English | EN NEW SOLUTIONS TO AN OLD PROBLEM “FRAUD”
March 30, 2015
GUEST POST
‘
Fraud’ is not new and has been around for a very long time. Possibly, the earliest recorded cases were from ancient Greece (for an interesting view, check out this website).
I’ve been involved in developing solutions to combat fraud for some years now; so, I thought it might be useful to get some of the things I’ve seen and done, written down to receive comments / feedback from other like-minded people. In this article, I’ll explain how technology can tackle some of the key fraud-related problems that we see around us today, whether it’s in the Banking, Insurance, Healthcare sectors or within the Government bodies (practically, any industry, even Oxfam has had public issues).more–>
There is some element of fraud to deal with pretty much everywhere; and there are quite a few similarities (in the nature of fraudulent activities committed) across different industry domains, from which we can learn much.
This article discusses how a computer system can help reduce the level of fraud, across all types of businesses and public organizations. The techniques described are intended to act as ways to augment procedures that can often be seen as:
1) Not focussed enough – it’s difficult to identify the specific transactions / events that are likely to be fraudulent
2) Consuming more resources in comparison to the benefits
3) Not tackling the underlying root problems of fraud, where groups are acting in harmony over several sites / long time periods – not identifying people who actually mastermind the fraudulent activities rather than those (at the fringes) who are asked to initiate such improper actions
4) Difficult to integrate with existing processes and services
So, we need to be able to develop better analytics to FOCUS on the RIGHT transactions / events, TARGET our scarce resource to optimize outcomes, be able to see the BIGGER PICTURE and develop MODULAR solutions that can improve the overall landscape, which may be embedded with weaknesses.
This note does not suggest that fraud can be eliminated with the techniques outlined; however, the approaches described in this and my upcoming posts can improve fraud detection significantly and control the processes behind managing fraud (sometimes to the extent of successful prosecution of individuals or groups) to make it very worthwhile, both from the financial and a reputation standpoint, for all the industries I mentioned above.
In this (first) post, let’s look (at a high level) at four key stages that can help organizations to control their fraud exposure. Please note that this is a basic overview of capabilities that only scratches the surface, but does give the reader a wide view of all the elements that are needed to be in place to get a basic grasp of the topic.
I assume that topics like security and authentication (for systems), policies and procedures, and simple rules in business workflows have already been covered by most companies and they are contemplating what else they can do to reduce/eliminate fraudulent activities within their business.
The four key stages
The following key stages are needed to take things further:
The process often starts with the Discovery stage, which includes applying mathematical models and rules (derived from working with subject matter experts) to identify the areas where patterns of data may describe clusters / segments / outliers, etc, that appear to be significantly different to what is expected normally. These data points become focus areas for further study. This is a continual process, as fraudsters always come up with new approaches to adapt to changes in company policies and procedures. Hence, it’s a constantly shifting target. This requires large volumes of existing transactional data to be consumed by tooling, for building and maintaining the models.
Detection is about using the results obtained from discovery to automate the process of identifying ‘records of interest’ for assessors / investigators to consider. This can be done in real time or in batches, depending on the requirements of the business. This uses the models developed in the previous step (and possibly also gathers other rules that the business can describe from experiences already known) and creates rules that are invoked against each transaction, to generate a score that describes the likelihood of that record being fraudulent. The results can be visualised in many ways, but a way of triaging the results is necessary to enable the business to focus on where to place its scarce resources to manage the problem.
The Prevention stage begins the process of engaging with those people, who are initiating some potentially fraudulent transaction(s) within the systems, by asking further questions on their claims. At its most sophisticated level, this could be in the form of real time responses in an online system that uses rules to detect if the data entered has a higher-than-normal propensity for fraud (a score for instance). If so, the system asks the user for additional information, which may simply project it as an error (a transaction that is outside normal boundaries) but should go ahead or deter a potential fraudster from proceeding. This can be a very powerful measure, because stopping such things early can help save significant time later in the process.
The Investigation phase occurs at the back end of the business process, because this will only take place if the assessors feel that there is a strong case to answer. The Investigation process starts to pull together additional information around the transaction in question, identifying more information about the entity involved in the transaction, including what linkages that entity may have to other things (e.g. People to people, companies to people, companies to companies and so on). So, attempts to see the bigger picture take place here.
Each of these approaches can be developed as modules, but generally, it starts from the Discovery phase, because that indicates the areas, where interesting things are happening, within the data.
Careful planning to identify how the business needs to evolve to new ways of working and select the design points to ensure that each module performs as expected, within an existing architecture (very rarely are such things built as ‘greenfield’ sites), is crucial to success; a poorly performing system could lead to more false positives, with the resource being targeted on tracking the wrong issues.
My next post will describe how various technologies can help support such a counter- fraud initiative.
Author Information
Steve Lockwood
Senior Exec Information Architect
Office of CTO Europe
Member of the IBM Academy of Technology
E-mail: Lockwos@uk.ibm.com
Twitter: @Lockwos
LinkedIn: uk.linkedin.com/in/stevelockw
About the author