Fraud is on the rise. Collectively, this global criminal enterprise is hitting financial services firms with a severe one-two punch.
The first punch involves cash. Lots of it. In 2011 alone, fraud losses on UK cards totalled £388 million in 2012, showing a 14 per cent increase from total fraud losses of £341m according to the UK Card Association( ). But the second part of the one-two punch might be even worse. That’s because fraud run amok can cause an immeasurable amount of harm to a bank’s reputation.
Bank fraudsters have gone digital, and keeping up with them has become a monumental task for those firms unwilling to invest in the right security tools. Smart global banks, however, are embracing the benefits of Big Data to stop criminals dead in their tracks. Banks are finding that the most effective tool to combat fraud is to develop algorithmic machine learning programs that out-fox even the most sophisticated digital criminals.
Benefits of Big Data
Machine learning begins with Big Data. True, it’s a term that means different things to different people. But at the core the term represents the notion that to leverage data – large, varying, and fast changing datasets – we need a new set of so-called Big Data technologies. Although these technologies are as varied as Hadoop, In Memory databases, and NoSQL, they collectively shun the idea that traditional relational databases are the gold standard for storing and querying data.
Big Data technologies enable us to extract insights either as visualisations for human consumption or as mathematical equations (what are known as predictive models) for consumption by computers. In the realm of fraud detection, Big Data technologies help us win what’s lately been a losing battle involving three very important data elements: quality, timeliness, and breadth.
Today’s cybercriminals have a leg up on all three of these vital data elements. That’s why it’s essential to develop an integrated fraud prevention plan based on a combination of real-time anomaly detection and machine learning models. Such programs can tap into massive amounts of data created inside and outside the bank, which is the key to successfully curbing fraud in today’s digit age.
Antiquated fraud detection
Fraud detection is a predictive analytics problem. Predictive analytics techniques work by extracting patterns from past datasets to predict the future. These techniques typically assume that the future should mimic the past. For these techniques to be effective, we require accurate, timely, and broad datasets. The incumbent approaches to fraud detection falter on all the three dimensions of data and make the efficacy of current approaches to fraud detection questionable at the very least. Let’s discuss the potential shortcomings of each set:
Quality: The quality of datasets that banks would use in fraud analysis is poor because they didn’t detect all fraud cases. What should have been identified as fraud got tagged as not-fraud. Doing so led to building sub-optimal models with poor predictive quality. A good fraud detection model is one that has high tolerance to outlier cases and can withstand false-negatives without deterioration of the model.
Timeliness: Unlike human consumption patterns that help predict the next product we are likely to buy, fraud patterns can change with time. Fraudsters adopt new tricks as old ones start failing. As a result, there is a strong need to be able to detect new fraud patterns shaping up on the field and then to deploy updated models. Traditional analytical approaches typically take three to six months to develop and deploy into fraud detection systems. This timeframe for banks is laughably slow for a criminal bent on fraud.
Breadth of Data: The effectiveness of fraud detection models increases if we have more data around various scenarios. Weaving a story of the people involved using varying datasets like blogs of Internet activity, mobile interactions, and the data stored in a bank’s system can help carve out a complete story. Models can then improve the accuracy of their predictions. Most fraud detections systems today don’t leverage unstructured data outside a company’s systems.
Analytics are not created equally
Sophisticated companies are machine learning powered by Big Data technologies to build state-of-the-art fraud models. Traditional statistical approaches and modern day machine learning techniques are based on the same mathematics. But the terminology, culture, and toolset used in the two disciplines are so different that it merits treating machine learning as a distinct discipline in itself.
Machine learning has origins in the Artificial Intelligence world. Companies like Google and Amazon utilise machine learning to build automated predictive models.
For fraud detection, machine learning powered by Big Data technologies has a unique advantage in relation to the timeliness issue. Machine learning is essentially a group of algorithms that show improvement of the predictive model when more data is fed into those algorithms. The algorithms learn from data and keep on improving over time (see graph). With Big Data feeding into machine learning algorithms, the efficacy of fraud models improves significantly over time. This is completely opposite of traditional approaches where the model deteriorates over time.
