SAS® and Fraud Prevention (Brief Overview)

The hardest thing of all is to find a black cat in a dark room, especially if there is no cat.


Confucius would probably be right about the fraud, as well as the black cats. Fraudsters, accidental or professional, attempt to stay undetected. Financial fraud alone costs the UK over £2 million a day, according to Financial Fraud Action UK group. It is accepted wisdom that the fraud is difficult to identify and even more difficult to prevent.

In this paper I attempt to discuss what are the different types of data analytics available when it comes to fraud prevention. Typically, the detection methods are split into three categories: business rules, predictive analytics and social links analysis. Let’s start with business rules.

Business Rules

This method allows the business to create a nonsensical rules, for example a health insurer could say ‘If a patient’s gender is male and the treatment paid is pregnancy test, then raise a flag.’

These rules are easy to interpret and straightforward to validate, but the detection method is reactive, i.e., it usually triggers after the event. Also, it has a very narrow view on the situation, it doesn’t normally take additional conditions, such as the total value of the claim or any other alerts recently raised. Having too many rules means being swamped with alerts, having too few rules means missing obvious fraud.

Predictive modelling deals with most of the disadvantages of business rules successfully.

Predictive Modelling

Predictive Modelling comes in two flavours: Supervised and Unsupervised. The key difference between them is that the first type is ‘trained’ on already proven fraud cases while the second type does not require training and is typically used for detecting anomalous behaviour.

Supervised Modelling

So let’s have a look at an example of supervised predictive modelling. Your local bank has 10,000 accounts. About 0.5% of them turnout to be fraudulent, that is, 50 bank accounts in the last 12 months. The bank’s data analyst would then take all the data he or she can get about these 50 accounts and statistically try to compare them against a representative sample of, hopefully not fraudulent, bank accounts. He might discover things such as that fraudulent accounts were set up within 6 months of the event, account holders did not live at their home address longer than 12 months and so on. The final model would be trained to process data in a balanced way, where the more it has to go on with, the better the prediction it would make. The model itself would have different “weights” attached to different indicators and it is the whole situation that is assessed, for example, a person who has just moved but has the account for 2 months might be measured as a higher risk, but not as high as someone who just moved address and also just opened an account.

While predictive modelling uncovers suspected fraud before the event, the output is not as straightforward as business rules and often very difficult to interpret as the result is given as a probability. This is why this sort of models is used to adjust risk exposure, add additional verification checks, delay payments and take other actions that minimise loss and deter the would-be criminals.

Supervised modelling uses a number of mathematical techniques, such as regressions, decision trees, neural networks and others. We will do an overview of these and other methods at a later stage in this blog.

Unsupervised Modelling

Unsupervised Modelling does not use known cases to determine how they are different from the non-fraudulent ones; instead, it looks for anomalies, instances that are unusual in some identifiable ways that do not adhere to the normal. For example, an extremely high number of credit card applications from an individual. It might sound like a business rule, but this is not and I will explain why. It does not use categories and fast and hard rules ‘if a=1 and b=2, then raise it flag’. The unsupervised models are dynamic, the cut-off could change and adjust dynamically, and they can take into account multiple categories and dimensions in order to make a decision.

The output from the model is often difficult to interpret and it should be seen in context of other alerts and rules.

The criminals often spend some time figuring out the controls that the business has in order to circumvent them more effectively. In some cases, criminals might recruit an employee of that business in order to gain information from inside. This is where social links analysis comes in.

Social Links Analysis

This should not be confused with Facebook or Twitter analysis. Social Links Analysis aims to uncover links that join together different business stakeholders in some way that could betray an unlawful activity. For example, what if your employee shares the same bank account details as your customer who on the face of it does not share anything else in common with your employee. Or what if several dozens of customers share the same mobile number?

Social links analysis often raises more questions than it answers, but these questions are very reliable indicators of patterns that could lead to more sales or undetected exposure to organised fraud. The theory says that any given fraudster is limited by how many identities he or she can remember, how many mobile numbers can carry and how many physical addresses or bank account can be maintained. As fraudsters recycle information, they leave traces that, with help from Social Links Analysis, can be uncovered to prevent fraud on a truly large scale.

Putting it all together

So now you might have several hundreds of business rules that are run daily alongside of dozens of predictive modules and several sophisticated social links analysis algorithms. What’s next? Well, hold on there, how are you dealing with all of this information? How confident are you in the data that you are working with? If your fraud analyst does not trust the models or he or she is overwhelmed with information, then all of this effort is for nothing.

This is where SAS® Intelligence Platform comes in. Within a single platform, it is possible to build a reliable data warehouse that acts as a foundation for a myriad of models. All of the models are developed, deployed and monitored on the single SAS® platform. At the end, your fraud analyst gets a list of alerts, sorted in terms of the amount at risk, probability of fraud, as well as any other related information, such as the number and type of flags raised for a suspected perpetrator. Now we are talking. It is only when the right person has just the right amount of information, that we can say with confidence if the cat is in the room or not.

We are here to help

If you like what you have read here today, we would love to hear from you. We employ the latest SAS® fraud prevention technologies, such as predictive modelling, links analysis and business rules, to ensure that you can score all of your transactions close to real time. The tools and know-how we provide will detect fraudulent activity before money has left the business, reduce investigative time, and allow you to prioritise workflow efficiently. This will improve legitimate customer satisfaction, discourage fraudsters from targeting your organisation and so give you a clear competitive advantage.

Our experts will help you to stop losses before they occur. We will analyse, implement and maximise the benefits of your SAS® platform.

About author

Vasilij Nevlev
Senior SAS Consultant
Vasilij Nevlev is experienced Senior SAS Consultant with a proven track record of delivering end-to-end tailored SAS® business analytics solutions for a variety of companies in the UK and Europe.

Our services

Reliability is the key. We ask the right questions, at the right time in order to deliver a solution that is perfect for you.

Reducing exposure to fraud related losses, through the SAS platform, is easier than you may believe. It is an area we have focused on because of the major benefits that can be achieved simply by employing the correct defences.

We expect our personal data to be available to us wherever we go, to find a mobile application for whatever we need. Unfortunately this is not always possible for corporate data and applications.

It’s no secret that the internet is full of easily accessible free information so why not make more use of it in the corporate business sector?

Many organisations are drowning in a sea of disorganised data, seeing it as simply a bi-product of operations used for minimal MI reporting. In reality, fully optimised data management is the most powerful tool any business possesses.

SAS is one of the most advanced and sophisticated data analytics platforms on the market, but it is made up of dozens of major elements in multiple environments.

We pride ourselves on being a forward thinking, innovative company and as such we positively enjoy sharing our knowledge and expertise.


Still have questions?

Ask our manager