SlideShare a Scribd company logo

Sas wp enterrprise fraud management

•
•
R
rkappear

SAS EFM White Paper

Software
1 of 18
Download to read offline
WHITE PAPER Enterprisewide Fraud Management Analytically powered best practices for detecting, preventing and investigating fraud in financial institutions
i ENTERPRISEWIDE FRAUD MANAGEMENT Table of Contents Introduction......................................................................................................1 Outwitting the Criminal Mind – The Challenges..............................................3 Bank Fraud Is Increasing in Volume and Sophistication ..............................3 The Fastest-Growing Channels Are Also the Ones Most at Risk...................3 Fraud Is Usually Managed in Business Unit Silos.........................................4 Cross-Channel Fraud Is Widespread.............................................................4 Fraud Detection Has Been Sketchy..............................................................5 Slow Detection Leads to Higher Losses.......................................................5 The Trouble with Traditional Fraud Management...........................................6 Best Practices in Fraud Management – Combating Fraud with the Technology Available Today.............................................................................7 Step 1: Create an Enterprisewide View of Patterns and Perpetrators..........7 Step 2: Prevent and Detect Fraud in an Enterprisewide Context..................7 Step 3: Investigate and Resolve Fraud in an Integrated Environment........11 Future Trends in Enterprise Fraud Management...........................................11 Closing Thoughts............................................................................................12 About SAS.......................................................................................................14
ENTERPRISEWIDE FRAUD MANAGEMENT ii Ellen Joyner-Roberson, Fraud and Financial Crimes Marketing Manager for SAS, is responsible for defining industry strategy for the global banking segment. She has 25 years of experience in the application of information technology to solve customer needs, including a focus on the financial services industry for more than 20 years.
ENTERPRISEWIDE FRAUD MANAGEMENT Introduction Sue was just buying pillowcases, paying with the store’s own credit card. But within days, that card number would reach a fraudster in Florida, who would punch out new plastic with her number – later, it would be used to buy dozens of store gift cards at a time, each for an amount just under the review limit. The debit card came back to the table in no time, and Robert signed the tab for dinner. He made sure only the last four digits of his card number were displayed on the merchant’s copy. But Robert didn’t know that in the 30 seconds the waiter had the card, he had photographed both sides with his cell phone – and would later use the account to order merchandise and concert tickets by phone. These events are everyday occurrences – thousands of times a day, actually. In the first case, the store’s parent company detected the security breach, but only after three years, 200,000 counterfeit cards and US$1 million in fraudulent purchases. And if Robert opened his bill to find surprise charges he didn’t make, he was in very good company; identity fraud is an estimated US$54 billion crime. Some 11.2 million Americans were victimized by card fraud in 2010 – an increase of 12 percent – which was the highest level since the Identity Fraud Survey Report survey began in 2003, according to Javelin research.1 His bank’s zero liability policy meant Robert didn’t have to pay the charges, but the bank did.2 1 Kim, Rachel and Monahan, Mary. Javelin Strategy and Research, Identity Fraud Survey Report. February 2010. 1
ENTERPRISEWIDE FRAUD MANAGEMENT Skimming and phishing attacks are becoming more common across the globe. Recent pay-at-the pump scams have also increased in the US and Europe, and it requires some help from civilians to fight these types of crimes. No one is safe with the sophistication of technology and fraudsters today. They can operate globally, within a matter of seconds, so it’s essential to increase public awareness as financial institutions enhance their fraud technology and enterprise processes. 1© 2010 The Tower Group, Inc. 352 692 1,189468 580 772 459 556 718 398 575 1,157 0 1,000 2,000 3,000 $4,000 2005 2008 2012P TRANSACTION MONITORING CHECK FRAUD INFORMATION SECURITY AUTHENTICATION/ ID RESOLUTION $1,677 $2,403 CAGR = 12.4 % $3,773 US Banks Will Continue Major IT Investments in DDA-Related Fraud Management (USD in Millions) 2008–12 CAGR 19.1% 6.6% 7.4% 14.5% Source: TowerGroup Figure 1. According to TowerGroup, investments in DDA-related fraud will continue to increase, with the largest investment in transactions monitoring capability. Of course, fraud is not a domestic product. It’s everywhere. Fraud was estimated to cost the UK economy £38.4 billion (US$62.4 billion) during 2010. This amounts to £765 for every adult.2 According to the National Fraud Authority’s Annual Fraud Indicator, fraud cost the UK private sector £12 billion, the public sector £21.2 billion, the charity sector £1.3 billion, and individuals £4 billion in 2010.3 According to Caroline Pearce, the Australian Payments Clearing Association’s head of fraud, risk and compliance, the industry needed to “lift our game” to combat a growing criminal threat. The Association found debit card fraud to have increased 50 percent in fiscal 2010, costing the industry $0.59 per $1,000 for magnetic strip cards and $0.11 per $1,000 for chip and PIN technology.4 The good news is that the numbers tend to be slightly down from previous years, especially in the US. The bad news is that hackers, identity thieves and money launderers are fighting back by focusing on different channels and spawning new types of attacks that traditional fraud management strategies were not designed to address. 2 National Fraud Authority. Annual Fraud Indicator. www.attorneygeneral.gov.uk/nfa/WhatAreWeSaying/ NewsRelease/Pages/fraud-costs-the-UK-over-38billion.aspx. Accessed Jan. 27, 2011. 3 National Fraud Authority. Annual Fraud Indicator. 4 Tay, Liz. “Payment Industry Calls for EMV-Compliant ATMs.” IT News for Australian Business. www.itnews.com.au/News/253292,payment-industry-calls-for-emv-compliant-atms.aspx. April 4, 2011. 2
ENTERPRISEWIDE FRAUD MANAGEMENT 3 “Interestingly, while FSIs struggle to capture a full view of each customer’s relationship with the institution, enterprising fraudsters are already achieving this understanding as they strive to gain more information about financial services and products to exploit.” Rodney Nelsestuen Senior Analyst, Financial Strategies and IT Investments, TowerGroup Outwitting the Criminal Mind – The Challenges Financial services institutions are well aware of the negative impact of fraud. Even at industry average levels, fraud hurts an institution’s reputation, customer loyalty, regulatory compliance and the bottom line. But even the most well-intentioned financial institutions face some daunting challenges in this area. Bank Fraud Is Increasing in Volume and Sophistication “The credit and debit card fraud category of financial services is among the fastest- growing and best-known means of criminal profit,” says Rodney Nelsestuen of TowerGroup. “What makes card fraud of great concern is the fact that international organized crime rings are often involved, turning card fraud from random criminal activity into industrial-strength enterprises.”5 The sophistication of their tactics makes detecting fraud difficult and preventing it nearly impossible, especially as the volume of bank transactions grows by about 10 percent a year. The Fastest-Growing Channels Are Also the Ones Most at Risk ATM and branch office transaction volumes are flat (as a percent of total transactions), while call center channels are growing modestly, and electronic access (online and mobile) is booming. According to research firm IDC, the number of mobile devices – from smartphones to tablet PCs – accessing the Internet by 2013 will surpass 1 billion, creating more opportunities for cybercrime.6 Unfortunately, these fastest-growing channels are also the most vulnerable. The FBI has observed a trend in which cybercriminals — using the compromised online banking credentials of US businesses — sent unauthorized wire transfers to Chinese economic and trade companies located near the Russian border. As of April 2011, the total attempted fraud amounts to approximately $20 million; the actual victim losses are $11 million.77 5 Nelsestuen, Rodney. TowerGroup. Surrounded by the Enemy: The Case for Enterprise Fraud Management. March 2008. 6 Shah, Agam. “IDC: 1 Billion Mobile Devices Will Go Online by 2013.” CIO.com. www.cio.com/article/510440/IDC_1_Billion_Mobile_Devices_Will_Go_Online_By_2013. Dec. 9, 2009. 7 Fraud Alert Involving Unauthorized Wire Transfers to China. Internet Crime Complaint Center. April 26, 2011. “A broad approach will avoid redundant project work, minimize system platforms and the number of vendor partners, increase staff productivity, and – most importantly – catch more fraud.” Gartner, Inc. Avivah Litan Gartner Research Enterprise Fraud and Misuse Management Solutions: 2010 Critical Capabilities October 2010
ENTERPRISEWIDE FRAUD MANAGEMENT Fraud Is Usually Managed in Business Unit Silos Customers – legitimate and otherwise – tend to see the institution as a single brand represented across various contact channels: phone, automated contact center, ATM, branch office and online. But the institution tends to see its customers as diverse entities based on product: mortgage, credit card, DDA, home equity, consumer banking, small business, etc. This disparity creates inefficiencies that fraudsters can exploit. Cross-Channel Fraud Is Widespread Criminals know these facts all too well. They know bank fraud systems rarely monitor customer behavior across multiple accounts, channels and systems. That weakness opens the door for cross-channel fraud, in which a fraudster gains access to customer information in one channel and uses that knowledge to commit fraud through another. “Cross-channel fraud is difficult to discover, track and resolve because the activities of the fraudster posing as the customer often mirror those of the customer,” says Nelsestuen. “Thus, apparently normal activity can be fraud conducted over an extended period.”8 As a result, cross-channel fraud is common – and costly. Community Mid-Sized Regional Superregional/ Money Center All Respondents Customer victimization scams 3.70 3.82 4.20 3.63 3.83 Debit card (signature based) 3.52 3.60 3.80 3.86 3.63 Check fraud (paper based), deposit 2.91 3.46 3.46 3.19 3.28 Identity theft 3.29 2.96 3.52 3.53 3.19 THREATS AGAINST BANK DEPOSIT ACCOUNTS (average threat level: 0 = none; 5 = extremely high) ABA Deposit Account Fraud Survey Check fraud (paper based), withdrawal 2.73 3.12 3.28 3.25 3.05 Debit card (PIN based) 2.91 2.64 3.20 3.67 2.90 Organized ring attempts 2.21 2.87 3.36 4.07 2.88 New account fraud 2.29 2.65 3.36 3.88 2.79 Check electronification 2.52 2.52 2.92 2.63 2.59 Online banking 2.14 2.33 3.28 3.88 2.58 ACH fraud, originations 2.24 2.28 3.24 3.47 2.53 Wire fraud, originations 2.02 2.45 3.04 3.33 2.51 Remote deposit risk 2.07 2.45 2.71 2.73 2.41 ACH fraud, receiving 2.33 2.21 3.00 2.40 2.38 Wire fraud, receiving 1.61 2.03 2.48 2.20 2.00 © 2009 American Bankers Association. Reprinted with Permission. All Rights Reserved. Figure 2. All size banks see the highest threats for debit card fraud, while organized ring attempts and customer victimization scams will require organizations to put fraud measures in place that monitor fraud attempts across product lines and channels. 8 Nelsestuen, Rodney. TowerGroup. Surrounded by the Enemy: The Case for Enterprise Fraud Management. March 2008. 4 “EFM enables users to break down the walls of siloed fraud prevention operations so that they can look for fraud and misuse at aggregate levels, such as at the customer level, rather than just at an account or transaction level. This makes fraud analysts more productive and versatile in managing fraud across product lines and channels, and also uncovers fraud or misuse that previously would have been missed.” Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