Machine learning s also related to neural networks. Decision trees and random forest methods have also shown better resilience to handling poor quality datasets inherent in fraud problems. For example, experts cite random forest as the most successful technique used by data scientists in winning predictive modeling competitions hosted on Kaggle.com
Data beats mathematics
There is only so much you can do by optimising the mathematics that goes into building predictive models. Ultimately, what really gets a lift in the accuracy of models is more data (size and breadth). Banks collect a lot of data from customers through an array of service preferences in order to know them better. They also have systems in place to monitor or gather data on daily transactions (deposits, withdrawals, etc.) of customers. Banks can also monitor data from blogs, chat archives, feedbacks, survey responses and other forms of structured and unstructured data from multiple channels.
Numerous research papers (e.g., Unreasonable Effectiveness of Data) and enterprise scenarios like Google search have proved that feeding more data (size and breadth) into algorithms leads to a greater lift in model performance then spending more time in optimising the models. Not surprisingly, therefore, we see a big difference by using Big Data technologies for fraud detection. The ability to run models on population rather than samples combined with the ability to tap into no-traditional data formats available from social networks and emails creates a capability for fraud detection that has not existed … until now.
Global corporations measure success a number of ways. Accountants, for instance, can demonstrate year-over-year financial gains on income statements. Then there are the intangible aspects of success – what an accountant might call goodwill. Elements like reputation and intellectual capital might take decades for a company to build up. Yet sophisticated fraudsters are damaging the reputations of once-respected banks by running circles around them in cyberspace. That’s why financial services firms need to utilise Big Data. By leveraging large, diverse, and fast-changing datasets, Big Data technologies take fraud detection leaps and bounds ahead of traditional approaches. By storing and analysing data in new ways, financial institutions can detect fraud in advance and beat criminals with a one-two punch of their own.
About the Authors:
Niraj Juneja is a Principal Consultant in the Infosys’s Management Consulting division. His focus is on using data science techniques to enable better decision making for Financial Services firms. As a practitioner of analytical techniques that use Big Data technologies, Niraj believes that the traditional approaches to decision making that rely heavily on recommendations from gurus and human intuition will undergo a major shift towards “data driven” decision making enabled by Big Data technologies.
Niraj has several years of experience consulting for Fortune 100 Financial services firms and has successfully executed large scale data driven business transformation programs.
Kiran Kalmadi is a Principal Consultant in the Financial Services and Insurance (FSI) business unit and leads the FSI Research team. He has around 13 years’ experience in bespoke research and analysis for strategy development, consulting, marketing and business development.
Kiran has worked extensively in the retail banking and payments domain and has been involved in developing research-based consultative insights and analysis for business pursuits and client engagement.He has a keen interest in Social Media, Payments, Analytics, Internet, and Mobile Banking and its adoption by financial institutions.
Ahli Bank, Oman, is SunTec’s 50th customer for its Indirect Taxation Solution
SunTec’s GCC VAT compliance solution to help Ahli Bank automate end-to-end VAT compliance process, manage regulatory changes, and seamlessly integrate it with the existing IT ecosystem
SunTec, the world’s #1 relationship-based pricing and billing company and the provider of #1 GST and VAT compliance solution for Banks and Financial Services in GCC and India, has partnered with Ahli Bank, Oman, to provide its GCC VAT compliance solution.
The win is a landmark one for SunTec as it marks the 50th customer for its indirect taxation solution. SunTec has garnered 24 customers in India and this is the 26th customer in the Middle East to acquire the solution.
VAT is likely to be introduced in Oman in early 2021 and Ahli Bank has taken the proactive step of adopting a VAT compliance solution to ensure operational efficiency, enhance revenue, and augment customer experience.
Amit Dua, President – Client Facing Groups, SunTec, said, “We are delighted to partner with Ahli Bank, Oman in what marks a historic win, in their journey to ensure VAT compliance. We understand that the VAT landscape is evolving within the GCC, and therefore, our solution offers agility to respond to these changing regulatory requirements. With the Xelerate platform and GCC VAT compliance solution, Ahli Bank can digitize the entire VAT compliance process and comply with least number of changes to their existing technology infrastructure.”
