametric techniquesrecursive partitioning algorithms(RPAs, used to derive decision trees), neural networks (NNs), genetic algorithms, K-nearest

neighbours, and linear programming; (iv) critical assumptionscovering treatment of missingdata, statistical assumptions for parametric techniques (relating to variables and model resid-uals) and how violations can be addressed; and (v) a comparison of resultswhich providesno clear winners, although logistic regression leads the fray based purely on popularity.

Besides just developing the models, the results have to be measured. Chapter 8 looks atmeasures of separation/divergence used to assess both power and drift, including: (i) the mis-classication matrix and a graphical representation; (ii) the Kullback divergence measure,including the weight of evidence upon which it is built, information value, and stability index;(iii) the KolmogorovSmirnov statistic and associated graph; (iv) correlation coefcients andequivalentscovering Pearsons product-moment, Spearmans rank-order, the Lorenz curve,Gini coefcient, and receiver operating characteristic; and (v) Pearsons chi-squarewhichmeasures the difference between frequency distributions. Further, section (vi) deals with meas-ures of accuracystarting with probability theory (and Bernoulli trials), before covering thebinomial test (and its normal approximation), HosmerLemeshow statistic, and log-likelihoodmeasure.

Chapter 9 covers odds and ends that do not t neatly elsewhere, including: (i) descriptivemodelling techniques used for variable reductioncluster analysis (for records) and factoranalysis (for variables); (ii) forecasting toolsincluding transition matrices/Markov chainsand survival analysis; (iii) an explanation of some statistical conceptssuch as correlations,interactions, monotonicity, and normalisation; and (iv) basic scorecard development reportscharacteristic analysis, score distribution, and the new business strategy table.

Finally, there are issues relating to the minds and machines used to develop credit-scoringmodels. Chapter 10 covers: (i) people and projectsscorecard developers, external vendors/consultancies, internal resources, project team, and steering committee and (ii) softwareforscorecard development (which may be user-friendly, but have limited transparency and exi-bility), and applying the models and making decisions within the business (decision engines).

A polysyllabic overview

It might also help to briey describe some of the high-level terms used in this domain. As canbe seen from the above, it is impossible to keep the discussion monosyllabic, but most of thewords only just rival television in terms of the number of syllables.

Predictive/descriptive/forecastingDenes the models purpose. Predictivedevelopmodels that provide an estimate of a target variable (regression techniques, RPAs, NNs).Descriptivend patterns that describe the data, whether the records (cluster analysis)or the variables (factor analysis). Forecastingtools used for prediction at an aggregatedlevel, including movements between states (Markov chains/transition matrices) andmortality rates (survival analysis).

Parametric/non-parametricDenes whether the modelling technique or test makesassumptions about the data. Parametricmakes assumptions, such as a normal distribu-tion, linearity, homoscedasticity, and independence (linear regression, logistic regression,

xxxvi Module C Stats and maths

Module C Stats and maths xxxvii

DA). Non-parametricmakes no assumptions, and it is used where the parametricequivalent cannot be used (RPAs, AI).

Statistical, operations research, AIDenes the discipline where the technique originated.Statisticallinear regression, logistic regression, and RPAs. Operations researchlinearprogramming, and other methods used for resource allocation and logistics. AInewerapproaches, such as NNs, genetic algorithms, K-nearest neighbour, and machine learning.

Algorithmic/heuristicDenes the development procedure. Algorithmicdened by aformula, or set of steps (regression techniques, RPAs). It also applies to the use of strictpolicy rules in any part of the business process. Heuristicbased upon empirical dataanalysis, but uses trial and error, to come up with a result that has no explicit rationali-sation (NNs, genetic algorithms). The term also applies where expert judgement is usedto set rules of thumb or exible guidelines.

Deterministic/probabilisticDenes the level of certainty in the relationship.Deterministicoutcomes can be exactly determined using a formula/algorithm, which ismore often the case in hard sciences such as physics. Probabilisticdenite outcomescannot be determined, but probabilities can be derived (associated with stochasticprocesses and fuzzy logic).

Labels such as these are used in different environmentsnance, engineering, science, psy-chology, and so on, and the techniques that are appropriate in each will vary according to theproblem. Credit scores are developed using predictive models, which are usually parametric,statistical, algorithmic, probabiListic, regression models, used to represent a stochastic processwith a binary good/bad outcome. Non-parametric and heuristic AI techniques may also beused, but are not as widely accepted.

An apology must be made here! It is one thing to digest a single multi-syllable word, butquite something else to handle so many in quick succession. Hopefully though, these explana-tions will allow the reader a better understanding of the following chapters, and other litera-ture on the topic.

This page intentionally left blank

Module D Data!

Without data the modern commercial opportunities would be very limited. Data and information(and they are different from each other) are fundamental to the success of any business today andthey increasingly provide a commercial competitive edge.

McNab and Wynn (2003:17)

Decisions can only be as good as the information upon which they are based, which is whyspies, industrial espionage, and private investigators existalong with other under-handedways of trying to get the upper hand. Unfortunately, there is often a laxity about the data thatis gathered, which may be insufcient, of poor quality, or difcult to interpret. Poor intelli-gence has been the undoing of countries and companies, generals, CEOs, and others in highlycompetitive situations. Information is crucial!

Most literature on credit scoring focuses on the statistical methods used, and pays scantattention to data. Indeed, the starting pointand often more difcult taskis to ensure thatrelevant and reliable information is available for both scorecard development and businessprocesses where the scorecards are applied. This does not mean that the role statistical meth-ods play is less relevant; only that the cumulative organisational investment in obtaining andmanaging credit intelligence is greater. Indeed, data problems can result not only in nanciallosses, but also lost sleep and lost sanity.

Advances in technology since 1960 have signicantly increased the quantity and quality ofavailable credit intelligence, especially in terms of (i) the number of data sources; (ii) theamount of relevant information provided; and (iii) the ease with which it can be acquired,analysed, and summarised. There has also been a credit explosion in both developed anddeveloping economies, especially for people who did not previously qualify. This chapter cov-ers data in some detail, under the following headings:

(11) Data considerationsFactors that must be in place before a scorecard can be built,and issues relating to the characteristics used as predictors.

(12) Data sourcesDiscusses the types of information obtained from the customer, inter-nal systems, and the credit bureaux.

(13) Scoring structureLooks at scorecard customisation and hosting, data integration,and matching data from various sources.

(14) Information sharingDescribes the types of credit registries, the reason for theirexistence, how they operate, and what motivates or inhibits lender participation.

(15) Data preparationThe rst stage of the scorecard development process, coveringassembly, the good/bad denition, sample windows, and sample selection.

Chapter 11 looks at data considerationsstarting with (i) transparencya prerequisite forcredit scoring; (ii) data quantitydepth and breadth (including minimum requirements),issues around homogeneity/heterogeneity, and accessibility; (iii) data qualityrelevant,accurate, complete, current, and consistent; (iv) data designdata types (both statistical andpractical classications, as well as manipulation and special cases like missing data anddivision by zero), and form design issues for both categorical and numeric characteristics.

Nothing would be possible without data sources, which are the focus of Chapter 12: (i) cus-tomer suppliedincluding the application form and supporting documentation; (ii) internalsystemswhich provide both performance and predictors; (iii) credit bureau dataenquiries/searches, publicly available information, and shared performance; (iv) fraud warningsknown frauds, third-party data, and special information sharing arrangements; (v) bureauscoreswhich summarise available bureau data into propensity measures, especially risk;(vi) geographic indicatorsincluding geographic aggregates and lifestyle codes; and (vii) othermiscellaneous sources.

There are a lot of data issues that do not t neatly elsewhere, which are covered in Chapter 13under scoring structure: (i) customisationlooks at generic and bespoke scorecards, and fac-tors inuencing which is most appropriate; (ii) hostingwhether to execute the scorecard oninternal or external systems; (iii) data integrationwhich may be independent, discrete, orconsolidated; (iv) credit risk scoringlooks at customisation and integration for each stage inthe CRMC; and (v) matchingcovers issues on how records from various sources are linked.

Perhaps the greatest advances in credit risk assessment have come from lenders coopera-tion. Chapter 14 provides a broad view of information sharing: (i) credit registriespublicversus private registries (including which operate where, and why), and positive versus nega-tive data; and (ii) do I or dont I?principles of reciprocity governing such arrangements, andmotivators/inhibitors to participation.

Finally, Chapter 15 looks at data preparation, the rst real stage of the scorecard develop-ment process: (i) data acquisitionfor application data, bureau data, own current and pastdealings, performance data, and initial data assembly; (ii) the good/bad denitionwhich issplit into selection statuses and performance statuses, and also covers denition setting (con-sensus, prescribed, or empirical), and what a good/bad denition should be; (iii) observationand outcome windowsconsiderations when setting sampling windows, including maturity,censoring, and decay, especially for application and behavioural scoring; and (iv) sampledesigncovers sample types (training, holdout, recent, etc.), minimum and maximum samplesizes, and stratied random samples.

xl Module D Data!

Module E Scorecard development

If one has sufcient data and wishes to make a scoring model, the following objective helps: aimto make a model that has equal power but is simpler or more transparent than its alternatives.That is, instead of focussing on increasing power, which often leads to overtting, focus onsimplifying a well-known models structure or data inputs. This is a much more promising way toadd value, playing on the fact that most models are overt.

Falkenstein (2002:185)

One wonders if Mr. Falkenstein was aware that he effectively restated the centuries-old phi-losophy known as Ockhams Razor, or the principle of parsimony, according to which oftwo alternative explanations for the same phenomena [sic] the more complicated is likely tohave something wrong with it, and therefore, other things being equal, the more simple islikely to be correct.

William Ockham was a fourteenth-century philosopher, whose arguments causedAristotelian nominalism to triumph over Platonic realism, and who is associated with hisown brand of nominalism. He was also known for contesting the power of the papacy,outside of religious affairs.Collins English Dictionary, 21st Century Edition.

This was qualied by Albert Einstein, who commented, Everything should be as simple aspossible, but not simpler. These quotations are not just of passing interest, but highlight theneed for structure and simplicity, no matter what the endeavour. While this text might notseem to be sticking to that principle, it is at least making an effort.

Falkenstein et al. (2002:20) make reference to studies in economics, which have shownthat nave models consistently outperform more sophisticated alternatives, wherenave does not mean uninformed or arbitrary, but parsimonious and informed bytheory.

Philosophy aside, by this stage we are like a medical intern reporting for the rst emergencyroom rotationall the right training and equipment, but little practical experience beyondtelevision ER dramas. In the ideal world, one should be able to jump right in and assist, butmay freeze when the rst real-life trauma case arrives. Likewise, when developing models, a setof data and a statistical technique are not enough. One needs to know what to do with them,otherwise the results will be similar to the emergency room scenario above.

Let us recap briey. Module A sets the scene, covering economic theory and history. ModuleB views credit risk within the broader risk framework, issues with risk quantication, andassessment of business enterprises. Module C looks at statistical theory and scorecard devel-opment tools, which should assist when the more practical aspects of the scorecard develop-ment process are considered. And Module D covers data, including the data assembly process,required to provide the predictor and target variables (which is often the hard part; sampledesign and construction can take weeks, or even months). This section moves on to scorecarddevelopment, both: (i) milestones, where contact with the business is required and (ii) process,some of which requires no business input.

Milestones

Unfortunately, scorecard developers and project teams will never have a full view of the busi-ness. Just as a ships engineer relies upon information from the bridge, scorecard developersrely upon management for insights about the businesss past, and its proposed future.Questions have to be asked whenever inconsistencies arise, and assumptions must be docu-mented as part of the development. For this reason, the entire scorecard development processmust be as interactive as possible. Key milestones that should require presentations to, andpossibly approval from, company decision-makers, are

Start-upInitial meetings to determine responsibilities, project scope, possible datasources, and problems that may be encountered,

Data assemblyData sources and sample sizes, where appropriate,Good/bad denitionNot just good, bad, and indeterminate, but also any accounts that

are supposed to be excluded from the development,Scorecard splitsDetermine whether or not any groups need to be treated separately. Past

scorecard splits, and input from the business, provide the best starting point,Final scorecardsThe results of the development, including point scores associated with

the different attributes for each scorecard, and any validation that has been done,StrategiesDecision to be applied in each scenario, where scores are part of the scenarios.

These may be simple cut-offs, but are often more complex.

The nal deliverable is not just the scorecard and strategies, but also documentation coveringvarious aspects of the scorecard development process, including data sampling, scorecardsplits, characteristic analyses, statistical methods, scorecard validation, and the specicationsnecessary for implementation into the delivery systemwhether by hard coding (possiblyincluding the program code), or just modifying parameters.

Ultimately, the decision-makers will be most interested in scorecard implementation andstrategies, and the latter may change over time. At any point post-implementation, the score-card developer and project team may be brought back in, to ensure that the scorecards areworking to design, and to keep management apprised of scorecard effectiveness.

xlii Module E Scorecard development

Module E Scorecard development xliii

Scorecard Development Process

The development process involves more than just these milestones. This module assumes thatdata assembly is nished, and covers all aspects required to develop a scorecard, whether pre-sented to business or not. Much of it is conceptually difcult, but a skilled scorecard developercan work through it quite quickly. Unfortunately, there are a number of different ways inwhich scorecards can be developed, with a variety of factors inuencing the choices. The pri-mary inuences are (i) the amount of available data; (ii) the implementation platform; and (iii)available skills. It is impossible to cover all of the different possibilities, and many scorecarddevelopers will contestperhaps rightlywhat is being written here. Fortunately, this text isnot aiming for the lofty heights of a scientic treatise, but instead hopes to provide the readerwith some insight into the choices that are available.

The scorecard development process is illustrated in Figure E.1., which splits it into a full andsimple process, the latter being a recurring and time consuming sub-process. This module giveseach stage individual treatment:

(16) TransformationAnalyse available data and turn it into something useful, whichtraditionally involves (i) ne classing; (ii) coarse classing; and (iii) conversion.

(17) Characteristic selectionChoose candidates for consideration, which are predictive,logical, stable and available, compliant, customer related, and uncorrelated.

(18) SegmentationDetermine whether different scorecards are required, and how many.The split may be driven by market, customer, data, process, or model-t factors.

(19) Reject inferenceFor an application scoring development, or any model used todrive a selection process, performance of rejected accounts should be inferred.

(20) CalibrationUse of banding or scaling to ensure score results have the same meaningacross scorecards, and to provide default probabilities.

(21) Validation and deliveryTest for overtting and potential model instability usingholdout and recent samples, and prepare the scorecards for presentation to business.

(22) Development management issuesScheduling and streamlining of scorecarddevelopments.

The rst part of the development process is to put data into a usable form. Chapter 16 coverstransformation: (i) methodologiesboth univariate and bivariate, especially the lattersdummy variable and weight of evidence approaches; (ii) classingthe characteristic analysisreport, and binning of both categorical and numeric characteristics; (iii) use of statistical meas-uresincluding the chi-square statistic, Gini coefcient, and information value; (iv) poolingalgorithmsadjacent, non-adjacent, and monotone adjacent; and (v) some practical exam-plescourt judgements, industry, and occupation.

The number of variables at the start can be signicant, but can be reduced prior to startingthe development. Chapter 17 focuses on characteristic selection: (i) considerations forinclusionincluding signicance, correlation, available and stable, logical, compliant, andcustomer-related; (ii) measures of signicanceagain the chi-square statistic, Gini coefcient,and information value; (iii) data reduction methodsfactor analysis, correlation assessment,

or treat during training; and (iv) variable feedcovers stepping (forward, backward, and step-wise) and staging (independent and dependent).

Companies are used to splitting their customer base for marketing, and the same applies forcredit. Chapter 18 looks at the segmentation: (i) driversincluding marketing, customer, data,process, and model-t factors; (ii) identifying interactionswhether through manual review oruse of an RPA; and (iii) addressing interactionsuse of scorecard splits and identifying whichis best.

With any selection process, there will be discarded cases that might have yielded decentresults had they been kept. In credit scoring, reject inference is used to guess what rejectsperformance would have been, had they been accepted. Chapter 19 covers the topic, including:(i) why reject inference?the logic behind it, intermediate model types (known good/badand accept/reject), and the potential benets (or lack thereof); (ii) population owsa toolfor assessing changes to the frequency distribution; (iii) performance manipulation toolsincluding reweighting, reclassication, and parcelling; (iv) special categoriespolicy rejects,not-taken-ups, indeterminates, and limit increases; and (v) reject inference methodologiesrandom supplementation, augmentation, extrapolation, cohort performance, and bivariateinference.