ENTERPRISEWIDE FRAUD MANAGEMENT Fraud Detection Has Been Sketchy About half the time, fraud is detected by the victims themselves when they review a monthly statement or are turned down for credit. Imagine the loss of confidence a consumer would feel to discover fraud before the bank did. Only about 25 percent of the time does the bank detect the fraud first. Slow Detection Leads to Higher Losses Speed is crucial. According to the 2010 Identity Fraud Survey Report, victims who detected the fraud within 21 hours were defrauded for an average of $373. Victims who did not discover the fraud up to a month later suffered an average loss of $572. Those who took up to five months lost nearly three times as much ($1,207) as victims who detected the fraud within one day.9 This, of course, is no surprise. What can be a surprise is how much that figure escalates when you add associated costs, such as lost wages, loss of goodwill and legal fees. Collectively, these realities create a daunting environment for financial services institutions: • They would like to accurately identify the patterns and perpetrators, but they usually lack the analytical modeling rigor to establish a strong defense. • They would like to identify cross-channel fraud, but their operational systems often don’t cooperate well across organizational boundaries. • They would like to monitor every transaction in real time, but they can’t alienate customers and merchants with long processing times. • They would like to implement rigorous rules to detect fraud, but they know they would turn up a lot of false positives that are costly and fruitless to investigate. • They would like to unify the fraud management process, but disparate data sources and cryptic interfaces make the system inaccessible to all but a few people. 9 Kim and Monahan. Javelin. Identity Fraud Survey Report. 5 “EFM also analyzes behavior among related users, accounts or other entities, looking for organized criminal activity, fraud rings, corruption or misuse.” Gartner, Inc. Avivah Litan Gartner Research Enterprise Fraud and Misuse Management Solutions: 2010 Critical Capabilities October 2010
ENTERPRISEWIDE FRAUD MANAGEMENT The Trouble with Traditional Fraud Management To detect fraudulent activity, many banks use transaction monitoring systems – often homegrown, niche software that requires manual intervention. Still, traditional systems can work well for detecting individual real-time, point-of-sale fraud. But that’s only one slice of the fraud pie, and not the biggest slice either. Few banks have strong, enterprisewide fraud management programs that can correlate a customer’s behavior across all contact channels and products to identify bust-out scenarios, social networks and cross-channel fraud. “An institution may have state- of-the-art security and fraud detection technologies and procedures to protect its deposit lines of business, but not the same for small business banking or third-party investments delivered by an alliance partner,” wrote Nelsestuen.10 Furthermore, even the fraud management process itself is fragmented. “Fraud detection, alert and case management practices are still too often viewed as separate activities, when in fact they should be managed as a whole,” says Nelsestuen.11 To support real-time monitoring of all types of transactions across all channels – while adhering to constantly changing regulations such as the authentication guidelines first established in 2005 – financial institutions must update their fraud prevention practices along with related fraud technology. The ideal result would be a fraud management solution that: • Protects against fraud at the point and time of transaction. • Accurately detects incidents of fraud in completed transactions. • Spans all the ways customers interact with the institution. • Provides structured oversight for the fraud management program. This is not a halcyon vision. The technology is available today. Let’s take a look at how a robust, enterprisewide fraud management system can redefine the economics of fraud. We’ll walk through the process with a hypothetical bank based on a real one – we’ll call it First Best Practice Bank (FBPB) – a multiservice institution with more than a million active cardholder accounts. 10 Nelsestuen, Rodney; TowerGroup, Surrounded by the Enemy: The Case for Enterprise Fraud Management, March 2008. 11 Nelsestuen, TowerGroup, Surrounded by the Enemy. 6 “We estimate that this market will grow at least 15 percent in 2011, mainly because global FIs are investing in EFM technology against a backdrop of increasingly frequent and sophisticated fraud attacks, and because they want to achieve operational efficiencies by consolidating fraud prevention and financial crime efforts across the enterprise.” Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
ENTERPRISEWIDE FRAUD MANAGEMENT 7 Best Practices in Fraud Management – Combating Fraud with the Technology Available Today In 2011, First Best Practice Bank (FBPB) implemented a complete, end-to-end IT platform for detecting, preventing and investigating both opportunistic and organized first-party fraud. To begin with, they wanted real-time scoring of all card transactions – purchase, payment and non-monetary – for faster, more accurate fraud detection on a global scale. Ultimately, they hoped to prevent fraud before it happened, even as the fraudsters evolved their methods and hid their deeds in obscure relationships. Step 1: Create an Enterprisewide View of Patterns and Perpetrators The new system enabled FBPB to create a true enterprisewide view of fraud. The knowledge base incorporates data from operational/transactional systems across separate business units, from Human Resources and audit records, even from external data sources such as fraud consortium databases. Integrated data quality routines cleanse and validate the data. FBPB customized the system with fraud models unique to the institution. Since there were no preconfigured system limits on rules, they created a deep set of complex rules for identifying potential fraud. Step 2: Prevent and Detect Fraud in an Enterprisewide Context Analytics reveal potentially suspicious patterns and transactions FBPB’s fraud system goes beyond the typical customer view to provide a holistic view of fraudulent activity – including related perpetrators and unrelated channels – and enables a much deeper understanding of customer behavior. Each transaction – account opening, ATM access, online banking transaction, wire, ACH, call center encounter, etc. – is passed through a set of rules and predictive models. In real time, the system checks transaction activity against vast, enterprisewide intelligence about the customer and potentially suspicious behaviors. Is this an unusually large deposit for this individual? Is this account linked to another known to be in a suspected fraud ring? Does this entity hold multiple accounts or similar identities in unusual ways? Within milliseconds (for most transactions), the system delivers a score that accurately predicts fraudulent activity – within or across channels. Even though the system can operate on billions of records, this transaction monitoring doesn’t bog down real-time decision making and authorization. “As financial institutions become more sophisticated in their fight against fraud, they are going to demand software solutions that provide more flexibility in addressing emerging fraud issues, analyzing transactions and activities in real or near-real time and identifying fraudulent activity that spans diverse data sources and payment channels.” Dan Barta Director, Enterprise Fraud and Risk Strategy, SAS
8 ENTERPRISEWIDE FRAUD MANAGEMENT Every night, FBPB also runs a batch process of existing customer accounts to detect and investigate existing fraud as well as prevent new fraud. The system parses the data and creates a complete update of all account holders and their key linking attributes. Driven by metadata, all records are exhaustively linked based on combinations of attributes within the data. Then, using statistical techniques, common entities are identified and collapsed to produce single views of entities within networks. Discrete bounded networks within the data are also generated, representing statistically relevant groups of activities and relationships. An advanced scoring engine uses independent and combined scores based on three core processes: • Application scoring based on scorecard-driven models and text analysis. • Scoring of individual customers and their full histories. • Scoring of associated networks, including behavioral data (transaction patterns, network growth rates, activity levels) and other data provided (current/previous addresses, contact numbers, employers). Shorthand customer signatures Customers are not static. Their personal or professional conditions change. A fraud management system should recognize and work within this dynamic reality. But how do you capture it? It would be unrealistic to try to assess every data point around a customer with every transaction. And if you wait 90 days for a quarterly report, the opportunity to respond to a change of state may have passed. The answer can be to use customer signatures – sets of data elements that sufficiently capture a customer’s state. Examples might be dollars spent on airfare, cash withdrawals from a credit account or transactions over the median for the cluster. These data elements are established using regression and correlation analysis. They then can be used in a shorthand method of identifying the customer’s state – and the associated marketing opportunities or risk.12 12 Tubin, George. TowerGroup. Consumer Banking Fraud Trends: Welcome to the No-Hype Zone. May 2008. “Real-time transaction monitoring is key to mitigating fraud.” George Tubin TowerGroup Consumer Banking Fraud Trends: Welcome to the No-Hype Zone May 2008
ENTERPRISEWIDE FRAUD MANAGEMENT 9 Is real-time transaction monitoring too cumbersome? Historically, running thousands of transactions an hour through a host of complex rules could have been a slow process, noticeably delaying authorization. New processors and processing techniques have radically changed that, so real-time monitoring is feasible even for billions of records. For example, a bank with 30 million active cardholders in the US adopted SAS® Fraud Management to check every credit card transaction. In the first three months, this bank reported the following results: • An 87 percent increase in the number of card transactions and customer information processed, while reducing mainframe processing overhead 12 percent – resulting in a 53 percent decrease in mainframe processing cost per data item. • A 30 percent decrease in the computing resource cost of processing card transactions flagged as potentially fraudulent. • A 10 percent increase in efficiency by agents investigating potentially fraudulent cases. Furthermore, the bank reduced IT costs by eliminating three software applications that were no longer needed with their new, integrated fraud management system. Alerts from multiple systems are aggregated and systematically managed FBPB’s fraud management system aggregates and prioritizes alerts from the bank’s various fraud detection and money laundering tools. Alerts from all these different systems are correlated to provide a full picture of the risk associated with an account or relationship. Analytics can be applied to the alerts to post-score, determine how to route alerts and support other case management decisions. An alert database stores the alerts and the results of their disposition. This database itself becomes a valuable resource for fraud management in several ways: • Analysts can mine this alert data to determine how well fraud management tools are generating and feeding the alert management system and to better understand the nature of false positives. • The database can automatically communicate with the bank’s host systems about interventions that have taken place, such as holds placed on funds’ availability, account closure or other actions. • Performance management systems can use the statistics and metrics associated with alerts to assess the success of fraud detection and prevention initiatives. “ In many cases, the lack of transparency into the risks a company takes is due to poor operational control and reporting. … Technologies are available that can help overcome these challenges. … These technologies [include] flexible, broader approaches such as SAS’ enterprise case management.” Rodney Nelsestuen TowerGroup The Global Imperative for Better Operational Risk Management: EU Financial Industry Leads the Way May 2, 2011
10 ENTERPRISEWIDE FRAUD MANAGEMENT Relationships among accounts and entities become clear in graphic displays A unique network visualization interface generates a diagram of social network connections to uncover previously unknown relationships and enable more effective and efficient investigations. Delving into diagrams of social networks, investigators can see a complete picture of individual customers, their products, transactions and connections at the click of a button. They can then drill down into underlying data for full customer details, including other linked customers and networks. Back up at a higher level, they can explore entire networks of identities, accounts and applications – in minutes rather than hours – and take action quickly. Copyright © 2009, SAS Institute Inc. All rights reserved. 1 Advanced Analytics Lab Figure 3. SAS® Fraud Network Analysis allows organizations to use analytics and network visualization capabilities to help identify key hidden relationships, such as where organized crime rings are emerging and whether an employee is involved in an internal fraud scheme. Copyright © 2009, SAS Institute Inc. All rights reserved. 2 Advanced Analytics Lab Figure 4. Using dashboards, case managers and executives can check the status of investigations and prioritize workloads to be more effective and efficient with resources.
ENTERPRISEWIDE FRAUD MANAGEMENT 11 Step 3: Investigate and Resolve Fraud in an Integrated Environment Entities and transactions that have been flagged for review are automatically sent to an integrated case management component. Suspicious cases are automatically assigned to an investigator. When an investigator logs into the system, he or she is presented with a list of tasks and a structured environment in which to manage them. Information is entered in smartforms that are dynamically linked to workflows. The investigator can: • See active and pending tasks in context in a visual workflow diagram. • Display details by case. • Add freeform notes to the case diary. • Auto-generate letters from predefined templates and customer database information. • Generate summary and detail reports on demand. The case management component is modular, so it is easy to update as regulations and circumstances change. Investigators know their time will not be wasted. Between real-time transaction monitoring and batch processing, FBPB now sees far fewer false positives. Whereas traditional approaches yielded one accurate fraud hit for every 30 cases referred for investigation, the new solution can accurately identify one instance of fraud in every three – a big improvement. The case management component also measures productivity and other information to help direct the fraud management function more effectively. For FBPB, the automated system with network visualization has reduced the time and effort of investigating organized fraud by 50 percent to 66 percent. A securities firm reported that the increase in productivity has enabled them to conduct the same volume of investigative activity with 26 percent fewer work-hours. Future Trends in Enterprise Fraud Management To more effectively prevent future losses, fraud management systems will have to become self-learning, adaptable to a dynamic environment and evolving fraud techniques. Financial institutions already can seamlessly test the effectiveness of fraud-detection rules and models – and update them when test reports indicate the need. Ideally though, the system would automatically capture the outcomes of investigations and reuse those outcomes in future scoring. Models would thereby adapt readily to new knowledge and continually be refined. Auto-generated network diagrams would enable strategists to see patterns and symptoms that lead to improved controls and new monitoring techniques. “Case management not only provides a tool for corporate security to record losses and develop cases for civil and criminal litigation; it also provides a repository for detailed information about fraud exposure that is essential for maximizing the effectiveness of fraud detection tools across the organization.” Dan Barta Director, Enterprise Fraud and Risk Strategy, SAS “Banks are increasingly looking to buy EFM and financial crime software that helps them manage financial regulatory programs from the same vendor.” Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
12 ENTERPRISEWIDE FRAUD MANAGEMENT This combination of adaptation and visibility would enable financial institutions to better understand emerging threats, so they can take action to prevent substantial losses before they happen. Moving into 2012 and beyond, financial services organizations are looking to use critical data and information that seem related when working fraud and anti-money laundering cases. In December 2010, the Association of Certified Anti-Money Laundering Specialists (ACAMS) and Ernst Young published a joint survey of 250 global respondents from financial services, law enforcement and regulatory agencies. The survey topic was “Linking anti-fraud and anti-money laundering programs – unrealized opportunity or unnecessary complexity?” It noted that 52 percent of financial services firms had integrated some aspects of their anti-money laundering and anti- fraud functions. The perfect storm of heightened regulatory pressures and increasingly sophisticated fraud attacks has created an opportunity for fraud and compliance departments to pool budgets and resources to reduce a shared exposure – reputation risk.13 1 Copyright © 2010, SAS Institute Inc. All rights reserved. Trend is moving integration of data and analytics upstream in the fraud management process Trend in Fraud Detection - Upstream Integration Data Data Data Data Alert Management Case Management SAS® Business Analytics Platform Data Access Integration Data Analysis Detection Figure 5. The current trend is to move data and analytics more upstream in the fraud detection process. The prospects for the future also extend beyond the scope of any single enterprise. As more organizations adopt integrated, automated fraud and financial crimes systems, the potential is there to create a broad consortium of financial institutions that can draw on their collective experiences to improve fraud detection across the industry. Closing Thoughts Organizations that respond to regulatory pressures by simply documenting their existing fraud management practices are selling themselves short. This is the opportunity to turn the tide on fraud, fighting back with powerful analytics, holistic intelligence and integrated case management. SAS recommends an enterprisewide approach to fraud management that spans all contact channels and account types. A best-practice fraud management approach is integrated from end to end, including: 13 Stewart, David. “Financial Crimes Convergence: Tipping Point.” sascom® voices blog. March 2011.
ENTERPRISEWIDE FRAUD MANAGEMENT 13 • Data analysis and alert generation: The ability to assimilate data from multiple sources and apply predictive analytics to accurately assess transactions, activities and customer state in real time. • Alert management: The mechanism for accepting, prioritizing and distributing alerts from the various fraud detection and money laundering tools used across the enterprise. • Case management: A structured environment in which to manage investigation workflows, document loss incidents and report on fraud management performance. The technology to implement this approach is available today. The right platform will: • Integrate with the bank’s existing cardholder and authorization systems. • Create and manage “signatures” that identify an account holder’s total behavioral profile. • Use sophisticated analytic models and business rules to perform on-demand scoring. • Make information and alerts immediately available to the people who need this information. • Provide a structured environment to manage investigations and track performance. The benefits of this approach are substantial. A financial institution could: • Gain a holistic view of fraudulent activity, including related perpetrators and cross- channel fraud, and gain a much clearer understanding of customer behavior. • Improve investigator efficiency with unique network visualization, data drilldown and other investigation tools. • Increase ROI per investigator through fewer false positives, prioritization of higher- value networks and more accurate investigations. • Prevent future fraud by better understanding emerging threats and taking the right proactive action. • Extend the value of the fraud management solution by using it to prioritize alerts for anti-money laundering, credit risk and marketing applications. Losses stopped. Fraud avoided. Time saved. The ROI comes from many directions. TowerGroup estimates that for every dollar spent on fraud management, the enterprise gains back as much as $8. If enterprisewide fraud management sounds like a good answer for your financial services institution, flag it for investigation. “According to The Faces of Fraud report, 45 percent of businesses cite loss of productivity as their top nonfinancial fraud loss.” Information Security Media Group 2010 Survey Results: The Faces of Fraud: Fighting Back December 2010
14 ENTERPRISEWIDE FRAUD MANAGEMENT About SAS SAS provides the capabilities described in this document based on the proven SAS Enterprise Financial Crimes Framework for Banking. This solution takes a unique approach that blends multiple alerting techniques in both real time and batch and provides a systematic framework for investigating and managing fraud cases. A hybrid solution, it detects and prevents both opportunistic and professional/organized fraud – including emerging threats such as ACH, wire and mobile. Financial institutions can significantly reduce losses by detecting more fraud with fewer investigators. SAS has worked closely with top financial institutions for 35 years to create solutions to address critical business needs. In the financial services industry alone, SAS data integration, fraud detection, risk management, regulatory compliance, CRM and other software is used by more than 3,100 financial institutions worldwide, including 97 percent of banks in the Fortune Global 500® . Our award-winning solutions handle the challenges specifically associated with the volatile financial services industry, and we can help institutions better manage their strategy, risk, customers and channels to maximize profitability, achieve greater shareholder value and gain a clear competitive advantage. SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions delivered within an integrated framework, SAS helps customers at more than 50,000 sites improve performance and deliver value by making better decisions faster. Since 1976 SAS has been giving customers around the world THE POWER TO KNOW® .
SAS Institute Inc. World Headquarters   +1 919 677 8000 To contact your local SAS office, please visit: www.sas.com/offices SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. Copyright © 2011, SAS Institute Inc. All rights reserved. 104003_S70639.0611