He added, “VAT is a crucial step that the GCC countries have taken to implement tax regimes. It is imperative for banks and financial institutions to have a robust and scalable solution to accommodate their specific needs. Ahli Bank joins the list of more than 20 banks who have adopted our GCC VAT Compliance solution. I’m proud to say that approximately 3 billion transactions per annum are processed through our GCC VAT/ GST compliance solution across our client base.”
Said Abdullah Al Hatmi, CEO at Ahli Bank, added: “It is extremely crucial for us to be ready for VAT compliance. We are very happy to partner with SunTec to deploy GCC VAT compliance solution. With SunTec we will have a single solution in place covering all aspects of VAT compliance and we will be future-proofed given that any future regulatory changes will be handled by the solution with ease.”
SunTec’s GCC VAT compliance solution based on the Xelerate platform will enable the bank to smoothly comply with GCC VAT regulations and manage potential regulatory changes with ease. The single end-to-end solution helps automate the entire VAT compliance process including centralized rule-based tax determination, input tax recovery, tax invoice, reconciliation, corrections, adjustments, statements, and regulatory reporting.
SunTec GCC VAT Compliance solution is architected to meet the unique needs of banks and financial services firms and can easily integrate with existing IT systems. The solution is designed to process all taxable transactions across business lines and applications, reduce cost of compliance, mitigate potential risk of compliance violations, penalties, and reputational risk.
Securing Digital Transformation in Financial Services
By Bindu Sundaresan, Director, AT&T Cybersecurity
In the last year, financial services organizations have been pushed to speed up their digitization strategies faster than they could have ever anticipated. The COVID pandemic has closed the doors of many physical banks, forced them to move many interactions with customers to digital and introduce new measures so employees can carry out their jobs from home.
The uptake of digital banking has been immense with a recent report from World Retail Banking revealing that 57 percent of consumers prefer internet banking in the Covid-19 era. Today, connected consumers expect near-real-time online transactions at their own convenience, 24X7, and they expect banks, credit card providers, and stockbrokers to provide uninterrupted web services wherever they are in the world.
However, while this digitization has enabled banks to fully serve their customers during the pandemic, it has raised the security stakes considerably.
All around the world, while financial services organizations are adapting and taking advantage of digital technology to make consumer banking and payments safer, faster and more convenient, cyber criminals have been looking at ways to exploit these new initiatives.
What are the best ways financial organizations can embrace digital transformation, without compromising on security?
Embracing Digital Transformation Security
Financial institutions have long been a top target for cyber criminals and as these organizations broaden their digital footprint, their risk profiles change, and their attack surface widens.
In fact, a recent report from AT&T Business revealed that many organizations have noted an increase in malicious activity and cyber-related fraud against themselves and their customers, since the coronavirus pandemic struck. The attacks on institutions are typically happening through malware or social engineering campaigns, while customers are especially vulnerable to phishing with cyber criminals sending out fake COVID-related emails disguised as if coming from banks.
To help understand and manage these risks, financial organizations need to be proactive with their cybersecurity. One of the most important steps they can take is embedding security into new services from the very beginning. This will enable business leaders to make informed decisions, allocate resources efficiently, and understand the value of systems and information.
Banks and other financial institutions handle some of the most sensitive information for their customers and business – Personally Identifiable Information (PII), credit card numbers, and account information. However, as access points to reach this information increases, security should be embedded into systems earlier in the development process. To help achieve this, security teams need to work more closely with developer teams at the beginning of development stages when new technology is being introduced, rather than security being bolted on at the end, which is something that has traditionally happened.
Building a security-conscious culture is also essential, particularly as employees today are more frequently working from home. Employees need to be educated about the most current fraud and phishing scams and how to avoid them. They should be instructed to access sensitive data from a secure network, using their company device, and through the prescribed channels—not by clicking a link in a newly received e-mail. Employees should not open unexpected e-mail attachments and should report suspicious e-mails to the company’s IT department.
