Beating fraud - can business intelligence help?
When used properly, it just might...
By Will Sturgeon
Fraud, data theft, e-crime. These may not be the first terms that come to mind when thinking of business intelligence software but, says Will Sturgeon, sophisticated analysis of data can indeed help companies beat nefarious activity.
Where there is money, there is crime. And in the digital age this can stretch to where there is data there is crime, because data, like time, is money.
As such, businesses have to be ever more wary of the threat posed to them by the multi-billion pound industry which has grown up around fraud and data theft or misuse. Many have turned to business intelligence software to help them spot problems early.
The principal here is simple. If a person scatters important documents, cash and possessions all over the floor, and doesn't really keep track of where they are, would they notice when something goes missing or is moved? Or, if they don't know how much money they have in their bank account and never read their statement, what chance is there they will spot when money has been siphoned out?
And if that bank account is processing thousands of transactions per day, or even per minute, what are the chances the human eye could detect the problem, especially when the culprits are covering their tracks - often exploiting weaknesses within their own systems?
Business intelligence, as its name suggests, enables businesses to understand more about what is happening on their networks and make informed decisions based on the analysis of the thousands of megabytes of data created everywhere from the desktops to the firewall. Detecting instances of fraud is just one benefit from an ordered approach to analysing business-critical data.
Bill Hostmann, research VP at Gartner, told silicon.com: "Organisations are using business intelligence broadly to access and analyse their information assets, to understand what happened, why did it happen and what will happen in their business. As a result you have more 'eyes on the data' as organisations ask these questions and consume the results. More eyes on the data provides more transparency into business operations and increases the likelihood of detecting fraud."
However, despite major wins against the fraudsters, Hostmann said fraud detection is often a "fortuitous side effect" of using business intelligence for effective auditing. Clearer ordering and transparency, required for audit, mean it is far easier to spot the anomalies. But however these wins come about they are delivering a major benefit, said Hostmann.
He said: "Business intelligence, done right, can provide its users with indications of outliers or anomalies in the business which can be either from changes in the market, changes in the business processes or from fraud."
In Europe alone, the NHS claims between €30bn and €100bn goes astray each year as a result of fraud. It's a sum of money that seems too incredible to be true but it's a figure provided by Jim Gee, CEO of the NHS counter fraud and security management service.
For all the talk of benefit cheats in trashy tabloids, typically the greatest level of fraud comes from within the health service - doctors and dentists who can soon accrue millions by working the system and relying on sheer volume of transactions and data being created within the healthcare system to mask their activities.
According to Peter Dorrington, head of fraud solutions at business intelligence vendor SAS: "All big frauds involve an employee somewhere along the line."
Take the case of a US doctor who was discovered to have been trading prescription drugs for guns. He was forced to repay $324,000 which he had fraudulently claimed from medical insurance company Highmark after an anomaly had appeared in the system that suggested he was overcharging for every injection he claimed for.
A few cents on every item of medication given could soon add up but would be likely to be subtle enough to evade the naked eye.
The only other area to come close to the same kinds of losses suffered in healthcare is the financial services sector. Gartner's Hostmann said banks are a major customer for business intelligence software. When banks globally lose $2bn per year to card fraud alone, the reasons why are clear.
One bank investing heavily in business intelligence software is HSBC. The bank uses BI to analyse data created at all points of sale and merchants - scouring transactions for anomalies.
Banks are understandably an attractive target for fraudsters. But SAS' Dorrington said nobody is immune - every company with a revenue stream is a potential target and no employees should be above suspicion.
Dorrington said: "I don't want to sound paranoid but we should assume that nobody is above the temptation to defraud."
Citing one case of an employee who was forced to steal data for fraudsters who were threatening his family, he added: "Everybody has their price."
As such, Dorrington said good business intelligence can help companies fulfil their "duty of care" in spotting when staff start acting erratically or fraudulently.
The type of data analysed is almost limitless. Dorrington said everything from the data created when the employee swipes into the office, to phone records and all system access and application data can be analysed.
He said: "Spread across multiple systems the individual actions of a fraudster may not trigger anything but their overall behaviour, when analysed, will.
"Fraudsters are very competent people and it is impossible in a modern business to monitor everything somebody does."
Dorrington said one of the benefits of the business intelligence approach is that systems are entirely objective. However, the results are only as good as the people using the system and businesses must have processes in place for reacting to activity flagged as suspicious.
He said: "All these systems can tell you about is an anomaly," adding that beyond that it is down to the users to work out what to do about that anomaly.
And that is the crucial message businesses must remember. Buying business intelligence software and installing it will not stop fraud. But using it strategically will.
Copyright ©2006 Oracle Corporation. All rights reserved. Disclaimer: Oracle reserves the right to distribute the Partner Solution Catalog for SMEs based on an internal selection criteria. If your organisation falls outside of this criteria, you may not receive the Oracle Partner Solution Catalog.Privacy Statement.