Recommended

Fraud Management Solutions
Fraud Management SolutionsFraud Management Solutions
Fraud Management SolutionsSAS Institute India Pvt. Ltd
 
Enterprise Fraud Management
Enterprise Fraud ManagementEnterprise Fraud Management
Enterprise Fraud ManagementManish Desai
 
Fraud Monitoring Solution
Fraud Monitoring SolutionFraud Monitoring Solution
Fraud Monitoring SolutionBen Omoakin Oguntala, developingafrica(dot)net
 
SAS Fraud Framework for Insurance
SAS Fraud Framework for InsuranceSAS Fraud Framework for Insurance
SAS Fraud Framework for Insurancestuartdrose
 
SAS for Claims Fraud
SAS for Claims FraudSAS for Claims Fraud
SAS for Claims Fraudstuartdrose
 
Enterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptEnterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptCapgemini
 
Enterprise Fraud Risk Management
Enterprise Fraud Risk ManagementEnterprise Fraud Risk Management
Enterprise Fraud Risk ManagementTommy Seah
 
Operationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionOperationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionVivastream
 

Recommended

Fraud Management Solutions
Fraud Management SolutionsFraud Management Solutions
Fraud Management SolutionsSAS Institute India Pvt. Ltd
 
Enterprise Fraud Management
Enterprise Fraud ManagementEnterprise Fraud Management
Enterprise Fraud ManagementManish Desai
 
Fraud Monitoring Solution
Fraud Monitoring SolutionFraud Monitoring Solution
Fraud Monitoring SolutionBen Omoakin Oguntala, developingafrica(dot)net
 
SAS Fraud Framework for Insurance
SAS Fraud Framework for InsuranceSAS Fraud Framework for Insurance
SAS Fraud Framework for Insurancestuartdrose
 
SAS for Claims Fraud
SAS for Claims FraudSAS for Claims Fraud
SAS for Claims Fraudstuartdrose
 
Enterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptEnterprise Fraud Management: How Banks Need to Adapt
Enterprise Fraud Management: How Banks Need to AdaptCapgemini
 
Enterprise Fraud Risk Management
Enterprise Fraud Risk ManagementEnterprise Fraud Risk Management
Enterprise Fraud Risk ManagementTommy Seah
 
Operationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionOperationalizing Real-Time Fraud Detection
Operationalizing Real-Time Fraud DetectionVivastream
 
How To: Prevent Loan Application Fraud
How To: Prevent Loan Application FraudHow To: Prevent Loan Application Fraud
How To: Prevent Loan Application FraudGeo Coelho
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocHewlett Packard Enterprise Business Value Exchange
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentationHernan Huwyler
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer ExperienceTransUnion
 
MIG White Papers
MIG White PapersMIG White Papers
MIG White Papersdmadamczyk
 
Case study on JP Morgan Chase & Co
Case study on JP Morgan Chase & CoCase study on JP Morgan Chase & Co
Case study on JP Morgan Chase & CoVictor Oluwajuwon Badejo
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportDivya Kothari
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganKen Lam
 
Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015TransUnion
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyChukwunonso Okoro, CFE, CAMS, CRISC
 
Combating Fraud: Six Principles for Security
Combating Fraud: Six Principles for Security Combating Fraud: Six Principles for Security
Combating Fraud: Six Principles for Security Strategic Treasurer
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersAlbert Hui
 
Falcon debit credit_2909_ps
Falcon debit credit_2909_psFalcon debit credit_2909_ps
Falcon debit credit_2909_pskazemita
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security ServicesRainer Mueller
 
Falcon 012009
Falcon 012009Falcon 012009
Falcon 012009Northwest Card Association
 
Fraud risk management
Fraud risk managementFraud risk management
Fraud risk managementEMAC Consulting Group
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems scriptsommerville-videos
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systemssommerville-videos
 
Fraud detection
Fraud detectionFraud detection
Fraud detectionInternational School of Engineering
 
Credit card fraud detection
Credit card fraud detectionCredit card fraud detection
Credit card fraud detectionkalpesh1908
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 

More Related Content

What's hot

How To: Prevent Loan Application Fraud
How To: Prevent Loan Application FraudHow To: Prevent Loan Application Fraud
How To: Prevent Loan Application FraudGeo Coelho
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentationHernan Huwyler
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer ExperienceTransUnion
 
MIG White Papers
MIG White PapersMIG White Papers
MIG White Papersdmadamczyk
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportDivya Kothari
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganKen Lam
 
Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015TransUnion
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkDivya Kothari
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyChukwunonso Okoro, CFE, CAMS, CRISC
 
Combating Fraud: Six Principles for Security
Combating Fraud: Six Principles for Security Combating Fraud: Six Principles for Security
Combating Fraud: Six Principles for Security Strategic Treasurer
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersAlbert Hui
 
Falcon debit credit_2909_ps
Falcon debit credit_2909_psFalcon debit credit_2909_ps
Falcon debit credit_2909_pskazemita
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security ServicesRainer Mueller
 

What's hot (16)

How To: Prevent Loan Application Fraud
How To: Prevent Loan Application FraudHow To: Prevent Loan Application Fraud
How To: Prevent Loan Application Fraud
 
Cyber Crime is Wreaking Havoc
Cyber Crime is Wreaking HavocCyber Crime is Wreaking Havoc
Cyber Crime is Wreaking Havoc
 
Fraud Detection presentation
Fraud Detection presentationFraud Detection presentation
Fraud Detection presentation
 
Balancing Security and Customer Experience
Balancing Security and Customer ExperienceBalancing Security and Customer Experience
Balancing Security and Customer Experience
 
MIG White Papers
MIG White PapersMIG White Papers
MIG White Papers
 
Case study on JP Morgan Chase & Co
Case study on JP Morgan Chase & CoCase study on JP Morgan Chase & Co
Case study on JP Morgan Chase & Co
 
JPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment ReportJPMorgan Chase & Co. -Risk Assessment Report
JPMorgan Chase & Co. -Risk Assessment Report
 
ThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted EganThreatMetrix ARRC 2016 presentation by Ted Egan
ThreatMetrix ARRC 2016 presentation by Ted Egan
 
Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015Mobile Banking Security Risks and Consequences iovation2015
Mobile Banking Security Risks and Consequences iovation2015
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
Combating Fraud: Six Principles for Security
Combating Fraud: Six Principles for Security Combating Fraud: Six Principles for Security
Combating Fraud: Six Principles for Security
 
Cyber Fraud - The New Frontiers
Cyber Fraud - The New FrontiersCyber Fraud - The New Frontiers
Cyber Fraud - The New Frontiers
 
Falcon debit credit_2909_ps
Falcon debit credit_2909_psFalcon debit credit_2909_ps
Falcon debit credit_2909_ps
 
IBM Security Services
IBM Security ServicesIBM Security Services
IBM Security Services
 
Falcon 012009
Falcon 012009Falcon 012009
Falcon 012009
 

Viewers also liked

Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems scriptsommerville-videos
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systemssommerville-videos
 
Credit card fraud detection
Credit card fraud detectionCredit card fraud detection
Credit card fraud detectionkalpesh1908
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesPierluigi Paganini
 
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlPresentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlDominic Sroda Korkoryi
 

Viewers also liked (7)

Fraud risk management
Fraud risk managementFraud risk management
Fraud risk management
 
Introduction to real time software systems script
Introduction to real time software systems scriptIntroduction to real time software systems script
Introduction to real time software systems script
 
Architectural patterns for real-time systems
Architectural patterns for real-time systemsArchitectural patterns for real-time systems
Architectural patterns for real-time systems
 
Fraud detection
Fraud detectionFraud detection
Fraud detection
 
Credit card fraud detection
Credit card fraud detectionCredit card fraud detection
Credit card fraud detection
 
Internet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issuesInternet of Things - Privacy and Security issues
Internet of Things - Privacy and Security issues
 
Presentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & controlPresentation on fraud prevention, detection & control
Presentation on fraud prevention, detection & control
 

Similar to Sas wp enterrprise fraud management

Big data analytical driven fraud detection for finance; banks and insurance
Big data analytical driven fraud detection for finance; banks and insuranceBig data analytical driven fraud detection for finance; banks and insurance
Big data analytical driven fraud detection for finance; banks and insuranceSyed Danish Ali
 
SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...
SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...
SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...Vivastream
 
Ict forensics and audit bb
Ict forensics and audit bbIct forensics and audit bb
Ict forensics and audit bbmarukanda
 
Fraud and risk communication
Fraud and risk communicationFraud and risk communication
Fraud and risk communicationRosetta
 
Fraud An International Perspective
Fraud An International PerspectiveFraud An International Perspective
Fraud An International PerspectiveSteve Mitchinson
 
TestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTest
TestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTest
TestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTesth9gfhypx97
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingIJSRED
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPPhilippe Boivineau
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyFirst Atlantic Commerce
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxwlynn1
 
Study: Identifying Fraud and Credit Risk in the Smallest of Small Businesses
Study: Identifying Fraud and Credit Risk in the Smallest of Small BusinessesStudy: Identifying Fraud and Credit Risk in the Smallest of Small Businesses
Study: Identifying Fraud and Credit Risk in the Smallest of Small Businessesclaytonroot
 
Challenge Accepted
Challenge AcceptedChallenge Accepted
Challenge AcceptedEdward Jackson
 
ATM Fraud Prevention Management White Paper from ESQ
ATM Fraud Prevention Management White Paper from ESQ ATM Fraud Prevention Management White Paper from ESQ
ATM Fraud Prevention Management White Paper from ESQESQ Business Services
 
A Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity TheftA Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity TheftMartha Brown
 
Shield - Stay one Step Ahead Using Technology
Shield - Stay one Step Ahead Using TechnologyShield - Stay one Step Ahead Using Technology
Shield - Stay one Step Ahead Using TechnologyShield
 
IRJET- Credit Card Fraud Detection using Hybrid Models
IRJET- Credit Card Fraud Detection using Hybrid ModelsIRJET- Credit Card Fraud Detection using Hybrid Models
IRJET- Credit Card Fraud Detection using Hybrid ModelsIRJET Journal
 
An overview of plastic card frauds and solutions for avoiding fraudster trans...
An overview of plastic card frauds and solutions for avoiding fraudster trans...An overview of plastic card frauds and solutions for avoiding fraudster trans...
An overview of plastic card frauds and solutions for avoiding fraudster trans...eSAT Journals
 
An overview of plastic card frauds and solutions for
An overview of plastic card frauds and solutions forAn overview of plastic card frauds and solutions for
An overview of plastic card frauds and solutions foreSAT Publishing House
 

Similar to Sas wp enterrprise fraud management (20)

Big data analytical driven fraud detection for finance; banks and insurance
Big data analytical driven fraud detection for finance; banks and insuranceBig data analytical driven fraud detection for finance; banks and insurance
Big data analytical driven fraud detection for finance; banks and insurance
 
SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...
SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...
SAS - A Unified Front- Making the Case for Integrating Fraud and Anti-Money L...
 
Ict forensics and audit bb
Ict forensics and audit bbIct forensics and audit bb
Ict forensics and audit bb
 
Fraud and risk communication
Fraud and risk communicationFraud and risk communication
Fraud and risk communication
 
Fraud An International Perspective
Fraud An International PerspectiveFraud An International Perspective
Fraud An International Perspective
 
TestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTest
TestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTest
TestTestTestTestTestTestTestTestTestTestTestTestTestTestTestTest
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
Driving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your EnemyDriving Payment Innovation - Know Your Enemy
Driving Payment Innovation - Know Your Enemy
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
 
Study: Identifying Fraud and Credit Risk in the Smallest of Small Businesses
Study: Identifying Fraud and Credit Risk in the Smallest of Small BusinessesStudy: Identifying Fraud and Credit Risk in the Smallest of Small Businesses
Study: Identifying Fraud and Credit Risk in the Smallest of Small Businesses
 
Challenge Accepted
Challenge AcceptedChallenge Accepted
Challenge Accepted
 
ATM Fraud Prevention Management White Paper from ESQ
ATM Fraud Prevention Management White Paper from ESQ ATM Fraud Prevention Management White Paper from ESQ
ATM Fraud Prevention Management White Paper from ESQ
 
ATM2.pdf.pdf
ATM2.pdf.pdfATM2.pdf.pdf
ATM2.pdf.pdf
 
A Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity TheftA Contextual Framework For Combating Identity Theft
A Contextual Framework For Combating Identity Theft
 
Shield - Stay one Step Ahead Using Technology
Shield - Stay one Step Ahead Using TechnologyShield - Stay one Step Ahead Using Technology
Shield - Stay one Step Ahead Using Technology
 
IRJET- Credit Card Fraud Detection using Hybrid Models
IRJET- Credit Card Fraud Detection using Hybrid ModelsIRJET- Credit Card Fraud Detection using Hybrid Models
IRJET- Credit Card Fraud Detection using Hybrid Models
 
An overview of plastic card frauds and solutions for avoiding fraudster trans...
An overview of plastic card frauds and solutions for avoiding fraudster trans...An overview of plastic card frauds and solutions for avoiding fraudster trans...
An overview of plastic card frauds and solutions for avoiding fraudster trans...
 
An overview of plastic card frauds and solutions for
An overview of plastic card frauds and solutions forAn overview of plastic card frauds and solutions for
An overview of plastic card frauds and solutions for
 

Recently uploaded

Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)jennyeacort
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxTier1 app
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Angel Borroy LĂłpez
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commercemanigoyal112
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Natan Silnitsky
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfStefano Stabellini
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024StefanoLambiase
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationBradBedford3
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
2.pdf Ejercicios de programaciĂłn competitiva
2.pdf Ejercicios de programaciĂłn competitiva2.pdf Ejercicios de programaciĂłn competitiva
2.pdf Ejercicios de programaciĂłn competitivaDiego IvĂĄn Oliveros Acosta
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...confluent
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprisepreethippts
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based projectAnoyGreter
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationvaddepallysandeep122
 

Recently uploaded (20)

Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
Call Us🔝>༒+91-9711147426⇛Call In girls karol bagh (Delhi)
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptxKnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
KnowAPIs-UnknownPerf-jaxMainz-2024 (1).pptx
 
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
Alfresco TTL#157 - Troubleshooting Made Easy: Deciphering Alfresco mTLS Confi...
 
Cyber security and its impact on E commerce
Cyber security and its impact on E commerceCyber security and its impact on E commerce
Cyber security and its impact on E commerce
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
Taming Distributed Systems: Key Insights from Wix's Large-Scale Experience - ...
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdfXen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
 
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
Dealing with Cultural Dispersion — Stefano Lambiase — ICSE-SEIS 2024
 
How to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion ApplicationHow to submit a standout Adobe Champion Application
How to submit a standout Adobe Champion Application
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
2.pdf Ejercicios de programaciĂłn competitiva
2.pdf Ejercicios de programaciĂłn competitiva2.pdf Ejercicios de programaciĂłn competitiva
2.pdf Ejercicios de programaciĂłn competitiva
 
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
Catch the Wave: SAP Event-Driven and Data Streaming for the Intelligence Ente...
 
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 EnterpriseOdoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
 
MYjobs Presentation Django-based project
MYjobs Presentation Django-based projectMYjobs Presentation Django-based project
MYjobs Presentation Django-based project
 
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentationPREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
 

