LEVERAGING TECHNOLOGY IN THE
BATTLE AGAINST FINANCIAL FRAUD
Maria Loughlin
April, 2012
© Memento, Inc. 2011 – All Rights Reserved
2
Exploring fraud and fraud management
• Through the lens of a Financial Institution (FI)
• What are the threats, emerging channels and evolving risks?
• How to respond?
• Through the lens of a technologist
• How can technology help?
• What lies ahead?
3
Sure, you’ve heard about Bernie and Jerome…
4
… but can you pick out the fraudster here?
A
B
C
Amy Lynette Sanders
Grand Rapids, Michigan
Ray Van Norman
Omaha, Nebraska
Jane Wolff
Yarmouth, Massachusetts
Chairman and CEO.
Stole $5.7 million by
creating fictitious lines of
credit over a 10-year
period.
Husband and wife pair
Benjamin Wolff (79) and
Jane (72) wrote
fraudulent checks for
hotels, inns, and stores in
Concord, Newburyport,
Rockport, and Andover.
.
Branch Manager.
Transferred funds from
customer accounts into
her own – for over 3½
years.
5
Sobering bank fraud statistics
• As much as 35% of operational loss in financial services is
fraud – that’s $20B annually
• A mid-size US bank loses $50M to check fraud annually
• A top 10 credit card issuer loses $100-400M to first party
credit card fraud annually
• 60% of bank fraud involves an insider
• Identity theft cost the US $48B in 2008
• 40% of ID theft is committed by collusive criminal
networks
Sources:
KPMG, Celent, ABA, Tower Group, Javelin Research, CIMIP
6
Is Fraud A Trillion Dollar Problem Globally?
Banking
$20B
Healthcare
$125B
Brokerage/Securities
$150B
Mortgage
$10B
Insurance
$100B
Retail
$42B
Telecom
$55B
$502 billion
US fraud losses
Sources: TowerGroup, Stanford Law School, Cornerstone Research, The Prieston Group , U.S.
Dept. of Health & Human Services, U.S. Dept. of Justice, National Retail Federation, FIINA
Why does bank fraud continue to be a problem?
• New products and channels expose new schemes
• Defenses usually come long after new schemes are hatched
• Fraud is a business
• Highly leveraged schemes
• Increased role of organized crime
• Weak defenses
• Low efficiency, increasing cost
• Complex problem, disconnected data and systems, limited innovation
• Failure to comprehensively monitor accounts, account touch points
Top 5 fraud threats (2012)
Card Fraud
Check Fraud
Phishing and Vishing
ACH and Wire Fraud
ATM Fraud
0
10
20
30
40
50
60
70
80
90
Source: 2012 Faces of Fraud survey
Sponsored by Authentify, Guardian Analytics, i2, RSA Security, Wolters Kluwer Financial Svcs
9
Payments trends that affect fraud
• Emerging technologies and rapid innovation
• Increase in # of players involved in the payments supply chain
• Increase in # of payment options for consumers
• Shift from Credit/Debit to ACH via Payment Services
• Evolving fraud
• Cross channel fraud
• International organized crime rings
• Increased speed of use from compromise to fraud
• Shift in target
• From mega data breaches to smaller merchants
• Filtering down to rural areas
• Changing consumer views
• More open to alternative payments
• More conscious of security, yet willing to share personal information with “friends”
© Memento, Inc. 2010 – All Rights Reserved
10
Losses continue to grow: SAR by the numbers
SAR Volume
800,000
732,563
700,000
697,389
SARs Submitted
Total: 5,549,559
600,000
500,000
411,697
400,000
Check Fraud: 1,141,498
Money Laundering:
3,013,569
300,000
200,000
100,000
52,069
152,874
21,655
14,385
115,757
0
1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010
Total SAR Volume
check
Money Laundering
%of total SARs for check and ML: range 69.2 - 78.3
Avg. 74.4
11
THROUGH THE LENS OF A
FINANCIAL INSTITUTION
12
Why do banks care about fraud?
• Fraud losses go straight to the bottom line
• Perceptions of insecurity leads to
• Reputational risk
• Customer retention challenges
• Operational expense
• Regulatory oversight/fines
• Calls for more regulation
13
How do banks respond?
“Keep the bad “Stop them from
guys out”
stealing”
“Break the
cycle”
• IT/network security
• Transaction monitoring
• Investigate cases
• Online authentication
• Employee monitoring
• Prosecute criminals
• Applicant screening
• List checking
• Report to FINCen
Focused on
protecting the
perimeter
Focused on
protecting customer
accounts
Focused on
preventing future
attacks
TowerGroup estimates that for each $1 spent on fraud management, fraud
losses will be reduced by $8
Implement comprehensive approach across all
channels and products
Deposit Account
Check
ACH
Branch
Deposit
Call Center
Kiting
ATM
On-Us
Online
(incl. ACH Conversions)
(Origination)
Wire
Debit
14
Regulation also drives FI action
Layered Security FFIEC Guidance
• 2005: The Federal Financial Institutions Examination Council (FFIEC)
issued guidance to banks on standards for Internet banking
• 2007: Banks responsible for compliance
Of 200+ respondents:
• 58% say their institutions will increase fraud spend in 2012
• Only 11% believe the guidance will significantly reduce fraud
16
FFIEC compliance – Layered security
Layer 5
Entity Link
Analysis
• Enables analysis of relationships among
internal and external entities and their
attributes (e.g., users, accounts,
machines)
Layer 4
User / Acct. Centric
Multi Channel &
Product
• Monitors and analyzes user and account
behavior across channels, and
correlates alerts across channels and
products
User / Acct. Centric
Specific Channel
• Monitors and analyzes user and account
behavior, and identifies anomalous
behavior using rules or statistical
models
Layer 3
Layer 2
Layer 1
Navigation Centric
Endpoint Centric
Source: Gartner
© Memento, Inc. 2012 – All Rights Reserved
• Analyzes session behavior and points
out anomalies
• Analyzes mobile device location
• Secure browsing, OOB authentication
and transaction verification
• Endpoint device identification, location
data
17
HOW CAN
TECHNOLOGY HELP?
