LEVERAGING TECHNOLOGY IN THE BATTLE AGAINST FINANCIAL FRAUD Maria Loughlin April, 2012 © Memento, Inc. 2011 – All Rights Reserved 2 Exploring fraud and fraud management • Through the lens of a Financial Institution (FI) • What are the threats, emerging channels and evolving risks? • How to respond? • Through the lens of a technologist • How can technology help? • What lies ahead? 3 Sure, you’ve heard about Bernie and Jerome… 4 … but can you pick out the fraudster here? A B C Amy Lynette Sanders Grand Rapids, Michigan Ray Van Norman Omaha, Nebraska Jane Wolff Yarmouth, Massachusetts Chairman and CEO. Stole $5.7 million by creating fictitious lines of credit over a 10-year period. Husband and wife pair Benjamin Wolff (79) and Jane (72) wrote fraudulent checks for hotels, inns, and stores in Concord, Newburyport, Rockport, and Andover. . Branch Manager. Transferred funds from customer accounts into her own – for over 3½ years. 5 Sobering bank fraud statistics • As much as 35% of operational loss in financial services is fraud – that’s $20B annually • A mid-size US bank loses $50M to check fraud annually • A top 10 credit card issuer loses $100-400M to first party credit card fraud annually • 60% of bank fraud involves an insider • Identity theft cost the US $48B in 2008 • 40% of ID theft is committed by collusive criminal networks Sources: KPMG, Celent, ABA, Tower Group, Javelin Research, CIMIP 6 Is Fraud A Trillion Dollar Problem Globally? Banking $20B Healthcare $125B Brokerage/Securities $150B Mortgage $10B Insurance $100B Retail $42B Telecom $55B $502 billion US fraud losses Sources: TowerGroup, Stanford Law School, Cornerstone Research, The Prieston Group , U.S. Dept. of Health & Human Services, U.S. Dept. of Justice, National Retail Federation, FIINA Why does bank fraud continue to be a problem? • New products and channels expose new schemes • Defenses usually come long after new schemes are hatched • Fraud is a business • Highly leveraged schemes • Increased role of organized crime • Weak defenses • Low efficiency, increasing cost • Complex problem, disconnected data and systems, limited innovation • Failure to comprehensively monitor accounts, account touch points Top 5 fraud threats (2012) Card Fraud Check Fraud Phishing and Vishing ACH and Wire Fraud ATM Fraud 0 10 20 30 40 50 60 70 80 90 Source: 2012 Faces of Fraud survey Sponsored by Authentify, Guardian Analytics, i2, RSA Security, Wolters Kluwer Financial Svcs 9 Payments trends that affect fraud • Emerging technologies and rapid innovation • Increase in # of players involved in the payments supply chain • Increase in # of payment options for consumers • Shift from Credit/Debit to ACH via Payment Services • Evolving fraud • Cross channel fraud • International organized crime rings • Increased speed of use from compromise to fraud • Shift in target • From mega data breaches to smaller merchants • Filtering down to rural areas • Changing consumer views • More open to alternative payments • More conscious of security, yet willing to share personal information with “friends” © Memento, Inc. 2010 – All Rights Reserved 10 Losses continue to grow: SAR by the numbers SAR Volume 800,000 732,563 700,000 697,389 SARs Submitted Total: 5,549,559 600,000 500,000 411,697 400,000 Check Fraud: 1,141,498 Money Laundering: 3,013,569 300,000 200,000 100,000 52,069 152,874 21,655 14,385 115,757 0 1996 1997 1998 1999 2000 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010 Total SAR Volume check Money Laundering %of total SARs for check and ML: range 69.2 - 78.3 Avg. 74.4 11 THROUGH THE LENS OF A FINANCIAL INSTITUTION 12 Why do banks care about fraud? • Fraud losses go straight to the bottom line • Perceptions of insecurity leads to • Reputational risk • Customer retention challenges • Operational expense • Regulatory oversight/fines • Calls for more regulation 13 How do banks respond? “Keep the bad “Stop them from guys out” stealing” “Break the cycle” • IT/network security • Transaction monitoring • Investigate cases • Online authentication • Employee monitoring • Prosecute criminals • Applicant screening • List checking • Report to FINCen Focused on protecting the perimeter Focused on protecting customer accounts Focused on preventing future attacks TowerGroup estimates that for each $1 spent on fraud management, fraud losses will be reduced by $8 Implement comprehensive approach across all channels and products Deposit Account Check ACH Branch Deposit Call Center Kiting ATM On-Us Online (incl. ACH Conversions) (Origination) Wire Debit 14 Regulation also drives FI action Layered Security FFIEC Guidance • 2005: The Federal Financial Institutions Examination Council (FFIEC) issued guidance to banks on standards for Internet banking • 2007: Banks responsible for compliance Of 200+ respondents: • 58% say their institutions will increase fraud spend in 2012 • Only 11% believe the guidance will significantly reduce fraud 16 FFIEC compliance – Layered security Layer 5 Entity Link Analysis • Enables analysis of relationships among internal and external entities and their attributes (e.g., users, accounts, machines) Layer 4 User / Acct. Centric Multi Channel & Product • Monitors and analyzes user and account behavior across channels, and correlates alerts across channels and products User / Acct. Centric Specific Channel • Monitors and analyzes user and account behavior, and identifies anomalous behavior using