Busting Fraud Rings with. Social Link Analysis

Similar documents
The Stark Reality of Synthetic ID Fraud How to Battle the Leading Identity Fraud Tactic in The Digital Age

Increase Effectiveness in Combating VAT Carousels

Dig Deep into the Root Causes of Fraud to Prevent Future Attacks

Synthetic Identities. Are you chasing invisible footprints? 2018 Fair Isaac Corporation. All rights reserved.

White Paper. Lifting the Veil Why Understanding Beneficial Ownership Is Now Essential for AML Compliance

Banking Title Application Fraud: The Enemy at the Gates

INCREASING INVESTIGATOR EFFICIENCY USING NETWORK ANALYTICS

ROCHESTER INSTITUTE OF TECHNOLOGY

Automotive Services. Tools for dealers, lenders and industry service providers that drive profitable results in today s economy

White Paper. Banking Application Fraud: The Enemy at the Gates. It is a fraud to borrow what we are unable to pay. Publilius Syrus, first century B.C.

Using data mining to detect insurance fraud

A Model for Calculating User-Identity Trustworthiness in Online Transactions

IBM Financial Crimes Insight for Insurance

EXECUTIVE SUMMARY. A systematic approach for combating enrollment fraud

How to Choose a Total Chargeback Management Provider

Mortgage Payoffs Under Siege

Internal Fraud The Threat from Within

Kasasa Protect. FAQ and Product Overview

Know Your Customer (KYC) Executive Overview with Know Your Vendor (KYV) and Know Your Employee (KYE)

IVANS 2008 XCHANGE CONFERENCE Key Communications Issues Facing the Property/Casualty Insurance Industry in 2008

UI ID Theft in Texas UI Director s Conference. Paul Carmona Director, Regulatory Integrity Division

Anti-Money Laundering. How to set up a strong Compliance Program

KeyBank Special Report: Identifying And Mitigating Your Exposure To Fraud

Fighting back against synthetic identity fraud

ANTI-MONEY LAUNDERING IN

Information on Identity Theft for Business, Partnerships and Estate and Trusts

DUE DILIGENCE IN MORTGAGE OR LOAN TRANSACTIONS

POLICIES FOR PROPER IMPLEMENTATION OF THE FOURTH ANTI MONEY LAUNDERING DIRECTIVE

GAO. EXPEDITED ASSISTANCE FOR VICTIMS OF HURRICANES KATRINA AND RITA FEMA s Control Weaknesses Exposed the Government to Significant Fraud and Abuse

FIGHTING AGAINST CRIME IN A DIGITAL WORLD DAVID HARTLEY DIRECTOR, SAS FRAUD & FINANCIAL CRIME BUSINESS UNIT

Addressing Vehicle Cloning

RC & TACKLING BENEFICIAL OWNERSHIP IN AML PROGRAMMES. risk compliance RISK & COMPLIANCE MAGAZINE. risk& compliance REPRINTED FROM: JAN-MAR 2019 ISSUE

Anti-Money Laundering Awareness Training Insurance Industry-Hong Kong

Fraud Detection in Public Schools

Good From The Inside Out. Saturday, April 8, 2017

DRAFT An Act Providing for the Detection and Prevention of Fraud, Waste, Abuse and Improper Payments in State Government

Services and Features

Strategic Security Management: Risk Assessments in the Environment of Care. Karim H. Vellani, CPP, CSC

Bank Secrecy Act (BSA)/Anti-Money Laundering (AML) Employee & Agent Training

Identity Theft Prevention Program Lake Forest College Revision 1.0

Minimize risks and make insightful decisions at every step of the policy lifecycle. Life Insurance Solutions from LexisNexis Risk Solutions

Defining Entities for Better Risk Assessment

Insurtech 101. A complete guide for both veterans and entrepreneurs launching products in the insurance marketplace.

A Review of Actual Fraud Cases in 2017 FRAUD REVIEW

How to Ace Your BSA Exam & Risk Assessment

Implementing behavioral analytics to drive customer value: Insurers cannot afford to wait.

