We are creating some awesome events for you. Kindly bear with us.

Fraud and Financial Crimes are on the Rise – What Should Banks and Governments do?

businessman holding world, connected

In the wake of the pandemic, people across the world moved comprehensively online =  for work, education, entertainment, shopping and financial transactions. This has dramatically increased the surface area for attacks and created unprecedented op[portunties for bad cyber actors.

The simple answer to the challenges faced by the financial services industry and other agencies is to make better use of all available data and advanced analytics to detect and prevent fraud.

Of course, this may be easier said and done. In fact, the plethora of tools, solutions and platforms available may make the task more complicated. The following provides some starting points.

Understand the Categories of Fraud-Detection Tools

The ‘market’ is flooded with potential solutions, all offering to address fraud. The utility of each toolset relies on the business context and available data. All need to be integrated with business processes and supported by policy settings.

Here is a short overview that can assist in mapping such tools in terms of their function(s).

Detect Known Knowns

A watch list that holds information about known criminal entities (people, organisations, addresses, events, etc) is a good, universal start-point.

The challenge is matching the known entity against a new transaction.  Simple name-matching systems tend to be quickly overwhelmed with irrelevant matches (imagine searching for Mr Jones on Google – around 5,070,000,000 results!).

Data science can assist here by establishing a probabilistic matching system with variable threshold settings. An organisation can then match the threshold settings to match its risk tolerance.

Detect Networks

The next level of detecting suspicious entities is to see the connection between a current transaction and previously identified fraud. It could be as simple as ‘this person lives at the same address’ to ‘the phone number used has been used to commit fraud before’ and countless variations on this theme.

Some of the most effective network analytics systems used for fraud detection use non-obvious data. For example, the links may well be established by connecting IP addresses, MAC codes etc. Some of the best data may well reside in system logs!

Identify Patterns

Predictive models examine available data against known patterns associated with fraud.  At a basic level, the technique can utilise simple attribute matching (eg gender, age, nationality, etc) but more sophisticated tools can substantially increase the accuracy and consume hundreds of variables.

Predictive models are usually based on data analytics but it is also possible to build intelligence-based models when current data holdings do not support sufficient accuracy. The range of processes that can fall into this category is only limited by data availability, the skills of the data science team and the capacity to integrate such systems.

A rich source of data is frequently-ignored metadata. For example, systems that monitor mouse

movements and keystrokes and identify potential deceit based on the way a client completes an online form are available now.

Monitor Trends

This often-overlooked tool can provide early warning if there is a variation in normal trends. For example, a sudden, non-seasonal surge in refund claims from a particular region may indicate the emergence of fraudulent behaviour.

Tools that can automatically monitor trend data at global and more granular levels are readily available and generate alerts when tolerances are breached. While some tools visualise the trend variation on a dashboard, the best tools also generate alerts automatically and do not rely on someone spotting a problem manually or even loading a dashboard.

An integrated, end-to-end, fraud detection and mitigation system may well consist of all or a number of these solutions and usually requires a level of integration with processing platforms. Fortunately, current solutions (eg containers) simplify the challenge.

Fraud Mitigation Framework

Most government agencies and financial institutions collect and maintain large volumes of data in support of their operations. Making optimal use of these data collections underpins the ability to identify and prevent fraud.

Data-driven decision-making relies on:

  • being able to collect and see information (data);
  • understanding the information and data;
  • responding with appropriate counter-measures,
  • monitoring/evaluating the effectiveness of these measures; and
  • adjusting the system based on the continuous analysis.

Seeing Information/data – if it’s invisible, it is difficult to defeat

The ability to collect and store information and data for downstream processing within required timeframes is a fundamental building block to any fraud-mitigation process. Most organisations collect process data such as applications and claims. Most would also store the results of such processes (eg refused application/claim, approved application/claim).

An organisation that records incidents of identified malpractice in such applications and claims creates a powerful anti-fraud dataset.

Most data systems tend to collect vast volumes of meta-data like system logs. Much of this resource is generally stored and not effectively uses to detect fraud. Tools that collect transaction metadata (eg mouse movements, keystrokes) and feed artificial intelligence that can accurately predict potentially fraudulent intent.

Capturing contextual information for analysis provides additional attributes that will enhance identified fraud but may also provide valuable intelligence around existing but undetected fraud.

Understanding – ‘why’, ‘how’, ‘when’, ‘where’ and ‘what’ happened

Analysis of data and intelligence can reveal how the various fraudulent techniques work. Generally, this relies on a team of subject matter experts working with data science teams to develop deep insights.

Responding – see when suspicious things are happening and stop them

Once the fraudulent techniques are understood, a data science team can build predictive analytics models to detect the adverse patterns in the data to flag similar patterns associated with current (live) transactions. Such models can manage hundreds of variables in close to real-time and identify problematic behaviour with a known level of accuracy and work in close to real-time.

