1 / 20

John E. Clark Executive Consultant IBM Corporation

Are You Exposed?. Financial institutions are being asked to investigate and manage threats like the CIA does, but are not equipped to do so.

brasen
Télécharger la présentation

John E. Clark Executive Consultant IBM Corporation

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Are You Exposed? Financial institutions are being asked to investigate and manage threats like the CIA does, but are not equipped to do so. Learn how ‘Composite’ investigative capabilities developed for national security can help you connect-the-dots across compliance silos to increase effectiveness and reduce risk John E. Clark Executive Consultant IBM Corporation Austin Wells Vice President Digital Harbor Inc.

  2. Part I: AML & Fraud Market Trends, Observations, & Conclusions AML and Fraud are on the rise, with stricter scrutiny and increased cost of failure A unified view across compliance functions (e.g. AML, Fraud, EDD) reduces cost & risk Enterprise Case Management is essential in BSA, Patriot Act, & Basel II compliance Part II: Example of a New “Compositing” Approach National security techniques help FSIs fight money laundering, fraud, & security incidents Technology: Ontology as the middleware to achieve semantic fusion Lessons Learned: Integration and investigation must supplement workflow Today‘s Discussion: Applications of Semantic Web TechnologyEnterprise Investigation & Case Management

  3. 28% North America Source: Celent Research Money Laundering is on the Rise:Arms race as FSIs increase spending to keep pace with activity Total Funds Laundered Worldwide US $ Billions Spending Implications for FSIs • Increased spending on personnel and systems to manage growing problem • Increased risk of fines from regulation According to Tower Group, up to 30% of IT compliance spending is "waste.“ Its recommendation: “Integrated compliance systems that attack AML comprehensively”

  4. Call Center (typical case management) Objective: efficient and high quality process through: Automation to ensure proper procedures and time frames Standardization of steps to ensure desired outcome Integration of processes with context appropriate data Assumptions: to achieve the objective, you must have: Predictable process: definitively map the steps needed to ensure desired outcome. Can be complex with decision points, but is primarily known. Known inputs: data needed to support decisions and outcome are known and defined before the process begins. Investigations (compliance need): Objective: effectively mitigate risk to the enterprise by: Process: Skillfully and accurately executing established programs as required by the regulating entities (OFAC, 314, CIP, KYC, transaction monitoring, etc) Discovery: Uncovering and eliminating real risks in the enterprise (investigating unusual activity and suspicious entities) Assumptions: to achieve this objective you must have: Flexible process within controlled environment, objective rather than step by step plan Dynamic data discovery of all relevant data inside and outside the enterprise, i.e. the ability to follow the trail using human cognitive skills, reasoning, and logic Case management solutions for FS compliance • Within compliance investigations, there is a common requirement for case management. That is, there are multiple sources of unusual activity and there needs to be a consolidated process and capability to follow up on this information while enforcing regulatory requirements. • However, the Alerts and other sources of unusual activity are only the starting point. The biggest challenge is conducting a high quality and consistent investigative process to facilitate intelligent human decisions. The compliance need is really about supporting complex human decisions, in addition to automation of the predictable aspects of the process.

  5. Internet Fraud Alterations Credit Abuse POS Fraud Loan Applications Tele- Marketing Credit Card Fraud Account Takeover Deposit Fraud Counter- Feiting Identity Theft Smurfing Mass Takeover Phishing Online Banking Forgery Check Fraud Kiting New Account Insider Fraud is on the Rise:Quantity and variety of frauds schemes are growing exponentially …and even when we deploy solutions, we don’t connect them in ways that allow one silo to know what is happening in another silo

