Significant fraud losses, large amounts of false positives, and serious adverse effects on client experience are the results of fragmented or non-existent strategies for fraud prevention in financial institutions. The response is reactive to a regulatory framework, but it does not respond to a preventive risk analysis. Criminals take advantage of this situation to obtain their illegal profits.
In most cases, the multiple financial channels are protected with independent, not integrated solutions, making it impossible to perform cross analyses of the information and detect anomalies. Therefore, there is a higher number of false positives, affecting effective detection. With cybercrime, the sophistication and speed of the new attacks prevent an immediate reaction without adequate tools.
Sentinel offers a comprehensive overview of customer behavior across all their products and channels, with the consequent improvement in the detection rate and reduction of fraud losses. These savings are maximized with minimum effects to the business and efficient attention to unusual activity.
It has a set of tools to enhance prevention and detection by achieving much more than the traditional models, through real-time engines, statistical models, predictive models, and "Machine Learning".
There are several fraud modalities derived from the origination process. Consequently, it is vitally important to include monitoring and control tools in the onboarding stage of customers:
Black Lists: It is the module which allows the Bank to analyze whether there are any similarities between the client in the onboarding process with people, companies, or entities found in any internal/external black list. It is also possible to include “negative news” related to events or activities subject to screening.
Relationships Analysis: It allows the discovery of hidden patterns and relationships graphically, facilitating the investigation processes, as well as the detection of organized crime networks. Additionally, it allows fraud detection in the different stages of the business process, such as sales and origination.
The bank must have the ability to reject a transaction that displays sufficient characteristics to be classified as fraud or high risk, precisely at the authorization time. This is the second anti-fraud barrier:
Real Time: It is the ability to assess complex events through transactional analysis in real time, making it possible to analyze the transaction and all its data based on different conditions, such as parameters, statistics, and lists. It indicates the authorizer whether to continue or to reject the transaction in milliseconds.
Customers perform different types of transactions, some monetary like payments with checks, or transfers between accounts of the same institution, as well as non-monetary transactions, such as balance query, password change, address change, and others. Monitoring the various events performed by a client is essential to discover fraudulent behaviors that deviate from their usual behavior. Sentinel has a set of tools focused on early fraud detection and prevention:
Predictive Models Based on “Machine Learning”: It is a visual design environment for the immediate construction of predictive analysis models for fraud prevention. It has a complete library of supervised and non-supervised learning algorithms, data preparation and exploration, validation and model evaluation tools.
In addition, it provides a potent “Model Auto Generation” functionality that enables Sentinel to create and train multiple models automatically, compare their results, and allow the user to determine which it wishes to set up in a production environment. Being a data scientist or an expert in mathematics or statistics is no longer required to use the most advanced ‘machine learning’ techniques.
Rule-Based Models: The system sets forth a modern and completely graphical rule editor, making it easy for the user to build models: it groups conditions, includes lists, multiple statistical conditions, complex analysis patterns, data processing, and others. The expert users can also employ formulas about conditions, facilitating data manipulation and rule results.
It allows the generation of individual profiles for each alert objective (customer, financial product, branch, etc.), defined as statistical indicators based on the transactional behavior of each of them. These profiles can be used as input in the configuration of the rule-based fraud detection models.
Dynamic Behavior Patterns: It is a new proprietary technology of Sentinel that allows the automatic definition of the usual profile of the client and of the population it belongs to. In this way, the system generates an alert in the event the behavior detected is ‘unusual’ for the client or ‘atypical’ for the population it belongs to.
Geolocation: It analyzes different aspects related to the usual location of customers, their Internet service providers, connection types, zip code, country, region, city, and other attributes. The access data generated from the IP address of the customer and recorded in Sentinel can be used in forensic or criminal investigations, in audits and as evidence in criminal procedures.
Actions: The system allows a series of online preventive actions generally addressed to the customer, their products or transactions. They can be automatic, executed by the system based on the decision of a model, or manual, when a system user so determines. Some examples include the request to block a checking account, disable access to the electronic branch of the Bank, or unblock the debit card of the client.
The analysts have queries or viewers that allow them to view unusual activity with multiple inputs useful in the decision-making process:
a. Filter by date range
b. Alert objective
c. Filter by alert status
d. Advanced filter
e. Transaction assessment scores
f. Behavior profile
g. Rules for transaction alerts
The supervisors and analysts can have strategic control of the whole operation of the fraud prevention department by observing the following key indicators:
a. Pending alerts
b. Average attention time
c. Alerts marked as fraud
d. Alerts referred to investigation
e. Alert resolution times
Once the analyst reviews the activity suggested as suspicious by the system, they can generate cases to follow-up on the suspicious transactions and record all the actions during the investigation process.
The investigation case is the digital file that helps track the entire process of managing unusual activity of the client:
It offers a control board to view: