RiskFinancial CrimeWhen Fraud Gets Seriously Organised

When Fraud Gets Seriously Organised

Fraud continues to grow at an alarming rate across the financial services sector. According to the PricewaterhouseCoopers 2005 Global Economic Crime Survey, 45% of companies worldwide have fallen victim to economic crime – an 8% increase from the previous survey. Since 2003, there has been a 71% increase in the number of companies reporting cases of corruption and bribery, a 133% increase in the number reporting money laundering and a 140% increase in the number reporting financial misrepresentation. Fraud that led to a loss of assets cost companies – on average – over US$1.7m, a 50% increase from 2003.

Identity fraud is a key growth area, particularly in the US, where federal and state authorities have identified it as the US’s fastest-growing white-collar crime. The Federal Trade Commission’s 2004 report on identity theft revealed that consumer-reported losses from fraud exceeded US$547m. Identity theft topped the list of complaints for the fifth successive year, accounting for 39% of consumer fraud complaints. Meanwhile in the UK, the latest figures from the banking body APACS show that online fraud is outstripping any other type of fraud, with the number of phishing attacks on banks rising from 1,714 in 2005 to 14,156 in 2006. As for the future, Frost & Sullivan’s 2005 World Credit and Debit Fraud report predicts global losses to card fraud will reach US$15.5bn in 2009, much of this fuelled by identity fraud.

Worldwide, regulators are increasing the pressure on the financial services industry to reinforce their counter-fraud and counter-money laundering intelligence strategies and integrate them more tightly within their operational risk frameworks. From the USA PATRIOT and Sarbanes-Oxley Acts to the EU 3rd Anti Money Laundering Directive and the UK Proceeds of Crime Act, the regulatory environment is increasing the liability of the institutions and the personal liability of their officers.

In light of these risks, financial institutions have devoted considerable resources to detecting fraudsters and other financial criminals through the more effective use of technology. Over the past decade there has been an increasing take-up of computer systems that examine transaction data and look for telltale patterns that might reveal potentially suspicious behaviour. These systems have played a key role in the fraud management lifecycle, providing valuable input into downstream investigation processes.

A Computerised Sherlock Holmes

Look inside any bank today and you will find some kind of computerised fraud detection system that takes in huge volumes of transaction data and looks for tell-tale patterns in the data in order to identify potential fraud cases worthy of further investigation. How do these detection systems work? In essence they make use of a body of rules (often wrapped up inside behavioural scorecards) that define the way fraudsters typically carry out their activities. If the rules are triggered then the activity can be deemed ‘suspicious’ and worthy of further investigation.

Figure 1: Behavioural profiling

Much of the time these systems are looking for any kind of deviation from the historical profile that an account normally exhibits. Appropriately designed and deployed, systems based on rules and behavioural models can draw attention to those transaction patterns that possess the highest likelihood of being suspicious and are therefore most likely to pose a risk. The computerised Sherlock Holmes is now a mainstream reality.

The Shift To Serious Organised Crime

As effective as current detection systems have been, they are not enough in the fight against fraud. Financial institutions, in common with other large public and private sector organisations, are becomingly increasingly targeted by serious organised criminal groups. These have been defined as those involved on a continuing basis, normally working with others, in committing crimes for substantial profit or gain. They dominate much of the high-impact criminality that occurs in today’s society. Many of these ‘groups’ are, in practice, loose networks whose members coalesce around one or more prominent criminals to undertake criminal ventures of varying complexity, structure and length. Criminals may not think of themselves as being members of any group, and individuals may be involved with a number of sub-groups within the network, and therefore be involved in a number of separate criminal ventures at any one time.

To date, much of the focus on fraud detection has been on opportunistic individuals who have little or no knowledge of banking systems and the thresholds used for detecting fraud. Their frauds tend to be monolithic in structure and rapid in execution. They usually operate alone, or sometimes in collusion with a bank insider, and they usually involve a single identity. Systems based on rules or behavioural scorecards can be highly effective at catching these criminals.

Organised criminals, on the other hand, operate on a far more premeditated basis and display detailed awareness of the workings of traditional fraud detection systems. Being persistent and migratory, they are modifying their behaviour to evade traditional methods of detection. Most detection techniques focus on the use of behavioural profiling: understand how a typical fraudster behaves and you can spot others who pull the same tricks. Although this can be highly effective, organised criminals are now adopting a more fragmented, distributed approach in which the individual is replaced by a collaborative network. Slicing up the fraud like salami and executing it over a longer period of time keeps potentially suspicious activities ‘under the radar’. A number of individuals are involved, including other criminal gang members, bank insiders and third party amateur operators, such as hackers, who provide hacking and other services at arm’s length from the core criminal gang. Multiple identities feature strongly in this kind of organised fraud, with fake or stolen identities used to conceal members of the criminal network, their activities and their assets in order to minimise the risk of detection.

