Citizens need to be at the heart of governments’ and public sector agencies’ fraud risk strategies. There are increasing reports of citizens receiving disguised phone calls—for example, from ‘tax authorities’ regarding pending tax bills or ‘immigration officers’ threatening deportation. In many cases, fraudsters persuade the individuals to make financial transactions or share financial information, resulting in losses. Fraud impacts people mentally and emotionally. It creates embarrassment and in some cases, victims—particularly senior citizens—stop using digital services altogether for fear of going through it all again.
As professionals who manage fraud risk, we focus a lot on financial recovery and detection. However, equal attention needs to be paid on supporting those impacted by fraud. We need to ensure that fraud-related insights and foresights are used to educate citizens on the types of fraud being committed. As we shape our defence against fraud, keeping citizens at the centre of our strategy is key.
How public/private sector collaboration can combat fraud
Fraud impacts all businesses and industries, everywhere in the world. Financial services is one of the most heavily impacted; every year, the industry loses over US$1 TN to fraud globally.
Common types of fraud across industries include:
- Identity fraud
- New account fraud
- Account takeover fraud
- Claims processing
- Payment fraud
- Telecom subscription fraud, including roaming fraud
When it comes to the public sector, the government has a difficult task ensuring that:
- Individuals impacted by fraud get appropriate support
- There are regulations in place for businesses to combat fraud and protect citizens’ interests
- Public funds are used appropriately and reach those in need
- Recovery occurs where public money has been lost to fraudsters
To ensure that we have robust controls against fraud, we need platforms that facilitate private/public sector collaboration, through which learnings and best practices from one industry are shared with others. And through which fraud-related data can be shared across organisations, institutes and agencies.
Who are fraudsters and what are their motivations?
Based on a KPMG survey analysing 750 fraudsters across 81 countries, 69% of fraudsters are between 36-55 years-old. While 79% are male, the percentage of females committing fraud is on the rise. Many fraudsters say that they are women, as women are less likely to come under suspicion. Thus, we must ensure that fraud prevention and detection machine learning models detect and learn from such scenarios without compromising ethics. Approximately 65% of fraudsters are employed by the companies that they are committing fraud for, and 35% hold senior leadership/director positions within them. The research also revealed that 62% work in groups.
If we look at fraudsters’ motivations, 60% do it for personal gain, 36% are motivated by greed and 27% do it “because I can.” This underscores that a lot of work needs to be done to lay foundations to prevent fraud.
Other key stats include the fact that technology is an enabler of fraud in 24% of cases, and the fact that only 3% of fraudsters are detected through proactive data and analytics.
How to detect and prevent fraud without compromising citizen experiences
Across government and the commercial sector, including Amazon.com, we see the importance of balancing customer experience, fraud, regulatory requirements, workforce capacity and technology advancements. Fraudsters are constantly changing their patterns while businesses are required to make critical decisions quickly and fairly on a large number of applicants. Citizens, for their part, demand positive, fast and reliable experiences. This has led, in some cases, to payment transactions being executed more quickly, leaving agencies with less time to identify, counteract and recover underlying funds when necessary. At the centre of all this is the friction created by trying to enable a positive experience while trying to prevent and detect fraud—with false positives often the result. According to KPMG, approximately 3% of e-commerce transactions are subject to false positives, creating additional friction and reducing consumer confidence.
Given these challenges, agencies need to consider holistic solutions that address current requirements yet offer the flexibility and scalability to meet future requirements.
Putting preventive measures in place
Let’s first map out the different types of fraud that citizens and businesses are exposed at various stages of their journey.
Here’s an example—a citizen’s shopping journey at an e-commerce site and how advanced detection and prevention techniques can reduce the likelihood of fraud:
- Onboarding: When the individual is creating an account, they might be exposed to stolen identify fraud and synthetic identify fraud. Enabling proactive KYC/AML checks and risk ratings can help detect fraud.
- Pre-authorisation: After the individual logs in and begins shopping online or in an app, they can be exposed to account takeover and credential stuffing. Here, applying behavioural biometrics, session intelligence and consortium and location data can help.