There is no specic section covering training, as most of the concepts are covered elsewhere.Thus, Chapter 20 moves on to calibration: (i) banding into groupsincluding use of theCalinskiHarabasz statistic, benchmarking, and marginal risk boundaries; (ii) linear shift andscalingminor changes to ensure scores from different scorecards have the same meaning,

xliv Module E Scorecard development

Priorstage

Variabletransformation and

selection

Developmodel

Logical/sufficient?

Next stage

YN

Reject inference

Segmentation analysis

Training

Delivery

Sample w/good/bad flag

Full process Simple model

Validation

Data transformation

Calibration

Characteristic selection

Figure E.1. Scorecard development process

Module E Scorecard development xlv

conversion into numbers that can be better used by business (and some of the featuresrequired), and a possible method of achieving it using linear programming.

Checks and balances are required not only immediately after the development, but alsoongoing thereafter. Chapter 21 covers validation, which, for the most part, uses Basel II frame-works: quantitative (conceptual soundness) and qualitative (predictive power, explanatoryaccuracy, stability) factors; expected loss parameters (PD, EAD, LGD, and M); and processcomponents (data, estimation, application, and mapping). The chapter itself focuses primarilyon (i) actionsreview of developmental evidence (including scorecard presentation), ongoingvalidation, and backtesting (including analysis of score shifts); and (ii) disparate impactwhich looks more specically at American anti-discrimination requirements.

Finally, a couple of scorecard development management issues are covered in Chapter 22:(i) scheduling, emphasis must be put on getting value for effort spent; and (ii) streamlining,piggybacking on what has been done before, to speed development.

This page intentionally left blank

Module F Implementation and use

There are three important systems and programming issues that relate to credit-scoring projects(1) scorecard installation, (2) connectivity with credit information, and (3) once the scoringprocess has been completed, scorecard tracking.

Wiklund (2004)

It is now assumed that there are one or more scorecards, and this module moves on to theirimplementation and use within the business. Much of it follows the outline provided byWiklund (2004), but other issues are also covered. It is split into four sections.

(23) ImplementationIssues for greeneld developments when scoring is rst used, andimmediate issues relating to data, resources, and migration for brownelds.

(24) Overrides, referrals, and controlsChecks and balances, used to ensure that thescores are used appropriately, and effectively.

(25) MonitoringReports used to track what is happening within the business, for bothfront-end and back-end reporting.

(26) FinanceTools used to estimate and provide for losses, and others that allow lendersto focus upon protability, including the use of risk-based pricing.

Chapter 23 looks at scorecard implementation, both: (i) decision automationhigh-level con-siderations (especially for greeneld developments), relating to the level of automation,responsibility, employee communications, and customer education (including decline reasonsand the appeals process) and (ii) implementation and testingincluding data, resources, andmigration issues, and testing actual versus expected for scorecard and strategy parameters,and for operational drift.

Credit scoring is not perfect, and issues may arise because of rare but severe events, data evo-lution, and known scorecard weaknessesespecially when there is information not captured bythe system. Chapter 24 looks at overrides, referrals, and controls: (i) policy rulesand instanceswhere rules should be used instead of scores; (ii) overridessubjective intervention, both high-and low-score; (iii) referralsverication (documentation/security procedures, fraud suspiciontriggers, account conditions); and (iv) controlsincluding the playing eld (risks that may arise,and tools that can be used to protect against them), and scorecard/strategy and override controls.

A control that receives separate treatment is monitoring, covered in Chapter 25: (i) portfolioanalysisincluding delinquency distribution and transition matrix reports; (ii) performancetrackingscorecard performance, vintage/cohort analysis (and new-account, life-cycle, andportfolio effects), and score misalignment reports; (iii) drift reportingincluding population

stability, score shifts, and characteristic analysis by booking rates; (iv) selection processdecision process (track applications through the process), score distribution by system or naldecision, policy rules (and how they have affected the decision), and manual overrides (by rea-son code and by their inuence on the nal decision).