Figure 2: The shift from ‘individual’ to ‘network’

Understanding ‘who is who’ and ‘who knows who’ is a key data quality challenge when detecting this kind of fraud. Marketing departments face a similar challenge when lists of names and addresses are matched against other data during marketing campaigns in order to make connections or identify duplicates. Unfortunately, traditional matching technologies cannot deal with the data quality issues thrown up by identity fraudsters: unlike genuine customers, criminals do not want to be identified and will either distort, lie or provide minimum information about their identity. Because of these issues there is rarely, if ever, enough information contained within two individual records for a machine to match them categorically to one another.

Banks have no alternative but to meet this threat head-on by developing a new weapon in their anti-fraud armoury that provides, metaphorically speaking, the ability to link together very small, scattered and somewhat indistinct pieces of a large jigsaw without the aid of a picture on the box.

From Behavioural Profiling To Social Network Analysis

A revolutionary approach for combating fraud has now emerged in the form of ‘social network analysis’. As a complement to existing analytical approaches, social network analysis moves away from record-level analysis to identify, understand and evaluate higher-level networks of collaborating individuals or organisations. With social network analysis the characteristics of criminal networks, including the emerging sub-groups and key players involved, can be identified.

Being based on facts rather than hypotheses, social network analysis does not try to guess associations and therefore relies more on data volume than data quality. In fact, the more data that it is given to process the better. Because it is immune to data quality and format issues, this means that it is no longer possible for fraudsters to avoid detection using variations in identity.

The result of the quantitative analysis is a list of identified and risk-scored networks. These are then handed over to human investigators to perform a qualitative analysis. The system provides investigators with an instant graphical visualisation of each network, including both geographical and temporal views, enabling them to make a rapid visual judgement. Investigators can easily traverse the network, dive down into detail at any point of interest and perform searches on the networks and the underlying data.

Driving intelligence out of networked data to inform risk scoring and investigation is a major step forward in the art of fraud detection. Rather than trying to profile a fraudster down to his shoe size, or trying to match two unmatchable records, this takes the more intelligent route of identifying networks of collaborating individuals. In other words, it’s not the shape of the dots that matters, but the shape of the network that joins them together.

Social network analysis is increasingly gaining wider acceptance as a technique for complementing existing approaches to fraud detection, such as those based on behavioural profiling. Fraud aside, the technique is also being examined by marketing departments who are interested in identifying who the key ‘movers and shakers’ are in a consumer network so that they can better target their viral marketing campaigns.

Organised Fraud Needs an Organised Response

Financial institutions cannot afford the reputational cost of further rises in the level of organised fraud. Although financial institutions are upgrading their risk management systems as a result of increased regulatory pressure, there is always the danger that fraud becomes ‘sanitised’ when subsumed within the rational, mathematical world of risk management. It is, in stark terms, a costly and nasty crime.

Many countries are now developing a range of counter-fraud responses, such as tougher courts, strategic national authorities and centralised reporting and intelligence. However, commensurate changes are also needed in the methods employed by both private and public sector financial investigation units. Organised criminals, operating as collaborative networks that collude with people on the inside, present the greatest threat since their activities stay under the radar of most corporate detection systems. But they can be detected with the right tools.

Organised fraud needs an organised response. Organisations are perfectly clear on what needs to be done and the support infrastructure, from legislation and law enforcement through to advanced technology and operations, is now being put into place. The time has come to truly confront the fraudster.

Comments are closed.

Subscribe to get your daily business insights

Whitepapers & Resources

2021 Transaction Banking Services Survey
Banking

2021 Transaction Banking Services Survey

2y
CGI Transaction Banking Survey 2020

CGI Transaction Banking Survey 2020

4y
TIS Sanction Screening Survey Report
Payments

TIS Sanction Screening Survey Report

5y
Enhancing your strategic position: Digitalization in Treasury
Payments

Enhancing your strategic position: Digitalization in Treasury

5y
Netting: An Immersive Guide to Global Reconciliation

Netting: An Immersive Guide to Global Reconciliation

5y