Data & Analytics

11:06 AM
Mike Gross, 41st Parameter
Mike Gross, 41st Parameter
Commentary
50%
50%

Managing Risk With Big Data & Analytics

There is no question that the sheer volume of available information has made countless industries more efficient and more effective.

Big data has transformed the way organizations analyze and optimize their internal and external business processes. For banks, data analytics tools and technologies have been particularly effective, especially for combatting risk and fraud.

Predictive analytics has been a part of most banks’ risk and fraud management systems for some time -- either via third-party identity verification and transaction risk-assessment solutions or through internally developed big-data engines. In both cases, these systems aggregate information from multiple sources so it can be analyzed in new, more effective ways. These solutions allow banks and issuers to gain greater visibility into customer behaviors and better assess the potential for risk. The information from these systems can provide fraud teams with real-time risk intelligence, which allows them to make better decisions based on hundreds or even thousands of risk variables.

Mike Gross, 41st Parameter

Over time, greater data accessibility and better analytic capabilities have changed -- and continue to change -- the way banks measure and calculate risk. While most large financial institutions were already considering stronger online authentication controls, the 2011 supplement to the Federal Financial Institutions Examination Council (FFIEC), "Authentication in an Internet Banking Environment," essentially mandated that organizations implement layered security models to help curb the risk of account takeover. This pushed corporations to implement new systems that offered unique insights into customer behaviors and hardened defenses against increasingly sophisticated and persistent attackers.

Of course, this drive for more data had a drawback -- many institutions added tools or risk attributes without a plan for integrating the functionality into existing data sources. This approach stranded much of the potential benefit in a single fraud prevention silo. In recent years, banks have taken enormous steps forward in integrating systems and connecting disparate data sources into large data warehouses that use big-data tools to bring together insights from all customer channels instantaneously. This represents a game-changing evolution in risk management, since organizations now have much broader and deeper visibility into customer relationships and can better target both marketing and fraud prevention efforts by leveraging this integrated data view.

While traditional data sources like identity verification, transaction history, and information from credit bureaus continue to be essential for risk management and compliance, attackers have become increasingly creative about devising new methods to defeat customer-identity based security. In addition, large data breaches have become so widespread that criminal rings have a virtually unlimited supply of compromised identity data -- including usernames and passwords -- that allows them to pass simple authentication methods.

This reality has driven many banks and e–commerce merchants to deploy complementary solutions like device intelligence, anomaly detection, and malware detection as additional layers in their risk evaluation process. These tools are fundamentally different from standard identity or credit–based systems because they assume that all identity data and account credentials have been compromised. As a result, these systems are used to evaluate risk based on device attributes, a consumer’s typical purchasing or credit behaviors, or signatures indicating the presence of malware.

However, scale continues to be an issue. Recent mega-breaches are often precursors to large-scale attacks that are identified by network monitors, systems, or individuals responsible for managing risk. But because there is such a high volume of attacks against major corporations, important clues may be missed, and the most critical threat information may not reach the team or executive responsible for protecting the organization in a timely fashion.

To combat this problem many institutions have brought information security professionals into the boardroom. Whether they have a chief risk officer or chief information security officer, executives recognize that big data and its real-time intelligence capabilities are incredible assets if the insights they enable are immediately available to be applied through new processes, risk rules, and defense mechanisms. That is why it is so important for organizations to have cross-enterprise visibility into customer activities whether online, via mobile devices, through call centers, in-branch, or through the millions of online and POS transactions.

Attackers can take advantage of even the single smallest lapse in security, leaving an organization vulnerable to fraud or the compromise of customer data. Integrating large volumes of customer data seamlessly and in real-time will be an ongoing challenge for large corporations. There are some effective approaches that highlight how putting the right information in front of the appropriate team can make a world of difference. 

Data and analytics tools will undoubtedly create new opportunities for improving risk detection and prevention, so it's never been more critical for financial institutions to continue their leadership in adopting these technologies to stay a step ahead of cyber criminals.

-- Mike Gross is Global Risk Strategy Director at 41st Parameter.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Byurcan
50%
50%
Byurcan,
User Rank: Author
8/15/2014 | 9:27:52 AM
Re: A well designed data analytics strategy
Thanks for posting, looks to be some interesting info here.
JaCa
50%
50%
JaCa,
User Rank: Apprentice
8/14/2014 | 10:27:45 AM
A well designed data analytics strategy
The breadth of data collected by today's information technology system is staggering.  a well designed data analytics strategy can strengthen your internal controls and proactively manage risk in a globalized economy. I work for McGladrey and there's a very informative whitepaper on our website that readers of this article will be interested. @ Data analytics is a powerful fraud prevention and policy enforcement tool  

http://mcgladrey.com/content/mcgladrey/en_US/what-we-do/services/financial-advisory/forensic-accounting-and-fraud-investigations/data-analytics-is-a-powerful-fraud-prevention-and-policy-enforce.html
Register for Bank Systems & Technology Newsletters
White Papers
Current Issue
Bank Systems & Technology Oct. 14, 2014
Bank Systems & Technology's new Must Reads is a compendium of our best recent coverage of customer analytics. Learn what big data means for banks, meet Wells Fargo CDO Charles Thomas, find out how to connect with your Gen Y customers, and more.
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.