A robust and low-latency fraud analysis pipeline/risk engine makes financial institutions become both more competitive and more trusted.
The proliferation of event-based streaming data has transformed entire industries, but its effect on financial services is particularly dramatic. From trades and credit authorizations to wire transfers, financial institutions need a window into what is happening in real time for almost all operations. Real-time data insights enable firms to stop fraud before it happens, serve customers better and faster, meet compliance requirements, and deliver innovative new products and services. Today, firms can’t afford to take a look in the rear-view mirror at data, and that’s especially true in the case of financial fraud and anti-money laundering (AML).
The stakes of not being able to effectively comply with financial regulations are high. A recent LexisNexis study reports that AML compliance costs alone for US and Canadian financial institutions total $31.5 billion each year. The ability to stop fraud accurately and quickly, on the other hand, makes financial institutions more trusted. As financial institutions build long-lasting brands, they aspire to be associated with success and excellent service—not illegal activities. It also makes them more competitive. In the era of instant gratification, customers have little patience for compliance staff asking multiple times to gather and verify information, so by identifying repeating patterns of customer behavior, firms also have the opportunity to tailor products based on client needs.
Outsmarting criminals using stream processing
The bad news is that anti-laundering, payments fraud, internal theft, identity theft, and other forms of fraud are all challenging organizations that are using traditional, batch-oriented, and siloed methods of detection. Most AML activities require manual effort, making them inefficient, time-consuming, and difficult to scale. Adding to the challenge, criminals are using more sophisticated means to remain undetected. Patterns of fraud continuously evolve, making it extremely difficult for financial institutions to pinpoint and proactively prevent criminal activity.
The good news? New technologies are available now to help. Streaming data and stream processing architectures present new opportunities to help discover, alert, and manage fraudulent activities based on real-time data streams. The benefits to firms are multiple and varied. For instance, algorithms can identify fraud patterns to detect credit card fraud at the point of sale in real-time or wire fraud prior to releasing funds. By correlating a customer’s interactions with various products and channels, transactions that are inconsistent with normal behavior can be immediately tagged for review. Likewise, comparing claims with identified fraud patterns can help flag suspicious claims. By immediately alerting the right individuals to potential fraud, investigation teams can be deployed more effectively without wasting huge amounts of time and money chasing down false positives.
Technologies for fast, effective detection
Streaming processing architectures solve the problem of siloed data and slow, batch processing based on stale data. Streaming platforms take the idea of low-latency data at scale and make it possible to use a platform to connect all the applications and systems in a financial institution. There are a number of ways to build fraud identification and risk engines that can be employed in modern stream processing paradigms. The exact design of the system employed depends on the type of business, use case, and fraud detection algorithm.
A common approach is to represent financial transactions of some type (ATM withdrawals, credit authorizations, etc.) as a stream of data—perhaps living in a collection of Kafka topics. A production pipeline can be created by processing this stream of data detecting potential fraud and sending results to various stakeholder applications. Information is processed through the streaming platform, eliminating the need for point-to-point connections between data sinks and applications. Instead, the platform offers a single platform to process streams of data in real time, at any scale, in any environment, whether on-premise or in the cloud.
Multiple jobs can be created to process this stream in various ways, with the output constantly being sent to an output sink, alerting framework or Machine Learning models, or maybe displayed in an application or dashboard. Processing and inspecting events in this manner is relatively simple and straightforward.
Inspecting streams of data with CEP
One technology integral to inspecting events is Complex Event Processing (CEP). It has become a popular way to inspect streams of data for various patterns that the financial institution may be interested in. CEP is exposed as a library that allows financial events to be matched against various patterns to detect fraud. What’s needed is a streaming platform that exposes a robust framework for running CEP on streams of data – and do it in a simple and approachable way. Apache Flink exposes a rich Pattern API in Java or Scala—the other key ingredient is a processing runtime. Using Structured Query Language (SQL) adds additional simplicity and power by abstracting complex CEP libraries into a declarative format.
A Pattern API allows complex pattern sequences to be defined against the incoming stream. These are built from one or more simple patterns in a chain or sequence. Matches to the pattern are returned and can be routed to a sink for further investigation.
Using CEP, stream processing architectures can help surface and identify repetitive and/or suspicious transaction activities, pinpoint areas of risk of non-compliance, and direct the most pertinent suspicious transactions activity reports and other activities to the appropriate individuals to reduce risk and help avoid fraudulent activities. For example, a fraud detection algorithm can take windows of data and, through just a few programming primitives, question the fraud data streams with queries and conditions: “This individual is trying to send duplicate transfers. Do not release the funds and route to the compliance team to investigate.” Or, “This transaction is coming from a highly unlikely location. Flag the transaction and investigate.” It’s a very effective way to identify patterns without either a huge resource outlay, or worse, a significant delay before detection.
Winning the war on fraud
Preventing the use of financial networks to commit crimes is its own reward; however, financial institutions that take the lead in doing so accrue additional benefits. Collectively, they can avoid billions in fraud and AML non-compliance penalties. They can increase efficiency because compliance professionals can focus on the most urgent and real problems.
Although overall, fraud compliance may seem like a burden, many companies overlook the fact that there are many opportunities and competitive advantages that can be achieved through a different strategic approach to compliance. A robust and low-latency fraud analysis pipeline/risk engine makes financial institutions become both more competitive and more trusted. And, by exposing and analyzing patterns in customer behavior, financial institutions even have the opportunity to craft products and services that are uniquely suited to customer needs.