OPINION: Fraud and cybercrime - time to change the game
By Paul Franks, Director, Financial Services, SAS
Fraud and cybercrime are hot topics for financial services globally while increasingly sophisticated and elaborate criminal methods continue unabated. Greater use of internet and mobile banking also increases the opportunity to access and acquire customer identities and financial assets. Traditional approaches to fraud detection and prevention are under strain. What is convenient for your customers is often equally convenient for criminals who want to access your digital information and footprints. Unauthorised transactions attempted and completed because of compromised electronic banking credentials are on the increase and for every failed attempt captured, many more are missed by traditional detection approaches.
Simple approaches fall short
Experts in these fields know they must do more to deter and detect criminal behaviour and constrain opportunities for perpetrators to act. Unfortunately, however, many of them have invested in only relatively simple solutions. Unable to accurately predict or detect fraudulent or criminal activity, or accurately measure the success of existing efforts, they have difficulty briefing their executives to give assurance and comfort that they are on the front foot in managing risk. The result for those institutions is usually an adverse reputational event which impacts trust and confidence.
Changing the game with advanced analytics
Advanced analytics provides the means for financial institutions to sort through very large volumes of data and transactions to make intelligent, real-time decisions as to the nature and level of influence of one or multiple customer relationships, and whether individual or multiple transactions might be fraudulent. Data integration capabilities are essential to an enterprise fraud strategy and leaders have elected to move to an enterprise-wide strategy. This enables all varieties of available data to be aggregated and stored in a single data repository and made available for analytical purposes. Aggregates related to accounts, account holders, employees, counterparties, intermediaries and geographic regions can then be pre-computed to be used for real-time risk scoring in the database.
Hybrid approaches to fraud detection, together with the use of predictive and propensity modelling of customer and account holder behaviour and risk profiles, is now the preferred model. The trend is away from using business rules as the sole method for defining alerts to potentially fraudulent transactions and unexpected behaviour. Leading financial institutions are moving towards higher levels of integration in detecting and responding to fraud alerts, using single case management tools rather than relying on multiple non-integrated case management solutions.
The losses avoided metric has often been the key one for evaluating the results of fraud prevention and detection activities and is usually defined as the face amount of interdicted fraud. Such a conservative definition has an inherent weakness in that additional losses that would have likely occurred had the first transaction not been detected are not accounted for. A better and more relevant measure is total exposure which reveals the total loss to an account if all funds were taken at the time of an event. The importance of considering trade-offs between losses avoided and other relevant business metrics such as customer loyalty and attrition still remains. Analytics can help reduce false positives by monitoring the number of alerts that actually resulted in a fraud case and reducing the number of times a customer is potentially contacted and inconvenienced due to a false alarm.
Using rich and deep data
Banks already have deep and significant data about customer banking behaviour to support their fraud detection efforts and must know and continuously authenticate their legitimate customers to avoid them being subject to fraudulent or criminal activity. To do this effectively, banks must capture and unify all available data types across channels and incorporate them into the analytical process. They must continually monitor transactions and apply behavioural analytics to enable real-time decision making and employ layered security techniques.
Analytics should underline any effective solution and provide the ability to capture fraud, enforce anti-money laundering policies, flag transactions for review, learn from complex data patterns and use sophisticated decision models to better manage false positives. I have stated in previous articles that there is still a place for rules and these should be for routing and case management. Using rich information after the event to build better predictive models, generate trends and forecasts and determine how new products, services and lines of business will affect financial crimes – and the operational environment – should be leading practice.
Hybrid approaches using behavioural analytics
Growth in cybercrime puts analytics front and centre in helping banks to stay ahead of fraudsters and criminals. Behavioural analytics that support real-time decision making at the time of a transaction can significantly improve the likelihood of flagging and stopping suspicious and unexpected transactions before criminals take hold and cash out. When these measures are applied on a continuous basis and all parties are aware of their existence, detective measures become preventative in nature. Using a layered hybrid approach to prevent, detect and manage fraud across the organisation is an effective countermeasure.
An orchestrated approach encompassing detection, alert generation, alert management, social network analysis and case management can be significantly less costly and time consuming than traditional approaches and call for much less effort. Using multiple analytical approaches across all institutional transactions can achieve better monitoring of fraudulent activities and more accurate customer behaviour profiles. Dealing with the expected and unexpected earlier and more holistically results in incremental detection and lower false positive rates. Executives are seeking assurance and confidence that your customers are protected and safe from financial harm and that the institutions in which they place their trust can deliver on that promise. Protecting both customers’ financial assets and your own reputation is what is expected by regulators. How does your detection and prevention measure up? Are you meeting these expectations or are you falling short in your approach to fraud and cybercrime?
- Paul Franks, SAS, cybercrime, fraud
- AB+F Online
- Article Posted:
- July 01, 2013
Review this content
Fields marked with an asterisk () are mandatory.