Finally, Chapter 26 covers reports required by the nance function: (i) loss provisioningthe distinction between general and specic provisions, and types of approaches; (ii) direct esti-mationusing the net-ow method or transition matrices; (iii) component approacheswhich split the problem into loss probability and loss severity; (iv) scoring for protincludingprot drivers, prot-based cut-offs, and prot modelling approaches; and (v) risk-basedpricingmechanics and implementation, behavioural changes, strategic issues, and how itaffects customers (especially higher-risk borrowers increased use of home loans to nanceconsumption).

For those familiar with scoring, it might seem as though strategy setting has been over-looked. The basics are covered in Module A (Section 3.2.1, Process and Strategy) and Module B(Chapter 5, Decision Science), while this module covers some of the more sophisticatedapproaches (Section 26.4, Scoring for Prot; and Section 26.5, Risk-Based Pricing).

xlviii Module F Implementation and use

Module G Credit risk management cycle

When written in Chinese the word crisis is composed to two characters. One represents danger,and the other represents opportunity.

John F. Kennedy (19171963)

Companies evolve, so it is no surprise that the terms organism and organisation have thesame root. The concepts differ, only in that one is the product of nature, and the other theproduct of men. Organisms have to worry about nourishment, reproduction, and predators,while organisations must compete for resources, attract customers, and control a myriad ofrisks. This applies to all for prot entities (and others), including banks, nance houses, creditcard issuers, retailers, and other consumer-credit providers. These companies are uniquethough, in that there are well-dened stages, collectively referred to as the credit risk manage-ment cycle (CRMC), where risks peculiar to the industry are managed. Essentially, this is anaccount management cycle, from the day it is a glimmer in the lenders eye, until it passesthrough to its grave. In the 1960s, scoring was associated with just one part of this cycle (new-business application processing), but it is now being applied throughout.

The CRMC is not to be confused with other concepts related to the economic cycle: (i) credit cycle, the expansion and contraction of credit and (ii) the credit risk cycle,changes in overall credit quality.

Before these stages are considered, a brief review of basic marketing is in order. Textbooks putforward basic frameworks, like the marketing mix, or 5 Ps, which can be used to dene anymarket offering:

ProductThe good or service being offered.PackageProduct presentation, including packaging materials and labelling.PricePositioning, in terms of luxury, mass, or somewhere in between.PromotionCommunications, to prompt the products purchase by the market.PlaceDistribution channel(s), used to deliver the product.

The framework is general, and applies primarily to consumer goods, such as toothpaste,automobiles, perfumes, or fashion denims. The goods on offer are picked off the shelf, and paidfor at the checkout counter, no questions asked. If the buyer instead wants to buy now, paylater, there are other risks, other processes, other costs, and other questions that must be asked.These may vary, depending upon whether lending is the companys primary business (bank,nance house, or card issuer), or a secondary activity used to support sales (retailer, motor

dealer/manufacturer, utility or service provider). In either case, providing credit adds anotherdimensiona cycle that also has promotion and distribution aspects, but extends further intoan ongoing service relationship dedicated to the money, as opposed to what is being purchased.

For retail credit, McNab and Wynn (2003)1 split the CRMC into ve stages: marketing,application processing, account management, collections, and recoveries. Marketing andrecoveries can be further split to create seven operations, as shown in Figure G.1.

SegmentationIdenties customers to be targeted, their needs, and appropriate products.SolicitationDesigns and executes marketing campaigns, used to invite potential

customers to do business.AcquisitionNew-business processing, which obtains and processes applications, delivers

the goods if they are accepted, and handles communications and queries if not.ManagementFunctions required during normal account operations, especially limit

management, but also handling repayments, billing, queries, billing, and others.CollectionsFocuses on early-stage delinquencies, and on maintaining the customer

relationship.TracingAttempts to nd and contact absconders, who move without providing a change

of address or other contact details.RehabilitationDeals with late-stage delinquencies, to get the money back (or as much as

possible), which may lead to legal action and/or loss of the customer relationship.