Rental Exchange Frequently Asked Questions

INSURANCE. Forensic services. Helping to protect your business from fraud, misconduct and non-compliance ADVISORY. kpmg.com/in

Chart 1 How Fraudulently Used Consumer Information is Obtained M A Y

Guidelines for Anti-Money Laundering and Combating the Financing of Terrorism

Personal Lending Products

Equifax Data Breach: Your Vital Next Steps

SAFEGUARDING YOUR CHILD S FUTURE. Child Identity Theft. Protecting Your Child s Identity

Analytic Technology Industry Roundtable Fraud, Waste and Abuse

Recognizing Credit Card Fraud

CITIZENS, INC. BANK SECRECY ACT/ ANTI-MONEY LAUNDERING POLICY AND PROGRAM

ANTI-MONEY LAUNDERING PROCESS MATURITY

Statement of Robert Ryan, Senior Director of Government Relations TransUnion, LLC. Before the. Subcommittee on Crime, Terrorism and Homeland Security

Predictive Modeling and Analytics for Health Care Provider Audits. Sixth National Medicare RAC Summit November 7, 2011

gamevy Anti- Money Laundering Detecting and Preventing Financial Crime Training for Gamevy

How Credit Card Chargebacks Really Impact your Bottom Line

Money Laundering and Terrorist Financing Risks in the E-Money Sector

MONROE COUNTY SHERIFF S OFFICE. General Order

LENDING SHORT TERM AND INSTALMENT LENDING. 10 Reasons why Callcredit will help you make smarter decisions

Predictive Claims Processing

Services & Features for Employee Benefit Members

Risk Management on Prepaid Cards

STEP CERTIFICATE IN ANTI-MONEY LAUNDERING. Syllabus

No company provides a more powerful fraud detection solution than. Experian, the global leader in information solutions.

ROI CASE STUDY SPSS INFINITY PROPERTY & CASUALTY

Anti-Fraud Policy Date: Version: Review Date:

The Guide to Budgeting for Insider Threat Management

An overview of the fraud threat to business, including the particular threat posed by electronic funds transfer fraud

Anti-Money Laundering and Counter Terrorism

Frequently Asked Questions

Testimony. Submitted for the Record. American Bankers Association. Financial Institutions and Consumer Credit Subcommittee

ANTI-FRAUD PLAN INTRODUCTION

CONSUMER FRAUD GLOBAL HEADQUARTERS THE GREGOR BUILDING 716 WEST AVE AUSTIN, TX USA

Leveraging Innovative Technologies to Combat Health Care Fraud Kathy Mosbaugh, Director State Government Health Care NCSL Fall Forum 2011

Table 1: Historical Summary of Revenue Lost to Fraud. Estimate of Revenue Lost to Fraud

Know Your Customer Risk Assessment Guide. Release 2.0 May 2014

Fighting Fraud in Financial Services: three success stories

Edward J. Finn 1275 Drummers Lane, Suite 302 Office: Wayne, PA Fax:

An interview with James Sherwood-Rogers, managing director, Quest

Increasing pressure on PBMs to identify fraudulent providers

Personal Lending Products

minimise card fraud in your business.

BEYOND. THE CREDIT HEADER FILE How Your Business Can Use Unregulated Data to Boost Revenue, Increase Agility and Reduce Risk WHITEPAPER

Anti-Money Laundering and Terrorist Financing Prevention Compliance Program Creation Guide

Using analytics to prevent fraud allows HDI to have a fast and real time approval for Claims. SAS Global Forum 2017 Rayani Melega, HDI Seguros

Decreasing Tax Fraud Using Validation. through Taxpayer Pattern Matching

Frequently Asked Questions

Introduction to Detailed Claim Information Reporting. Lesson 4: Resources and Tools

Divided we fall: Fighting payments fraud together

The Foreign Account Tax Compliance Act (FATCA)

ANTI-MONEY LAUNDERING AND COUNTER TERRORISM FINANCING PROCEDURE MANUAL. Fcorp Services Ltd

RISKS WITH SAME DAY ACH

Red Flag! Now What? An SME s Guide for FACTA Red Flag Compliance. see} white paper

Registry General September 2015

by: Stephen King, JD, AMLP

Transcription:

