Fraud Sniffers

Companies are starting to use data analytics to detect suspicious transactions.

Many companies use business intelligence tools to analyze sales and identify customer buying patterns. But some companies also mine transaction data to detect fraud.

Banks, government agencies and large companies have plenty of financial data to sift -- such as checking accounts, purchase orders and sales receipts, most of which record legitimate transactions. But to find that 1% or so that aren't squeaky-clean would frustrate even Sherlock Holmes if the data had to be sorted and matched by hand.

Several of the classic BI software companies, such as SAS Institute Inc. and SPSS Inc., are promoting their wares as fraud-detection tools. There are also companies such as Fair Isaac Corp. that specialize in software for identifying financial risks.

"Although this is a nascent market, it is certainly one that will be [among] the hottest growing areas in the next two years," says Matthew Kovar, an analyst at The Yankee Group. "It will become as critical to corporate governance as a password is for accessing a PC."

One company that's using technology to ferret out fraud is Columbia State Bank in Tacoma, Wash., which is implementing Monarch, a reportmining tool from data management software maker Datawatch Corp. in Lowell, Mass. "The information is there; the question is how to get that information," says auditor Frank Slepko. "It's not stored in a usable format, but the beauty of Monarch is it can take any report and identify data patterns."

One goal is to monitor employee use of their accounts and make sure that bank employees aren't skimming customer money for themselves. This requires identifying the 1,200 or so accounts of the bank's 500-plus employees so their financial activities can be monitored for potential fraud.

Columbia will bolt special capabilities onto the core Monarch system to enable auditors to pull up relevant data by account number or employee name and report on activities associated with an account, Slepko says. Monarch will summarize each transaction and flag anything that's suspicious, such as numerous deposits of over $5,000 each. Slepko says he hopes to have this phase of the system live in the next six months.

Slepko also plans to use Monarch to analyze the 200,000 customer transactions the bank handles monthly. Monarch will access Columbia's general ledger to examine the debits and credits and flag situations such as unusual amounts of cash sent as wire transfers.

While data mining can spot suspicious activity, human investigation is still required to prove that a crime has been committed, notes Dawn Trimmel, director of internal audit at label maker Avery Dennison Corp. in Pasadena, Calif. "Collusion is hard to detect," says Trimmel, who is also a trainer for The Institute of Internal Auditors.

Avery Dennison is rolling out transaction mining software from Atlanta-based Oversight Technologies Inc., that will help it flag potential fraud and comply with the Sarbanes-Oxley Act and other financial regulations .

The system will pull data from the company's ERP applications in near real time, feed it into Oversight's transaction monitor and mine it for errors and patterns that indicate potential skullduggery, such as checks being issued to ghost employees.

Oversight records the identity of anyone who enters or changes transaction data, so it could also alert managers to schemes such as a clerk changing a vendor's billing data to cut himself a check and then changing the information to cover his tracks.

Monitoring Tax Compliance

Meanwhile, government agencies are using analytic tools to ensure that taxpayers don't cheat. In Texas, the comptroller's office relies on a data warehouse to keep an eye on sales-tax compliance, says Lisa McCormack, a manager in the audit division in Austin. The data warehouse, from NCR Corp.'s Teradata unit, required some customization to write the queries.

The Teradata system collects transaction information from various external sources such as the Federal Aviation Administration, which logs plane sales and automatically calculates scores for transactions that are most likely to involve sales-tax evasion schemes.

For example, the system can flag a situation where a business purchased a plane from inside the state but didn't pay Texas taxes. The suspicious transaction would then be referred to a field agent for investigation. Previously, that kind of record matching had to be done manually. Since it went live in 1998, the data warehouse has helped recover $362 million, McCormack says.

The agency plans to retire the Teradata software and implement another warehouse built on an Oracle Corp. database. But the agency's commitment to data mining to spot suspicious activity is stronger than ever. "We only audit 1% of the taxpayers," McCormack says. "We have to try and figure out how to make the best use of the [government's investigative] resources."

Special Report

The Future of BI

Stories in this report:

Copyright © 2004 IDG Communications, Inc.

It’s time to break the ChatGPT habit
Shop Tech Products at Amazon