Gotcha! Fraud Protection SystemsBy Baselinemag | Posted 2005-09-07 Email Print
WEBINAR: On-demand webcast
Next-Generation Applications Require the Power and Performance of Next-Generation Workstations REGISTER >
Effective antifraud systems exist, but the challenges in fielding them and getting the company to use them correctly can be daunting.
Sifting through mortgage applications and monitoring credit card transactions are just a couple of the ways computer systems can help identify fraud and, sometimes, prevent it. But fielding an effective antifraud system can be challenging.
Problem: You have to figure out what to look for, before you can automatically check for fraud.
Resolution: Supplement your operational business systems with auditing and analysis tools that are designed to spot anomalies.
In mortgage fraud, such a variance could include a value of a home in an assessment that's found to be altered by more than 10% from what was originally recorded in the system. While some changes might be innocent corrections of clerical errors, others could prove to be fraud.
Auditing software tools such as CaseWare International's CaseWare IDEA and ACL Services' ACL, as well as more general statistical analysis tools from vendors like SAS Institute and SPSS, can spot these types of incongruities.
If a pattern proves particularly reliable at flagging fraud or other problems, you may want to integrate checks for it into your systems so that fraudulent transactions can be stopped, rather than caught after the fact. This often requires custom programming, although packaged software, such as Fair Isaac Corp.'s Falcon system for identifying credit card fraud, is available.
Problem: New scams don't get picked up.
Resolution: Gauge how unusual transactions are, based on established norms.
If a group of veteran salesmen, for example, suddenly start racking up twice the sales of their colleagues, that might indicate there's something dubious going on, such as the falsification of numbers.
One powerful statistical tool, supported by software such as CaseWare IDEA, is Benford's Law. This is the observation that the occurrence of a series of digits in a number is less random than it seems, with low digits at the beginning of a number occurring more frequently. That is, for many data sets the first digit will be "1" about 30% of the time but "9" only 5% of the time. So, it should arouse suspicion to discover a series of invoices in which numbers like $999,999 occur as often or more frequently than $100,000.
Problem: You don't know what the norm is.
Resolution: Build up solid statistics on proper transactions in your businessand on frauds you have encountered.
Ideally, you want to feed the analytic software a few thousand examples of previously identified fraud and thousands of examples of non-fraud.
When there's not enough comparison data, most developers of antifraud systems turn to custom-programmed rules for flagging suspect documents. "In those cases, you need to be looking more at expert systems where you interview people in the company for their expertise," says Karl Rexer of Rexer Analytics. In other words, you have to interview experts and turn their advice on the kind of patterns to look for into rules that can be programmed into software.
Problem: Innocent transactions get flagged.
Resolution: Don't be too quick to act on the indications of fraud generated by software. Weigh the value of that information against your understanding of the limitations of the software and the data it uses. If your mortgage system flags an unusually high home appraisal for investigation, that might mean you're dealing with a crooked appraiserbut the high value might be explained by another factor not recorded in the computer system, such as a recent Architectural Digest feature extolling the property.
"Too often, what I see is investigators who don't fully understand the software, don't understand the data, and now they're running off and making allegations," says David Coderre, author of the book Fraud Detection: A Revealing Look at Fraud. According to Coderre, false positives are inevitable because antifraud software typically deals in statistical probabilities rather than absolutes.