Since external IT services are ubiquitous in today’s business environment, it is imperative that as financial services organizations assess technology providers to provide that these services do not pose an immediate impact, while also strategizing how best to fortify resilience against third-party challenges. Many third-party services are critical to an organization’s success, including technical support, cloud-based financial applications, security monitoring, email and data backup solutions. Vendor management is a complex and time-intensive task which many organizations do not, and in many cases, cannot dedicate the time and resources to managing. For companies with a small number of vendors, this can be manageable, but most organizations will need additional support to create and implement these programs effectively. By dedicating resources to developing a program, organizations can begin to understand and eliminate the threats posed by third parties.
Financial institutions should also consider implementing a Zero-Trust approach within their security strategy. Zero Trust is a cybersecurity model with a tenet that any endpoint connecting to a network should not be trusted by default. With Zero Trust, everything and everyone— including users, devices, endpoints —must be properly verified before access to the network is allowed. The protocols for a Zero Trust network outline specific rules in place to govern the amount of access granted to users, based upon the type of user, their location, and how they are accessing the network. If the security status of any connecting endpoint or user cannot be resolved, the Zero Trust network will deny the connection by default.
Since the beginning of the pandemic, financial organizations have been forced to change the way they operate. Employees are now working more frequently from home and many banking services can now be done online. While these steps have been vital to keep the finance industry moving during the pandemic, they have introduced new security challenges.
As these organizations embrace digital transformation and are shifting to the cloud, simplifying technology infrastructure and outsourcing workloads to third parties, they are also expanding their cyber risk. Cyber has become more prolific across systems, platforms, and people — employees, customers, and partners — and enterprise leadership must correlate all of this to stay ahead of the adversary and help protect the organization’s most valuable assets.
Financial institutions therefore must be increasingly vigilant, and increasingly well-equipped technologically, to protect themselves from sophisticated attacks. In this way, digital transformation becomes both a critical contributing factor in the problem of growing cyber risks today—and a critical resource for solving it.
Using technology to optimise your finance
By Mark Pullen, CEO, Xledger
Covid-19 restrictions and ongoing uncertainty have prompted a fundamental switch in mindset across a multitude of different sectors. Many organisations have begun to recognise that outsourcing their finance can make them more agile and give them the competitive edge they need to compete and scale effectively in today’s market.
Solving the pain points
Inefficient processes are prone to causing delays and errors which can have a huge impact on the bottom line when viewed at scale. They can also negatively impact the client experience, causing frustration with missed deadlines and mounting uncompleted tasks.
New finance technology is automating many of the daily, monotonous back office functions such as bank reconciliation and invoice entry, meaning that the nature of the work that a finance professional provides will change. This presents a huge opportunity as it gives these employees the opportunity to be involved in higher-level work. Technology can also provide a resource that gives real time insight, allowing for better strategic decision making, which is so key in the current climate.
Optimising your finance function
Outsourcing high-value services within the finance function can improve workflow by implementing a defined and transparent process which streamlines operations. For a finance department, this can speed up areas that require internal controls such as expense reporting and cash release, but it can also speed up the full lifecycle of a project; from time tracking and resource to accounting and billing.
There is also a cost efficiency benefit when outsourcing, as management bandwidth is effectively increased by eliminating the need to be involved in many of the day to day processes. Instead this time can be focused on other business priorities and planning for future growth.
Outsourcing accounting functions to bespoke and standardised technologies means using data led processes that can be measured, optimised and benchmarked against in-house requirements. These processes can also be undertaken remotely, boosting the resilience of your business in these uncertain times.
Case study box-out: RPC Tyche
RPC Tyche is a global insurance software supplier with offices in London, Paris, and the USA. Initially a division of award-winning law firm RPC, but now a stand-alone entity, RPC Tyche’s main software offerings support capital modelling, and pricing commercial insurance and reinsurance.