  6. Equity Line Log Consumer Loan Log 093245-3454 balance inquiry 074493-5456 withdraw $8,723.00 034207-9485 new loan $847.00 073837-4634 payment $50.00 049793-5834 balance inquiry 049793-5834 withdraw $8,484.00 099349-3554 new loan $5,000.00 053284-4335 new loan $3,230.00 Debit Card Log 093245-3454 balance inquiry 049793-5834 withdraw $5,897.00 034207-9485 deposit $847.00 049793-5834 withdraw $8,374.00 024393-5543 transfer $8,923.00 023428-0044 withdraw $880.00 Credit Card Log 053284-4335 deposit $3,230.00 093245-3454 balance inquiry 034893-3544 withdraw $995.00 034207-9485 transfer $847.00 049792-4334 withdraw $8,374.00 034893-3544 transfer $7,703.00 023428-0044 withdraw $880.00 Recap for Mary Smith 034893-3544 transfer $7,703.00 099349-3554 new loan $5,000.00 074493-5456 withdraw $8,723.00 049793-5834 withdraw $8,374.00 034893-3544 withdraw $995.00 049793-5834 withdraw $5,897.00 Key Management Challenges:Cross Account Visibility Mary’s accounts are being drained. + New borrowing + She’s usually a saver! = Trouble, visible only across accounts

  7. Example: AML & Fraud Investigation For any suspicious event, analyst needs to know… • what (Transaction Alert) • where (Branches) • which (Transactions) • when (Frequency) • why (Associate Links) • who responds (Managers) ACCOUNTS CRM BI Tools GIS ALERTS Need to relate—not just copy—information from many sources

  8. Common Capabilities Needed Across Risk & Compliance Functions “Companies that select individual solutions for each regulatory challenge they face will spend 10 times more on IT portion of compliance projects than companies that take on a proactive and more integrated approach.” -Gartner

  9. Lessons Learned in National Security:Not just work items to be processed…Risks to be investigated. Holistic View of Risk & Compliance ! Event Resolution Alert Capture • A “compositing” problem • Integrate many detection systemsin AML, Fraud, Op Risk, EDD, SOX • Logically map to multiple sources • Flexible: not just alerts, but other data, docs, web, images, email • Real-Time Correlated View • Customizable to fit situation 1 5 Contextual Collaboration RiskResponse Cycle Investigation 2 4 3 Case Management Detection Software Alone is Not Enough: Must Investigate & Respond

  10. Within silos, you need information from many sources Investigation = Composing a Picture Responding to any individual AML or Fraud alert, conducting enhanced due diligence, or assessing operational risk requires information from many sources to get the “complete picture”. To respond to any event, you look at many sources to compose a picture of the situation: • Detection tools • Internal databases • Lists • Case systems • Web • Documents • Images • Email Today, we often go to each source separately and draw links in our heads to make decisions. Case Management Alerts Data Warehouse Documents &Web Digital Harbor logically links live data from many sources as if they were one

  11. Across silos, you need to see how events are related Convergence = Composite Applications Different systems monitor different kinds of events; Case management connects the dots so you can respond intelligently Events in different dimensions may be related (e.g. by customer or household). It’s the links between things that make them meaningful. • Anti-Money Laundering • Fraud • Enhanced Due Diligence • Operational Risk • Sarbanes-Oxley Today, we often don’t tie these dimensions together, so we have a fragmented view Composite applications connect the dots so you get a complete picture

  12. Unique Technology: The PiiE™ Platform Composite UI (Smart Client) Present information to users in a real-time, interactive XML interface Composite Schema (Business Ontology) A Business Ontology describes the semantics of data relationships, workflow, and events Customer Xaction AML Email HR Composite Queries (EII) Logically map multiple databases or web services as if they came from a single source

  13. Enterprise Investigation & Case Management Software provides glue to tie together Risk and Compliance systems in a Composite Solution Integration, not just Workflow -Investigation -Case Management -MIS Dashboard -Integration -Drill Down/Drill Across -Trend Analysis -Audit Process Ad-Hoc Drilling Drill Down Rich Visualization - Directly accesses data in detection engines • Links alerts with auxiliary information in other systems • Datasources, processes, and UI can be completely customized - Applies across risk and compliance functions Multiple Internal Systems Multiple External Systems Multiple Detection Engines Black and gray lists Web Services (e.g. FinCEN,Govt) Documents (e.g. Reports, Excel, All file types) XMLMessages (e.g. MQ, Tibco) Databases (e.g. Treasury, Payment, AML, Fraud, Sales Practice) • AML • Fraud • Sales Practice • EDD • Operational Risk • Sarbanes-Oxley Private Web (e.g. LexisNexis) Public Web (e.g. Google) Intranet(e.g. Portal) Images (e.g. Checks Statements) Email Archive Historical Web Invisible Web Drill Across Composite = Integrated, Holistic Solution