Sas wp enterrprise fraud management

  • 1. WHITE PAPER Enterprisewide Fraud Management Analytically powered best practices for detecting, preventing and investigating fraud in financial institutions
  • 2. i ENTERPRISEWIDE FRAUD MANAGEMENT Table of Contents Introduction......................................................................................................1 Outwitting the Criminal Mind – The Challenges..............................................3 Bank Fraud Is Increasing in Volume and Sophistication ..............................3 The Fastest-Growing Channels Are Also the Ones Most at Risk...................3 Fraud Is Usually Managed in Business Unit Silos.........................................4 Cross-Channel Fraud Is Widespread.............................................................4 Fraud Detection Has Been Sketchy..............................................................5 Slow Detection Leads to Higher Losses.......................................................5 The Trouble with Traditional Fraud Management...........................................6 Best Practices in Fraud Management – Combating Fraud with the Technology Available Today.............................................................................7 Step 1: Create an Enterprisewide View of Patterns and Perpetrators..........7 Step 2: Prevent and Detect Fraud in an Enterprisewide Context..................7 Step 3: Investigate and Resolve Fraud in an Integrated Environment........11 Future Trends in Enterprise Fraud Management...........................................11 Closing Thoughts............................................................................................12 About SAS.......................................................................................................14
  • 3. ENTERPRISEWIDE FRAUD MANAGEMENT ii Ellen Joyner-Roberson, Fraud and Financial Crimes Marketing Manager for SAS, is responsible for defining industry strategy for the global banking segment. She has 25 years of experience in the application of information technology to solve customer needs, including a focus on the financial services industry for more than 20 years.
  • 4. ENTERPRISEWIDE FRAUD MANAGEMENT Introduction Sue was just buying pillowcases, paying with the store’s own credit card. But within days, that card number would reach a fraudster in Florida, who would punch out new plastic with her number – later, it would be used to buy dozens of store gift cards at a time, each for an amount just under the review limit. The debit card came back to the table in no time, and Robert signed the tab for dinner. He made sure only the last four digits of his card number were displayed on the merchant’s copy. But Robert didn’t know that in the 30 seconds the waiter had the card, he had photographed both sides with his cell phone – and would later use the account to order merchandise and concert tickets by phone. These events are everyday occurrences – thousands of times a day, actually. In the first case, the store’s parent company detected the security breach, but only after three years, 200,000 counterfeit cards and US$1 million in fraudulent purchases. And if Robert opened his bill to find surprise charges he didn’t make, he was in very good company; identity fraud is an estimated US$54 billion crime. Some 11.2 million Americans were victimized by card fraud in 2010 – an increase of 12 percent – which was the highest level since the Identity Fraud Survey Report survey began in 2003, according to Javelin research.1 His bank’s zero liability policy meant Robert didn’t have to pay the charges, but the bank did.2 1 Kim, Rachel and Monahan, Mary. Javelin Strategy and Research, Identity Fraud Survey Report. February 2010. 1
  • 5. ENTERPRISEWIDE FRAUD MANAGEMENT Skimming and phishing attacks are becoming more common across the globe. Recent pay-at-the pump scams have also increased in the US and Europe, and it requires some help from civilians to fight these types of crimes. No one is safe with the sophistication of technology and fraudsters today. They can operate globally, within a matter of seconds, so it’s essential to increase public awareness as financial institutions enhance their fraud technology and enterprise processes. 1Š 2010 The Tower Group, Inc. 352 692 1,189468 580 772 459 556 718 398 575 1,157 0 1,000 2,000 3,000 $4,000 2005 2008 2012P TRANSACTION MONITORING CHECK FRAUD INFORMATION SECURITY AUTHENTICATION/ ID RESOLUTION $1,677 $2,403 CAGR = 12.4 % $3,773 US Banks Will Continue Major IT Investments in DDA-Related Fraud Management (USD in Millions) 2008–12 CAGR 19.1% 6.6% 7.4% 14.5% Source: TowerGroup Figure 1. According to TowerGroup, investments in DDA-related fraud will continue to increase, with the largest investment in transactions monitoring capability. Of course, fraud is not a domestic product. It’s everywhere. Fraud was estimated to cost the UK economy ÂŁ38.4 billion (US$62.4 billion) during 2010. This amounts to ÂŁ765 for every adult.2 According to the National Fraud Authority’s Annual Fraud Indicator, fraud cost the UK private sector ÂŁ12 billion, the public sector ÂŁ21.2 billion, the charity sector ÂŁ1.3 billion, and individuals ÂŁ4 billion in 2010.3 According to Caroline Pearce, the Australian Payments Clearing Association’s head of fraud, risk and compliance, the industry needed to “lift our game” to combat a growing criminal threat. The Association found debit card fraud to have increased 50 percent in fiscal 2010, costing the industry $0.59 per $1,000 for magnetic strip cards and $0.11 per $1,000 for chip and PIN technology.4 The good news is that the numbers tend to be slightly down from previous years, especially in the US. The bad news is that hackers, identity thieves and money launderers are fighting back by focusing on different channels and spawning new types of attacks that traditional fraud management strategies were not designed to address. 2 National Fraud Authority. Annual Fraud Indicator. www.attorneygeneral.gov.uk/nfa/WhatAreWeSaying/ NewsRelease/Pages/fraud-costs-the-UK-over-38billion.aspx. Accessed Jan. 27, 2011. 3 National Fraud Authority. Annual Fraud Indicator. 4 Tay, Liz. “Payment Industry Calls for EMV-Compliant ATMs.” IT News for Australian Business. www.itnews.com.au/News/253292,payment-industry-calls-for-emv-compliant-atms.aspx. April 4, 2011. 2
  • 6. ENTERPRISEWIDE FRAUD MANAGEMENT 3 “Interestingly, while FSIs struggle to capture a full view of each customer’s relationship with the institution, enterprising fraudsters are already achieving this understanding as they strive to gain more information about financial services and products to exploit.” Rodney Nelsestuen Senior Analyst, Financial Strategies and IT Investments, TowerGroup Outwitting the Criminal Mind – The Challenges Financial services institutions are well aware of the negative impact of fraud. Even at industry average levels, fraud hurts an institution’s reputation, customer loyalty, regulatory compliance and the bottom line. But even the most well-intentioned financial institutions face some daunting challenges in this area. Bank Fraud Is Increasing in Volume and Sophistication “The credit and debit card fraud category of financial services is among the fastest- growing and best-known means of criminal profit,” says Rodney Nelsestuen of TowerGroup. “What makes card fraud of great concern is the fact that international organized crime rings are often involved, turning card fraud from random criminal activity into industrial-strength enterprises.”5 The sophistication of their tactics makes detecting fraud difficult and preventing it nearly impossible, especially as the volume of bank transactions grows by about 10 percent a year. The Fastest-Growing Channels Are Also the Ones Most at Risk ATM and branch office transaction volumes are flat (as a percent of total transactions), while call center channels are growing modestly, and electronic access (online and mobile) is booming. According to research firm IDC, the number of mobile devices – from smartphones to tablet PCs – accessing the Internet by 2013 will surpass 1 billion, creating more opportunities for cybercrime.6 Unfortunately, these fastest-growing channels are also the most vulnerable. The FBI has observed a trend in which cybercriminals — using the compromised online banking credentials of US businesses — sent unauthorized wire transfers to Chinese economic and trade companies located near the Russian border. As of April 2011, the total attempted fraud amounts to approximately $20 million; the actual victim losses are $11 million.77 5 Nelsestuen, Rodney. TowerGroup. Surrounded by the Enemy: The Case for Enterprise Fraud Management. March 2008. 6 Shah, Agam. “IDC: 1 Billion Mobile Devices Will Go Online by 2013.” CIO.com. www.cio.com/article/510440/IDC_1_Billion_Mobile_Devices_Will_Go_Online_By_2013. Dec. 9, 2009. 7 Fraud Alert Involving Unauthorized Wire Transfers to China. Internet Crime Complaint Center. April 26, 2011. “A broad approach will avoid redundant project work, minimize system platforms and the number of vendor partners, increase staff productivity, and – most importantly – catch more fraud.” Gartner, Inc. Avivah Litan Gartner Research Enterprise Fraud and Misuse Management Solutions: 2010 Critical Capabilities October 2010
  • 7. ENTERPRISEWIDE FRAUD MANAGEMENT Fraud Is Usually Managed in Business Unit Silos Customers – legitimate and otherwise – tend to see the institution as a single brand represented across various contact channels: phone, automated contact center, ATM, branch office and online. But the institution tends to see its customers as diverse entities based on product: mortgage, credit card, DDA, home equity, consumer banking, small business, etc. This disparity creates inefficiencies that fraudsters can exploit. Cross-Channel Fraud Is Widespread Criminals know these facts all too well. They know bank fraud systems rarely monitor customer behavior across multiple accounts, channels and systems. That weakness opens the door for cross-channel fraud, in which a fraudster gains access to customer information in one channel and uses that knowledge to commit fraud through another. “Cross-channel fraud is difficult to discover, track and resolve because the activities of the fraudster posing as the customer often mirror those of the customer,” says Nelsestuen. “Thus, apparently normal activity can be fraud conducted over an extended period.”8 As a result, cross-channel fraud is common – and costly. Community Mid-Sized Regional Superregional/ Money Center All Respondents Customer victimization scams 3.70 3.82 4.20 3.63 3.83 Debit card (signature based) 3.52 3.60 3.80 3.86 3.63 Check fraud (paper based), deposit 2.91 3.46 3.46 3.19 3.28 Identity theft 3.29 2.96 3.52 3.53 3.19 THREATS AGAINST BANK DEPOSIT ACCOUNTS (average threat level: 0 = none; 5 = extremely high) ABA Deposit Account Fraud Survey Check fraud (paper based), withdrawal 2.73 3.12 3.28 3.25 3.05 Debit card (PIN based) 2.91 2.64 3.20 3.67 2.90 Organized ring attempts 2.21 2.87 3.36 4.07 2.88 New account fraud 2.29 2.65 3.36 3.88 2.79 Check electronification 2.52 2.52 2.92 2.63 2.59 Online banking 2.14 2.33 3.28 3.88 2.58 ACH fraud, originations 2.24 2.28 3.24 3.47 2.53 Wire fraud, originations 2.02 2.45 3.04 3.33 2.51 Remote deposit risk 2.07 2.45 2.71 2.73 2.41 ACH fraud, receiving 2.33 2.21 3.00 2.40 2.38 Wire fraud, receiving 1.61 2.03 2.48 2.20 2.00 Š 2009 American Bankers Association. Reprinted with Permission. All Rights Reserved. Figure 2. All size banks see the highest threats for debit card fraud, while organized ring attempts and customer victimization scams will require organizations to put fraud measures in place that monitor fraud attempts across product lines and channels. 8 Nelsestuen, Rodney. TowerGroup. Surrounded by the Enemy: The Case for Enterprise Fraud Management. March 2008. 4 “EFM enables users to break down the walls of siloed fraud prevention operations so that they can look for fraud and misuse at aggregate levels, such as at the customer level, rather than just at an account or transaction level. This makes fraud analysts more productive and versatile in managing fraud across product lines and channels, and also uncovers fraud or misuse that previously would have been missed.” Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
  • 8. ENTERPRISEWIDE FRAUD MANAGEMENT Fraud Detection Has Been Sketchy About half the time, fraud is detected by the victims themselves when they review a monthly statement or are turned down for credit. Imagine the loss of confidence a consumer would feel to discover fraud before the bank did. Only about 25 percent of the time does the bank detect the fraud first. Slow Detection Leads to Higher Losses Speed is crucial. According to the 2010 Identity Fraud Survey Report, victims who detected the fraud within 21 hours were defrauded for an average of $373. Victims who did not discover the fraud up to a month later suffered an average loss of $572. Those who took up to five months lost nearly three times as much ($1,207) as victims who detected the fraud within one day.9 This, of course, is no surprise. What can be a surprise is how much that figure escalates when you add associated costs, such as lost wages, loss of goodwill and legal fees. Collectively, these realities create a daunting environment for financial services institutions: • They would like to accurately identify the patterns and perpetrators, but they usually lack the analytical modeling rigor to establish a strong defense. • They would like to identify cross-channel fraud, but their operational systems often don’t cooperate well across organizational boundaries. • They would like to monitor every transaction in real time, but they can’t alienate customers and merchants with long processing times. • They would like to implement rigorous rules to detect fraud, but they know they would turn up a lot of false positives that are costly and fruitless to investigate. • They would like to unify the fraud management process, but disparate data sources and cryptic interfaces make the system inaccessible to all but a few people. 9 Kim and Monahan. Javelin. Identity Fraud Survey Report. 5 “EFM also analyzes behavior among related users, accounts or other entities, looking for organized criminal activity, fraud rings, corruption or misuse.” Gartner, Inc. Avivah Litan Gartner Research Enterprise Fraud and Misuse Management Solutions: 2010 Critical Capabilities October 2010
  • 9. ENTERPRISEWIDE FRAUD MANAGEMENT The Trouble with Traditional Fraud Management To detect fraudulent activity, many banks use transaction monitoring systems – often homegrown, niche software that requires manual intervention. Still, traditional systems can work well for detecting individual real-time, point-of-sale fraud. But that’s only one slice of the fraud pie, and not the biggest slice either. Few banks have strong, enterprisewide fraud management programs that can correlate a customer’s behavior across all contact channels and products to identify bust-out scenarios, social networks and cross-channel fraud. “An institution may have state- of-the-art security and fraud detection technologies and procedures to protect its deposit lines of business, but not the same for small business banking or third-party investments delivered by an alliance partner,” wrote Nelsestuen.10 Furthermore, even the fraud management process itself is fragmented. “Fraud detection, alert and case management practices are still too often viewed as separate activities, when in fact they should be managed as a whole,” says Nelsestuen.11 To support real-time monitoring of all types of transactions across all channels – while adhering to constantly changing regulations such as the authentication guidelines first established in 2005 – financial institutions must update their fraud prevention practices along with related fraud technology. The ideal result would be a fraud management solution that: • Protects against fraud at the point and time of transaction. • Accurately detects incidents of fraud in completed transactions. • Spans all the ways customers interact with the institution. • Provides structured oversight for the fraud management program. This is not a halcyon vision. The technology is available today. Let’s take a look at how a robust, enterprisewide fraud management system can redefine the economics of fraud. We’ll walk through the process with a hypothetical bank based on a real one – we’ll call it First Best Practice Bank (FBPB) – a multiservice institution with more than a million active cardholder accounts. 10 Nelsestuen, Rodney; TowerGroup, Surrounded by the Enemy: The Case for Enterprise Fraud Management, March 2008. 11 Nelsestuen, TowerGroup, Surrounded by the Enemy. 6 “We estimate that this market will grow at least 15 percent in 2011, mainly because global FIs are investing in EFM technology against a backdrop of increasingly frequent and sophisticated fraud attacks, and because they want to achieve operational efficiencies by consolidating fraud prevention and financial crime efforts across the enterprise.” Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
  • 10. ENTERPRISEWIDE FRAUD MANAGEMENT 7 Best Practices in Fraud Management – Combating Fraud with the Technology Available Today In 2011, First Best Practice Bank (FBPB) implemented a complete, end-to-end IT platform for detecting, preventing and investigating both opportunistic and organized first-party fraud. To begin with, they wanted real-time scoring of all card transactions – purchase, payment and non-monetary – for faster, more accurate fraud detection on a global scale. Ultimately, they hoped to prevent fraud before it happened, even as the fraudsters evolved their methods and hid their deeds in obscure relationships. Step 1: Create an Enterprisewide View of Patterns and Perpetrators The new system enabled FBPB to create a true enterprisewide view of fraud. The knowledge base incorporates data from operational/transactional systems across separate business units, from Human Resources and audit records, even from external data sources such as fraud consortium databases. Integrated data quality routines cleanse and validate the data. FBPB customized the system with fraud models unique to the institution. Since there were no preconfigured system limits on rules, they created a deep set of complex rules for identifying potential fraud. Step 2: Prevent and Detect Fraud in an Enterprisewide Context Analytics reveal potentially suspicious patterns and transactions FBPB’s fraud system goes beyond the typical customer view to provide a holistic view of fraudulent activity – including related perpetrators and unrelated channels – and enables a much deeper understanding of customer behavior. Each transaction – account opening, ATM access, online banking transaction, wire, ACH, call center encounter, etc. – is passed through a set of rules and predictive models. In real time, the system checks transaction activity against vast, enterprisewide intelligence about the customer and potentially suspicious behaviors. Is this an unusually large deposit for this individual? Is this account linked to another known to be in a suspected fraud ring? Does this entity hold multiple accounts or similar identities in unusual ways? Within milliseconds (for most transactions), the system delivers a score that accurately predicts fraudulent activity – within or across channels. Even though the system can operate on billions of records, this transaction monitoring doesn’t bog down real-time decision making and authorization. “As financial institutions become more sophisticated in their fight against fraud, they are going to demand software solutions that provide more flexibility in addressing emerging fraud issues, analyzing transactions and activities in real or near-real time and identifying fraudulent activity that spans diverse data sources and payment channels.” Dan Barta Director, Enterprise Fraud and Risk Strategy, SAS
  • 11. 8 ENTERPRISEWIDE FRAUD MANAGEMENT Every night, FBPB also runs a batch process of existing customer accounts to detect and investigate existing fraud as well as prevent new fraud. The system parses the data and creates a complete update of all account holders and their key linking attributes. Driven by metadata, all records are exhaustively linked based on combinations of attributes within the data. Then, using statistical techniques, common entities are identified and collapsed to produce single views of entities within networks. Discrete bounded networks within the data are also generated, representing statistically relevant groups of activities and relationships. An advanced scoring engine uses independent and combined scores based on three core processes: • Application scoring based on scorecard-driven models and text analysis. • Scoring of individual customers and their full histories. • Scoring of associated networks, including behavioral data (transaction patterns, network growth rates, activity levels) and other data provided (current/previous addresses, contact numbers, employers). Shorthand customer signatures Customers are not static. Their personal or professional conditions change. A fraud management system should recognize and work within this dynamic reality. But how do you capture it? It would be unrealistic to try to assess every data point around a customer with every transaction. And if you wait 90 days for a quarterly report, the opportunity to respond to a change of state may have passed. The answer can be to use customer signatures – sets of data elements that sufficiently capture a customer’s state. Examples might be dollars spent on airfare, cash withdrawals from a credit account or transactions over the median for the cluster. These data elements are established using regression and correlation analysis. They then can be used in a shorthand method of identifying the customer’s state – and the associated marketing opportunities or risk.12 12 Tubin, George. TowerGroup. Consumer Banking Fraud Trends: Welcome to the No-Hype Zone. May 2008. “Real-time transaction monitoring is key to mitigating fraud.” George Tubin TowerGroup Consumer Banking Fraud Trends: Welcome to the No-Hype Zone May 2008
  • 12. ENTERPRISEWIDE FRAUD MANAGEMENT 9 Is real-time transaction monitoring too cumbersome? Historically, running thousands of transactions an hour through a host of complex rules could have been a slow process, noticeably delaying authorization. New processors and processing techniques have radically changed that, so real-time monitoring is feasible even for billions of records. For example, a bank with 30 million active cardholders in the US adopted SASÂŽ Fraud Management to check every credit card transaction. In the first three months, this bank reported the following results: • An 87 percent increase in the number of card transactions and customer information processed, while reducing mainframe processing overhead 12 percent – resulting in a 53 percent decrease in mainframe processing cost per data item. • A 30 percent decrease in the computing resource cost of processing card transactions flagged as potentially fraudulent. • A 10 percent increase in efficiency by agents investigating potentially fraudulent cases. Furthermore, the bank reduced IT costs by eliminating three software applications that were no longer needed with their new, integrated fraud management system. Alerts from multiple systems are aggregated and systematically managed FBPB’s fraud management system aggregates and prioritizes alerts from the bank’s various fraud detection and money laundering tools. Alerts from all these different systems are correlated to provide a full picture of the risk associated with an account or relationship. Analytics can be applied to the alerts to post-score, determine how to route alerts and support other case management decisions. An alert database stores the alerts and the results of their disposition. This database itself becomes a valuable resource for fraud management in several ways: • Analysts can mine this alert data to determine how well fraud management tools are generating and feeding the alert management system and to better understand the nature of false positives. • The database can automatically communicate with the bank’s host systems about interventions that have taken place, such as holds placed on funds’ availability, account closure or other actions. • Performance management systems can use the statistics and metrics associated with alerts to assess the success of fraud detection and prevention initiatives. “ In many cases, the lack of transparency into the risks a company takes is due to poor operational control and reporting. … Technologies are available that can help overcome these challenges. … These technologies [include] flexible, broader approaches such as SAS’ enterprise case management.” Rodney Nelsestuen TowerGroup The Global Imperative for Better Operational Risk Management: EU Financial Industry Leads the Way May 2, 2011
