Feb 1, 2024
views
Decision Engine has become a crucial component in fraud detection within the banking industry. Fraud comes in a variety of forms. We will define all types of fraud and how decision engines can play a major role in helping banks and financial institutions to detect, deflect fraud and prevent losses.
Decision Engine in Action: Transforming Fraud Detection in Banking Systems
Decision Engine has become a crucial component in fraud detection within the banking industry. Fraud comes in a variety of forms. We will define all types of fraud and how decision engines can play a major role in helping banks and financial institutions to detect, deflect fraud and prevent losses.
What is a Decision Engine?
Before we delve into the world of fraud detection and analytics, let’s talk about Decision Engine and why it’s important in today’s banking environment. Decision Engine in essence is a business rule management system or BRMS. It is a suite of software that’s plugged into data streams, rules authoring and management as well as integration to the rest of the enterprise ecosystem.
A decision engine is the heart of any banking and financial system and it serves critical functions throughout the consumer life cycle. From identity verification, account management, payment processing to collections and recovery, decision engines are used in every aspect of customer interaction.
A well designed decision engine is embedded into the overall banking system and it should supply critical decisions and influence all customer interaction touch points.
Who uses a Decision Engine?
Decision Engines used to be expensive to build or operate. They were only available to big banks, credit card processors and large financial institutions that could spend millions of dollars to operate and maintain a large system like a decision engine. Engineers, risk officers, data analysts and operations managers are just some of the internal stakeholders that work with and use these decision engines to prevent losses.
However, computational cost, storage capacity, knowledge spread has given a whole new generation of decision engine companies to rise up and support the rest of the banking, finance and fintech industry. These decision engines are built from ground up with more flexibility and integration points to support today’s mobile centric economy.
However, each decision engine company has their advantages and focuses. If you aren’t building one yourself and open to work with a decision engine vendor, please consider a few must-have features: third party integration, variable library, decision tree editor, API and webhook triggers to interact with other enterprise systems. We wrong another article on this topic here: Credit Decision Engine: Do's and Don'ts.
Definition of fraud in banking system
Fraud is probably the biggest loss item right behind credit loss for large banks and financial services institutions. However, fraud loss is more lopsided with small institutions and fintechs that are attracting a whole new class of customers or fraudsters to join and test their system.
Many fintech startups are not aware or not prepared to deflect fraud and have written off hundreds of thousands of dollars if not millions due to fraud. Fraud losses are still elusive to many financial institutions for a variety of reasons, lack of talent, technology and access to datasets that can help them detect fraud attempts early.
Fraud definition: First party fraud
First party fraud is defined as an individual or small business owner or any entity applying for a financial instrument with the intention of defrauding the financial institution. These individuals or entities are using their true identity to open up accounts, take out credit or loans with no intention of paying back.
First party fraud is harder to detect because true identities are being used and often, they can pass any types of fraud detection tools or verifications and credit underwriting. However, if your institution is lucky enough to not be their first victim, you could probably detect this fraudulent behavior by looking into the perpetrator’s bank account.
If you ever use Plaid or Flinks as part of the onboarding process, you could probably see that the bank account has multiple, recent deposits from various lending institutions. This means that this person is either defrauding a bunch of lenders or getting himself into a bind and can’t service the repayments on these loans in the near future. Both outcomes are bad for the individual and for the bank that’s lending money out.
Conversely, if the bank account is opened recently and you don’t see many deposits or withdrawals, the bank account might be opened recently and used to defraud lenders. All of these activities should be pushed into a Review queue for a risk or fraud analyst to do a secondary review before granting credit.
So as you can see, the decision engine needs to be well placed and integrated into the customer onboarding process and tapped into third party data providers such as Plaid, Flinks and other data sources to give banks a different perspective on the intent of this person’s application for credit.
Fraud definition: Second party fraud
Second party fraud or affiliate fraud is a fraudulent behavior that’s exhibited by banks and financial institutions marketing partners. Sometimes out of desperation to make money, these marketers will send fake or duplicate traffic that was sent to the bank before.
Unsuspecting banks might look at these traffics as potential new customers and proceed to underwrite them. Most of the time, these second parties are sending real personal information collected from real requests and forwarding them to the bank, a day, week or maybe even a month later to get paid for another lead provided to the bank.
From the bank’s point of view, this customer is coming back again and maybe this time the customer will accept the credit offer and become a bank customer. One of the ways to see if applicants are truly coming from a person’s computer is to use their Device ID, IP address and out-of-wallet questions to detect the applicant’s true intention.
Device identity, IP Addresses other forms of out of wallet questions are a good way for credit decision engines to integrate and interact with the customer journey. Marketing affiliates might be able to mask IPs and fake device IDs but they can’t easily answer out of wallet questions.
A decision engine should be able to connect to a third party data source such as Experian’s Precise ID and prompt a few questions to the user and see if he/she is there to answer these questions in a reasonable amount of time.
Lastly, banks and financial institutions should produce internal real time reports which can detect velocity of applications with the same Personal Identifiable Information and see if any of the marketing affiliate companies are playing games.
Fraud definition: Third party fraud
Third party fraud is when an individual or criminal organization steals personal information and uses that information to apply for bank accounts, credit cards and other financial instruments and all the funds are structured into their bank accounts.
There are a few ways to detect this type of fraud and utilize your decision engine to run real time rules to alert risk professionals. For example, if the applicants are approved but their funds are all going to the same or a few bank accounts, it’s probably a good sign that these identities are all stolen and the loan proceeds are being stored in an account that the fraudster has opened to collect loan proceeds.
Another way to deflect third party fraud is to instruct the decision engine to prompt for out of wallet questions. It’s one thing to have stolen identity passed into your system. It's another level of theft if the fraudster has enough information to pass through a series of challenge questions. There are many third party data providers that provide out of wallet questions that could be integrated into the decision engine. Some of these out of wallet questions are things such as previous addresses lived or make and model of the cars owned etc.
Only a bonafide application might know these questions from their past.
Decision Engine and Fraud
Fraud comes in a variety of forms and ultimately some level of losses are expected but if you have a decision engine and the right expertise to link third party data, design an application workflow that can slow down the fraud attempts you might be able to capture a fair amount of fraud attempts without hampering the majority of the customer experience and still provide a smooth onboarding experience.
Look for a decision engine that can connect to third party data providers, ample APIs and webhooks to interact with rest of the enterprise platforms and make quick decisions and stop unwanted applications and have a workflow system that can get a risk analyst to quickly adjudicated the applicant and move the applications forward.
If you are looking for a more comprehensive review of a decision engine, please check out our other article The Power of Credit Decision Engine: A Comprehensive Guide.
For more information, please visit www.lendapi.com