What it is and why it matters
Most organizations take a fragmented approach to fraud prevention. This leaves them vulnerable to even more attacks, as criminals are quick to find and exploit any points of weakness.
As a result, security risks and financial crimes are increasing in many industries due to a variety of factors, including the languishing global economy, growth in organized crime and the increasing sophistication of fraudulent schemes. Don’t get caught unprepared.
The best hope for stemming the flow of financial crime is through an enterprisewide strategy that unifies fraud and security systems and focuses on improving detection and prevention efforts. From financial services to insurance, health care and the public sector, organizations must begin to look at fraud and security trends holistically to identify large-scale threats early in their development, while there is still time to mount effective fraud prevention countermeasures.
Current Issues in Fraud Prevention
Sophistication, velocity and severity of attacks
The rise of the information society has provided a wealth of opportunities for organizations to enhance services to customers through new channels. These have helped to save time, money and effort from an operational perspective. But on the opposite end, cybercriminals are finding new ways to exploit weaknesses and working to develop ever more sophisticated methods of attack – or finding high-tech reinventions of old tricks.
Many of these threats are basic. Simple spam or phishing emails, which encourage users to share information about themselves, continue to be a major problem across industries. But the threat landscape is also becoming increasingly complex. There is a convergence of offline fraud and online crimes, especially in financial services institutions – consider the recent attacks in which international hackers steal data that is then used by local criminals to fraudulently withdraw money at banks.
Weighing customer convenience versus risk
Customers want to know that they’re being protected. But they also don’t want to be bothered with false positives. How do you balance these competing interests? A transaction can score with a very high propensity to be fraudulent – say, 70 percent – but the remaining 30 percent of similar transactions will be legitimate. Do you block all of those transactions and risk angering the customer? Organizations know there will be false positives. It’s not a matter of wondering how to eliminate those cases but rather how to decide what ratio is acceptable.
Fraud Prevention Cycle
Fraud prevention is not a static process. There’s no starting and ending point. Rather, fraud prevention is an ongoing cycle involving monitoring, detection, decisions, case management and learning. That is to say, organizations should strive to continually learn from incidents of fraud and incorporate the results into future monitoring and detection processes. To identify and stop an array of fraud attacks quickly and accurately – while improving customer experiences – organizations must follow three key steps:
- Capture and unify all available data types from across channels and incorporate them into the analytical process.
- Continually monitor transactions and apply behavioral analytics to enable real-time decision making.
- Employ layered security techniques.
An effective fraud prevention solution must have rules for routing and case management, as well as the ability to capture fraud, enforce anti-money laundering policies and flag transactions that need review. Analytics underlies any effective solution, and the fraud prevention technology that you choose should be able to learn from complex data patterns and use sophisticated decision models to better manage false positives.
With these techniques in place, organizations should be able to use rich information after fraud events to build better models, generate trends and forecasts, and determine how new products and lines of business will affect future crimes and the operational environment.
Every bank has come to the conclusion that a lot of the same data used for marketing and credit decisioning can also be used over here in compliance and fraud. It’s part of that desire to make more consistent decisions around customer baseline scoring.
Director of Financial Crimes Global Practice, SAS
Fraud Prevention Case Study
For insurance companies, monitoring claims is often a manual, labor-intensive process. And identifying claim errors in mountains of data is like looking for a needle in a haystack. For CZ, the third-largest health insurer in the Netherlands, the process was further complicated by a system of complex medical codes. And to avoid long delays in processing claims, CZ often checked statements only after a claim was paid. But that made recouping funds costly and inefficient.
That's why CZ turned to SAS. Using a solution built on analytics, the insurer can now monitor claims in real time to ensure each claim is legitimate – before money goes out the door. This has enabled CZ to move beyond a pay-and-chase model to prepayment control. The company can detect incorrect statements and consult with care providers immediately if there are any concerns about a claim. This goes a long way toward paving the way to health care payment integrity – stopping losses before they occur while processing genuine claims on time.