As part of a restructuring process following the de-coupling with the law firm RPC, RPC Tyche had to separate its back-office processes. They remained under the umbrella of the law firm while the changes were taking place, so initially had some flexibility with the shared finance system, but time was running out to separate the two entities cleanly. As a stand-alone company, RPC Tyche now needed its own financial system; one that could align with its new business processes and that could be implemented quickly to deliver the organisation’s business objectives. Furthermore, they needed a new finance solution that could help them grow exponentially, facilitate a globally diverse group structure, and still maintain efficiency when operating as a small team.
Gavin Dilley, Chief Finance Officer for RPC Tyche commented, “Following an initial discussion with a third-party advisor regarding Xero and Quickbooks, we were recommended Xledger because we required a swift and scalable solution. After contacting Xledger, their tried and tested implementation methodology ultimately assured us that we would achieve the fast-paced implementation needed for our go-live objective. We also really liked that Xledger was a multi-tenanted, true cloud solution with its scalability setting it apart from the competitors.”
Implementation and training
Following conversations with Xledger, RPC Tyche created a project management team to keep everything on track on their side, an arrangement that Gavin emphasised “worked really well.” He said that “as a small project team, the flexibility to undergo substantial configuration during the training sessions with the Xledger consultants brought focus and enabled us to dedicate sufficient time to the system without distractions.”
Although the implementation was expected to take three months, RPC Tyche experienced hold-ups owing to the separating of back-office processes, so they were pleased when it was mutually agreed to facilitate a one-month delay.
“The implementation process was highly effective, and we’re very happy with the results,” said Gavin. “Since implementing the Xledger solution, we’ve been so pleased we haven’t had to dip back into the old system as the transfer of historic data has been particularly successful.” RPC Tyche had a large volume of historic data and transactions, including timesheets and work in progress reports that were all successfully migrated to Xledger during implementation. “We’re particularly happy with how easy it has been to onboard our new Finance Controller, due to flexible training and the system being so intuitive.”
Gavin added, “Since implementing Xledger, we have far greater reporting flexibility, better distribution of skills within the finance team and are naturally more self-sufficient because we can make amendments to the system without relying on the software provider.
The system is easy to use, and the purchase order functionalities, integrated workflows and automation of processes have enabled us to be highly efficient, even as a small finance team. Not to mention that the Xledger support team are incredibly responsive, so we can continually maintain productivity.”
SH Capital Ltd launches in Dubai to support SMEs with global banking services
Fintech provider to reconnect businesses with international banking services, digital treasury management solutions, risk management and cash investment products A...
Why CMOs Should Care About Customer IAM
By Darshana Gunawardana, Associate Director/Architect at WSO2 The surge to move online in 2020, in turn, has driven demand for...
Volkswagen faces EU fine for missing 2020 emissions targets
BERLIN (Reuters) – Volkswagen faces a fine of more than 100 million euros ($121 million) for missing EU targets on...
Ahli Bank, Oman, is SunTec’s 50th customer for its Indirect Taxation Solution
SunTec’s GCC VAT compliance solution to help Ahli Bank automate end-to-end VAT compliance process, manage regulatory changes, and seamlessly integrate...
Oil dips after unexpected rise in U.S. crude stocks
By Ahmad Ghaddar LONDON (Reuters) – Oil slipped on Thursday after industry data showed a surprise increase in U.S. crude...
UK factories see big drop in output ahead, supply problems too
LONDON (Reuters) – British manufacturers expect a sharp fall in output in the three months ahead and there were widespread...
Britain’s EG Group appoints Rose as non-executive chairman
LONDON (Reuters) – British convenience store and fuel retailer EG Group said on Thursday it had appointed Ocado Chairman Stuart...
Bitcoin slumps 10% as pullback from record continues
LONDON (Reuters) – Bitcoin slumped 10% on Thursday to a 10-day low of $31,977 as the world’s most popular cryptocurrency...
European firms improve diversity scores in pandemic year, study finds
By Aida Pelaez-Fernandez (Reuters) – The number of major European companies with high participation of women in leadership positions has...
Bank of Japan lifts next year’s growth forecast, saves ammunition as virus risks linger
By Leika Kihara and Tetsushi Kajimoto TOKYO (Reuters) – The Bank of Japan kept monetary policy steady on Thursday and...