As financial and telecom industries move from reactive to predictive risk models, insights from architects of these systems become critical for navigating the transition.
The financial and telecommunications industries are undergoing a fundamental transformation in how they manage risk. Traditionally a reactive discipline, credit risk management is increasingly shifting toward a proactive model powered by predictive analytics and artificial intelligence.
This evolution allows organizations to anticipate and mitigate potential losses before they materialize, moving beyond historical data to forecast future customer behavior. With over 19 years of experience in information technology and risk, Surbhi Gupta has been at the forefront of designing these sophisticated frameworks.
Her work at major corporations like Morgan Stanley and T-Mobile demonstrates a deep expertise in building scalable, enterprise-grade solutions that identify and address risk at its earliest stages. Gupta's insights reflect a broader industry trend toward leveraging data not just to respond to delinquencies, but to prevent them altogether.
From Resistance to Results
Implementing proactive risk management frameworks often faces significant internal resistance. Decision-makers may be hesitant to adopt new assessment protocols, fearing the process will be time-consuming or expose previously hidden vulnerabilities. According to Gupta, this was a primary challenge in the early stages of her work.
“Initially, it was very difficult to get the risk assessment done as owners were not ready to take the assessment due to the time it took and fearing it might open a can of worms in front of their senior management,” she explains.
To navigate this, her team developed an automated framework that integrated directly with asset management tools. This approach aligns with the understanding that the transition from traditional to predictive credit risk assessment is a fundamental paradigm shift that requires careful management.
The results of this proactive approach demonstrated clear value over time. “Over a period of time, we were able to show a reduction in risk by almost 5% per quarter on average per asset, even though new vulnerabilities would pop up, but they were timely noticed due to proactive decision-making,” Gupta notes. Successful implementation relies on effective change management strategies to build organizational resilience and secure buy-in for new, forward-looking processes.
Designing For Enterprise Scale
The true test of a risk framework is its ability to scale across a large, complex organization. A system that works for one asset class must be adaptable enough to provide a holistic view of risk across an entire enterprise. Gupta’s work at Morgan Stanley began with a targeted scope but quickly expanded.
“During my tenure at Morgan Stanley, my initial scope was assessment of risk only for the applications, but after two quarters of Proactive assessment completion, there was a significant opportunity to cover other assets as well,” she says. This expansion is reflective of a broader need for a Digital Integration Hub, an architectural pattern that centralizes data from disparate sources into a high-performance layer.
The expanded framework eventually provided a comprehensive risk overview. “This effort ultimately led to covering 3000+ assets across different asset classes across Morgan Stanley,” Gupta states. Such an achievement highlights the benefits of centralizing financial and non-financial data on a single platform for real-time analysis, which empowers leadership with a unified view of organizational risk.
Navigating Technical and Organizational Hurdles
Building a comprehensive risk model at an enterprise level introduces significant challenges, both in the technical architecture and the organizational data structure. For Gupta, one of the primary technical hurdles was creating a versatile scoring logic. “The goal was to develop a scoring model that would cater to almost 95% assets falling in the same asset class, and ensure that redundant data, even if pulled, does not impact the score,” she says.
This complexity is often compounded by the need to integrate with legacy systems, a common challenge in large financial institutions. A phased approach, sometimes called the “Strangler-Fig pattern,” can help manage this by gradually replacing old modules with new microservices. On the organizational side, inconsistent data classification posed another obstacle.
“Morgan, being such a large-scale enterprise, all the assets were not marked in the correct classes, which was impacting the initial inherent risk,” Gupta explains. The complexity of integrating with legacy systems often reveals such data inconsistencies, requiring careful planning to ensure the integrity of the risk assessment framework.
Linking Experience to Future Innovation
Foundational experience in one domain often provides the crucial insights needed to innovate in another. Gupta's work in enterprise risk at Morgan Stanley directly influenced her later development of behavioral scoring systems at T-Mobile, particularly in understanding data security and the early indicators of risk.
“My experience at Morgan Stanley was a first-hand experience of what risk actually meant and what could be the potential consequences for firms that have a lot of PII of their customers, and securing the system from threats,” she reflects. This perspective is vital in telecommunications, where providers can predict delinquency by analyzing changes in customer behavior, such as payment patterns or service usage.