rules or statistical models Layer 3 Layer 2 Layer 1 Navigation Centric Endpoint Centric Source: Gartner © Memento, Inc. 2012 – All Rights Reserved • Analyzes session behavior and points out anomalies • Analyzes mobile device location • Secure browsing, OOB authentication and transaction verification • Endpoint device identification, location data 17 HOW CAN TECHNOLOGY HELP? Enterprise Fraud Management Systems Case Management Workflow and reporting Alerts and incidents Proactive Monitoring & Analytics Identify suspicious behavior Business user control Forensic Research & Investigations Queries and analysis Collaborative research Data Aggregation & Management Multiple sources Different data types 18 19 Enterprise Fraud Management Data Customer Data Employee Data Name, address, phone, email … name, ID, branch, job code, contact info … Account Data Transaction Data Status, open date, balance … check, deposits, ACH, wire, other debits, RDI, returns … Maintenance/Inquiry Data contact info changes, service changes, balance lookups … 3rd Party Lists black lists, white lists, OFAC … Analytics Output profiles, risk scores, alerts … Other Detection Systems alerts , other data as required… • Single enterprise data store for financial crime and ops risk mgt • Rich repository of cross-channel transaction & reference data • Source system agnostic 20 Multiple Approaches to Fraud Analytics Patterns/Rules Profiling Adaptive Analytics Link Analysis • Advanced business rules and statistical techniques • Contextual history of customer, employee and peer group behavior • Fraud is discovered through a combination of risk indicators • Uncover risky relationships between people, accounts, alerts, etc. Example: Employee Fraud Detection Fraud Type Example Scenarios Theft from institution • Self-dealing (e.g., fee reversals increasing overdraft limits) • Inappropriate account maintenance on own or close associate account (e.g. check hold policy override) • Incentive compensation schemes • GL theft (debit to cash offset to employee acct) Theft from customer • Debits from dormant, elder, out-of-region, high net worth accts • Inappropriate acct maintenance (e.g., changing phone #, email, address); followed by unauthorized or unusual transactions • Inappropriate acct inquiries, often out-of-region or business unit • Inappropriate access to reports • Screen capture, print screen Example: ACH Fraud Detection Combine Advanced Analytics and Business Rules • Fraud Indicators: Unusual access (IP, device ID, time of day, etc.), account maintenance, fund consolidation, negative balance, unusual amount, routing, timing, known bad receiver • Business Rules: White/black lists, institution defined rules Customer and Account Profile Transaction Details Customer and Account Data Name, address, phone, acct status, daily balance… Originator Information Contact details, funding account, … + Maintenance / Inquiry Activity Address or service changes, balance lookups … ACH Activity Historical activity across all channels • • • • • • • • Amount Timing Receivers Type Channels Credits Debits Routing Statistically-driven risk score for every transaction 22 23 Example: Check Fraud Detection Multi-dimensional pattern analysis Check serial number sequences • Book detection, distance out of sequence Velocity • Amounts Acct Intimacy Serial # Acct Profile • Quasi-periodic amounts, non-quasi periodic amounts • Likely amounts, intimate amounts • Velocity analysis • Account velocity (balances), book Multiple checkboo ks Timing $ Amount velocity • Account relationships 24 NEW TECHNOLOGIES Emerging and enabling technologies • Big Data • Cloud Computing • Mobile 26 Cloud computing • Reduced costs • Some aspects of payments are moving to the cloud • Risks: • Assuring proper data protection and compliance with security and privacy regulations • Inadequate controls at third party service providers • Authentication and reliance on passwords 27 The mobile revolution • Nearly half (46%) of American adults are smartphone owners as of February 2012, an increase of 11% over last May Source: Pew Research Center’s Internet & American Life Project, March 2012 Use of mobile banking expected to grow rapidly: expanding to 38M households by 2015 Source: FDIC Supervisory Insights - Winter 2011 28 Mobile financial services 4 usage patterns expected: • Mobile Banking – Mobilization of existing online capabilities (e.g., balance checks, transfers of funds between customer accounts, bill payment to pre-authorized recipients) • Alerting – Providing a convenient channel to alert customers of account activity • Services Replacement – Replacement of select services that require physical customer presence (e.g., remote deposit capture) • Mobile Payments – Including contactless payments, personto-person payments, and substitution of mobile device for credit card, debit card or checks 29 Who Consumers Trust with Mobile Payments 30 Evolving payment landscape WRAP UP Parting words… Fraud attempts and fraud losses continue to grow. Yet, there is opportunity to fight back harder and smarter. • Customer education • New tools and new technologies • Information protection • Fraud detection and management • Increased collaboration • Engage customers in fraud management • Share information across banks • Collaborate with regulators, government, employees and third parties Fraud management is a collaboration © Memento, Inc. 2012 – All Rights Reserved