Share with your friends


Analytics Magazine

Fighting Fraud: Employing big data and analytics to reduce fraud

November/December 2014

Drew Carter Stephanie Anderson

By Drew Carter and Stephanie Anderson

Even a cursory Internet search of fraud crimes delivers a multitude of results: the Little League secretary siphoning off a few thousand dollars, the trader known as the London Whale losing more than $6.2 billion for JPMorgan Chase, and hackers gaining access to customer information at major retailers and international banks.

Fraud is a multi-industry problem. Banking and credit are the ones that most frequently come to mind for the average person. However, retail, transportation and manufacturing are also prone to fraud. In fact, it would be difficult to name an industry impervious to it. Take the telecommunications industry, for example. According to the FTC, telecom fraud accounted for 34 percent of its fraud complaints in 2012, up from 20 percent in 2010. Verizon estimates that fraud costs the industry $4 billion a year. In telecommunications, fraud is most frequently focused in three areas:

  • Defrauding telecommunication companies
  • Defrauding telecommunication subscribers
  • Schemes conducted over the telephone

While fraud is prevalent everywhere, its identification is not simple. There are two types of fraud schemes: “known” and “unknown.” Known fraud schemes are easier to identify. They are the scenarios where fraud has been identified in the past. Rules engines can be established in computer systems to look for specific patterns of behavior. For instance, one can look for transactions of a certain amount – say, more than $1,000 – between employees inside a company. However, similar to ever-evolving e-mail spam, the fraudsters are always devising new methods that can remain undetected for some period.

Unknown fraud schemes, especially new ones, may continue for years without detection until they are uncovered in an investigation or a company’s deep dive into costs and profitability variances during an economic downturn. These are the sinister schemes one can’t even imagine are happening because no one knows to look for them. Once they are uncovered and observed, their patterns can be “built into” rules-engines within a few days or weeks.

Screen shots of the AlixPartners “World Platform” anti-corruption toolset.

Screen shots of the AlixPartners “World Platform” anti-corruption toolset.

Change from Reactive to Proactive

Fraud prevention efforts are primarily spurred by reactive investigations and penalties. Few companies truly engage in proactive fraud monitoring. The majority of thought leadership in proactive monitoring has emerged from the financial services space. With millions of dollars (or more) at risk at the click of a mouse button, financial services companies have a clear incentive to actively monitor for fraud. One area that industry is monitoring is “bust-out” fraud, or first-party fraud in which the thief applies for a line of credit (credit card, etc.), behaves well, increases the credit line and then disappears, leaving a large balance delinquent. This type of scheme is estimated to cost more than $1.5 billion a year in losses, according to Credit Risk International.

A recent bust-out fraud cost Southern California banks at least $15 million. That scheme involved 15 people, is alleged to have started in February 2010 and ran until October 2013. According to the FBI, it included:

  • “Processors” who fabricated or hired others to make fictitious checks for the purpose of conducting bust-outs;
  • “Brokers” who solicited people with legitimate bank accounts; these would lend their accounts to be busted out in exchange for a fee; and
  • “Runners” or “washers” who allegedly deposited fictitious checks into, then withdraw funds from, the account to be busted out.

A few years ago a criminal group of more than 700 people cost U.S. banks over $80 million in losses. The most common scheme involved fraudulent loan applications that misstated how long the applicant had been employed and grossly exaggerated yearly salaries. Via online applications, the culprits received credit cards with sizeable credit limits.

Often, these people also received cash advances on the card. Shortly after the cash advances, they sent the issuing bank a check, frequently for slightly more than the outstanding balance. Although the check was returned for insufficient funds, the fraudulent payment caused the bank to temporarily increase credit lines. By the time the fraud was discovered, the bank was out tens of thousands of dollars per fraud incident.

Despite the large potential losses, however, even the most sophisticated operators are losing ground to fraud.

Screen shots of the AlixPartners “World Platform” anti-corruption toolset.

Screen shots of the AlixPartners “World Platform” anti-corruption toolset.

What’s Needed to Succeed?

