Fraud Analytics: Taking Your Data to the Next Level

This column is the first in a series on data analytics and their use in fraud detection and investigation. Here, we introduce the topic while subsequent columns will focus on specific methods and techniques.

Although organizations accumulate more information than ever before, insights within that data might remain hidden with traditional means of analysis. Fraud analytics applies analytical techniques and subject-matter expertise that can help us delve deep into the core of gigabytes of data to discover fraud and abuse. With its ability to reveal hidden patterns and relationships, fraud analytics can make the difference between identifying all fraudulent transactions, not just the obvious ones in an investigation. We'll discuss here ways to detect fraud a priori or identify fraud a posteriori.

THE EVOLUTION 

Historically, auditors and fraud examiners have used spreadsheets and computer-assisted audit techniques (CAATS) to analyze data. We can quickly and easily review spreadsheets to understand simple patterns, but they rapidly reach their limits.

CAATS were originally designed as audit support tools, but we can use them for data analysis functions such as pattern matching, sampling of transactions within amount ranges and statistical testing like Benford's Law. However, they don't provide the complex algorithms and predictive models for identifying complex fraud patterns in large data sets.

WHY FRAUD ANALYTICS?  

The goal of fraud analytics isn't only to detect and identify fraudulent behavior but to determine the origin of anomalies and determine why and how they exist. For example, an insurance company doesn't have time to review its thousands of claims, so it might analyze some at random. But it could be more successful in finding fraud if it identified and reviewed the claims that were most at risk based on historical trends and patterns.

During a recent payroll fraud case investigation, we found a specific scheme an employee had used to embezzle money from the payroll function. However, we wanted to scrutinize all instances of fraud the employee may have been involved in during her four-year tenure with her employer, so we didn't limit ourselves to examining transactions that just matched the fraudster's schemes. We developed a statistical model that identified all other unusual patterns we deemed to be “outliers.” We established the state of what should have been expected and reviewed any occurrences that didn't match this normal state. And guess what? If we had only looked for the one pattern that the employee had been using, we would have missed half of the fraudulent transactions.

AN INTEGRATED APPROACH 

A four-step approach takes us from data to insight:

• Data identification: Pick the wrong data, and you won't find what you're looking for; pick too much, and you'll be sifting through it for no reason.
• Forensic data collection: When conducting fraud analytics in an investigation, it's essential you follow well-defined forensic preservation standards, which include maintaining the data's chain of custody and performing data integrity validation to ensure that you've captured all transactions and assured absence of tampering.
• Data normalization and structuring: You'll have to normalize and structure all collected data so it can be linked, as it may originate internally or from third parties. Some will be structured, such as that originating from databases, while others will be unstructured, such as text-heavy data. Only then will we be able to derive all possible insight from the data we have collected.
• Data analysis: We must now determine how to best analyze the collected data. Strategies include simple queries, relationship mapping, link analysis and visual analysis, as well as more advanced models to identify previously unknown patterns.

If you're having trouble convincing management that you need to use data analytics to find fraud, you can emphasize that the marketing department can also use the same methods and data to help understand client behavior. Managers love double-duty functions.

Getting from data to insight can be a challenge the first time around, but a well-established fraud analytics program can only save you money in the long run!

In future issues, we'll be concentrating on common categories of fraud analytic approaches (see below), including visual analytics in the May/June column.

Jean-François Legault is a senior manager with Deloitte's Forensic & Dispute Services practice in Montreal, Canada.

Common Categories of Fraud Analytic Approaches  

• Rule-based: Detect fraudulent transactions based on known behaviors.
• Anomaly detection: Identify aggregate abnormal patterns that don't conform to established normal behaviors.
• Predictive modeling: Statistical analysis of current and historical data to assess future behavior.
• Neural networks: Unsupervised learning based on historical data for the purpose of identifying unknown patterns.
• Visual analytics: Graphical representation of relationships found within data.

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.Fraud-Magazine.com or ACFE.com. Permission of the publisher is required before an article can be copied or reproduced.