The power of data sharing in preventing fraud

Incredibly in 2017 the UK Office for National Statistics reported that fraud or cybercrime accounts for half of all crime in the UK. The Crime Survey for England and Wales estimated that in 2017 there were 5.8 million crimes in the year ending June 2017. However, once estimates of fraud were included the number rose to 10.8 million, with over half of all fraud offences being perpetrated online.

It doesn’t take a Computer Scientist to work out why cybercrime and online fraud is so attractive to criminals. Pre-Internet the UK Police used to estimate that the average bank robbery would net the criminals involved around £25,000 - £30,000, and for those performing the robbery it was a high-stakes crime with a strong probability of being apprehended.

Fast forward to 2017 and the opportunities and risks have changed substantially.

Criminals can now walk away with substantial sums of money, obtained through a whole host of online fraudulent scams, with very little chance of actually being caught.

Some of the most common types of online fraud involves fraudsters exploiting weaknesses in fraud defences for both individuals and companies alike.1

82 % of companies that PwC defined as …“leaders said they collaborated with others to exchange intelligence to fast changing threats.

Individuals are most at risk currently from having their identity stolen so that these can be used to obtain funds from credit card companies or banks. Evidence of how significant identity fraud has become was found in the latest National SIRA fraud trends analysis for 2017 where as much as 51% of fraudulent activity involved identity fraud.

51% of fraudulent activity involved identity fraud

The sophistication with which fraudsters deploy scams to acquire someone’s identity is often incredibly impressive. Social engineering, as it is termed in the industry, involves a multi-pronged attack by a fraudster on an individual’s various online accounts to acquire the necessary information required to use that person’s identity.

On many occasions these type of attacks can take weeks or months to acquire the necessary information, and can even involve a combination of online and offline activity to build up the necessary details they need to acquire a ‘clean’ identity. Demonstrating both the cunning and patience of the attackers – but also the value that acquiring someone’s identity can be worth to them.

Similarly when it comes to businesses, fraudsters are equally devious and always testing the defences of them to see if there is a weakness they can exploit. Many fraud investigation teams will testify to experiencing waves of specific types of fraud attack, which will stop once the attackers have been consistently prevented. Only to see that type of attack reappear months, or years, later as fraudsters test defences again.

As the industrial scale of fraud and financial crime has become apparent it has also become obvious to those involved with trying to tackle the problem, that dealing with these threats needs to be a shared endeavour. Trying to deal with fraud in isolation, given the scale and complexity of the problem, is becoming an impossibility given the borderless world of online scams.

In his Mansion House speech in London in 20162 David Clark, National Lead for Fraud with the City of London Police said:

“Collaboration and information sharing is vital because fighting fraud and cyber-crime is often like trying to complete a jigsaw puzzle without knowing who has the next missing piece."

“It has to be all of us doing something, either by informing others about what we know as well as ensuring that we know all we can."

“We have never arrested a computer. The problem is never a computer. It is always a person, so it is only people who can help fix this problem by working together."

In their 2018 report - strengthening digital society against cyber shocks3 - Price Waterhouse Cooper’s (PwC) Head of Global Cyber Security Services, David Burg said:

“Businesses that excel in security are finding that sharing information about threats and collaborating with other organisations is very powerful."

“In our Global State of Info Security Report - 82 percent of companies that PwC defined as …“leaders said they collaborated with others to exchange intelligence to fast changing threats."

What works for security is no different when it comes to fraud. The banking and insurance industry in the UK have understood for some time that a big part of defending against fraud and other types of financial crime is about sharing intelligence to remove vulnerability.

Fraudsters are always looking to identify companies they can single out and exploit, particularly ones that have a weakness in their fraud defences by being outside the protection of a fraud collaboration service like National SIRA.

Now in its seventeenth year, National SIRA is one such shared fraud defence service that has acquired clients that represent a significant share of the Insurance and Banking sectors in the UK, with over 125 companies now feeding in adverse fraud data, on a daily basis, into its database.

One of the great benefits of being part of a data sharing syndicate like National SIRA is having access to some of the most up to date intelligence on cross sector fraud activity – in addition to being able to feed that insight into fraud defences to improve the ability to reduce losses and reduce the risks that a solo approach to fighting fraud represents.

During the last 17 years SIRA has helped to prevent over £3 billion in losses to fraud. Showing the power and effectiveness of a collaborative approach to fighting fraud.

SIRA has helped to prevent over £3 billion in losses to fraud

Mark Haslam, Head of Product at Synectics Solutions (the company behind SIRA), discusses the benefits of clients using the SIRA solution to prevent fraud. He said:

“We have a whole range of clients using SIRA from tier 1 banks and insurers to smaller underwriters, claims management firms, and lenders - as well as a host of other companies including; retailers, mobile phone network operators, online aggregators and trade vetting services."

“All of them derive immense benefit from having access to the National SIRA database, as well as the functionality that SIRA provides to help them manage their investigations more effectively."

“When a client deploys SIRA they often see a positive return on investment on the cost of deploying it (from the reduction in fraud losses) in very short timescales."

“As crazy as it sounds we have a number of major finance and insurance clients who have an annual return on investment on the cost of SIRA in the 000’s of percent - due to the significant sums that being part of the SIRA Syndicate helps them to prevent being lost to criminals."

With around 300 Million rows of ‘fraud’ intelligence that is updated on a daily basis by all of the SIRA syndicate clients the National SIRA database represents a beacon of best practice in terms of showing what can be achieved by industry coming together to tackle a problem that risks destabilising a fundamental part of our society.

Another interesting example of how sharing data and collaborative working is helping to deter fraudsters can also be found in the UK public sector with the British Government’s Cabinet Office National Fraud Initiative. This is an initiative that has been running for around 20 years and includes all Local Authorities in the UK working together to combat a whole range of public sector benefit and welfare fraud.

So far National Fraud Initiative has helped to prevent over £1.4 billion in losses

The National Fraud Initiative (NFI) has been running now for 21 years and has become a vital activity in helping the Cabinet Office to protect the public purse for the UK Government from fraud and error. Around 500 local authorities all feed data into the NFI to enable them to collaborate and identify potential fraud or errors across a whole range of benefits or welfare payments.

"using the right type of data, organisations can collaborate and share data to achieve common aims."

So far it has helped to prevent over £1.4 billion in losses and thanks to the continual investment it receives to evolve its capabilities the initiative continues to expand new tools which are now helping local authorities in the UK to adopt more sophisticated methods to prevent fraud from entering their systems in the first place.

Initiatives such as FraudHub and AppCheck, that have been developed by Synectics Solutions for the UK Cabinet Office, are creating the possibility for a whole range of public sector organisations to use the intelligence that the NFI provides to help them to decide how, and who, they want to collaborate with to enable them to create a data sharing strategy that will deliver the most relevance and value for their needs.

Darren Shillington, Senior Data Matching Manager at the Cabinet Office said:

“Public sector organisations are facing some very difficult decisions. Such as balancing the provision of quality services in the most cost effective way to the most vulnerable in society. Being able to cross match and check against the National Fraud Initiative data sets provides one of the most relevant and comprehensive data sources to help with these kinds of challenges. Drawing on the NFI in this way is of immense benefit."

Drawing on its huge experience of data sharing and collaboration systems Synectics Solutions is now exploring the opportunities that widening access to the NFI can bring so that private companies can also use the insight that this data can provide to help them refine their risk mitigation strategies.

With over 23 different data sets ranging from housing benefit claims, deceased records and other benefit recipient data - the opportunities for companies to use this insight to help them profile and reduce risk across a whole range of areas represents an incredible opportunity.

It’s also an opportunity that the UK Government is now starting to realise as it considers the scale of fraud that the UK economy is being subjected to while it tries to formulate a strategy that will start to tackle it and prevent fraud from undermining the UK economy.

By facilitating the use of both private sector and public sector data into a more holistic view organisations can create a truly 360 degree view of risk to help them reduce the likelihood that they will be affected by the growing threat of fraud of financial crime.

What often prevents organisations from tapping into the huge opportunities that collaboration and data sharing offers is a mixture of; not knowing how to go about approaching potential data sharing partners, a misunderstanding of what commercial threat sharing data may pose, concerns for incurring the wrath of the Information Commissioners Office (ICO) by breaching complex data protection regulations.

This is one area that Synectics Solutions has been able to build up a huge deal of experience in and can help to provide advice, consultancyand solutions that can allay these concerns to enable organisations, both public and private, to take advantage of the huge opportunities that exist to reduce risk, reduce costs and improve profitability by intelligent use of data collaboration.

Kevin Shanahan, Synectics Solutions Chairman, recently outlined how Synectics can help organisations overcome the barriers they perceive when considering sharing data. He said:

“The key for companies, or other institutions, is to have a clear understanding of what they can share [in terms of data] in order to achieve a goal that they cannot deliver by themselves.

Problems such as fraud, financial crime, are often issues that span whole industries or business sectors and just can’t be tackled alone.

By working with an organisation that can advise on how to share data that will help to tackle an issue holistically, without creating commercial conflicts of interest, is something that we at Synectics have spent over 25 years succeeding at with many globally recognised brands.

Done in the correct way, using the right type of data, organisations can collaborate and share data to achieve common aims.

Often all it requires is a clear agreement or identification of common goals and the software that can make use of the data that is provided - to make sure the information is turned into useful insight.

The results we’ve achieved with both the National Fraud Initiative, for the UK Government and the billions of pounds we have helped to save for the financial services sector, with our SIRA programme, is testament to what can be achieved."

FURTHER INFORMATION

If you are interested in finding out more about how SIRA from Synectics Solutions can be used in your organisation to help prevent, detect and investigate fraud, then please call 01782 664000 or email info@synectics-solutions.com

 

REFERENCES

1. Crime in England and Wales: year ending June 2017

2. Collaboration is key to fighting cyber crime, say UK police

3. Strengthening digital society against cyber shocks


Time to connect