Many conversations in the KYC + Risk space for the last ~decade asked a familiar question: what is your orchestration platform? And then familiar follow-ups: where do you orchestrate and in what order? Our problem with these questions is they do not lead to meaningful results. They’re simple checkboxes. Or questions to minimize onboarding costs (in a vacuum) by gamifying when data sources are called.
What is more salient is what those questions are not. They don’t ask how risk platforms can become more dynamic. How a system can treat each applicant in a fluid nature—assessing their risk in real-time to determine how to proceed. We want to replace those original discussions with better questions from companies: what data sources can we collect, and what options do we have to monitor risk?
This is why we believe orchestration is dead. Not because the practice won’t continue to happen. It will. But in the background. This doesn't mean we are stripping away tools for risk officers and product leaders. Rather, we're abstracting away what we thought was unnecessary complexity in other tools. So that they can spend more time on the things that matter. Once you can trust that your vendor will waterfall correctly to match an ID, you can begin to focus on other priorities. Instead of spending time on that original orchestration, you can determine when to step-up a user to a document scan or how to write better decision rules based on behavioral fraud signals.
As fraud vectors shift, orchestration shifts from a pre-determined order to an evolving set of decision-making. Because bad actors do not just commit fraud in one moment. This is why systems must be dynamic to assess risk through a user lifetime in an application. Risk officers need a dashboard that can give them tools to interact with users and possible threat vectors over time. Not a static orchestration airplane cockpit for pre-determined rules for every onboarding.
The Footprint rules engine was designed philosophically differently. We ask companies what information they will collect, what risk signals they think should require a step-up, what cases should always be manually reviewed, and which additional fraud tools they wish to enable. We then automate the rest. No more picking your waterfall order. Because candidly--a waterfall is too dynamic to have just one order. If someone has a single-letter surname, there is only one database they will match.
It is magical each time we walk a tenant through setting up Footprint when they ask about how they orchestrate. We reply that there is no need. Footprint does it automatically. Instead of writing waterfall rules, we empower product leaders in fraud and risk to spend time looking at potentially duplicate accounts, anomalous onboarding statistics, and behavioral signals so that they can backtest different risk-engine rules. Orchestration implies that risk is a moment in time. The Footprint rules engine looks at risk across time.