Enterprise Fraud Management:

How Banks Need to Adapt

Table of Contents

Introduction 3

First Generation Fraud Management is Falling Short 4

Five Emerging Trends Driving the Next Generation of Fraud Management 5

A centralized approach to fighting financial crime 5
Use of more real-time data and monitoring 5
Use of advanced analytical techniques 5
Next generation authentication 6
Future proofing against new fraud risks 6
Why Banks Must Adapt 7

About us 8

The information contained in this document is proprietary. ©2015 Capgemini. All rights reserved.
Rightshore ® is a trademark belonging to Capgemini.
 Banking the way we see it

Introduction
In the digital age, the implications of financial crime against This pressure on banks from fraud and financial crime comes
financial services institutions and their customers have become at a time when financial services organizations must deal with
ever more significant. Fraud prevention now represents one a new and expanding regulatory environment. Regulators are
of the biggest areas of concern for the financial services demanding that financial institutions hold more capital and
industry and is likely to become one of the largest drivers of IT measure and manage risks more efficiently by demonstrating
expenditure in the coming years. to regulators that they have active programs to prevent fraud
and financial crimes such as money laundering. The European
Typical organizations lose 5% of revenues to fraud each Central Bank’s recommendations for the security of Internet
year, with banking and financial services, government and payments, due to come into effect in February 2015, is just
manufacturing industries most commonly victimized.1 The one example of the many new guidelines with which banks
digital economy and the rise of cyber crime create an even must comply.6 A combination of new regulations and stringent
greater level of vulnerability for banks and other financial enforcement will require financial institutions to demonstrate
institutions. In Europe, online banking fraud increased by 12% to both management and regulators that they possess sound
in just one year.2 According to a study by Federal Deposit financial crime risk management systems.
Insurance Corporation, cyber thieves cost U.S. organizations
more than $15 billion over five years.3 In the U.K., in the first six
months of 2014, losses on remote banking fraud rose to £35.9
million, up 59% from 2013. Online banking fraud comprised
£29.3 million of that total, up 71% from 2013.4 In total, potential
projected global fraud losses related to occupational fraud
reach more than $3.5 trillion.5

While direct losses due to fraud are staggering, the actual

cost is much higher in terms of loss of productivity, loss of
customer confidence and attrition, not to mention losses due
to fraud that goes undetected. Attacks against operational
systems and infrastructures such as e-business, e-commerce
or industrial systems can result in direct loss of business
or revenue. Interception of electronic communications and
intrusions into information systems can result in massive theft
of sensitive corporate or customer information. Loss or leakage
of confidential or personal data can cause serious harm to a
firm’s reputation and lead to lawsuits and financial penalties.

1 2012 Global Fraud Study, Report to the Nations on occupational Fraud and Abuse, Association of Certified Fraud Examiners
2 Annual Fraud Indicator 2013 by National Fraud Authority , UK
3 “Bank security: Thieves down the line,” Joseph Menn, Financial Times, Jan. 2, 2012
4 “Customers Urged to be Vigilant as Fraudsters Increase Scam Attacks,” Financial Fraud Action UK, 12 September, 2014
5 2012 Global Fraud Study, Report to the Nations on occupational Fraud and Abuse, Association of Certified Fraud Examiners.
6 Recommendations for the security of internet payments, Final version after public consultation, European Central Bank, 2013

3
First Generation Fraud
Management is Falling Short
The increasing significance of fraud and cyber crime is taxing While rules-based systems are good at spotting recurring and
first generation fraud management solutions and placing known fraud patterns, too many legitimate customers can also
pressure on many banks’ fraud management capabilities. As be flagged and fraudsters can use trial and error to discover
financial institutions have grown larger, managing multiple ways to circumvent the system.
portfolios and related business lines across multiple channels
has made fraud detection more difficult. Many solutions are Financial institutions must carefully balance fraud identification
focused on only one channel or type of crime. Disparate and loss prevention against the customer satisfaction that
transaction systems and multiple systems of record make results from fast processing of transactions. Furthermore,
realizing the true scope of the problem and measuring the too many false positives, inefficient investigative processes,
success or failure of existing fraud defenses a challenge. and lack of speed in transaction authentication all drive
Current systems and processes are reactive to fraud once it up operational costs, as financial institutions are forced to
has occurred and fall short of taking proactive steps to combat increase spending on financial crime risk management against
cross-channel behavior. sophisticated attacks.

With the level of sophistication of fraudsters increasing, many The combination of organized crime, global terrorism, and
fraud detection systems are no longer effective enough at new and ever-changing types of fraud – in addition to
identifying fraud. increased regulatory requirements – have led financial services
organizations to pursue new techniques for preventing and
detecting illegal activity. In fact, for many financial institutions,
a move to a new fraud management system is vital. Failure to
give this area proper attention brings financial, reputational,
and punitive risks.
Financial institutions can effectively
perform Enterprise Fraud
Management in a centralized
or decentralized manner. A
decentralized approach sacrifices
operational efficiencies and customer service, while
a centralized function can make for more efficient
operations, hold one area fully accountable for the
function, and extend a career track to employees,
yielding greater dedication and productivity.”

