Professional Documents
Culture Documents
Table of Contents
Introduction .....................................................................................................1 Outwitting the Criminal Mind The Challenges .............................................3 Bank Fraud Is Increasing in Volume and Sophistication .............................3 The Fastest-Growing Channels Are Also the Ones Most at Risk ..................3 Fraud Is Usually Managed in Business Unit Silos ........................................4 Cross-Channel Fraud Is Widespread............................................................4 Fraud Detection Has Been Sketchy .............................................................5 Slow Detection Leads to Higher Losses ......................................................5 The Trouble with Traditional Fraud Management...........................................6 Best Practices in Fraud Management Combating Fraud with the Technology Available Today ............................................................................7 Step 1: Create an Enterprisewide View of Patterns and Perpetrators .........7 Step 2: Prevent and Detect Fraud in an Enterprisewide Context .................7 Step 3: Investigate and Resolve Fraud in an Integrated Environment .......11 Future Trends in Enterprise Fraud Management ..........................................11 Closing Thoughts ...........................................................................................12 About SAS ......................................................................................................14
Ellen Joyner-Roberson, Fraud and Financial Crimes Marketing Manager for SAS, is responsible for defining industry strategy for the global banking segment. She has 25 years of experience in the application of information technology to solve customer needs, including a focus on the financial services industry for more than 20 years.
ii
Introduction
Sue was just buying pillowcases, paying with the stores own credit card. But within days, that card number would reach a fraudster in Florida, who would punch out new plastic with her number later, it would be used to buy dozens of store gift cards at a time, each for an amount just under the review limit. The debit card came back to the table in no time, and Robert signed the tab for dinner. He made sure only the last four digits of his card number were displayed on the merchants copy. But Robert didnt know that in the 30 seconds the waiter had the card, he had photographed both sides with his cell phone and would later use the account to order merchandise and concert tickets by phone. These events are everyday occurrences thousands of times a day, actually. In the first case, the stores parent company detected the security breach, but only after three years, 200,000 counterfeit cards and US$1 million in fraudulent purchases. And if Robert opened his bill to find surprise charges he didnt make, he was in very good company; identity fraud is an estimated US$54 billion crime. Some 11.2 million Americans were victimized by card fraud in 2010 an increase of 12percent which was the highest level since the Identity Fraud Survey Report survey began in 2003, according to Javelin research.1 His banks zero liability policy meant Robert didnt have to pay the charges, but the bank did.2
Kim, Rachel and Monahan, Mary. Javelin Strategy and Research, Identity Fraud Survey Report. February 2010.
Skimming and phishing attacks are becoming more common across the globe. Recent pay-at-the pump scams have also increased in the US and Europe, and it requires some help from civilians to fight these types of crimes. No one is safe with the sophistication of technology and fraudsters today. They can operate globally, within a matter of seconds, so its essential to increase public awareness as financial institutions enhance their fraud technology and enterprise processes.
US Banks Will Continue Major IT Investments in DDA-Related Fraud Management
(USD in Millions)
$4,000
CAGR = 12.4 %
$3,773
1,157
TRANSACTION MONITORING
200812 CAGR
3,000
$2,403 $1,677
398 575 556 580 692 2008 1,189 2012P 718 772
19.1%
CHECK FRAUD
6.6%
2,000
INFORMATION SECURITY
7.4%
1,000
AUTHENTICATION/ ID RESOLUTION
14.5%
0
Source: TowerGroup
Figure 1. According to TowerGroup, investments in DDA-related fraud will continue to increase, with the largest investment in transactions monitoring capability.
Of course, fraud is not a domestic product. Its everywhere. Fraud was estimated to cost the UK economy 38.4 billion (US$62.4 billion) during 2010. This amounts to 765 for every adult.2 According to the National Fraud Authoritys Annual Fraud Indicator, fraud cost the UK private sector 12 billion, the public sector 21.2 billion, the charity sector 1.3 billion, and individuals 4 billion in 2010.3 According to Caroline Pearce, the Australian Payments Clearing Associations head of fraud, risk and compliance, the industry needed to lift our game to combat a growing criminal threat. The Association found debit card fraud to have increased 50 percent in fiscal 2010, costing the industry $0.59 per $1,000 for magnetic strip cards and $0.11 per $1,000 for chip and PINtechnology.4 The good news is that the numbers tend to be slightly down from previous years, especially in the US. The bad news is that hackers, identity thieves and money launderers are fighting back by focusing on different channels and spawning new types of attacks that traditional fraud management strategies were not designed to address.
