Last Updated: 23rd October, 2019
Approach and Address Fraud: Fraud might be as old as the industry itself, but fraud contributes fresh vigor to the trade. Now a profession worth £3tn a year, fraud is one of the most complex, cost-intensive aspects of running a business today.
Worse still, for a Chief Risk Officer (CRO) or any team tasked with combating fraud and compliance, the true cost is not as simple as what the human eye – and the balance sheet – can see. More than ever, the compliance and fraud costs, these teams know and budget for are accompanied by what’s lurking beneath – the ‘hidden unknowns.’ So how should organizations be assessing these risks and the associated costs, and how can technology help to string it all together?
Approach And Address Fraud: Orienting Decisions Around Data
When it comes to fraud, some change has been constant and predictable: more fraud, more complexity and more attack vectors. What’s changed is how technology can support those defenses – more specifically, how data can be used to support those defenses.
The new gospel that ‘data are the new oil’ woefully undersells its value – this is not just a finite commodity. Instead, it’s an ever-expanding, scalable, multi-dimensional prism through which commercial situations can be understood, risks can be assessed and decisions made.
So what does that mean for the risk managers and technologists equipping these organizations to be safe and secure? Data orchestration – the ability to efficiently, effortlessly orchestrate the use of all this data through one layer – is already shifting from an aspirational concept to a ‘must have.’
Traditional manual batch-feeds of siloed data between systems are already being replaced by connected data sets that speak to each other and create smarter answers in real-time, without a customer or potential fraudster, ever even knowing.
This data orchestration approach will improve safety and security in almost every aspect of an organization’s relationship with prospective customers. At onboarding, for example, it means not just taking the information given at face value, but pre-emptively using additional data sources, to verify identity and crosscheck whether this person or entity has committed fraud elsewhere.
This will bring more context and accuracy to fraud detection and prevention efforts – even in established, heavily regulated industries already familiar with orienting decisions around data. While banks already crosscheck with third parties such as Cifas, what other types of data could they be benefitting from?
If rich device data, to take another example, could highlight when an individual’s mobile number on an account application has recently swapped over the SIM card, this could indicate potential identity hijacking. Being able to spot and act on these instances, based on groups of connected data and orienting decisions around data, is hugely valuable to both the bank and the customer.
Approach And Address Fraud: Using Analytics and AI to Create a Robust Threat-Detection Model
In this new data-centric approach to fraud, the application of various forms of Artificial Intelligence (AI) and AI-powered predictive analytics, will play an increasingly important role in the detection and prevention of fraud.
This is especially true for transaction industries like banking, retail and telecommunications, where there may be hundreds of transactions taking place per second – meaning the volume of fraud instances is high, and the value of saving a fraction of a second is amplified at scale.
Combined with a number of statistical processes and techniques, predictive analytics can help correctly classify fraudulent and non-fraudulent transactions in real-time, without the need for human subjective analysis. The application of Machine Learning (ML) could also play a role – with neural networks, learning in real-time and improving the way teams test hypotheses and apply the new rules.
Combined with data orchestration capabilities and a single view of fraud data, Machine Learning (ML) will drastically reduce instances of ‘false positives’ – in turn, increasing the accuracy and efficiency of fraud investigation efforts by organizations.
Fraudsters change their methods on a daily basis, so the challenge here is to develop a robust, AI-enabled detection model that has a view of old, existing and new threat types. For example, if you’re ‘learning’ from data that only spans the last six months, your threat-detection model will be limited to specific or recent activity and won’t account for threats that took place over a longer period of time. A certain amount of historical data is therefore required to build an accurate view of your threat landscape.
We’re now firmly in the era of a data-centric approach to threat detection and prevention, where organizations are innovating hard and fast to find that ‘silver bullet.’
We have been making good strides. In any industry, it will be down to the successful application of such bullets to determine if they truly become the new normal. Will we ever get ahead? For perpetrators whose fraud and laundering are in the billions, I wonder what their innovation budget is.