- During purchase: When the individual is making a transaction, they might be exposed to card testing and botnets. Solutions such as card controls and authentications, fraud score, cryptogram validation and pin validation can help reduce fraudulent activities.
- Post authorisation: While initiating a chargeback or return, there is the potential for friendly fraud or return fraud. Here, solutions such as authentication proof and blacklists can help.
A holistic framework to scale, automate and operationalise counter fraud activities
The following foundational capabilities are required to create a robust defence against fraud. It’s important to have a flexible and scalable platform that will adapt to and tackle new types of fraud.
- Strong data foundation: Data is the foundation for fighting fraud. Organisations need the capability to ingest any type of data from internal or external systems or agencies. Any foundation should support all data ingestion patterns: batch, near-real-time, real-time, API calls and streaming. Entity resolution and network graph is foundational for detecting and preventing fraud. The foundation should highlight PII, catalogue and enable data fabric benefits.
- AI-enabled: Beyond the buzz, it’s time for artificial intelligence (AI) to support the fraud prevention agenda. The platform should be open for integration with machine learning and AI-based fraud detection solutions. It should also feature configurable endpoints for common tasks and customisable model and data microservices for specific tasks. For example, AI-based services for facial recognition, text extraction and authorising claims can help agencies capitalise on investments made by ecosystem partners rather than re-invent the wheel themselves.
- Self-service investigation: Integration of case management and no-code business analytics and trending. The platform and framework need to support non-technical audiences, so data and AI outputs are used for investigation. This eliminates any requirement for investigators to have advanced technical skills.
- Consumption and notification: Presentations to investigators through applications, case management systems such as Salesforce, call centres and notification systems. The framework should have the ability to create a direct connection with individuals to protect them against fraud and educate them on new types of fraud via alerts and notifications.
- Data sharing: Cross-agency data exchange is essential for creating robust defences against fraud. This includes promoting the re-use of solutions that have been successful in one department to others, and ensuring that solutions built within central functions are made available to other agencies or, in some cases, private organisations, through federated governance.
- Enterprise process, AI and data governance, and security: Ensure the right governance mechanism and processes are in place to ensure platform security.
- Scalable and secure infrastructure: Ensure the capability to scale across departments, agencies and industries in secure manner.
- Cross-functional squad: The framework needs agile, cross-functional teams to respond to the changing fraud landscape and elevate analytical efforts.
Driving collaboration between investigators, citizens and data engineers
Effective detection, prevention, containment and remediation of fraud requires a cross-functional team from diverse backgrounds to work together. Modern platforms need to ensure that any framework and technologies used are intuitive and promote collaboration through smooth exchange and knowledge sharing.
Here, you need data engineers to manage internal and external data and to cleanse and prepare the data for building insights and foresights. Data scientists use this data to build machine learning, AI algorithms and analytics products that help detect and prevent fraud.
On the other hand, citizens get better experiences with advanced KYC and smart claims processing. The investigators pick up the outcomes of the machine learning models and scores in real-time to support decision making or investigate claims or fraudulent activities.
About the author
Deepak Shukla leads UK and Ireland Public Sector data and analytics capabilities for Amazon Web Services (AWS). He is passionate about creating business value for customers through the adoption of cloud, digital technologies, analytics, data products and AI/ML/data-led platforms.
Built over 20 years from the experience of fighting fraud on amazon.com, the AWS Cloud incorporates end-to-end capabilities to support counter fraud journeys. AWS continuously invests in building new capabilities itself or via partners to drive better experiences for citizens and investigators.
AWS sponsors a variety of programmes for UK public sector customers. These include Data Driven Everything (D2E), which helps customers develop an end-to-end fraud orchestration journey by providing people, processes and technologies to support the transformation. Data scientist and engineers, meanwhile, can benefit from AWS Immersion Days, through which they can get hands-on experience with services such as Amazon Fraud Detector, Amazon Rekognition, Amazon Textract and Amazon Comprehend.