  • 13. 10 ENTERPRISEWIDE FRAUD MANAGEMENT Relationships among accounts and entities become clear in graphic displays A unique network visualization interface generates a diagram of social network connections to uncover previously unknown relationships and enable more effective and efficient investigations. Delving into diagrams of social networks, investigators can see a complete picture of individual customers, their products, transactions and connections at the click of a button. They can then drill down into underlying data for full customer details, including other linked customers and networks. Back up at a higher level, they can explore entire networks of identities, accounts and applications – in minutes rather than hours – and take action quickly. Copyright Š 2009, SAS Institute Inc. All rights reserved. 1 Advanced Analytics Lab Figure 3. SASÂŽ Fraud Network Analysis allows organizations to use analytics and network visualization capabilities to help identify key hidden relationships, such as where organized crime rings are emerging and whether an employee is involved in an internal fraud scheme. Copyright Š 2009, SAS Institute Inc. All rights reserved. 2 Advanced Analytics Lab Figure 4. Using dashboards, case managers and executives can check the status of investigations and prioritize workloads to be more effective and efficient with resources.
  • 14. ENTERPRISEWIDE FRAUD MANAGEMENT 11 Step 3: Investigate and Resolve Fraud in an Integrated Environment Entities and transactions that have been flagged for review are automatically sent to an integrated case management component. Suspicious cases are automatically assigned to an investigator. When an investigator logs into the system, he or she is presented with a list of tasks and a structured environment in which to manage them. Information is entered in smartforms that are dynamically linked to workflows. The investigator can: • See active and pending tasks in context in a visual workflow diagram. • Display details by case. • Add freeform notes to the case diary. • Auto-generate letters from predefined templates and customer database information. • Generate summary and detail reports on demand. The case management component is modular, so it is easy to update as regulations and circumstances change. Investigators know their time will not be wasted. Between real-time transaction monitoring and batch processing, FBPB now sees far fewer false positives. Whereas traditional approaches yielded one accurate fraud hit for every 30 cases referred for investigation, the new solution can accurately identify one instance of fraud in every three – a big improvement. The case management component also measures productivity and other information to help direct the fraud management function more effectively. For FBPB, the automated system with network visualization has reduced the time and effort of investigating organized fraud by 50 percent to 66 percent. A securities firm reported that the increase in productivity has enabled them to conduct the same volume of investigative activity with 26 percent fewer work-hours. Future Trends in Enterprise Fraud Management To more effectively prevent future losses, fraud management systems will have to become self-learning, adaptable to a dynamic environment and evolving fraud techniques. Financial institutions already can seamlessly test the effectiveness of fraud-detection rules and models – and update them when test reports indicate the need. Ideally though, the system would automatically capture the outcomes of investigations and reuse those outcomes in future scoring. Models would thereby adapt readily to new knowledge and continually be refined. Auto-generated network diagrams would enable strategists to see patterns and symptoms that lead to improved controls and new monitoring techniques. “Case management not only provides a tool for corporate security to record losses and develop cases for civil and criminal litigation; it also provides a repository for detailed information about fraud exposure that is essential for maximizing the effectiveness of fraud detection tools across the organization.” Dan Barta Director, Enterprise Fraud and Risk Strategy, SAS “Banks are increasingly looking to buy EFM and financial crime software that helps them manage financial regulatory programs from the same vendor.” Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
  • 15. 12 ENTERPRISEWIDE FRAUD MANAGEMENT This combination of adaptation and visibility would enable financial institutions to better understand emerging threats, so they can take action to prevent substantial losses before they happen. Moving into 2012 and beyond, financial services organizations are looking to use critical data and information that seem related when working fraud and anti-money laundering cases. In December 2010, the Association of Certified Anti-Money Laundering Specialists (ACAMS) and Ernst Young published a joint survey of 250 global respondents from financial services, law enforcement and regulatory agencies. The survey topic was “Linking anti-fraud and anti-money laundering programs – unrealized opportunity or unnecessary complexity?” It noted that 52 percent of financial services firms had integrated some aspects of their anti-money laundering and anti- fraud functions. The perfect storm of heightened regulatory pressures and increasingly sophisticated fraud attacks has created an opportunity for fraud and compliance departments to pool budgets and resources to reduce a shared exposure – reputation risk.13 1 Copyright Š 2010, SAS Institute Inc. All rights reserved. Trend is moving integration of data and analytics upstream in the fraud management process Trend in Fraud Detection - Upstream Integration Data Data Data Data Alert Management Case Management SASÂŽ Business Analytics Platform Data Access Integration Data Analysis Detection Figure 5. The current trend is to move data and analytics more upstream in the fraud detection process. The prospects for the future also extend beyond the scope of any single enterprise. As more organizations adopt integrated, automated fraud and financial crimes systems, the potential is there to create a broad consortium of financial institutions that can draw on their collective experiences to improve fraud detection across the industry. Closing Thoughts Organizations that respond to regulatory pressures by simply documenting their existing fraud management practices are selling themselves short. This is the opportunity to turn the tide on fraud, fighting back with powerful analytics, holistic intelligence and integrated case management. SAS recommends an enterprisewide approach to fraud management that spans all contact channels and account types. A best-practice fraud management approach is integrated from end to end, including: 13 Stewart, David. “Financial Crimes Convergence: Tipping Point.” sascomÂŽ voices blog. March 2011.
  • 16. ENTERPRISEWIDE FRAUD MANAGEMENT 13 • Data analysis and alert generation: The ability to assimilate data from multiple sources and apply predictive analytics to accurately assess transactions, activities and customer state in real time. • Alert management: The mechanism for accepting, prioritizing and distributing alerts from the various fraud detection and money laundering tools used across the enterprise. • Case management: A structured environment in which to manage investigation workflows, document loss incidents and report on fraud management performance. The technology to implement this approach is available today. The right platform will: • Integrate with the bank’s existing cardholder and authorization systems. • Create and manage “signatures” that identify an account holder’s total behavioral profile. • Use sophisticated analytic models and business rules to perform on-demand scoring. • Make information and alerts immediately available to the people who need this information. • Provide a structured environment to manage investigations and track performance. The benefits of this approach are substantial. A financial institution could: • Gain a holistic view of fraudulent activity, including related perpetrators and cross- channel fraud, and gain a much clearer understanding of customer behavior. • Improve investigator efficiency with unique network visualization, data drilldown and other investigation tools. • Increase ROI per investigator through fewer false positives, prioritization of higher- value networks and more accurate investigations. • Prevent future fraud by better understanding emerging threats and taking the right proactive action. • Extend the value of the fraud management solution by using it to prioritize alerts for anti-money laundering, credit risk and marketing applications. Losses stopped. Fraud avoided. Time saved. The ROI comes from many directions. TowerGroup estimates that for every dollar spent on fraud management, the enterprise gains back as much as $8. If enterprisewide fraud management sounds like a good answer for your financial services institution, flag it for investigation. “According to The Faces of Fraud report, 45 percent of businesses cite loss of productivity as their top nonfinancial fraud loss.” Information Security Media Group 2010 Survey Results: The Faces of Fraud: Fighting Back December 2010
  • 17. 14 ENTERPRISEWIDE FRAUD MANAGEMENT About SAS SAS provides the capabilities described in this document based on the proven SAS Enterprise Financial Crimes Framework for Banking. This solution takes a unique approach that blends multiple alerting techniques in both real time and batch and provides a systematic framework for investigating and managing fraud cases. A hybrid solution, it detects and prevents both opportunistic and professional/organized fraud – including emerging threats such as ACH, wire and mobile. Financial institutions can significantly reduce losses by detecting more fraud with fewer investigators. SAS has worked closely with top financial institutions for 35 years to create solutions to address critical business needs. In the financial services industry alone, SAS data integration, fraud detection, risk management, regulatory compliance, CRM and other software is used by more than 3,100 financial institutions worldwide, including 97 percent of banks in the Fortune Global 500ÂŽ . Our award-winning solutions handle the challenges specifically associated with the volatile financial services industry, and we can help institutions better manage their strategy, risk, customers and channels to maximize profitability, achieve greater shareholder value and gain a clear competitive advantage. SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions delivered within an integrated framework, SAS helps customers at more than 50,000 sites improve performance and deliver value by making better decisions faster. Since 1976 SAS has been giving customers around the world THE POWER TO KNOWÂŽ .
  • 18. SAS Institute Inc. World Headquarters   +1 919 677 8000 To contact your local SAS office, please visit: www.sas.com/offices SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ÂŽ indicates USA registration. Other brand and product names are trademarks of their respective companies. Copyright Š 2011, SAS Institute Inc. All rights reserved. 104003_S70639.0611