Application fraud now accounts for 20 percent of all fraud losses in banking. So why is it still flying under the radar for many financial institutions? One reason is that many banks and lenders still write off application fraud losses as “bad debt” rather than fraud. In other words, they don’t actually recognise that deliberate fraud has taken place. This disguises the extent of the problem.
Application fraud is when someone applies for a banking product, such as a credit card or loan, and knowingly supplies false information. This gives fraudsters a better chance of getting credit or taking out a loan that they have no intention of repaying. Fraudsters often follow a policy of high volume, low value. This means that they avoid detection because the individual value of each application is fairly low. Together, however, the sums certainly add up.
Lies, damned lies, but not statistics
There are three main ways in which application fraud happens: identity theft, manipulation of identity and application details, and synthetic identity. Identity theft has increased greatly over the last few years. In 2016 alone, identity theft affected more than 15 million people in the US, resulting in losses of $16 billion. It is also hard to detect. Around 15 percent of people become aware when they review their own credit reports – often only after they have unexpectedly been refused credit. Around 13 percent find out when they are contacted by debt collectors.
Of course, it is also possible for customers themselves to lie about their personal details in order to obtain credit. However, this is easier to detect than identity theft because of checks on credit history. Synthetic ID use is also increasing. One estimate suggests that it cost the credit card industry $6 billion in 2016 and that the average loss per incident was $15,000.
There are two main reasons why application fraud is increasing. The first is the number of major data breaches occurring. This means that large amounts of personal data are now available to fraudsters for potential use. The second reason is that people increasingly expect to be able to apply for products online, without having to make any personal contact. This has left institutions open to potential fraud because it is very hard to prove someone’s identity online.
Stopping fraud before it happens
Old-style fraud detection relied on audits. The problem with post-application verification, however, is that it detects fraud only after it has occurred, when losses are already mounting. The ideal with application fraud is to detect it during the application – in other words, not to grant the credit in the first place. An application fraud solution can help to detect fraud by looking for application anomalies, screening for synthetic identities, device scoring and identifying collusive networks.
Application fraud solutions work by bringing together data from internal and external sources. They might include, for example, personally identifiable information requested in credit applications, device profile information, other external information, and portfolio data for existing, closed and previously declined accounts, customers and applications. The solution then applies analytics to the data.
The analytical process starts with rules, such as multiple applications from the same device within a certain period of time, or the use of addresses of public facilities. It will then look for anomalies and apply models, including machine learning models, and finally use network analytics.
Each step adds further depth and ability to detect more potential fraud. The best solutions provide decisions in real time, or in near-real time if millisecond decisions are not required, including approve, refer or decline. They also use visual network diagrams for investigation.
Power of network analytics
Most tools on the market theoretically offer network analytics capabilities. But in reality, they allow only simple object matching and link visualisation to support manual investigations. This is not enough.
In the era of big data and increasing threats, organizations need real network analytics. Network analytics that can automatically explore huge structured and unstructured volumes of data to uncover hidden links, suspicious communities, criminal rings and identity theft cases. And, depending on the data available, network analytics that can use link types from contact data (physical addresses, phone numbers, email addresses) to transactional links. Algorithms analyse not only hard but also approximate links with support for “fuzzy matching,” which can discover useful connections even with low-quality data.
In a holistic approach, such network analytics takes into account not only applicants and clients, but also bank employees, to detect all potentially risky relations hidden in the data.
The benefits of application fraud solutions
It is not unusual to see improvements of 20 to 80 percent in fraud detection rates with the use of the SAS Fraud Solution. One particular SAS customer was able to detect four times as much application fraud than with their previous approach. Another achieved a full return on investment just six months after going live.It is not unusual to see improvements of 20 to 80 percent in fraud detection rates with the use of the SAS Fraud Solution. One particular SAS customer was able to detect four times as much application fraud than with their previous approach. Click To Tweet
Application fraud solutions have another benefit. As well as detecting potential fraud, they can also speed up the application process for legitimate customers. This improves the customer experience and makes it less likely that potential customers will abandon the application process. Coupled with reduced fraud, it is not surprising that banks are seeing significant financial benefits from their investment in application fraud solutions.