I'm often asked "What are the best ways for banking institutions to detect fraud?" While it's common for institutions to rely on after-the-fact manual reports and threshold rules, these are primarily useful for compliance processes, not for fraud detection and loss mitigation. To have a real impact on fraud losses, you need:
1. Fraud detection in real time. Anything less is a window for the criminals to get away. Even for batch processes, the scoring engine should evaluate the transaction, and an authorization or decline decision should take place prior to funds movement.
2. Analytics. Analytics is the only way to actually detect fraudulent patterns of behavior efficiently. The output of the analytics should include a customer score, which determines how the activity corresponds to the customers’ actual behavior, and a transaction fraud score, which determines the fraudulent nature of the transaction. Understanding customer behavior is essential—it helps reduce the impact on your customers and your fraud operation by reducing false positives. Certain customers transact in ways that may appear fraudulent. For example, high net worth individuals are more likely to spend at higher thresholds and in more exotic international locations. Small business owners may have more unpredictable payment activity and online banking activity that takes place at widely varying times, not just during ‘normal’ business hours. There are far too many nuanced variables within your customers’ (and the criminals’) behavior for threshold rules to be effective. Both good and bad behavior changes unpredictably over time.
3. Workflow. Workflow is critically important to solving challenges with fraud resources. In our last fraud survey, it was obvious that financial institutions have many hoops to work through to correct and manage each customer’s fraud issues. Specific actions, data and processes are required to manage each type of fraud case and to use as evidence for prosecution. Depending on the type of payment defrauded, there are specific steps required to make the customer whole, and every step to back out the transaction creates operational costs. A cohesive and flexible workflow engine allows analysts to consolidate and, in many cases, automate the remediation process.
4. Efficient rules engine. The rules engine links the analytic scoring to an action based on the currently available information. It answers: What do I do after an unusual transaction is detected? How do I compare the strategies (sets of rules) to each other to determine which are optimal and which are no longer necessary? Rules are essential to react quickly to shut down fraud, and enable management and documentation of the processes used to define and refine your actions, in a repeatable and auditable manner.