In corporate credit, risk transfer is treated as a separate stage. In retail credit, it is done atportfolio level, and could be done as part of account acquisition, management, collections, orrecoveries, whether through insurance, securitisation, hedging, or outright sale of assets.

Credit risk management function

All of the decisions made during the CRMC have an impact upon risk, and many lenders willhave a specialist area that works with various business units to manage it. This credit risk

l Module G Credit risk management cycle

Figure G.1. Credit risk management cycle.

Segmentation

Managem

ent

Acquisition

Solicitation

Rehabilitatio

nTr

acingC

olle

ctio

ns

1 This section is borrows heavily from McNab and Wynn (2000 and 2003), and from associations with HelenMcNab and Scoreplus Ltd.

management area would perform functions like (i) working with marketing on setting eligi-bility criteria for new products (whether for through-the-door or pre-approved customers),identication of prospective customers, new product pricing, package eligibility, and so on; (ii)setting new business strategies, and policies for application processingincluding cut-offs andlimits, pricing, and repayment terms at different levels of risk; (iii) setting account-manage-ment strategies, for limit increases and authorisations; and (iv) setting collections policies andstrategies. It may also provide a decision support function and decision toolsthe modelsand software required to calculate scores and apply strategies and policies, as well as monitorwhat happens, and make changes as required.

Other business functions

While not directly related to credit risk management, there are several other areas with whichthe credit function must interact:

Compliance/legalEnsures that no laws, statutes, or regulations are broken. This is par-ticularly important in areas of illegal discrimination, data protection, and know yourcustomer legislation.

IT/systemsEnsures the smooth operation of mainframe and networked computers, andcommunications used to perform functions across the business. At one time, the riskmanagement and other functions were highly dependent upon them, but this changed ascomputers became cheaper and smallerminis, PCs, notebooks, etc.

Management informationRequired to manage and understand customer behaviour,and to report information from across the organisation to the company executive, andothers. This may be a part of the IT function, but most companies have split it offseparately.

Accounting, nance, planning, and auditOther functions within the company that areresponsible for accounting, understanding protability, setting high-level strategies, andensuring that the results are understood.

The matrix

The CRMC is widely referred to within the retail lending industry. Indeed, it applies to almostany credit product or market, and is used as a conceptual framework when positioning dis-cussions about problem areas within the business, especially when combined with the keyprocess components: (i) datafor analysis, modelling, and reporting; (ii) systemsfor gather-ing data and delivering products and decisions; (iii) modelsfor representing risk, revenue,retention, and response; (iv) strategyfor rule-sets that leverage upon data, by using modelsand policies to drive decision-making; (v) analyticsfor manual review of summary statisticsto turn data into knowledge; and (vi) reportingfor monitoring results to ensure that all runs

Module G Credit risk management cycle li

according to plan. This is by no means the full set; there are entire departments whose namescould be listed across the top. Two others that have a direct interest in risk are

FraudPrevents fraud when it can; identies fraud when it happens; and brings in the lawenforcement agencies when necessary.

Risk managementConsiders all risks, where credit risk is only one of them. Ultimately,business targets must be met, while keeping risks at acceptable levels.

These are then presented in a matrix, such as that in Table G.1., which indicates an analyticsissue in account management.

This module

The above section provided a broad overview of many functions that must be performed byany credit provider. The module itself is split out into ve sections, each of which gives certainaspects of the CRMC individual treatment, in particular,

(27) MarketingAdvertising media, quality versus quantity, pre-screening, and data used.(28) Application processingOperations of selection processes: gather, sort, and action.(29) Account managementTakers, askers, givers, repeaters, and leavers.(30) Collections and recoveriesDefault reasons and recovery processes, triggers and

strategies.(31) FraudTrends, types, and tools.

All of these are becoming increasingly dependent upon statistically derived models, and deci-sion automation, to drive their business processes. Fraud is really an operational risk, whichdoes not really belong in this group, but must be considered across the CRMC.

