Automation is the future of fraud risk management

Recent instances of large scale hacking and social engineering are indicators of what technology, in the hands of fraudsters, can result in. Fraudsters stay one step ahead with technological advancements, developing newer ways to perpetrate sophisticated fraud schemes that appear difficult to detect or prevent. To stay ahead of the curve, organizations need to invest in the next generation of automated fraud risk management measures to ensure safety.

Historically, most organizations have built home-grown systems that use business rules to manage their fraud detection processes. These hand-crafted rules, which are framed as “if-then” statements, are called Robotics Process Automation (RPA) techniques. An example would be: “if several transactions are made within a short amount of time in a different state, then send the account for manual review”, or “if an isolated transaction takes place by using a customer’s credit card from a country other than what is mentioned in the registered address, then send this transaction for further screening.” Such rules have been built and refined based on decades of manual experience of analysing fraud data, and many of these rules are set up to provide additional analysis for unusual transaction behaviour.

Although proven to be very useful, particularly for the e-commerce and m-commerce industries, RPA techniques tend to work efficiently primarily in a structured data environment. In today’s day and age, however, the amount of data being produced and the complexity of analysis has grown to unprecedented levels. This is making the manual process of building and maintaining business rules expensive, time intensive, and less predictive. This is where, we believe, machine learning technology can be useful.

Machine learning uses computer systems with artificial intelligence capability to autonomously learn, predict, act, and explain without being explicitly programmed. This means the computer can learn from the outcomes of analysing existing data, and those learnings can then be applied to newly generated data to provide insights. This can be better understood through the example of online chess. A computer which either wins or loses, assigns a value to the series of winning moves it used during that game. After playing several such games, the system can predict which moves are most likely to result in a winning situation.

Similarly, a machine learning system could learn to distinguish between suspicious transactions (which are potentially outside the normal patterns of activity) and legitimate ones. Further, machine learning can also analyse big data more efficiently, build statistical models quickly, and react to new suspicious behaviours faster. Machine learning can also be extended to multiple environments such as ecommerce and m-commerce to prevent and detect frauds. These systems can also scale up to meet the demands of big data with greater flexibility than traditional methods used for fraud prevention and detection.

We are already seeing increasing implementation of machine learning systems at banks, and it is a matter of time before this becomes widespread across other industries. We believe the advent of machine learning for fraud prevention will change how organizations manage their fraud risk programs. Human oversight and intuition will remain critical to success, but machines will increasingly do the heavy lifting.

You can read more about the role that automation can potentially play in the future of fraud risk management here.
If you have any comments or would like to share your views, please write to us at inforensic@deloitte.com or on Twitter by following @deloitteindia.