AML and Fraud Get Together
Information Management Online, November 24, 2009
At a recent customer event hosted by fraud and AML platform vendor Actimize, Bank Technology News sat down with Gartner vp and fraud expert Avivah Litan; Lester Joseph, principal deputy chief of the Department of Justice's Asset Forfeiture and Money Laundering Section; and Amir Orad, Actimize's marketing head; to discuss trends in fraud and AML reporting, technology and regulation. Below is an edited and abridged version of that conversation.
Advertisement
Avivah Litan: If you had your wishes, what would you want bank reporting systems to look like and how could SARS be more useful? Could everything be found in the data without people calling you up?
Lester Joseph: The SAR provides the lead and what's great is the SARS are being used much more now than they ever were to compare against other things. The FBI compares them against the BSA database and [its] terrorist database and they'll find connections there. You can run it against the drug database. [There are] all these different databases and you can run them against each other, so a SAR is maybe more than a SAR.
...I think we're getting good information [from banks]. Our biggest problem is the output of the SARS. The SARS as we get them are much different from what you put in because of the IRS computer [systems]. You may have a nice well-written SAR with charts, all we get is one long paragraph that could go on for seven or eight pages and is impossible to read. That's the way the technology is, it's way behind. Sometimes we'll actually get the bank SAR, and that's much easier to read than the way we get them [from the IRS computer].
BTN: A recent FinCEN report based on interviews with large banks found that most valuable information usually comes from front-line employees as opposed to fraud detection technologies. What does this tell us either about people or the systems in use today?
Amir Orad: I think it's a timing difference. Usually employee tips will happen sooner than when it will actually be visible [via technology] that something bad is going on. In employee fraud, a major input is employee behavior and tips. People talk about each other in the corridor. If you change behavior and buy a shiny new car, an automated system cannot detect a shiny new car. Definitely employee tips and the hotline are a major good source of information.
But once it becomes complex, and real time, human beings cannot do anything with it. You have too much information, multiple structured transactions, multiple products and multiple people involved.
Litan: That's why you have to take an off-line analytical view, it doesn't all have to be in real time. Social network analysis is what they call it now, and depending how much data you get in there, if you get it across enterprises, you look at all the relationships between all these entities and you can see the thing if you have the data. I've seen a lot of payback on offline analytical work looking at the different relationships.
Orad: Link analysis is a very, very powerful technology if you have all the inputs to the system.
Joseph: Fraud and AML systems have been a big topic lately; how do they work together and what are the challenges?
Orad: It used to be almost totally separate, five years ago. The direction right now, in most places, is to have an internal FIU [financial intelligence unit]. That investigation unit owns fraud, AML, corporate security and sometimes other compliance issues. While [fraud and AML systems] still have different detection algorithms and inputs, the outputs go to one investigation process.
An FIU has one workflow, one reporting tool, and you can link cases. The difference is really in the management of the process. The AML guys want to report everything because they're afraid of being slapped [by regulators]. The fraud guys want to do the most cost effective thing, so the mindset is very different between the groups.
BTN: What's the prevalence of FIUs? How many institutions have those, and in how many banks are AML and fraud still siloed?
Orad: There's a spectrum: One extreme is two groups not even talking to each other. At the other end is the FIU. There's a lot in the middle. Sometimes it's one system [serving] two groups and that's actually very common today. Sometimes its two groups, two technologies that talk to each other, because each one likes owning its own things. But the trend is clear.
Litan: Definitely I see them as separate groups and they both know they need to work together. There's turf battles over content, sometimes there's turf battles over the technology....but I question the premise of having these two groups, one's compliance and one's fraud. I don't see why you can't have it all built together....they're very siloed, and I don't see a reason for it.
Orad: Politics.
Litan: Right. Maybe the regulators should change the rules.
Orad: We're seeing a big increase in wire fraud and commercial fraud in the last 12-to-18 months. Are you seeing that?
AL: These are big cases, millions of dollars being stolen [from businesses]. And the banks aren't obligated to return the money, which is a problem. With consumer accounts there's Regulation E which says the banks have to give the money back, but there's no such regulation with business accounts. I think that's one of the biggest holes in the regulatory environment.
BTN: Avivah, you often come back to the issue of regulation. Do you think that's really where the onus for increased security lies?
Litan: I think regulation really drives security spending.....Look at the banks, why have they gotten into such good fraud detection? It started out with the regulators, and now [banks] went beyond it because they want productivity efficiencies and they want to catch the fraud. It's just a reality of priorities; managers want to spend money on revenue-generating activities, they don't want to spend money on cost centers unless the regulators force it. The trick is finding the right amount of regulation.
Page 1 of 2.
