Fighting corporate fraud with business intelligence

By RICHARD WOOD

Over the past two years the New South Wales equivalent of the ACC, Workcover NSW, saved $30 million by using business intelligence and statistical analysis software to stamp out corporate fraud.

Software vendor SAS Institute has since hired one of the key employees behind that project, Dr Peter O'Hanlon, and last week flew him to New Zealand to speak at a SAS user conference.

O'Hanlon described how savings per dollar spent on fraud detection went from an early return of $2 for every $1 spent, to $10 per $1 after two years of development.

He said his aim now was to transfer the knowledge of how to fight fraud using business intelligence tools.

But O'Hanlon was unwilling to identify local organisations showing interest. Nor could he estimate how many, or what percentage, of SAS's Business Intelligence clients were using the tools to combat fraud.

Instead, he focused on what he said was a growing threat from which New Zealand was not immune.

O'Hanlon said we could not rely on New Zealand's low corruption reputation because a lot of fraud was perpetuated from overseas.

O'Hanlon viewed electronic corporate fraud as an "arms race" where the baddies were changing methods constantly and "static" security-based frameworks were not adequate.

Threats existed both externally from customers, suppliers, and criminal gangs, and internally from staff. Fraud by internal staff could be challenging because they knew the systems, but the hardest to detect were when customers, suppliers and staff conspired, leaving no one to blow the whistle, he said.

Two types of fraud are "Smash and Grab" and "Trickle Flow".

An example of the first would arise by doing business with a fake company run by people with false identities doing high value electronic transactions who then disappear.

The second and harder type to identify was where people had lots of streams of income and they took little bits at a time. They knew the systems and could avoid detection.

O'Hanlon said the key to fighting the battle was to use Business Intelligence analytics tools to unlock the intelligence that was in the data.

"Most fraudsters leave a trail of data and most organisations don't actually tap into the signal that is in their data already."

The nirvana in stopping electronic fraud, said O'Hanlon, was to change people's perception that you were a soft target.

"Being so proactive that people don't even try and commit fraud against you anymore," he said. "But you'll only do that if start catching and killing."

O'Hanlon said the key feature in fighting the fraud battle was in analytics capability. There was a lot of "BS" around BI with some people using basic database repository standard reporting style analysis and calling that business intelligence.

SAS, which is one of the world's largest privately owned software firms, claimed 30 per cent growth in New Zealand for the past year but has not yet disclosed its revenue. Companies Office records show for the thirteen months to December 2000, it had revenue in New Zealand of $5.94 million and a loss of $349,217.