Primary navigation:

QFINANCE Quick Links
QFINANCE Reference

Home > Blogs > Maryam Hussain > Detecting Fraud

Detecting Fraud

Detecting Fraud Maryam Hussain

Facebook LinkedIn Twitter

Every fraud – from the overstated expense claim all the way to the manipulated financial statements and fraudulent market announcements which can ultimately lead to an organization's demise – leaves an information trail. The challenge is to uncover the traces of this trail before the losses become too damaging; to hear the corporate equivalent of the alarm bell.

The Threat from the Inside

All too often the emphasis of news reports on fraud is on the external threat: the hackers, fraudsters and money launderers who exploit weak spots in an organization’s defenses. However, the reality is that a significant fraud threat comes from employees – those individuals that have been allowed inside the organization.

The changes brought on by the development of new e-business systems and processes means the propensity for insiders to commit fraud and financial crime – and the opportunities for them to do so – is increasing faster than an organization’s ability to police them. An increased corporate focus on rapid results, risk-taking and entrepreneurship has, arguably, contributed to a fraud-friendly environment.

Technology too has become a double-edged sword. The speed, power, pervasiveness, mobility and anonymity which benefit today’s business models also offer attractive opportunities to individuals who are intent on committing fraud, money laundering and other forms of inappropriate behavior. They are aided by the side effects of business process re-engineering and other forms of organizational de-layering which have resulted in the removal of many checks and balances, not to mention an increasing dependence on contractors and outsourcing.

Detecting Insider Fraud

Many fraudsters are very ingenious: according to a 2005 study on the insider threat by the US Secret Service and CERT Coordination Center/SEI, 39% of attacks used a "sophisticated" method. Departments responsible for containing insider fraud tend to focus on prevention through training and awareness-raising and HR policy statements, as well as detailed reactive investigation of cases as they come to light.

It is clear then, that a purely ‘rules-based’ approach is unlikely to be fully effective in such dynamic circumstances, although, as discussed above, it is a very positive place to start.

Corporate Culture and Whistle-blowing

The early discovery of the fraud information trail and the corresponding narrowing of the exposure gap require the following to be in place:

1. An environment where employees and others are motivated to report their concerns.
2. A review framework which includes regular audits that look for indicators of fraud and other misconduct.
3. A monitoring capability, which includes automated analysis of transactions and the identification of patterns of unusual activity.

If whistle-blowers are the first line of detection, how do organizations encourage people to speak out, and what are the barriers to such a valuable channel of information? In theory, the answer is simple – provide a practical mechanism and address the concerns that prevent people from speaking up. In practice, it takes time and direction from the very senior levels of the organization to create such an environment. Personal factors, such as loyalties or fear of retaliation, will ultimately determine whether an individual will speak up.

The solution lies in dealing with the personal and professional risks that employees see in whistle-blowing – obtaining an understanding of the tipping point at which employees decide to defy their feelings of fear and report suspicions of fraud.

Forensic Data Analysis

Transactional data generated by the many different electronic systems the fraudsters encounter give evidence of their activity. It makes sense, therefore, to use forensic data analysis to explore these data sources to identify signs of potentially fraudulent activity.

Intelligent analysis engines based on advanced data warehouse and data mining technology (to store and analyse data respectively), take in audit trails from key systems around the organization such as financial systems, call center records, telephones, building entry gates, web servers and print servers. Personnel records from HR and finance systems supplement this. The wider the range of sources, the better – very often, data from a single source will be internally consistent, and anomalies and deviations only become exposed as external data is added to the mix.

Incoming data is then stored in a data warehouse in a format that (crucially) retains the patterns of behavior and how these develop and change over a long period of time. This is achieved by focusing on events and points at which data changes, rather than the data itself.

Approaches to Unstructured Data

The analysis of unstructured data brings both challenges and opportunities. Its inherent lack of homogeneity means that many of the data analysis techniques routinely used on structured data are not immediately applicable. However, this does not mean that no value can be derived from such data sources – quite the opposite in fact; it just requires a little more effort.