There are many ways of using this process to respond to potential malpractice. One simple example is:

  • Applications/claims that are identified as low risk by our risk systems can be expedited. This reduces the cost of processing and increases client satisfaction.
  • Applications/claims that are identified as high-risk could be diverted to a process that enables more data collection and/or greater scrutiny.

Monitoring – are countermeasures working?

Once a fraud detection system has been deployed the world will have changed. Eventually, criminals will adjust their approaches and possibly develop new methodologies.

Automated monitoring of an analytics-based system is always desirable as it can detect when expected accuracy or other performance is no longer being achieved. There are many reasons why this will occur but one of them is that criminals have developed new techniques and workarounds.

Monitoring the performance of the analytics-based system and, importantly, collecting and analysing intelligence can close much of this gap.

Adjusting – respond quickly to changed circumstances

The final part of the process closes the loop – lessons learnt through the monitoring processes is fed back into the next version of the system to refresh predictive models and other components.

Why this process?

This process leverages data and intelligence, supports continuous improvement and a capacity to respond to changed circumstances. Importantly, the process maximises the capacity to apply the most appropriate measures to mitigate fraud. In many cases, a response is based only on the detection of a problem. The analysis of the problem provides insights into the method of operation in this case. Once this is understood, an analysis of current data may indicate if this is an isolated case or if more such cases have remained hidden.

Moreover, it ensures that any countermeasures target the real problem. If the problem is potentially widespread, then the effort to build a data-driven model to detect other such cases and a predictive model to identify similar cases in future transactions is warranted. Automated monitoring and feedback loops provide a level of assurance that our solution is still doing what is expected.

PARTNER

Qlik’s vision is a data-literate world, where everyone can use data and analytics to improve decision-making and solve their most challenging problems. A private company, Qlik offers real-time data integration and analytics solutions, powered by Qlik Cloud, to close the gaps between data, insights and action. By transforming data into Active Intelligence, businesses can drive better decisions, improve revenue and profitability, and optimize customer relationships. Qlik serves more than 38,000 active customers in over 100 countries.

PARTNER

CTC Global Singapore, a premier end-to-end IT solutions provider, is a fully owned subsidiary of ITOCHU Techno-Solutions Corporation (CTC) and ITOCHU Corporation.

Since 1972, CTC has established itself as one of the country’s top IT solutions providers. With 50 years of experience, headed by an experienced management team and staffed by over 200 qualified IT professionals, we support organizations with integrated IT solutions expertise in Autonomous IT, Cyber Security, Digital Transformation, Enterprise Cloud Infrastructure, Workplace Modernization and Professional Services.

Well-known for our strengths in system integration and consultation, CTC Global proves to be the preferred IT outsourcing destination for organizations all over Singapore today.

PARTNER

Planview has one mission: to build the future of connected work. Our solutions enable organizations to connect the business from ideas to impact, empowering companies to accelerate the achievement of what matters most. Planview’s full spectrum of Portfolio Management and Work Management solutions creates an organizational focus on the strategic outcomes that matter and empowers teams to deliver their best work, no matter how they work. The comprehensive Planview platform and enterprise success model enables customers to deliver innovative, competitive products, services, and customer experiences. Headquartered in Austin, Texas, with locations around the world, Planview has more than 1,300 employees supporting 4,500 customers and 2.6 million users worldwide. For more information, visit www.planview.com.

SUPPORTING ORGANISATION

SIRIM is a premier industrial research and technology organisation in Malaysia, wholly-owned by the Minister​ of Finance Incorporated. With over forty years of experience and expertise, SIRIM is mandated as the machinery for research and technology development, and the national champion of quality. SIRIM has always played a major role in the development of the country’s private sector. By tapping into our expertise and knowledge base, we focus on developing new technologies and improvements in the manufacturing, technology and services sectors. We nurture Small Medium Enterprises (SME) growth with solutions for technology penetration and upgrading, making it an ideal technology partner for SMEs.

PARTNER

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp tools allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices. 

PARTNER

IBM is a leading global hybrid cloud and AI, and business services provider. We help clients in more than 175 countries capitalize on insights from their data, streamline business processes, reduce costs and gain the competitive edge in their industries. Nearly 3,000 government and corporate entities in critical infrastructure areas such as financial services, telecommunications and healthcare rely on IBM’s hybrid cloud platform and Red Hat OpenShift to affect their digital transformations quickly, efficiently and securely. IBM’s breakthrough innovations in AI, quantum computing, industry-specific cloud solutions and business services deliver open and flexible options to our clients. All of this is backed by IBM’s legendary commitment to trust, transparency, responsibility, inclusivity and service.

Send this to a friend