Unisys suite aims to detect criminal patterns

IDG News Service - A new family of products and services from Unisys Corp. is designed to make it possible for financial institutions to detect more complex kinds of fraud and spot identity theft and money-laundering schemes earlier.
The company today unveiled the Unisys Active Risk Monitoring System (ARMS), a suite of software that it claims helps banks and other organizations spot patterns of seemingly unrelated events that add up to criminal activity.
Unisys is relying on technology from Actimize Ltd. in New York to provide the underlying analytics technology for the new system.
Actimize has developed technology that enables organizations to do complex data mining and analysis on stored information and transaction data without needing to copy it to a separate data warehouse, according to Eli Katz, practice director in Unisys' Global Financial Services group.
Actimize's technology can monitor an enterprise's transactions in real time, identifying elements that may affect models of suspicious behavior while flagging transactions according to predefined criteria, according to Actimize.
For each transaction that is analyzed, the system is capable of tweaking its underlying statistics and checking those transactions against the rules used to identify suspicious activity. After it is analyzed, the transaction is discarded, Katz said.
The Actimize software runs on the Microsoft Corp. Windows NT or Windows 2000 platform and can be deployed on standard server hardware with either four or eight processors, Katz said.
The Actimize technology makes ARMS a more powerful and flexible risk-monitoring system than those that rely on large data warehouses, according to Katz. In contrast to those systems, Unisys ARMS ties together live transaction activity with information stored in a wide range of separate enterprise data stores such as CRM systems, enabling organizations to spot patterns of suspicious activities within a thousandth of a second of their occurrence.
Katz described a scenario in which a criminal approaches an ATM kiosk with 30 stolen or fraudulent ATM cards, using each in succession to withdraw $500. Although none of those transactions, taken alone, would be adequate to raise a flag, Unisys ARMS is able to detect a change in the rate of transactions within a given window of time, or spot the increased number of cards that have never been used at that ATM before.
Alternatively, the system could correlate the activities of a number of money launderers who make small deposits into different accounts only to transfer money into one or more consolidated accounts, flagging the entire group as a threat, Katz said.
Suspicious events can trigger either a visual notification sent to