A major class of techniques fall under the general classification of ‘text mining’. These include entity extraction (the identification of proper nouns from within the text), phrase extraction, key word analysis and sentiment analysis. Such techniques are a powerful adjunct to the analysis of structured data, where the analyst can assess the consistency (or otherwise) of a transactions effect with the sentiment expressed in associated narratives or documents. Where inconsistency is identified, transactions may be flagged up for investigation.

Lessons from the Financial Services Industry

The financial services industry has traditionally led the way in deploying leading-edge data analytics to address the challenge of detecting and preventing fraud.

Detection of forms of credit abuse is also achievable with such forms of analysis. Credit abuse involves organized fraudsters making false statements on application forms in order to gain credit, which they have no intention of paying back. These criminals are increasingly manipulating the credit application process, and it is in response to such organized fraud that another class of techniques known as social network analysis (SNA) has been brought into play.

SNA (which, as its names suggests, developed through the analysis of the linkages between individuals) is now being used to make high-speed checks of credit applicants’ details against pre-scored criminal networks during the live application process. It is also being applied in the ‘back office’, where existing customers are scored as they request additional credit facilities. Banks can therefore ‘shut out’ and decline any applications that appear to emanate from those networks.

These detection systems make use of a body of rules that define the way in which fraudsters and money launderers typically carry out their activities. If the rules are triggered, the activity can be deemed ‘suspicious’ and worthy of further investigation.

One of the more obvious examples of a suspicious activity rule is when a dormant account suddenly comes alive with a burst of spending at certain types of retail outlet, or where large deposits into an account are mirrored by sudden immediate withdrawals. These systems often look for any kind of deviation from the account’s normal, historical profile. Appropriately designed and deployed rule-based systems can draw attention to those transaction patterns that possess the highest likelihood of being suspicious and are therefore most likely to pose a risk.

Many banks are now moving from end-of-day analysis to near real-time analysis as the transactions actually occur, to move from reactive fire-fighting to proactive prevention of financial loss and damage to reputation. The increase in efficiency and effectiveness of the detection process leads to cost savings and competitive advantage: the cost of fraud comes straight off the bottom line, and a small reduction in losses can result in considerable bottom-line growth. Reducing fraud can, in some cases, make the difference between a new financial services product being profitable or not.

Data Mining for Straitened Times

Whilst many (although not all) of the analysis tools are relatively inexpensive, forensic data analytics represents a task that is usually undertaken by specialists. However, such expertise can be expensive, so such an outlay needs to be justified- now more than ever. Fraud detection can be shown to result in tangible cash benefits and, in some cases, even competitive advantage. This in itself can provide the positive return on investment demanded by most organizations.

The detection of fraud will save money, but it is often the reputational damage associated with fraud and corruption that brings down organizations, as customers, suppliers, employees and investors disassociate themselves from the tainted brand.

Beyond this, however, the fact that data is being used and manipulated in this way means that analysts generate insights that do not solely pertain to fraud detection. Experience has shown that this analysis generates insights that are valuable in themselves or point to areas of inefficiency or which waste, and therefore signpost, opportunities to make savings.

Deployment of Data Analytics

1. Organizations do not need to start by using the most advanced analytics. The use of even the most rudimentary analysis will improve the chances of detecting fraud, and will start to build the organization's confidence in its value.

2. Organizations should not be afraid of stealing ideas from other industries or fields of analysis. The financial service sector leads the way in the use of data analytics for fraud risk management.

3. Analysis can generate a range of benefits beyond fraud detection. Using this to widen the range of advocates across the business will increase acceptance and the will to invest further.

Facebook LinkedIn Twitter
You have recommended this article

Tags: bank fraud , Corporate Fraud , credit fraud , data , data analysis , data mining , Ernst and Young , EY , financial crime , fraud , fraud investigation , fraud protection , fraudster , hacker , information risk , information security , insider fraud , internal audit , Maryam Hussain , money laundering , risk management
  • Bookmark and Share
  • Mail to a friend


or register to post your comments.

Back to QFINANCE Blogs

Share this page

  • Facebook
  • Twitter
  • LinkedIn
  • RSS
  • Bookmark and Share

Blog Contributors