Marketing is the tout responsible for identifying and attracting prospective customers,which is covered in Chapter 27: (i) advertising mediawhich can be dened as broad-basedor personal, or as print, tele-, cyber, or person-to-person, with a focus on maximising the bang

lii Module G Credit risk management cycle

Table G.1. CRMC versus process componentsdiscussion matrix

Function Component

Data Systems Models Strategy Analytics Reporting

MarketingApplication processingAccount management CollectionsRecoveries

per buck; (ii) quantity versus qualitya conict that arises between marketing as credit, andwhich affects processes ability to cope; (iii) pre-screeningwhich involves list scrubbing anduse of other metrics to target customers (the 4 Rs); and (iv) dataincluding types of data, andits assembly into a data mart.

Application processing is the gatekeeper for through-the-door customers, covered inChapter 28. It is treated using headings that would apply to any selection process: (i) gatheracquisition and preparation of completed forms; (ii) sortobtain the necessary information,use it to provide an assessment, and then make a decision; (iii) actioncommunicate thedecision and carry out the required actions, and exploit opportunities for up-sells, down-sells,cross-sells, approval in principle, and credit insurance.

Chapter 29 moves on to account management, the bartender who ensures existing cus-tomers needs are served. While it includes a range of functions, including billing and paymentprocessing, here it relates primarily to limit management: (i) types of limitsagreed, shadow,and target limits (along with brief mention of debt counselling services relating to cash-owtriage); (ii) over-limit managementto deal with those who take without asking, includingpay/no pay decisions for cheque accounts and authorisations for credit cards, and theinformed customer effect (customers facing equally bad choices will choose that which is bestunderstood); and (iv) more limit and other functionsincluding limit increase requests, limitincrease campaigns, limit reviews, cross-sales, and win-back campaigns.

Collections and recoveries are the heavies, who deal with problematic customers and guardthe back door. Collections play the good cop, who tries to put the customer on the right track.In contrast, recoveries play the bad cop, whose only interest is in getting the money back.Chapter 30 is split into (i) overviewdelinquency reasons, underlying processes, core systemrequirements, and agencies; (ii) triggers and strategieswhere triggers include excesses, missedpayments, and dishonours, and strategies can vary by message tone, content, delivery, timing,and extent; (iii) scoringspecial issues relating to denitions, time frames, and usage.

Finally, Chapter 31 looks at fraud, the town detective who deals with cheating customers.This area has always been challenging, and modern technology is making it even more so.After highlighting fraud trends, the chapter moves on to (i) fraud typessplit by product, rela-tionship (rst-, second-, or third-party), process (application, transaction), timing (short orlong term), misrepresentation (embellishment, identify theft, fabrication), acquisition (lost orstolen, not received, skimming), usage (counterfeit, not present, altered), and technology(ATM, Internet); (ii) detection toolsnegative les, shared databases, rule-based verication,scoring, and pattern detection; (iii) prevention strategiesfor the application process, transac-tion media, and account management; and (iv) scoringits usage for both application andtransaction fraud. Of particular note, is that fraudsters modus operandi are quick to counterlenders moves, and to seek and exploit new opportunities. In recent years, this has been bestevidenced by the growth of card-not-present fraud, especially for Internet transactions.

Module G Credit risk management cycle liii

This page intentionally left blank

Module H Regulatory environment

The years since the 1960s have been characterised by increasing regulation of nancialinstitutions. This has impacted on credit scoring, either promoting it or controlling its use.This module looks at the various types of legislation, and their impact. Rather than coveringthe legal environment in one particular country though, the goal is to provide a framework, orframeworks, within which the regulations can be analysed.

The module is split out into six sections, a conceptual overview followed by ve separatesections each covering a regulatory pillar that directly affects the provision of consumer credit,and the use of credit scoring:

(32) Regulatory conceptsBest practice, good governance, business ethics, social respon-sibility, and the compliance hierarchy of statutes, legal precedents, industry codes,policies and procedures, and unwritten codes.

(33) Anti-discriminationCovers what information may be used in a lending decision,and prohibits the use of elds that are discriminatory (race, religion, etc.), or anyinformation relating to parties other than the prospective borrower.

(34) Fair lendingEnsures that lenders take adequate steps, to ensure that borrowers canafford the loan repayments, and that the terms are fair in the circumstances.

(35) Data privacyGoverns the sharing of data between lenders, what may be kept oncredit bureau, what must be divulged to customers, and so on.

(36) Capital adequacyFocuses primarily on the New Bas