Reactive fraud prevention will always be a handicapped method to prevent losses (and, often, embarrassing public events). Proactive fraud monitoring using advanced analytics, including big data, is required to adapt to the growing threat of fraud.

What exactly is big data? We define it by the “4 Vs”:

  • Volume. Originally described as the size of data versus processing capability, volume today is typically measured simply by size of the data alone. This year, “big” volume might be 25 terabytes (TB); by next year, 250 TB. For comparison, it’s estimated that a jet engine in a Boeing plane generates 20 TB of data for every hour of operation; on one Atlantic crossing, a four-engine jet can create 640 TB of data.
  • Velocity. This is the frequency of generation and capture of batch, near-time and real-time streams of data. A world of real-time promotional offers (where offers are generated at the moment of interaction) requires lightning-fast processing and feedback loops so that things like promotional campaigns can match geolocations, click streams, sentiments and purchase histories. For instance, online-ad technology can operate at 50 to 450 milliseconds (ms) and high-frequency stock-trading platforms operate at less than 60 ms for transatlantic round-trip transactions.
  • Variety. Data no longer fits into neat structures that happily reside in a traditional “database.” The proliferation in the variety of data sources (radio-frequency identification, sensors, social networking, mobile devices, etc.) and types (geospatial, etc.) – coupled with traditional sources (documents, click-stream sets, etc.) – conspire to generate a veritable fur ball. Add unstructured data to the mix, and things get even more complicated.
  • Virality. This is the speed at which data gets spread from person to person, whether by voice, image or machine. Social networks and the data they generate have created a new dimension of measurement: “going viral.” The monetization of data assets is about understanding factors old and new, and how they work together – not necessarily about capturing, storing or reporting on every piece of information passing near the orbit of a company. It’s about knowing what matters, discarding the rest, and focusing on the “important bits.”

To come full circle, employing analytics for proactive fraud monitoring requires:

Organizing around the data

Companies often address their big data challenges and opportunities by directing a talented IT person to “own” the program at hand. This tactic typically fails. To develop a true data-insights approach to business, an organization must treat data as an asset. And that means the whole company must be structured to access, interpret and act based on insights drawn from the data, focusing on:

  • Robust internal data sets (organized and cleaned and ready for analysis)
  • External data (often from a combination of free and paid sources) that provides insight into fraudsters’ behaviors (such as applications for multiple lines of credit) – often a signal of coming malfeasance.

Agreeing that the business “drives this data”

Big data projects must be driven by the company’s core business in a way that makes it user-friendly, not by taking a “build-it-and-they-will-come and figure it out” approach. The business begins by determining the key-performance areas that are crucial to manage or monitor. That, in turn, determines the kinds of data required and the kinds of analysis needed to find the insights lurking in the data. For anti-fraud efforts, the business can guide data needs by identifying:

  • Already-known fraud scenarios – this will provide an initial data set to begin monitoring. It will also provide a basis for monitoring algorithms.
  • Building up sensitivities to unknown scenarios – while, of course, unknown risks are by definition unknown, companies can identify areas where the effect of fraud would be especially negative, such as an increase in product prices paid by certain customers, which may indicate procurement kickbacks or provide funding for covering up other undesirable behaviors, such as bribing government officials to obtain government contracts, permits and licensing or to overlook illegal or non-compliant activities.

Data analytics can help in monitoring these scenarios once desired business processes are defined and reporting dashboards are developed.

Sophisticated Analytics

Analytics, in this environment, does not mean just a spreadsheet. It means such things as advanced methods of pattern identification, to be designed and operated by experienced analytics and fraud professionals. Pattern recognition is a science of its own, but it is hardly new. For instance, the Fibonacci sequence was made famous by Italian mathematician Leonardo Bonacci, aka “Fibonacci,” in his 1202 book, “Liber Abaci.”

Advanced practitioners today are using pattern recognition methods to establish relationships in fields as diverse as baseball and healthcare. Analytics have even reached the level of sophistication to create original works of art. Dave Cope, a musician and computer scientist, has developed a program called “Emily Howell” that can create original works of music seen by many critics as being on par with that of the world’s greatest musicians.

