Across industries, financial crimes investigators – even those with an arsenal of fraud detection techniques – have plenty to keep them awake at night. According to Javelin Strategy & Research, 2017 Identity Fraud: Securing the Connected Life:
- Identity fraud hit a record high in 2016 with 15.4 million victims in the US.
- From 2015 to 2016, card-not-present fraud rose 40 percent, and account takeover was up 31 percent.
- As EMV chip cards have curtailed credit card fraud, fraudsters have turned to more online fraud.
No organization wants to make the headlines for fraud losses or data breaches, whether it’s monetary or personal information. The reputational hit can sometimes be even more damaging than the direct dollar loss, which is painful enough. The top 10 fraud types alone accounted for $181 billion in losses in 2016.
In a new white paper, the International Institute for Analytics (IIA) offers ways to improve your success and avoid common pitfalls in detecting and investigating fraud. Hint: It’s not all about your fraud detection techniques. It’s also about how you embed those techniques into business practices and keep them tuned over time.
Download the IIA white paper.
Find out more about how to take fraud detection techniques to the next level.
1. Connect the dots
Some of the most onerous risks are difficult to detect with isolated transaction monitoring systems. One system might flag a transaction, but without a complete view of an entity’s relationships, the investigator could deem it innocuous.
Imagine the power of having a holistic view of connections among accounts and transactions, across channels and products, spanning a network of potentially related customers. By connecting the dots, you could find hidden risks that are spread across multiple systems, fall below rule thresholds, or are only revealed in broader context.
2. Use hybrid analytics
One of the most common pitfalls is relying too heavily (or even exclusively) on a single technique or model type for detecting fraud. As fraudsters get more sophisticated, it takes a combination of approaches to spot their handiwork.
For example, network analysis finds patterns among linked entities – great for insurance claims fraud and anti-money laundering – but it doesn’t detect all varieties of fraud and doesn’t lend itself to real-time detection. A hybrid approach blends multiple analytic techniques from different disciplines (along with business rules) to provide a far more powerful and accurate fraud detection system.
3. Tap into machine learning
Unlike rules, which are easy for fraudsters to test and circumvent, machine learning adapts to changing behaviors in a population through automated model building. With every iteration, the algorithms get smarter and more accurate.
With machine learning, you can encode large numbers of conditions, variables and events into models and detect things that rules and human analysts would miss. Ensembles of different machine learning models and techniques have proven to be extraordinarily accurate.
It’s not all about your fraud detection techniques. It’s also about how you embed those techniques into business practices and keep them tuned over time. Michael Ames Senior Director, Product Management, Decision Management and Emerging Technologies SAS
4. Bring transparency to black box processes
Machine learning models look at so many things in so many ways that, after a model is trained in machine learning, no one can be sure how it’s coming up with the outputs. Thus, the moniker black box. Yet investigators need to understand the rationale behind why something was brought to their attention. That calls for a white-box companion that explains and advises. This could be a scorecard, a set of visuals, or an auto-generated narrative that gives investigators the data and insights they need to explore the case.
5. Challenge the models
The accuracy of analytical models naturally drifts over time. Good model management calls for two approaches to identify that drift and sustain high model performance:
- Monitor model inputs, outputs and results so you can see when underlying conditions change and models need to be upgraded.
- Periodically create a new variant of a model – a challenger model – and test it by running transactions through it and comparing the results with the current champion model. If the challenger proves significantly better, it becomes the champion, and the improvement cycle starts again.
6. Make room for prospecting
In a virtual data sandbox, keep looking for new patterns of activity. Test new hypotheses, validate old ones and listen to the possibilities suggested by the data. With unsupervised machine learning, the self-directed algorithm learns the structure of the data, flags anything that doesn’t fit the norm, and then applies this knowledge to new and unseen data. It’s easy to see the value of this fraud detection technique for uncovering new and emerging threats.
7. Automate investigators’ work
Investigators shouldn’t spend valuable time on rote tasks that machines can do better. Use analytics to streamline those processes and boost productivity. For example, an analytics-driven fraud solution can automatically:
- Enrich alerts with detail about the associated customers, accounts or beneficiaries.
- Find and pull data for a case from internal databases or third-party data providers.
- Examine masses of data to help establish fraud detection rules and keep them current.
- Present data in easy-to-understand visuals appropriate for the type of fraud under review.
- Prepare and file suspicious activity reports and other standard investigator outputs.
- Prioritize cases, recommend investigative steps and fast-track straightforward cases.
An automated and informed system enhances case workflow. Investigator feedback makes the overall system smarter over time.
8. Think system, not just a sequence of steps
Above all, implement fraud detection and investigation as a system, well instrumented with a continuous feedback loop. Monitor the entire process to track what’s happening, the decisions and actions taken, and outcomes. Improvement becomes a journey, a regular cycle of evaluating and training a coherent and connected system.
About the Author
Within the SAS Fraud and Security Intelligence Practice, Mike Ames leads the Data Science group, which includes a global R&D team focused on bringing new and emerging technology from SAS to market. Here, he focuses on real-time surveillance and investigation tools for fraud detection and compliance monitoring. Ames holds a BBA in economics and did his graduate work in computer science at the University of Georgia. He also earned an MBA from the University of North Carolina at Chapel Hill.
- Article Strengthen your payment fraud defenses with stronger authenticationThe rapid growth of digital wallets and payment applications has ushered in new payment fraud threats to consumers and organizations. Find out how the use of innovative technologies to combat payment fraud is a viable and effective solution with additional benefits.
- Article Is it case management or alert management?Both AML and payments fraud generate alerts, but handle them differently - making a common understanding of case management and alert management paramount.
- Article Reduce the hackers' advantageA 30-year national security veteran discusses escalating cyberthreats, why traditional defenses are falling short, and what’s next in security analytics.
- Series A modern cybersecurity strategy: Building a cybersecurity planThe main considerations of a foundational component of a cyber strategy: the cybersecurity plan.