Enterprise Fraud Management Systems
Case Management
Workflow and reporting
Alerts and incidents
Proactive Monitoring &
Analytics
Identify suspicious behavior
Business user control
Forensic Research &
Investigations
Queries and analysis
Collaborative research
Data Aggregation & Management
Multiple sources
Different data types
18
19
Enterprise Fraud Management Data
Customer Data
Employee Data
Name, address, phone,
email …
name, ID, branch, job code,
contact info …
Account Data
Transaction Data
Status, open date, balance
…
check, deposits, ACH, wire,
other debits, RDI, returns …
Maintenance/Inquiry Data
contact info changes, service
changes, balance lookups …
3rd Party Lists
black lists, white lists, OFAC
…
Analytics Output
profiles, risk scores, alerts …
Other Detection Systems
alerts , other data as
required…
• Single enterprise
data store for
financial crime and
ops risk mgt
• Rich repository of
cross-channel
transaction &
reference data
• Source system
agnostic
20
Multiple Approaches to Fraud Analytics
Patterns/Rules
Profiling
Adaptive Analytics
Link Analysis
• Advanced business rules and
statistical techniques
• Contextual history of customer,
employee and peer group behavior
• Fraud is discovered through a
combination of risk indicators
• Uncover risky relationships between
people, accounts, alerts, etc.
Example: Employee Fraud Detection
Fraud Type
Example Scenarios
Theft from institution
• Self-dealing (e.g., fee reversals increasing overdraft limits)
• Inappropriate account maintenance on own or close associate
account (e.g. check hold policy override)
• Incentive compensation schemes
• GL theft (debit to cash offset to employee acct)
Theft from customer
• Debits from dormant, elder, out-of-region, high net worth accts
• Inappropriate acct maintenance (e.g., changing phone #, email,
address); followed by unauthorized or unusual transactions
• Inappropriate acct inquiries, often out-of-region or business unit
• Inappropriate access to reports
• Screen capture, print screen
Example: ACH Fraud Detection
Combine Advanced Analytics and Business Rules
• Fraud Indicators: Unusual access (IP, device ID, time of day,
etc.), account maintenance, fund consolidation, negative
balance, unusual amount, routing, timing, known bad receiver
• Business Rules: White/black lists, institution defined rules
Customer and Account Profile
Transaction Details
Customer and Account Data
Name, address, phone, acct status, daily balance…
Originator Information
Contact details, funding account, …
+
Maintenance / Inquiry Activity
Address or service changes, balance lookups …
ACH Activity
Historical activity across all channels
•
•
•
•
•
•
•
•
Amount
Timing
Receivers
Type
Channels
Credits
Debits
Routing
Statistically-driven risk score for every transaction
22
23
Example: Check Fraud Detection
Multi-dimensional pattern analysis
Check serial number sequences
• Book detection, distance out of
sequence
Velocity
• Amounts
Acct
Intimacy
Serial #
Acct
Profile
• Quasi-periodic amounts, non-quasi
periodic amounts
• Likely amounts, intimate amounts
• Velocity analysis
• Account velocity (balances), book
Multiple
checkboo
ks
Timing
$
Amount
velocity
• Account relationships
24
NEW TECHNOLOGIES
Emerging and enabling technologies
• Big Data
• Cloud Computing
• Mobile
26
Cloud computing
• Reduced costs
• Some aspects of payments are moving to the cloud
• Risks:
• Assuring proper data protection and compliance with security and
privacy regulations
• Inadequate controls at third party service providers
• Authentication and reliance on passwords
27
The mobile revolution
• Nearly half (46%) of American adults are smartphone
owners as of February 2012, an increase of 11% over last
May
Source: Pew Research Center’s Internet & American Life Project,
March 2012
Use of mobile banking expected to grow rapidly: expanding
to 38M households by 2015
Source: FDIC Supervisory Insights - Winter 2011
28
Mobile financial services
4 usage patterns expected:
• Mobile Banking – Mobilization of existing online capabilities
(e.g., balance checks, transfers of funds between customer
accounts, bill payment to pre-authorized recipients)
• Alerting – Providing a convenient channel to alert customers
of account activity
• Services Replacement – Replacement of select services that
require physical customer presence (e.g., remote deposit
capture)
• Mobile Payments – Including contactless payments, personto-person payments, and substitution of mobile device for credit
card, debit card or checks
29
Who Consumers Trust with Mobile Payments
30
Evolving payment landscape
WRAP UP
Parting words…
Fraud attempts and fraud losses continue to grow. Yet,
there is opportunity to fight back harder and smarter.
• Customer education
• New tools and new technologies
• Information protection
• Fraud detection and management
• Increased collaboration
• Engage customers in fraud management
• Share information across banks
• Collaborate with regulators, government, employees and third
parties
Fraud management
is a collaboration
© Memento, Inc. 2012 – All Rights Reserved