Busting Fraud Rings with Social Link Analysis

Table of Contents INTRODUCTION... 1 WHAT IS BUST-OUT FRAUD AND WHY IS IT SO HARD TO DETECT?... 2 SOCIAL LINK ANALYSIS (SLA): A POWERFUL NEW WEAPON... 3 HOW SOCIAL LINK ANALYSIS WORKS... 4 Access Enterprise and Third-Party Data... 5 Detect and Resolve Entities (Entity Resolution)... 6 Link Entities and Create Social Networks... 6 Analyze, Score and Prioritize... 7 Alert... 7 Visualize... 7 BUSINESS BENEFITS... 9 CONCLUSION... 9 ABOUT INFOGLIDE... 10

Introduction Financial institutions are forced to combat many types of fraudulent activity, but few are as damaging and difficult to detect as bust-out fraud. Analysts estimate that between 10% and 15% of all banks unsecured bad debt is actually bust-out fraud, resulting in tens of billions in losses every year. While this type of fraud is certainly not new, it remains a significant problem for banks because it is so hard for them to identify and take action in time. Organized bust-out fraud -- also referred to as sleeper fraud -- occurs when an organized group of individuals applies for credit cards, loans, overdrafts or other unsecured banking credit lines, and then uses them to make purchases with no intention of ever paying them back. The criminals hold onto accounts for some time and then quickly ramp up spending activity before the banks can act. Unfortunately for banks, bust-out fraud is difficult to detect by traditional anti-fraud measures because initially, the fraudsters behave like any other respectable customers, bypassing the bank s rules and analytically-based detection measures. To defend against these sophisticated threats, banks must be able to identify fraud rings earlier in their life cycle so perpetrators can be stopped before they act. Additionally, since fraud rings typically operate within a wide number of geographic locations and business channels, the fraud rings must be pieced together across the entire institution. Infoglide has developed a powerful new weapon, Infoglide Social Link Analysis (SLA), designed specifically to combat bust-out fraud by exploiting the number one weakness of bust-out fraud rings: reused identity information. In almost every case of large-scale fraud networks, there are bits and pieces of reused, fraudulently obtained identity information (such as names, phone numbers, addresses, etc.). Infoglide SLA uses sophisticated technology to identify and piece together both exact and inexact (fuzzy) linkages and nonobvious relationships using these recycled pieces of information. As a result, the fraud ring can be discovered before its members can strike the bank. This whitepaper introduces Social Link Analysis and discusses in depth why it is an effective tool against organized bust-out fraud. It also highlights examples and key business considerations for financial institutions.

What is Bust-Out Fraud and Why is it so Hard to Detect? Organized bust-out fraud is a type of first-party fraud that occurs when a group of individuals opens bank accounts with fraudulent identity information. Often facilitated by employees, the individuals then typically spend between a few months and a few years establishing themselves as engaged and trustworthy customers. Oftentimes, to simulate activity, the fraudsters will cycle cash among the various fraudulent accounts without the payments ever leaving the bank. Over time, individuals within a network will accumulate several credit cards with increasing levels of credit, along with personal loans and checking accounts. Once a fraudster reaches a desired bust level or time in the scheme, he or she will rapidly increase spending, max out credit card limits and attempt to get additional credit cards, loans or accounts. Since the fraudsters are collaborating with each other, they are able to make sure that they adhere to the rules and thresholds that might otherwise trigger an alarm, making bust-out fraud difficult to detect. Frequently, they will use credit cards and checks to purchase items such as electronics or large household appliances that can be sold quickly after purchase. Because of the speed with which all of this activity happens usually only a couple of days banking systems do not detect it fast enough to react and block purchases. Yet another problem is that banks often lack the tools to detect activities across different lines of business within the institution. For instance, a customer may take out a loan from the retail division to continue cycling their credit card payments. Since most banks analytics are focused on specific lines of business, they are unable to detect cross-channel fraud. Finally, the very nature of the crime makes it difficult to detect. There are many reasons banks see charge-offs and bad checks (for instance, when a customer experiences a divorce, job loss or other personal crisis), so these issues are not always indicative of fraudulent activity. However, estimates indicate that up to 15% of all charged-off credit is, in fact, uninvestigated first-party fraud.