When tackled by experienced professionals, these efforts should deliver:

  • Accurate insights – the “confusion matrix” is a standard tool to measure accuracy. It is used to identify type 1 (I said you were a safe transaction, but you were actually fraudulent) and type 2 (I said you were fraudulent, but you were actually a safe transaction) errors. The best monitoring provides a balance of missing only a few bad scenarios, but not calling too many scenarios into question.
  • Timely insights – as required by the nature of the business.
  • Simple access – delivery of fraud warnings in clear, easy-to-understand language and processes.


With ever-increasing fraud instances and always more complex fraud scenarios, proactive monitoring for bad actors and bad scenarios is emerging as required capabilities for companies around the world. No company can afford the direct (monetary) and indirect (customer perception) losses associated with fraud incidents. It can take many years for companies to recover from these situations, and companies that are not taking the proper precautions face increasingly stiffer penalties. Although proactive solutions are available, and include the use of big data and analytics, they are not simple and require expert guidance.

Drew Carter ( is an applied analytics expert and Stephanie Anderson ( is an expert in fraud compliance and forensic accounting. They are managing directors of AlixPartners, LLP, (, a global business advisory firm and an industry leader of proactive monitoring for compliance and fraud.

Screen shots of the AlixPartners “World Platform” anti-corruption toolset.

business analytics news and articles

Related Posts

  • 33
    If the world seemed dangerous from a financial crime perspective last year, FICO experts predict an even more challenging 2017. In a new paper, four of the leaders in the company’s fraud and financial crime group laid out 17 predictions, ranging from killer devices in the home to hacked fingerprints.
    Tags: fraud, crimes, analytics


Using machine learning and optimization to improve refugee integration

Andrew C. Trapp, a professor at the Foisie Business School at Worcester Polytechnic Institute (WPI), received a $320,000 National Science Foundation (NSF) grant to develop a computational tool to help humanitarian aid organizations significantly improve refugees’ chances of successfully resettling and integrating into a new country. Built upon ongoing work with an international team of computer scientists and economists, the tool integrates machine learning and optimization algorithms, along with complex computation of data, to match refugees to communities where they will find appropriate resources, including employment opportunities. Read more →

Gartner releases Healthcare Supply Chain Top 25 rankings

Gartner, Inc. has released its 10th annual Healthcare Supply Chain Top 25 ranking. The rankings recognize organizations across the healthcare value chain that demonstrate leadership in improving human life at sustainable costs. “Healthcare supply chains today face a multitude of challenges: increasing cost pressures and patient expectations, as well as the need to keep up with rapid technology advancement, to name just a few,” says Stephen Meyer, senior director at Gartner. Read more →

Meet CIMON, the first AI-powered astronaut assistant

CIMON, the world’s first artificial intelligence-enabled astronaut assistant, made its debut aboard the International Space Station. The ISS’s newest crew member, developed and built in Germany, was called into action on Nov. 15 with the command, “Wake up, CIMON!,” by German ESA astronaut Alexander Gerst, who has been living and working on the ISS since June 8. Read more →



INFORMS Computing Society Conference
Jan. 6-8, 2019; Knoxville, Tenn.

INFORMS Conference on Business Analytics & Operations Research
April 14-16, 2019; Austin, Texas

INFORMS International Conference
June 9-12, 2019; Cancun, Mexico

INFORMS Marketing Science Conference
June 20-22; Rome, Italy

INFORMS Applied Probability Conference
July 2-4, 2019; Brisbane, Australia

INFORMS Healthcare Conference
July 27-29, 2019; Boston, Mass.

2019 INFORMS Annual Meeting
Oct. 20-23, 2019; Seattle, Wash.

Winter Simulation Conference
Dec. 8-11, 2019: National Harbor, Md.


Advancing the Analytics-Driven Organization
Jan. 28–31, 2019, 1 p.m.– 5 p.m. (live online)


CAP® Exam computer-based testing sites are available in 700 locations worldwide. Take the exam close to home and on your schedule:

For more information, go to