What Romania’s Hospital Cyber Attack Teaches...
Cyber attacks can create immediate operational disruption, particularly when critical services depend on connected systems and third-party technology providers. This...
Read MoreI’m Natasha Cummings, and I work as a Risk and Fraud Specialist at AJC. My work focuses mainly on fraud and risk prevention, compliance, and supporting clients within the payments space, including payment organisations and merchants.
I have over 25 years of experience in the sector, and during that time I have learnt that fraud is not industry specific. Every industry encounters fraud in some form, and each organisation needs to understand its own risks, processes and areas of exposure.
At AJC, I support clients across a variety of projects, drawing on my experience in fraud, risk, chargebacks, compliance and merchant monitoring. My role can vary significantly depending on the client, the nature of the engagement and the support required.
My day-to-day duties are dependent on the client, the engagement and the requirements of the project.
On one day, I might be researching a particular topic and drafting reports. On another, I could be undertaking an audit in conjunction with card scheme compliance, supporting a high-risk merchant, or helping a client review and strengthen their internal fraud monitoring approach.
I also have experience in mentoring graduates and helping them enhance their skills and knowledge across different areas of fraud. This can include supporting them to understand the wider fraud landscape, as well as helping them develop confidence in using and reviewing internal fraud monitoring systems.
What I enjoy about the role is the variety. No two clients are exactly the same, and no two projects are exactly the same. Each engagement brings a different set of risks, challenges and requirements, which means the work is always interesting.
At AJC, I help clients across a wide range of fraud, risk and compliance areas.
This can include VARS and VIRP audits, chargeback support, remediation activity, managed services, merchant portfolio reviews, ongoing and persistent monitoring, and reviews of policies, processes and procedures.
I also support research into a variety of potential business areas, helping clients understand risk, compliance requirements and practical considerations before they move forward.
High-risk merchants often need additional support because the risk profile can be more complex. We help clients understand the difference in risk when onboarding merchants that are deemed high risk by the card schemes. These merchants usually require enhanced due diligence at the initial stage, followed by more thorough ongoing and persistent monitoring.
A key part of my work is helping clients look at their fraud risk in a practical way. Fraud can affect businesses in any sector, but the way it presents itself will vary depending on the organisation, the customers it serves, the systems it uses and the controls it has in place.
Another common area is understanding the difference between what the card schemes define as high risk and the other types of risk that can affect a business. For example, merchants offering products or services with long lead times, such as furniture or holidays, can present additional exposure. There may be a risk of services not being received, bookings being cancelled, or a company going into liquidation before the customer receives what they have paid for.
That is why it is important to understand the detail. Good fraud prevention is not just about having a policy or a monitoring system. It is about knowing how those controls work in practice, where gaps may exist, and how processes can be strengthened.
I think clients value the fact that we have hands-on, lived experience. They soon realise that working with us is not a tick-box exercise. We have been in their position, we understand the challenges first hand, and we adapt to what they need rather than taking a cookie-cutter consultancy approach.
My route into fraud was not planned.
I originally trained as a nursery nurse and nanny, but I realised that was not the career direction I wanted to progress in. I then applied for a job without fully understanding what the position involved. It turned out to be a role in the call centre customer service department for a credit card company.
Within eight months, I had progressed into their chargeback and fraud team, and I have never looked back.
Since then, I have worked across the whole fraud cycle, including issuing, acquiring and working directly for merchants. I have worked in gaming, insurance, high-risk environments, large corporate organisations and start-up companies, including joining one business at pre-launch to help set up its fraud team.
I have also worked as the only British employee for an American company, which gave me experience of working across different cultures, expectations and ways of operating.
I joined AJC six years ago, and my work here has allowed me to use the breadth of that experience across a wide range of clients and projects.
Fraud is always evolving. Once one loophole is closed, several more can open, which is one of the reasons I have stayed in the industry for so long. It continues to challenge me and keeps me on my toes. When I first started, people outside the industry often assumed I worked for the police because they did not realise companies had their own fraud teams. Awareness has increased significantly since then. Fraud has also expanded alongside data protection and cyber security, and it is now clear that fraud is vast and not one-dimensional.
One of the things I have enjoyed most about working with AJC is the vast assortment of clients and consultants I have had the opportunity to work with.
I have learnt so much, not only about the work itself, but also about myself. When I first joined AJC, I experienced imposter syndrome because of some of the other names involved and the level of expertise around me. Over time, I have learned that I do know my stuff, and that my experience speaks for itself.
It has also been very rewarding when people from within the sector have said they have learnt from me. That means a lot, particularly in an industry where experience and practical knowledge are so important.
We have also had returning clients ask to work with me again on their next project, which is one of the biggest compliments I could receive.
One project I am especially proud of involved supporting an overseas bank that wanted to gain its high-risk licence so it could diversify its portfolio. Without naming the client, the bank went on to become one of the first in its region to obtain this licence and has since spoken as a subject matter expert at industry events.
Outside of work, I have a real love for music, comedy gigs and live productions.
I have appeared on Top of the Pops twice, and I have also been in the audience for Take Me Out and The Last Leg. I am still holding out hope for tickets to Taskmaster, as it is my favourite programme to watch. It is filled with ridiculous joy, and I enjoy watching Greg Davies.
I also enjoy spending time with my friends, whether that is at music quizzes or looking after their dogs, as I cannot have my own.
Fraud risk and compliance can be complex, particularly for businesses operating in the payments space or working with merchants, card scheme requirements, chargebacks or high-risk environments.
At AJC, I help clients understand their risks, review their processes and identify practical steps to strengthen their approach to fraud prevention, compliance and monitoring.
If your business is looking for expert support from someone with experience across multiple industries and many different areas of fraud risk, AJC can help.
If you would like to find out more about how AJC can help, you can get in touch via our contact page or contact me directly at natasha.cummings@ajollyconsulting.co.uk
Cyber attacks can create immediate operational disruption, particularly when critical services depend on connected systems and third-party technology providers. This...
Read MoreOlder iPhone models have been found to contain a hardware-level security flaw that cannot be fully resolved through a standard...
Read MoreAI-enabled fraud is making social engineering, impersonation and account takeover attempts more convincing, scalable and difficult to detect. This article...
Read More