Wednesday, July 29, 2009

This summer is about digital goods

"Bogdan Ghirda is paid £70 a month to do what most bosses would fire him for. From the moment he arrives at work he plays computer games on the internet."
(From the 2005 Observer article, "Virtual sweatshop")

Gold farmers didn't invent digital goods, though they've been around for quite a long time. People are not only buying MMO money - the market has expanded. What started as a black secondary market for harvested goods soon became a profitable channel for gaming companies that make their money - surprise surprise - based on the interface of your all-favorite social networks. Yes, while Facebook is struggling for monetization, companies like Zynga make hundreds of millions of dollars by running social games that are multi player, asynchronous, and let you buy any type of addition, from "special powers" for your vampires to "new clothing" for your soccer team.

You gotta love this culture. Honestly, it's amazing to see the thought, time and money invested in these games. There are numerous trends in this area, attracting more and more talented people who feel the buzz and want to take their share. And as they advance in creativity, these games move to main stream social network users but continue to evolve in the complexity they provide and the story they allow you to tell.

With them, obviously, come the fraudsters. In an industry so used to checking physical shipping destinations (via AVS) and managing proofs of shipment as a tool for dispute resolution between sellers and buyers, how do you deal with instantly delivered, non tangible goods where quality is sometimes purely in the eye of the beholder? In addition, fraudsters looking to steal digital goods are usually a mixture of sophisticated internet users and kids using their parents' money, sometimes referred to as "friendly fraud". So, if you're in the Risk business, mobile payments or into social networking in general, expect a pretty hot summer in everything digital, with fierce behind-the-scenes competition and major losses to fraud. I am looking forward to seeing which will be the winner in this field - is Paypal stirring something up with the new API, are small players like going to lead or is Facebook going to make its debut in payments supporting the tidal wave of social gaming on its site? The coming months will tell...

Saturday, July 25, 2009

Who do I get on board? The skill vs. experience dilemma

One interesting tension I noticed in complex Risk management organizations is apparent in job descriptions: the big difference in relying on experience vs. skills. Makes sense - when building a team, in most cases you're looking for the seasoned professional that can hit the ground running and scale to meet expectations in no time, while leaving time to hire inexperienced, cheap recruits further down the road.

I'm not underestimating experience and this is not another plea to let these talented young people run the business. However, there are some caveats to focusing on experience only:
  • Experienced people bring their past, for better or for worse. Yes, they are experienced, but they are also very dependant on what worked for them in the past, whether it matches your new org or it doesn't. You get less flexibility when you hire for experience only. So, when you do, look for someone with the right experience and, sometimes, acknowledge that there is no-one with the right experience, because your business is that unique -and you need to promote someone from inside the org with a fresh view.
  • Experienced people bring their ego and know-how to the table. Put a few of these in the same room, and what do you get? Endless discussion, much less agreement. When you're hiring for experience, make sure you hire a group that's not too heterogeneous.
  • Experienced people tend to hire people from the same school o thought. How do you refrain from groupthink? Well, understand this and you've got a cornerstone for top performing teams. You need to make sure your experts are sometimes out of their comfort zones, because if they're not, you'll get a replication of their old work place.
  • Finally, experienced people underestimate formal training in the work place. Why? Because they've seen it all. Not having a decent training program (very common practice in the hi-tech industry) gets you to the point where each person speaks their own language, and a tower of Babylon in far from the ideal way for properly managing risk.

If you have a unique blend of risks in your org, if you have a new language to develop, if you need a fresh look at things, do not underestimate hiring young, inexperienced yet talented people, and trusting them with aspects of your operation. Do not, however, forget that by doing so you must commit to proper training, documentation and feedback – or else you’ll get all the childhood sicknesses you can ever imagine. Balancing your org to be a flexible Risk Management unit is a tough job.

Monday, July 20, 2009

Ain't doing it right

"How many legs does a dog have if you call the tail a leg? Four; calling a tail a leg doesn't make it a leg." (ascribed to Abraham Lincoln)

In our business, to make a good decision, it is essential to know what really happned. So we discussed finding the single source of truth, but have not discussed ways for keeping it truthful. Oddly enough, the concept of immediate, detailed feedback is not as common as one would expect.

In your community of domain experts, the concept of "truth" should not only be determined but also enforced by members of the community. Note: not by a moderator; the members must know what the "truth" is (in procedures, in decisions and in deriving conclusions) but also be ready and empowered to call out their and others' mistakes. Because direct feedback is what enforces people to improve in the specific of their work. You do not only need people who can tell a tail from a leg - you need to give the one who detects it the means to show their finding to the general community.

This is not a matter of virtue, it's a matter of getting your business runnig the way it should. What happens if you under develop this area in your organization? Well, first you get only hindsight feedback, allowing you to know what's happening in delays of months and months (how much time does it take 90% of chargebacks to come in? exactly), but you also get feedback in aggregate levels (saying, for example, how many of person X's decisions were reversed) - meaning that you can't really find the trend and fix it.

I can't tell you it's fun - commenting, moderating or acting on the results of such feedback cycles - but one thing's for sure, it's way more effective than pretending your Risk experts live in DisneyLand. Giving and receiving proper feedback improves every bit of the cycle - and makes your business better at one of its core competencies.