Social Link Analysis (SLA): A Powerful New Weapon Although organized fraudsters are sophisticated, they often leave behind evidence that can be used to uncover networks of organized crime. The fraudsters know that due to Know Your Customer (KYC) and Customer Due Diligence (CDD) regulations, their account information will be verified. To pass these checks, the individuals will either modify their own identity or use a synthetic identity, which consists of combining real identity information (e.g., a social security number) with fake identity information (names, addresses, phone numbers, etc.). Fortunately for banks, false identity information required to successfully open accounts can be expensive and inconvenient to acquire and maintain. For example, apartments must be rented out to maintain a valid address. Additionally, there are only so many cell phones a person can carry at one time and only so many aliases that can be remembered. In response, fraudsters look to share recycled bits and pieces of these valuable assets. This reuse of identity information is what makes Infoglide SLA so effective in combating fraud. By examining the linkages between the recycled identities, Infoglide SLA is able to identify potential fraud networks. Once the networks are detected, Infoglide SLA applies advanced analytics to determine the risk level for both the network and each individual associated with that network.

How Social Link Analysis Works Social links, in a banking context, are made up of groups of accounts, customers, and employees that share some sort of relationship with each other. Examples of attributes that may be shared and linked can include: Personal identity information (e.g., names, addresses, phone numbers); Account information (such as an account number and its creator); and Transactional information (including payment transfers between accounts, or employees who approve customer information). Infoglide SLA detects the shared relationships between the customers, employees and known bad guy data and links them together into networks. Once the entities are linked together, advanced analytics are applied to determine the level of risk. SLA works by first analyzing data across product lines, matching information across accounts, identifying linkages and networks, and then scoring those links. If connections indicate a risk of fraud, SLA creates an alert using a visualization tool to display the linkage. These steps as well as additional benefits for financial institutions are discussed in more detail with an example and images in the next section.

Figure 1: Social Link Analysis Process Access Enterprise and Third-Party Data One of the biggest assets of Social Link Analysis is its ability to analyze information across product and geographic lines. Because such a threat may span multiple product lines, individual fraud solutions may detect only small pieces of the puzzle. Social Link Analysis, on the other hand, is able to put these pieces together. The ability to automatically integrate diverse data sources and identify networks can be a significant driver of efficiency and productivity for the enterprise risk function. With all the data available in one location, downstream analysis is much simpler and takes less time to deploy so that bank officials can quickly identify potential risks.

Detect and Resolve Entities (Entity Resolution) Ideally, personal and business information would always be standardized across an organization. However, in reality, most data is fraught with inaccuracies, duplicates, and false identities. For this reason, one of the most challenging aspects of linking entities is being able to determine and match entity attributes that are similar, but not exact. If similar attributes cannot be properly matched, then the resulting link analysis will either analyze incomplete networks (resulting in false negatives) or attribute entities that do not belong together (resulting in false positives). Infoglide is the leading provider of identity/entity resolution software, with mission-critical solutions deployed at the US Department of Homeland Security as well as major banks, insurance companies and retailers. SLA includes Infoglide s patented matching technology, designed to identify, address and display connections between both accurate and inaccurate data. For example, SLA can detect slight variations in names, addresses, telephone numbers, SSNs, etc. In addition, data anomalies such as misuse of data fields, visual scan errors, and transposed data can be accounted for. Link Entities and Create Social Networks Figure 2 is a simple illustration of how Infoglide Social Link Analysis detects links within fraudulent networks. In this example, the applicant A. Lisa Knight shares a telephone number with cardholder Lisa Anne Carr. Additionally, Lisa Anne Carr shares a similar (but not exact) address with a bank employee named Michelle S. Hart. Although A. Lisa Knight does not share any exact attributes with Michelle S. Hart, they can be considered part of a network because of their shared relationship with Lisa Anne Carr. Figure 2: Network relationships via transitive linkages

