I commented before in my previous post that good fraud detection requires good data governance, which also serves many other purposes, not least to satisfy regulatory demands. But fraud is changing too: it is becoming much more the province of organized crime, and less about individuals. And fraud detection on a large scale requires industrialization: scaling up the processes in a logical way, which requires them to have been described and documented correctly.
The wide range of types of fraud, and their complexity, require rigor in improving business processes. In practice, this means that thoughtful and mature governance must be supported by a multidisciplinary team responsible for co-ordinating and managing the work against fraud, abuse and non-compliance.
The success of such projects will also require a broad consensus internally. Technologists need to actively participate in industrial large-scale deployment, to ensure that testing is thorough, and that alerts are accurate. They will need to address data quality issues, including loading performance. Without this, data will not be accurate enough for interpretation and transformation, which will affect the quality of any models produced.
Management audit and inspection will benefit the Project Director, and help to avoid restrictions. Those managing deployment methods and quality control will have to work closely together. General management, advised by communication teams, has a role in ensuring cohesion among and across teams.
Avoid organizational silos
This context is highly sensitive in reputational terms for the organization. It is therefore vital to avoid, rivalries between teams, and any suggestion of organizational ‘silos’, an issue which has become increasingly clear from banks’ efforts against fraud. While it is important to give anti-fraud projects some discretion to take action as required, which may require some secrecy, it is also important to avoid creating a climate of suspicion internally. Fraud, abuse, non-compliance, and complicity in breaching administrative procedures may occur anywhere, but they are also unlikely to be systemic in most mature organizations. These issues should simply be anticipated proactively with the help of adequate tools and standards.
Metrics and business process improvement
Once a strong fraud detection system is in place, the organization can focus on revising and improving existing organizational processes regularly and iteratively. This will enable it to anticipate changes in behavior from fraudsters, as they look for weaknesses in the organization. This may be in collusion with individuals employed by the organization.
Last and not least, what metrics should be put in place to encourage anti-fraud initiatives? The debate is complex but can be managed if anti-fraud objectives are seen as having a single aim: to improve the company’s knowledge of clients and citizens. With this aim, it becomes logical to recycle success in the fight against fraud into provision of better services to customers.
A private or governmental organization that manages its business processes well will benefit from organizational capital involving trust and transparency. This good reputation will allow it to invest wisely and profitably in its relationship with citizens and customers, and improve the way it does business across multiple measures.