Didier Demougin is a graduate of the Ecole Supérieure d’Informatique (ESI) in France. Expert in information systems technology, he spent the early part of his career in the pre-sales and partner organizations of a number of software publishers in the English-speaking world. Having spent a number of years working on the development of start-ups in France and internationally, Didier joined Bull as a Consultant.
Fraud prevention is a highly sensitive issue and a growing concern for businesses and government alike: inevitably involving the combined use of internal and external information. Understanding, identifying, evaluating and characterizing fraud takes three distinct but complementary areas of expertise: in-depth business knowledge, risk analysis and technology.
Faking identities and addresses, falsifying business, family or personal circumstances, using multiple identities, making false declarations, hiding real events or inventing fictitious ones… Every area of business activity that depends on personal data is open to potential fraud, most notably telecoms, banking, insurance and social and public services. In France alone, the social security authorities detected around €384 million worth of fraudulent activity in 2009, and it’s estimated that around €12 billion of work is carried out in the ‘black economy’. Given the amounts of money involved, and the growing concern over budget deficits, fraud prevention has become a real priority both in the public sector and among businesses. Especially since the potential for circumventing procedures has never been greater.
The perfect environment for fraud to flourish
The growth in self-certification opens up new possibilities for fraudsters. The proliferation of communications channels and co-existence of both structured and unstructured data (emails, phone conversations…) makes it easier to pass on deliberately inaccurate or ambiguous information. There are more and more information systems, increasingly decentralized, and therefore more vulnerable. A fraudster will take advantage of this complexity to side-step control mechanisms or exploit their inherent weaknesses, and to interfere in a process that allows him or her to benefit from a unfair advantage: using a stolen identity to access financial, telephone, fiscal or public services; taking advantage of welfare benefits to which he or she is not entitled (for example, being reimbursed twice for medical expenses, claiming for children at two different households following a divorce, or underestimating income for the calculation of benefits)…
Given that fraud is first and foremost about giving the wrong information, the best way to detect it is to cross-check data from different sources, to highlight any inconsistencies or suspicious similarities. Nevertheless, to be as efficient as possible, fraud prevention should not just be confined to IT systems. The approach that Bull recommends and implements, both to prevent and detect fraud, is organized around three main areas: the business, risks, and technology.
First and foremost, it’s about the business
Identifying, understanding and curbing fraud is, above all, a business issue. The approach taken depends primarily on those directly involved in the business, because they observe and measure fraud. And they are the ones who have the necessary knowledge of fraudulent procedures to identify when it is happening and determine which information and indicators could be used to bring suspicious transactions to light.
A clearer understanding of fraudulent situations and the ways in which fraudsters operate leads to better risk analysis. To achieve this, Bull recommends incorporating this overall approach into an Information Security Management System (ISMS), in which best practice can be extended to the operational risks relating to using the information system itself; a category that fraud falls into. An advantage of this kind of approach is that it is very practical and ensures that, once the project is finished, genuine and effective safeguards that suit the organization will be put in place. This highly operational and business-focused process of risk assessment allows the impact and probability of fraud to be evaluated, enabling one or more risk scenarios to be defined. This initial analysis phase means that a fraud prevention policy in line with the organization’s objectives and resources can be established, to dissuade, prevent, detect and reduce the consequences of fraud.
Organizational and technical solutions
Risk analysis gives rise to recommendations intended to cover one or a number of fraud scenarii. These recommendations may be both technical and organizational. For example, they could be to appoint an Audit Manager, to establish a clear separation between the collection and validation of information, or to implement control and monitoring processes used in the ISMS such as monthly review meetings that help the approach to become well established for the long-term while still being responsive to fraudsters’ changing practices.
On the technical front, it will involve establishing new checkpoints within applications, instigating alarms that alert the organization to suspicious anomalies and implementing specific analysis and query tools.
Three kinds of tools
When it comes to tools, Bull recommends combining three sorts of solutions that cover the entire process, from the detection of doubtful situations to the characterization of fraud by personnel supervising the system:
- Rules engine: These expert systems, capable of processing huge amounts of structured data, can be used to spot apparent ‘doubles’ (who’s who?), relationships (who knows who?) and certain characteristics (who does what?) within a given population; and so provide an initial list of possible anomalies.
- Data mining. Widely used in Business Intelligence, data mining solutions are also proving very useful in the fight against fraud. When combined with a rules engine, data mining can be used to refine results by extending the search criteria for unjustified claims and fraud, and improving scoring in doubtful cases. Bull has chosen a specialist partner to support this, building on a fundamental correlation technology that is perfectly well-suited to identifying anomalies or unusual features in a collection of structured data.
- Search engine. This allows auditors and fraud investigators to work on an index database of structured and unstructured data, so they can examine suspicious cases in detail, from all angles. At this stage, it is a question of establishing whether there has actually been a fraud, as the anomaly might equally be due to an omission or problem with the management of the case (a missing document, input error, failure to update information…). By getting information from the widest possible range of sources – both internal (management tools, communications logs…) and external (blogs, forums, official financial data…) – and looking at both structured and unstructured data, this offers audit staff new ways to detect and investigate possible fraud. Real instances are detected much faster, evident controls are more targeted and the relevant procedures (such as suspending payments, recovering unjustified claims, complaints…) are set in motion earlier.
An iterative approach
The approach to fraud prevention is an iterative one, set in train by the business and culminating in the deployment of both organizational and technical solutions. This process of continuous improvement is further strengthened as new vulnerabilities become apparent and certain kinds of fraudulent behavior become more prevalent. From the start it depends on its users, who have a real understanding of the signs that may suggest fraud, management and national/international regulatory constraints and, as a result, the kind of indicators that may be available and that should be tracked. With this in mind, the change management approach on this sort of project should be similar to the one taken on Business Intelligence projects, where getting to grips with the tool is the key to success.
All the same, one of the main difficulties of this type of project is the highly sensitive nature of the issue. Very often the question of fraud is surrounded by secrecy, actual cases and the amounts involved are not well known or even not disclosed at all, and the determination to fight against is sometimes misunderstood. To deal with fraud in a discreet yet pragmatic way, above all it is important to establish a high level of trust between everyone involved, both internally and externally.
Bull: an expert partner
Positioned in the fraud prevention market with its own specific, holistic offering, Bull has built up in-depth expertise and the necessary sensitivity over the course of the projects it has been involved in, enabling it to effectively establish that vital link of trust. In effect, Bull is one of the few suppliers able to offer a global approach, with all the necessary expertise to cover the entire spectrum of fraud prevention: understanding the business challenges, especially in the public sector; supporting risk management, using the ISMS methodology; and providing innovative solutions, from the level of data mining right through to the implementation of the search engine.