Analyze, Score and Prioritize Once the links are identified and the social networks are created, Infoglide's Social Link Analysis applies additional analytics to determine the risk level of each network and individual within the network. For example, some factors that would impact the risk score include: Relationships with known fraudsters: New applicants who are connected to accounts that are already in a bank's fraud or AML data; Suspicious relationships with bank insiders: Due to the fact that a large percentage of bust-out fraud is facilitated by employees; and/or Unusually large and diverse networks: Large, connected networks of accounts and customers may mean a growing scheme is ready to bust out. Alert Infoglide Social Link Analysis is capable of analyzing links and generating alerts in real time. For example, when a bank automatically processes new applications through link analysis, applications that exhibit suspicious relationships (as determined by analytics) can be flagged and sent as alerts. Visualize One key component of Infoglide SLA is an integrated link visualization interface. The link visualization can help investigators analyze the linkages of a person/account of interest. Social Link Analysis typically starts when an investigator wants to look at the relationships of a particular person of interest for example, if an alert is generated by the bank s existing anti-fraud solutions or a security officer receives a hot tip. From there, the attributes (such as name, address, and phone number) are searched and a representation of the person of interest s relationships is presented in a visual layout.

Example: An investigation starts off with Susie Smith, who has a checking account, credit card, a charged-off loan (a loan with debt that is unlikely to be collected by the bank) and an active loan. The visualization tool also shows Susie s phone number and address. A look into Susie s relationships begins to turn up some suspicious information (see Figure 3 below). Susie Smith is connected to Jack Wilson, another customer with the same phone number. Like Susie, Jack has some charged-off credit, a credit card and a charged-off loan. Susie Smith is also linked to John Benton because they share the same address. Not only does John Benton have a charged-off loan, but one of his other loans is under investigation at the bank. If fraud is not confirmed at this point, it certainly is when the analyst looks at third-degree relationships. Jack Wilson is connected through an address match to Mark Rivera, who is under investigation for mortgage fraud, and Mark Rivera is connected to John Benton through a matching phone number. As a result, Social Link Analysis has detected four members of a network, each with various amounts of charged-off fraud. Figure 3: Link Analysis Identifying Network Connections

Business Benefits Bust-out fraud wastes bank resources not only through significant financial losses, but also by wasting staff time and affecting a bank's key risk predictions. Therefore, addressing bustout fraud using social link analysis can enable banks to significantly reduce fraud losses as well as improve operational expenses and investigator efficiencies. Implementing social link analysis: Reduces Fraud Losses: With social link analysis, banks can identify fraud rings while they are still active. As a result, they can take effective countermeasures, such as increased monitoring, shutting down the account, or taking legal action before fraudsters strike; Lowers Operational Expenses: Infoglide Social Link Analysis can complement fraud detection solutions already in place at the bank to streamline processes. For example, Infoglide SLA can provide additional analytics that can improve estimates of a specific threat to improve triage efforts; and Increases Investigator Efficiencies: Through its visual link analytics tool, investigators can quickly discover and visualize relationships of persons of interest. These visual references can improve collaborative efforts between different parts of the organization and with law enforcement. Conclusion Although bust-out fraud has been difficult for banks to tackle in the past, Infoglide s SLA can be deployed in a timely, efficient manner. By taking advantage of the most critical vulnerability of bust-out fraud rings reused and/or fraudulent identity information Social Link Analysis quickly pieces together and distinguishes elements of a fraud network. With the use of this product, banks can address issues and implement solutions before being attacked, improving fraud detection and potentially saving thousands of dollars in bad debt and staffing resources.

About Infoglide Infoglide (http://www.infoglide.com) is a leading provider of identity resolution and entity analytics solutions to government and commercial markets. Infoglide s flagship product, Identity Resolution Engine (IRE), searches disparate databases to discover possible matches and non-obvious relationships between people, places, and things. IRE has patented technology that is used to find matches and social links between entities despite errors in data and intentional attempts to deceive. The product is used by organizations in the insurance, banking, identity management, and government spaces for fraud detection, compliance, AML and screening. Incorporated in 1996, Infoglide Software is a privately held company headquartered in Austin, Texas.

Contact Us Infoglide Software Corporation 6500 River Place Blvd., Building II, Suite 450, Austin, Texas 78730 Email: sales@infoglide.com 512.532.3500 Fax: 512.532.3505 www.infoglide.com Copyright 2012 Infoglide Software. All Rights Reserved.

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback