Digital transformation of fraud is hardly a novel topic; discussed conscientiously in a multitude of scientific publications, trade conferences, and corporate meeting rooms, it nonetheless remains relevant for professionals in compliance, finance, and technology alike. On top of that, as the discourse surrounding fintech ossifies from elated innovation-induced enthusiasm to prosaic consideration of routine and necessity, its talking points evolving and maturing alongside it, so does the cadence of voiced concerns and calls for methodical and assiduous approaches to fraud detection. Fintech as a field is poised to grow at a pace and scale much different than that which many prevention mechanisms are designed for, testing the resolve of existing AFC frameworks.
Adaptability, in this regard, is key to combating the ever-evolving fraud tactics. Emerging fraud patterns and behaviors have to be detected (a) early enough to combat them efficiently and (b) reliably enough to do so effectively. Both pace and precision of such diagnostics would only be possible through utilization of analytical tools, embedding analytics within AFC/AML functions.
Fraud detection and prevention therefore becomes a cross-functional exercise, capitalizing on the sheer volumes of raw data made both available and actionable by the growing adoption of new financial technologies in brick-and-mortar and neo-banks alike. Analysis and mining of this data can augment the information provided by the first line of defense, leading to synthesis of more impactful and meaningful insights and a formation of a flexible fraud detection framework:
- Detection: local identification of fraud patterns, trends, and behaviors, not unlike the traditional outputs generated by the first line of defense;
- Escalation: feeding detection findings to decision makers, providing expert feedback to SMEs and Analytics functions;
- Analysis: Aggregation of first-line inputs at analytical level used for data-driven decision making, both on operational and governance levels;
- Decision-making: centralized decisions are cascaded back, forming directives for localized actions across functions. This includes both departments traditionally involved in fraud prevention (KYC, AFC) but also more business-oriented dimensions such as marketing (to regulate customer acquisition channels through which customers that eventually become fraudsters tend to be onboarded the most, for example) or customer service (to gauge the extent to which changes in controls impact customer experience).
This flexible governance framework allows for an adaptive and agile fraud defensemechanism, with operational, analytical, and business approaches combined for effective action and informed decision-making, both bottom-up and top-down.
The latter part on the involvement of business perspective is, in fact, key to turning data into actionable intelligence. Key fraud signals can be derived from existing data available throughout customer lifecycle, ensuring that the fraud detection mechanisms, including ML tools and risk rating systems, have usable inputs that do not cause friction in the customer relationship. Naturally occurring data points include, but are not limited to:
- Onboarding: self-declared and legal sign-up data, harvested from documents and user inputs. From ID scans to biometric data to AML questionnaire entries, customer’s entry to the platform can kick-start the fraud prevention and assessment mechanisms;
- Lifecycle: regular data points on customer behavior, such as transactional and spending patterns, geolocation markers, typing and data entry behavior, typical log-in and log-off times and other indicators can be used to extract the drivers and predictors of fraudulent activity. Additionally, crucial data points gathered as outcomes of monitoring and due diligence exercises can be used for further inputs for assessment and calibration.
- Customer exit: even after the termination of business relationship, customer data may help detect and prevent future fraud. Patterns discovered among previously identified fraudsters, and regular retrospective analysis and reflection exercises can help design and enhance the fraud prevention toolkit.
Such thorough, zero-waste approach to data mining can guarantee a frictionless yet safe detection process. It would minimize customer interactions and thus reduce the need in traditional inquiries and investigations, whereby overbearing controls frustrate legitimate users. Focus would therefore shift to silent monitoring, i.e. maximizing utilization of already available data, using it for dynamic, ML-driven analytical and scoring mechanisms and models that would allow for immediate response with minimal customer interruption.
Machine learning would be another key to effective utilization of raw investigation and business-related data points for effective fraud prevention. The aforementioned data gathered during customer onboarding, lifecycle, and offboarding would serve as inputs, used to detect patterns human investigators can’t: volume, speed, behavioral subtleties and trends. Expert involvement would still be necessary, of course, with flagged accounts and edge cases reviewed by investigators. Overall model effectiveness would also have to be monitored, e.g. through false positives and undetected true positives as success metrics. Finally, there is a matter of feedback and continuous improvement: ML models are only as good as their feedback loops, whereby investigators and analysts provide basis for supervised learning, and the edge cases handled by human agents help tune thresholds and methodologies used on a technical level.
All in all, the challenges of modern fraud detection require complex and holistic problem-solving. They need cross-functional, cross-line collaboration and governance, as effective and especially frictionless fraud detection is achievable only through the combination of tech expertise (ML, Analytics) and expert moderation.