By Hannah Hein and Tom Read
Financial services institutions use various tools and techniques to prevent fraudulent activity and to quickly mitigate the impact of fraud when it does occur. Research and experience suggest, however, that financial fraud detection could be significantly improved.
As things stand, breaches have increased by 141 percent since 2011. Not only that, 50 percent of fraudulent events are first detected by customers – not by their banks’ fraud teams.
During a recent fraud detection project with a major international bank, Haystax Technology gained insight into key factors contributing to the relatively low prevention rate:
- Detection tools were unable to infer from diverse data sources whether certain activity was likely to be fraudulent. In isolation many indicators (like type of user) are benign, but collectively they may reveal a fraudulent event taking place. For instance, a new user combined with unusual login activity might well be cause for concern.
- Detection tools could only search for known indicators of fraud. Anomalous events that weren’t included in the list of known fraud indicators were either assessed individually or ignored altogether. This approach requires significant manpower, and is often not feasible due to limited resources.
- A fraud domain model was not used to ensure data was mapped to the appropriate indicator categories. Without such an organizing structure, data from a single fraudulent event was often thought to be from several different events. Redundancies like this can be a significant drain on resources.
Based on these discoveries, we believe financial institutions can save a lot of time and money by developing and deploying a solution that includes these three core elements:
- A holistic fraud model that eliminates the need for multiple tools focusing on separate issue areas, and reduces the number of missed attacks.
- Open and transparent cause-and-effect nodes that allow model users to drill down into results to discern root causes, and avoid focusing on redundant events.
- Prioritization and ranking capabilities that help users respond to the highest priority events first.
If you found this interesting and would like to learn more, check out our Fraud Detection Case Study here
Hannah Hein is Insider Threat Project Manager and Tom Read is Director of Insider Threat Programs at Haystax Technology.