“Enterprise Fraud Management:

Still Evolving After All These Years”,
AITE Group, May 2014

4
 Banking the way we see it

Five Emerging Trends Driving the

Next Generation of Fraud
Management
Forward thinking banks are evolving their fraud management 3. Use of advanced analytical techniques
systems from a level of stand-alone basic detection to one
of enterprise predictive risk assessment, integrating big data, New fraud solutions incorporate a hybrid of advanced analytics
advanced analytics, and real-time functionality as well as to uncover hidden relationships, detect subtle patterns of
customer experience. These new solutions capitalize on five behavior, prioritize suspicious cases and predict future risks.
emerging trends in fraud management. Each technique is powerful when used in isolation but when
combined in a hybrid approach they enable fraud analysts
1. A centralized approach to fighting financial crime to identify the targeted transactions, entities and potentially
fraudulent networks through multiple organizations. Some of
To both increase efficiency and improve the effectiveness these techniques include:
of fraud detection and prevention, an increasing number of
financial institutions are implementing solutions that cover a • Out of pattern analysis, which compares customer activity
broad spectrum of financial crimes from cyber-security to fraud with peer group behavior, and also with the customer’s own
and anti-money laundering. Integrated solutions enable firms past behavior, to identify outlying transactions.
to more easily leverage information and more efficiently comply
with numerous evolving regulatory requirements. Centralized • Linkage analysis, which identifies other entities associated
operations help to break down silos across business units and with known types of fraud, as well as practices used by
channels. Furthermore, maintaining data and infrastructure fraud-linked entities, and develops strategies to counter
security and updating fraud management systems with new these practices. Sometimes data on social networking
rules, statistical models and acquired knowledge becomes activity is included in this type of analysis.
easier and more efficient with centralized systems.
• Model development, which includes fraud-scoring tools and
2. Use of more real-time data and monitoring detailed statistical analytics to provide quantitative insight
into possible fraud activity.
Several financial services institutions are no longer content
with just using regular transactional data to fight fraud. They • Rule development, which involves creating and applying
are also looking at external information obtained from third rules for basic business activities to spot unusual trends, as
party vendors and intelligence from social networking sites well as specialized rules for specific transactions.
to improve their fraud detection capabilities. They are further
enhancing information credibility by integrating disparate data
sources, regardless of format (including unstructured text like
notes fields in call center files). By using data across all of a
customer’s accounts and transactions they are able to better
monitor the behavior of individuals to incrementally detect
fraud and reduce false positives. Solution can be integrated or
on-demand, providing 100% real-time scoring of all transaction
types and giving clients full coverage for fraud detection.

5
 Enterprise Fraud Management

Big Data Advanced analytics methodologies

Customer View Internal Data

Banking
Lending Fraud Monitoring & Detection Fraud Management Actions

Cards Other Artificial Neural Decisions

Relationships Networks/
Pattern Recognition
Customer View External Data
Unstructured data – Social Media, Account Opening
Call Centers etc. Decisioning

Reports / Dashboards
Case Management
Credit Bureau, Fraud Vendors, Alert
Watch Lists Adaptive Offline Management

Analytics
Customer
Analytics, Entity
Level Fraud
Customer View Transaction Data Rule Based Link
Management Data
Models Analysis
Internet
ATM
Transaction
Fraud Monitoring
POS
Phone
Banking Notifications

Device Tracking
Other Channels

5. Future proofing against new fraud risks

Fraud detection with a rapid
return New fraud risks are constantly emerging. For example, the
increased adoption of mobile devices has been accompanied
by a proliferation of malware with the ability to infect mobile
One large bank which took a
phones. The variety of mobile devices being brought into
single platform approach to address all financial crime the work environment has made it nearly impossible for
benefited by being able to analyze transactions and organizations to mandate the use of a specific brand to
customer activity, develop new models and tune existing maintain standards, leading to increased risk in the form
of data theft, rogue applications, and data ownership. It is
models to improve fraud detection efficiency, and create
imperative that fraud management solutions include proactive
reports. The bank has detected twice the level of check approaches to fraud detection analytics to future proof against
fraud than it did with its legacy system, increased Internet unforeseen risks.
banking fraud alerts by 60%, and improved check and
Internet fraud loss-to-turnover ratios by 50% and 80%,
The Maturing of Anti-Money
respectively, compared with five years ago.”
Laundering Controls
New regulations and guidance
4. Next generation authentication have identified many shortcomings
in banks’ existing approaches to
Financial institutions are improving their ability to combat cyber AML controls. In fact, new regulations and the levying of
crime by securing transactions through a new generation
significant fines demonstrate that AML is no longer an
of authentication, such as biometric authentication enabled
through mobile technology. This can improve security while operational numbers issue, where every alert is worked
creating competitive advantage by meeting consumers’ and volumes managed. Financial institutions need to take
expectations for products that are both simple and secure. a true risk-based approach, applying new capabilities
and technologies to meet the evolving regulatory
environment.
6 
 Banking the way we see it