2 3 4
National Fraud Authority. Annual Fraud Indicator. www.attorneygeneral.gov.uk/nfa/WhatAreWeSaying/ NewsRelease/Pages/fraud-costs-the-UK-over-38billion.aspx. Accessed Jan. 27, 2011. National Fraud Authority. Annual Fraud Indicator. Tay, Liz. Payment Industry Calls for EMV-Compliant ATMs. IT News for Australian Business. www.itnews.com.au/News/253292,payment-industry-calls-for-emv-compliant-atms.aspx. April 4, 2011.
Interestingly, while FSIs struggle to capture a full view of each customers relationship with the institution, enterprising fraudsters are already achieving this understanding as they strive to gain more information about financial services and products to exploit.
Rodney Nelsestuen Senior Analyst, Financial Strategies and IT Investments, TowerGroup
A broad approach will avoid redundant project work, minimize system platforms and the number of vendor partners, increase staff productivity, and most importantly catch more fraud.
Gartner, Inc. Avivah Litan Gartner Research Enterprise Fraud and Misuse Management Solutions: 2010 Critical Capabilities October 2010
5 6 7
Nelsestuen, Rodney. TowerGroup. Surrounded by the Enemy: The Case for Enterprise Fraud Management. March 2008. Shah, Agam. IDC: 1 Billion Mobile Devices Will Go Online by 2013. CIO.com. www.cio.com/article/510440/IDC_1_Billion_Mobile_Devices_Will_Go_Online_By_2013. Dec. 9, 2009. Fraud Alert Involving Unauthorized Wire Transfers to China. Internet Crime Complaint Center. April26,2011.
EFM enables users to break down the walls of siloed fraud prevention operations so that they can look for fraud and misuse at aggregate levels, such as at the customer level, rather than just at an account or transaction level. This makes fraud analysts more productive and versatile in managing fraud across product lines and channels, and also uncovers fraud or misuse that previously would have beenmissed.
Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
3.83 3.63 3.28 3.19 3.05 2.90 2.88 2.79 2.59 2.58 2.53 2.51 2.41 2.38 2.00
THREATS AGAINST BANK DEPOSIT ACCOUNTS (average threat level: 0 = none; 5 = extremely high)
Community Mid-Sized 3.82 3.60 3.46 2.96 3.12 2.64 2.87 2.65 2.52 2.33 2.28 2.45 2.45 2.21 2.03 Regional 4.20 3.80 3.46 3.52 3.28 3.20 3.36 3.36 2.92 3.28 3.24 3.04 2.71 3.00 2.48 Superregional/ Money Center 3.63 3.86 3.19 3.53 3.25 3.67 4.07 3.88 2.63 3.88 3.47 3.33 2.73 2.40 2.20 All Respondents
Customer victimization scams Debit card (signature based) Check fraud (paper based), deposit Identity theft Check fraud (paper based), withdrawal Debit card (PIN based) Organized ring attempts New account fraud Check electronification Online banking ACH fraud, originations Wire fraud, originations Remote deposit risk ACH fraud, receiving Wire fraud, receiving
3.70 3.52 2.91 3.29 2.73 2.91 2.21 2.29 2.52 2.14 2.24 2.02 2.07 2.33 1.61
2009 American Bankers Association. Reprinted with Permission. All Rights Reserved.
Figure 2. All size banks see the highest threats for debit card fraud, while organized ring attempts and customer victimization scams will require organizations to put fraud measures in place that monitor fraud attempts across product lines and channels.
Nelsestuen, Rodney. TowerGroup. Surrounded by the Enemy: The Case for Enterprise Fraud Management. March 2008.
EFM also analyzes behavior among related users, accounts or other entities, looking for organized criminal activity, fraud rings, corruption or misuse.
Gartner, Inc. Avivah Litan Gartner Research Enterprise Fraud and Misuse Management Solutions: 2010 Critical Capabilities October 2010
We estimate that this market will grow at least 15 percent in 2011, mainly because global FIs are investing in EFM technology against a backdrop of increasingly frequent and sophisticated fraud attacks, and because they want to achieve operational efficiencies by consolidating fraud prevention and financial crime efforts across theenterprise.
Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
10 Nelsestuen, Rodney; TowerGroup, Surrounded by the Enemy: The Case for Enterprise Fraud Management, March 2008. 11 Nelsestuen, TowerGroup, Surrounded by the Enemy.
Best Practices in Fraud Management Combating Fraud with the Technology Available Today
In 2011, First Best Practice Bank (FBPB) implemented a complete, end-to-end IT platform for detecting, preventing and investigating both opportunistic and organized first-party fraud. To begin with, they wanted real-time scoring of all card transactions purchase, payment and non-monetary for faster, more accurate fraud detection on a global scale. Ultimately, they hoped to prevent fraud before it happened, even as the fraudsters evolved their methods and hid their deeds in obscure relationships.
As financial institutions become more sophisticated in their fight against fraud, they are going to demand software solutions that provide more flexibility in addressing emerging fraud issues, analyzing transactions and activities in real or near-real time and identifying fraudulent activity that spans diverse data sources and paymentchannels.
Dan Barta Director, Enterprise Fraud and Risk Strategy, SAS
Every night, FBPB also runs a batch process of existing customer accounts to detect and investigate existing fraud as well as prevent new fraud. The system parses the data and creates a complete update of all account holders and their key linking attributes. Driven by metadata, all records are exhaustively linked based on combinations of attributes within the data. Then, using statistical techniques, common entities are identified and collapsed to produce single views of entities within networks. Discrete bounded networks within the data are also generated, representing statistically relevant groups of activities and relationships. An advanced scoring engine uses independent and combined scores based on three core processes: Application scoring based on scorecard-driven models and text analysis. Scoring of individual customers and their full histories. Scoring of associated networks, including behavioral data (transaction patterns, network growth rates, activity levels) and other data provided (current/previous addresses, contact numbers, employers).
12 Tubin, George. TowerGroup. Consumer Banking Fraud Trends: Welcome to the No-Hype Zone. May2008.
In many cases, the lack of transparency into the risks a company takes is due to poor operational control and reporting. Technologies are available that can help overcome these challenges. These technologies [include] flexible, broader approaches such as SAS enterprise casemanagement.
Rodney Nelsestuen TowerGroup The Global Imperative for Better Operational Risk Management: EU Financial Industry Leads the Way May 2, 2011
Figure 3. SAS Fraud Network Analysis allows organizations to use analytics and network visualization capabilities to help identify key hidden relationships, such as where 1 organized crime rings are emerging and whether an employee is involved in an internal fraud scheme. Advanced Analytics Lab
Figure 4. Using dashboards, case managers and executives can check the status of investigations and prioritize workloads to be more effective and efficient with resources.
Copyright 2009, SAS Institute Inc. All rights reserved.
10
Case management not only provides a tool for corporate security to record losses and develop cases forcivil and criminal litigation; it also provides a repository for detailed information about fraud exposure that is essential for maximizing the effectiveness of fraud detection tools across theorganization.
Dan Barta Director, Enterprise Fraud and Risk Strategy, SAS
Banks are increasingly looking to buy EFM and financial crime software that helps them manage financial regulatory programs from the same vendor.
Gartner, Inc. Avivah Litan MarketScope for Enterprise Fraud and Misuse Management January 14, 2011
This combination of adaptation and visibility would enable financial institutions to better understand emerging threats, so they can take action to prevent substantial losses before they happen. Moving into 2012 and beyond, financial services organizations are looking to use critical data and information that seem related when working fraud and anti-money laundering cases. In December 2010, the Association of Certified Anti-Money Laundering Specialists (ACAMS) and Ernst & Young published a joint survey of 250 global respondents from financial services, law enforcement and regulatory agencies. The survey topic was Linking anti-fraud and anti-money laundering programs unrealized opportunity or unnecessary complexity? It noted that 52 percent of financial services firms had integrated some aspects of their anti-money laundering and antifraud functions. The perfect storm of heightened regulatory pressures and increasingly sophisticated fraud attacks has created an opportunity for fraud and compliance departments to pool budgets and resources to reduce a shared exposure reputationrisk.13
Data
Data
Data Data
Alert Management
Case Management
upstream in the fraud management process Figure 5. The current trend is to move data and analytics more upstream in the fraud detectionprocess.
The prospects for the future also extend beyond the scope of any single enterprise. As 1 more organizations adopt integrated, automated fraud and financial crimes systems, the potential is there to create a broad consortium of financial institutions that can draw on their collective experiences to improve fraud detection across the industry.
Copyright 2010, SAS Institute Inc. All rights reserved.
Closing Thoughts
Organizations that respond to regulatory pressures by simply documenting their existing fraud management practices are selling themselves short. This is the opportunity to turn the tide on fraud, fighting back with powerful analytics, holistic intelligence and integrated case management. SAS recommends an enterprisewide approach to fraud management that spans all contact channels and account types. A best-practice fraud management approach is integrated from end to end, including:
13 Stewart, David. Financial Crimes Convergence: Tipping Point. sascom voices blog. March 2011.
12
Data analysis and alert generation: The ability to assimilate data from multiple sources and apply predictive analytics to accurately assess transactions, activities and customer state in real time. Alert management: The mechanism for accepting, prioritizing and distributing alerts from the various fraud detection and money laundering tools used across the enterprise. Case management: A structured environment in which to manage investigation workflows, document loss incidents and report on fraud managementperformance. The technology to implement this approach is available today. The right platform will: Integrate with the banks existing cardholder and authorization systems. Create and manage signatures that identify an account holders total behavioralprofile. Use sophisticated analytic models and business rules to perform on-demand scoring. Make information and alerts immediately available to the people who need thisinformation. Provide a structured environment to manage investigations and trackperformance. The benefits of this approach are substantial. A financial institution could: Gain a holistic view of fraudulent activity, including related perpetrators and crosschannel fraud, and gain a much clearer understanding of customer behavior. Improve investigator efficiency with unique network visualization, data drilldown and other investigation tools. Increase ROI per investigator through fewer false positives, prioritization of highervalue networks and more accurate investigations. Prevent future fraud by better understanding emerging threats and taking the right proactive action. Extend the value of the fraud management solution by using it to prioritize alerts for anti-money laundering, credit risk and marketing applications. Losses stopped. Fraud avoided. Time saved. The ROI comes from many directions. TowerGroup estimates that for every dollar spent on fraud management, the enterprise gains back as much as $8. If enterprisewide fraud management sounds like a good answer for your financial services institution, flag it for investigation.
According to The Faces of Fraud report, 45 percent of businesses cite loss of productivity as their top nonfinancial fraud loss.
Information Security Media Group 2010 Survey Results: The Faces of Fraud: Fighting Back December2010
13
About SAS
SAS provides the capabilities described in this document based on the proven SAS Enterprise Financial Crimes Framework for Banking. This solution takes a unique approach that blends multiple alerting techniques in both real time and batch and provides a systematic framework for investigating and managing fraud cases. A hybrid solution, it detects and prevents both opportunistic and professional/organized fraud including emerging threats such as ACH, wire and mobile. Financial institutions can significantly reduce losses by detecting more fraud with fewer investigators. SAS has worked closely with top financial institutions for 35 years to create solutions to address critical business needs. In the financial services industry alone, SAS data integration, fraud detection, risk management, regulatory compliance, CRM and other software is used by more than 3,100 financial institutions worldwide, including 97percent of banks in the Fortune Global 500. Our award-winning solutions handle the challenges specifically associated with the volatile financial services industry, and we can help institutions better manage their strategy, risk, customers and channels to maximize profitability, achieve greater shareholder value and gain a clear competitiveadvantage. SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions delivered within an integrated framework, SAS helps customers at more than 50,000 sites improve performance and deliver value by making better decisions faster. Since 1976 SAS has been giving customers around the world THE POWER TO KNOW.
14