This understanding allowed her to think proactively about mitigating potential issues. “Not only was I enlightened towards data security, but also what should be potential attributes that can lead to risk, which can be mitigated at an early stage,” Gupta adds. This aligns with modern strategies that use behavioral data—such as transaction history and device usage—to improve credit risk decisions for applicants who may have limited credit files.
Proactively Identifying At-risk Customers.
Predictive modeling allows companies to identify high-risk customers before they become delinquent. The framework Gupta helped develop at T-Mobile synthesizes numerous data points to create a comprehensive, real-time risk profile for each customer, whether new or existing.
For a new customer, the system leverages external data sources extensively. “We are currently tied up with 19 bureaus to get [their] previous credit history, delinquency history, and other factors attributing to [their] line limit and eligibility limit,” Gupta explains. Incorporating alternative credit data has been shown to significantly increase loan approvals while simultaneously reducing risk.
For existing customers, internal data provides a powerful predictive tool. Gupta notes, “If there's an existing customer whose previous behavior score has not been good, the loan/lease limit, along with the credit line, will be significantly impacted.” Financial institutions that implement systems using alternative data have seen an average improvement of 31.7% in default prediction accuracy compared to traditional models.
Adapting Models to Dynamic Conditions
A predictive model is only as effective as its ability to adapt to a constantly changing environment. Customer behavior, market conditions, new product launches, and evolving regulations all necessitate continuous updates to scoring models to ensure their relevance and accuracy.
Gupta emphasizes that these models are far from static. “These predictive models are regularly updated and enhanced to cover many factors, including new product launches, Deepfraud’s involvement with AI, and customers adopting more services,” she states. This dynamic approach is essential, as evidenced by companies like Sunrise, a Swiss telecom provider that implemented an AI-powered credit risk scoring solution to optimize its real-time decision-making.
The criteria for adjusting these models are extensive and responsive to real-world events. “The exclusion criteria change above are a few of the many listed criteria that are responsible for frequent changes in the Strategies for Scoring model,” she adds. In fact, institutions using continuous credit monitoring systems report a significant reduction in loan defaults compared to those relying on traditional, static assessments.
The Outcome of a Predictive Discipline
Shifting from a reactive to a predictive discipline yields tangible benefits that extend beyond simply identifying risk. It strengthens an organization's security posture, protects customer data, and directly impacts the bottom line by preventing revenue loss.
“With proactive risk management, the chances of possible risks are reduced,” Gupta states simply. This vulnerability reduction is a critical outcome. Research shows that machine learning models can achieve significantly higher accuracy in default prediction, with ROC AUC scores of 0.80-0.90, compared to the 0.65-0.75 typical for traditional credit bureau scores.
The financial impact is equally important. As Gupta notes, “The system is less vulnerable to attacks, customer data is more secure, and it also helps in saving revenue by reducing bad debt from the market.” Calculating the return on investment of a proactive system involves measuring the reduction in bad debt against the cost per loan, demonstrating a clear financial case for early intervention.
The Future of Credit Risk Management
The rapid evolution of artificial intelligence presents both immense opportunities and new challenges for the future of credit risk management. AI offers powerful tools for building sophisticated predictive models, but it also creates new avenues for sophisticated fraud.
“With the rapid adoption of AI, credit risk management is sitting on a two-edged sword. AI is proving to be a great help in the generation of futuristic models based on data analytics and automated anomaly detection,” says Gupta. Studies on the adoption of artificial intelligence in banking confirm its significant role in enhancing credit risk assessment.
However, the same technology can be exploited. “But at the same time, more deep-frauds are happening as identity theft is increasing, and identity can easily be mimicked using AI tools, which can lead to malpractices,” she warns. To counter this, some are exploring how to integrate AI with blockchain to create more secure and transparent systems for fraud detection.
The move toward proactive, predictive risk management represents a critical evolution for any organization handling credit and customer data. This shift, driven by advanced analytics and AI, enables businesses to not only protect their assets but also to build more resilient and secure operational frameworks.
As this trend continues, the experience of those who have architected these complex systems will be invaluable in navigating the challenges and opportunities that lie ahead.