  14. Enterprise Data Link Analysis Email Retention & Discovery Fraud EDD AML With the right Enterprise Case Management solution you can extend the capabilities of transaction monitoring solutions for multiple risk areas including AML, Fraud, EDD, and corporate security • Holistic View (Fuse Services from Multiple Apps) • Transaction Monitoring & Anti-Money Laundering • Enterprise Linking • Visualization

  15. TACTICAL VIEW:Benefits of a Composite Approach to Case Management Link multiple systems in a single composite view Avoid manual work to “connect the dots” Avoid missed cases Have more control over data via ad-hoc drill down/drill across Better auditing and traceability across systems Aggregation of information, both structured and unstructured Digital information on each case, including “as was” snapshots Process management, with automatic escalation Visualize information in best form (maps, timelines, link analysis) Single approach with process controls for web, documents, and data

  16. Key Dimensions to Evaluating the Overall Value STRATEGIC VIEW:Seven Pillars of Value for Evaluating Enterprise Case Management • Reduce aggregate cycle time to process alert queue by 50% • Reduce risk of fines/reputational damage by investigating to eliminate false + & - • “SAR process fragmentation allows opportunities for control deficiencies.” • Understanding risk and compliance performance requires a composite picture • Allow same people to do more with less to manage manage workload, handle attrition • Eliminate Redundant Effort and Redundant Data by logically mapping to data. • Leverage same data & functionality across silos to improve overall efficiency and effectiveness

  17. Third-order organization • Supporting complex human decisions requires full use of explicitly related data (inside and outside the enterprise), but more importantly the ability to discover new relationships. • In the past our way of thinking has been shaped by the physical world, (i.e. no object can be in two places at the same time) leading to traditional “tree” type organizational schemas forcing objects to be classified in a single bucket. Third order organization of data is not confined by the same limits since the objects being organized are data, which can exist in many places at once. First Order Organization: Organization of physical items themselves. Example: books arranged on a shelf by author. Flat and hierarchal databases are also examples of first order organization. Relationships are not explicit but are implied by the order. Second Order Organization: Organization of data about physical items. Example: a card catalog at the library. Still pointing to the physical order of items. Relational databases are the most advanced form of second order organization, relationships are explicit. Third Order Organization: Data exists in many places at once and relationships need not be explicit. Users are able to sort and organize data in any way that suites their needs. Example Google uses explicit data relationships and the point in time needs of the user to dynamically relate information. “The rise of third-order organization changes the jobs of…knowledge managers. Their role is no longer to build trees that define the relationship of every bit of data in the company but to build enriched pools of data objects whose relationships to one another change constantly, depending on who is looking at them.”Harvard Business Review

  18. Intelligence: knowledge that has been assessed and evaluated for its logical consistency and relationships to what is already known. When transformed into hypotheses, becomes the basis for action. Knowledge: information that is cognitively useful because it is semantically assimilated into a body of prior knowledge grounded in experience. Information: data placed into syntax or context. Data: unprocessed sensory observations. Third order organization grows data into actionable intelligence Action Data is stored as information for specific contexts and reasons The compliance organization needs a system that can assimilate information into knowledge, so that the investigator can focus on producing intelligence, forming hypotheses, and taking action…true human value adds. The growth of intelligence is the desired core competency. Additionally, the system must provide workflow and audit capabilities to ensure regulatory processes are followed, provide process traceability, and provide feedback for improvement. The world produces raw data constantly

  19. Related Applications in the Government: Improper Payments Financial Compliance (A-133) Compliance & Audit Enforcement Security Investigations (facility, personnel) Operational Risk Management Grant Management Fraud Management (housing, employment, medicare,..) Intelligence & Counterintelligence Criminal Investigation, Legal Case Management Performance Management

  20. Questions For More Information, Please Contact Us At: Web: www.dharbor.com Email: inquiries@dharbor.com Phone: 703-476-7347 Austin Wells Vice President Digital Harbor Inc. <awells@dharbor.com> 703-476-7347

More Related