The emergence of advanced analytics is changing A large French bank rolled out AML/CTF across 17
the paradigm of how companies monitor risk. High European countries via a centralised program. A central
performance analytics enable users to run more team conducts investigations on behalf of subsidiaries
rapid, comprehensive analytics to visualize the flow across Europe and feeds back only those cases requiring
of funds as patterns emerge. Processes that used hands-on investigation by local AML officers. In this way,
to take 6 to 12 hours can now be run in minutes or the bank was able to continuously improve its processing
seconds, transforming an institution’s ability to identify and standardise its risk based approach at a Group level.
risk exposures and implement controls more quickly.
Advanced analytics enhances the quality and accuracy Looking to the future as AML controls mature, banks and
of the detection process by allowing analysts to simulate their regulators can be confident the organization has the
strategies, enabling organizations to reduce false means to actively detect money laundering and that its
positives and increase operating efficiency. systems have the flexibility to be quickly modified as new
threats emerge.
Next generation approaches to anti-money laundering
embed advanced analytics into four risk assessment Why Banks Must Adapt
components:
When combined, these five trends outline the capabilities that
• Customer risk assessment: Using detailed will define the next generation of enterprise fraud management.
By moving toward more modern fraud management, financial
information and transaction activities which institutions can combat the increasingly treacherous fraud
are collected at the time that an account and cyber crime landscape while reaping numerous benefits
is opened, to investigate all aspects of the for the organization. New solutions provide faster and more
customer’s profile effective fraud detection and higher visibility of exposure across
channels. Companies have achieved increases in detection
• Transaction risk measurement: Identifying rates from 50% to 90%, while reducing overall alerts from
and filtering account related transactions tens of thousands to under 100. This increased effectiveness
that pose the greatest risk for potential results in reduced financial loss due to fraud and leads
money laundering activities directly to improved financial performance and greater value
for shareholders.
• Behavior detection technology: Using
specific technologies that are able to detect A new approach to fraud management also protects a firm’s
suspicious patterns of behavior that may be brand and reputation, leading to greater trust among customers.
hidden beneath large volumes of financial data Faster response times and a reduction in false positives – with
some companies experiencing up to 95% improvement in false
• Workflow and reporting tools: Using positive rates –improve customer satisfaction and retention.
tools that will assist in alert investigation With “stickier” customers, firms have greater opportunity to
and compliance reporting cross-sell and expand the customer relationship.

Several leading banks are now coordinating AML as a Finally, next generation fraud management reduces total cost of
ownership for a firm’s fraud solutions by consolidating disparate
whole to provide efficient implementation and tangible systems, enhancing staff productivity and reducing the total
business value. cost of anti-fraud activities. Companies have significantly
improved investigator efficiency and achieved huge efficiencies
For one large North American bank, combining fraud in processes such as credit approval.
and AML paid dividends in transaction monitoring.
Fraudsters will always be working to find new schemes to
An independent assessment of the value of fraud commit fraud and other financial crimes. In this digital age,
prevention estimated that for every dollar invested in the importance of fraud prevention and detection will only
the bank’s enhanced AML fraud capabilities (including increase in significance. As they consider new processes and
implementing a leading vendor solution), $27 in fraud solutions to fight financial crime, financial institutions that adapt
to capitalize on these emerging trends will be well poised to
was prevented. Currently the bank prevents 97% of mitigate risk and generate a more substantial return on their
attempted fraud. investment.

7
Contact Us
To learn more about how Capgemini and SAS can help your organization
transform fraud detection and prevention, contact us at
[email protected] or at [email protected]
or visit us at www.capgemini.com/fraudinbanks.

About SAS
SAS is a leader in superior business analytics for fraud and
regulatory compliance and the largest independent vendor in the
business intelligence market. With SAS, you can improve your
enterprise-wide fraud detection and prevention efforts by adopting
a strategy built on an advanced analytics foundation and a
streamlined investigation capability.

Through innovative solutions delivered within an integrated

framework, SAS helps customers at more than 70,000 sites in over
140 countries, including 91 of the top 100 companies on the 2013
Fortune Global 500® list.

Since 1976 SAS has been giving customers around the world THE
POWER TO KNOW®.

For further information, visit us at

www.sas.com

About Capgemini
With almost 140,000 people in over 40 countries, Capgemini is one of the
world’s foremost providers of consulting, technology and outsourcing
services. The Group reported 2013 global revenues of EUR 10.1 billion.
Together with its clients, Capgemini creates and delivers business and
technology solutions that fit their needs and drive the results they want.
A deeply multicultural organization, Capgemini has developed its own
way of working, the Collaborative Business ExperienceTM, and draws
on Rightshore®, its worldwide delivery model.

Learn more about us at

www.capgemini.com
All products or company names mentioned in this document are trademarks or registered trademarks of their
respective owners.

The information contained in this document is proprietary. ©2015 Capgemini.

All rights reserved. Rightshore® is a trademark belonging to Capgemini.