“It’s A Responsibility For Us All” Derek Dempsey On The Fraud Industry: Part One

Rosalind Madge our consultant managing the role
Posting date: 2/26/2019 9:31 AM


Derek is a Director of Fraud Analytics for leading fraud analytics software provider, FICO. With a background in Philosophy, he is passionate about the application of advanced analytics in furthering the Fraud industry. I recently met with him to discuss the latest Fraud trends, tools and challenges for the industry.


Fraud is an ever changing landscape. What trends do you anticipate for the next 12 months and beyond? 

It is ever-changing indeed. As other routes are shut down, we will see new Fraud attacks that reflect the changing payments landscape and the continuing shift to digital, mobile and the introduction of new players due to PSD2.

For example, we’ve seen a significant shift in card Fraud following the introduction of chip and pin towards card not present or ID Theft and Application Fraud. We’re also seeing Fraudsters using AI to mount ever-more sophisticated attacks. 

From a Fraud Detection perspective, this has led to a convergence of Fraud teams towards a more holistic financial crime approach, as well as increasing use of AI techniques alongside requirements for greater explainability. 

What are the biggest risk areas for businesses to be aware of? 

I’d say one of the main areas is the risk of data breach through hacking and internal leaking. 

In terms of cyberattacks, companies may feel that they can address this fairly readily. However, they need to be vigilant as hackers have some very sophisticated techniques at their disposal. FICO have recently introduced some of our AI fraud techniques into the cybersecurity domain to combat this.  

However, internal leaking probably causes bigger issues. This is more often due to social engineering than a malicious internal leak but these types of breach are difficult to detect. You need an additional level of control to detect unusual, but permitted, activity and this is challenging.  

Financial Service organisations also need to be aware of risk areas associated with new products and services. The proliferation of mobile payments and new account and payment service providers in the new PSD2 ecosystem marks another shift in payment services and this will bring in many new players. However, new products tend to be targeted by professional fraudsters.  So while we all like the greater ease and convenience, anti-Fraud measures need to keep on top of this. 

For aspiring Fraud-fighters, what skills do you think are key to being successful in the industry? 

It varies really. I got into this because I’d previously been a mathematics lecturer and then did a Master’s in AI and Cognitive Science. Fraud was, and remains, one of the best areas to apply these skills and techniques. Certainly it helps to have a Mathematical or Statistical background, but ultimately a problem-solving mindset is what really matters. 

The modern-day Data Scientist needs to be equipped with a range of technical skills to be effective, so it is useful to understand Big Data technologies such as Hadoop and Spark and how to interact with cloud-based services. Python and R have become the key analytical programming languages. Visualisation is also important so its useful to have skills in this as well. 

Soft skills are probably not the most important when it comes to Fraud Analytics but communication skills are essential - you need to work in teams and be able to ask questions and provide answers to others. Primarily, you need the ability to interrogate your Data, understand what it actually represents, understand its source and its reliability. And you need to do all this whilst keeping in mind your business objectives.

It's well known that Fraudsters are sharing their approaches, so why is the industry not? 

There are examples of sharing in industry. In the UK we have CIFAS which is one of the leading organisations for Data sharing and this provides a great service to its affiliated businesses. We have the IFB and other organisations that are based on sharing Data. The introduction of cloud-based technologies should encourage companies to share more and FICO have invested heavily in a cloud-based strategy. The next generation of FICO's flagship Falcon fraud product, Falcon X, is a flexible cloud-based, platform solution. 

However, a lot of information is currently held by the commercial sector which limits how much sharing can be done. There are many companies who provide specialised Data on email addresses, devices, IPs but all of this is under a commercial umbrella and companies do need to protect assets that they have built up over many years of research.  But most businesses do support sharing activity and see that that it’s to their benefit and there is definitely a willingness there. 

Personally, I would like to see more sharing in terms of guidance, education and awareness to customers. This is a responsibility for all of us in the sector and we need to be more proactive than just leaving information sitting on a website. Companies should be under greater pressure to provide this awareness training and, if they do, I would predict a significant reduction in certain types of fraud. 

There were a string of high profile Data breaches in the news last year such as Facebook and Carphone Warehouse. Do you think businesses are doing enough to protect customers?

I don't think so. Obviously this something we take this very seriously and, for us, most of the Data we use is anonymised so we already minimise the risk. I know that banks are investing very heavily in this and being proactive as, more than anything, there’s a huge reputational risk to a large-scale Data breach. Other sectors probably need to do more however and all sectors can improve.

Hopefully GDPR will make a big difference within the EU. There are large fines for failing to take adequate measures. Other countries are adopting similar legislation and we’re seeing non-EU businesses embrace the same guidelines as well, so hopefully that will help. 

If you could change one thing in the industry, what would it be? 

I think increasing awareness and education would make a big difference. One company I worked with mounted a big customer campaign and it made a huge impact in driving down Fraud. I think this is an underrated area. I'm aware that the FCA and other industry bodies such as IFB do produce materials but I think much more could be done.

It perhaps goes without saying that I also think that increased usage, and better usage, of Data and Advanced Analytics is crucially important to reducing levels of fraud.

Derek spoke to Senior Consultant, Rosalind Madge. Get in touch with Rosalind or take a look at our latest job opportunities here.

Related blog & news

With over 10 years experience working solely in the Data & Analytics sector our consultants are able to offer detailed insights into the industry.

Visit our Blogs & News portal or check out the related posts below.

Why Businesses Need To Put Fraud Prevention Front And Centre

If Fraudsters are anything, they are opportunists. Once the first new stories about COVID-19 started running, it wasn’t long until they were joined by tales of fraudsters selling face masks and hand sanitiser, asking panicked customers to transfer money and then disappearing without a trace.  And it’s not the first time we’ve seen this. Fraudsters are notoriously wise to periods of heightened sensitivity and uncertainty, often preying on the vulnerable. The 2008 financial crisis saw an increase in email-based phishing scams and a decade’s worth of technological advancements means that Fraud remains a many-headed beast.  Add into the mix a change in working styles and environments, and many businesses are more exposed to potential security breaches than they have been in years. Now, more than ever, companies need to make sure their Data is well protected and secure. THE FIRST LINE OF DEFENCE If you’re part of, or leading, a Fraud Prevention team, there are a number of ways you can support your business and keep on top of the situation. Here are just a few: Increase and update your investigation capacity. This team are the front line of your business’ Fraud defence team, interacting with customers daily and spotting new scams. During an uncertain period, retention and team stability is key. These are the people that understand the day-to-day Fraud challenges you face and will be essential in fighting any future challenges.  Sharing Fraud Prevention knowledge is key. Throughout this crisis, trends will be evolving quickly and working collaboratively across teams, and even other businesses, is the best way to combat this. We consistently hear from Fraud Managers that the key to beating Fraud is to share information and knowledge. Despite this, there is always a hesitation amongst companies to admit that they have been a victim to an attack. Perhaps now is the time to change this. Invest in Machine Learning and real time updates for your Fraud defences. Fraud technology has moved on from script writing in SQL and rule changes. Businesses need a real time reactive response and now is an important time to be embracing new technologies. There are a number AI-driven off the shelf packages available or, for a more bespoke solution, a Fraud Data Scientist can create something internally. Educate your team. It may seem simple, but the Fraud team can play a crucial role in minimising any potential risk from human-error. Educating employees on the risks they may face when working remotely, or what scams they need to look out for, is one of the most effective ways of fighting Fraud.  PREPARING YOUR BUSINESS Success in the fight against Fraud isn’t purely down to the group of individuals that make up the Fraud team. As a business, now is the time to be making decisions that can help you stay ahead of the Fraudsters. Here are some considerations: Consider investing in tech as an your immediate response. Not just to bolster your Fraud defences (although there are plenty of vendors offering AI-based solutions), but also technology for your employees to keep work as normal as possible such a sharing platforms, DevOps technology and video calling networks. One of the best ways to block some of the vulnerability loopholes fraudsters are trying to exploit is to keep working habits as close to normal as possible as you move to a remote solution. Be transparent with your customers. Consumers are being incredibly savvy and noting how businesses respond to the pandemic in a way that could have a big impact when normality returns. But they’re also being more empathetic and are willing to understand difficulties. For example, shopping delivery service Ocado were open and transparent when their system could not initially deal with demand. Having communicated the difficulties, worked through their issues and gone the extra mile to let customers know how they can be supported in this time, the received minimal backlash. There is an understanding that we’re all in this together. Finally, if you have the budget, continue to staff up - particularly in competitive fields such as Data Science. A lot of top Data professionals are currently at home and much more accessible than they have been in a long time. With a number of ways to remotely interview and onboard both permanent and contract staff, if you are able to get begin conversations with them now, you’ll have an edge in what will be a very competitive market come later in the year.  If you’re looking to take your next step in the world of Fraud, we may have a role for you, including a number of remote opportunities.  Or, if you’re looking to expand and build out your Fraud team, get in touch with one of expert consultants who will be able to advise on the best remote and long-term processes. 

How Will New Financial Risk Regulations Affect European Banks?

How Will New Financial Risk Regulations Affect European Banks?

The financial crisis of 2007-2008 changed banking. The world moved from taking mortgage loans in our dogs’ names to introducing strict regulations for banks prohibiting them from giving out loans to “anyone” without assessing Risk properly. In 2010 the Basel Committee on Banking Supervision (BCBS) introduced BASEL III, a regulatory framework that builds on BASEL I, and BASEL II. This framework changed how banks and financial institutions asses risk. It introduced an Advanced Internal Rate Based Approach (Commonly known as the AIRB approach).  Now, the committee has introduced new changes and, by 2022, all banks and institutions will have to implement the revised IRB Framework, as well as new revised regulations for the standardised approach, CVA Framework and new frameworks for Operational Risk and Market Risk. So, what does this mean for those working Risk? Change Is Coming Change is inevitable, no matter what you do. If you work in Risk Management and Compliance, change is something you can expect to happen, often. As mentioned above, by 2022 there will be lots of changes. The Basel Committee calls this initiative the “finalised reforms”, or BASEL IV which builds on the current regulatory framework BASEL III. Quickly summarised, the changes limit the reduction in capital that effect banks IRB models.  This change is predicted to impact banks in Sweden and Denmark the most, with estimations that capital ratio will fall by 2.5-3%, far higher than the 0.9% expected for the average European bank.  So what does all this mean for Swedish and Danish banks?  What’s Happening Now? One of the main things that Swedish and Danish banks need to revise for these new regulations, are their internal models. The new regulations introduced a new definition of Probability of Default, measured through a model commonly known as a PD model. Effectively this means that every bank must “re-develop” their internal PD Models in the IRB approach. Consequently, we are already seeing a clear response from the banks in their strategies moving forward. It has already become quite apparent that many banks are looking to make IRB model development their focus for 2019-2020 and 2021. This has resulted in a boom in the hiring space for developers with experience in IRB Modelling and Credit Risk Modelling in general, which in turn has led to high demand in the face of the low supply of these types of candidates. Understandably aware of this, modellers are now looking to negotiate higher salaries.  What You Can Do  For candidates that hold the right experience, there are good opportunities at hand. If so inclined, they can utilise this chance to finally see if the grass actually is greener on the other side, or not. However, there are a couple of things worth considering before making a move.   Firstly, are you actually keen on switching jobs? Your skills are probably equally in demand at your current employer and, if you are having doubts about moving from the get-go, you may well be able to negotiate a rise without pursuing a new opportunity. However, if you are serious about finding something new, this is a great time to do so. The majority of banks have found that these new regulations are creating an unsustainable workload,  and are now looking for talent externally to expand their teams. This means that the experienced modeller can pretty much have their pick of the litter.  Furthermore, if you are a junior modeller, there are now plenty of opportunities for you to enter a niche area known for being exciting and innovative. So, wherever you are in your career, these regulatory changes  are likely to have a large impact and open up new avenues for you to explore.   We all know that regulations in banking and finance are now essential, we all agree, even if they can be a little frustrating. However, what people often fail to think of are the opportunities new regulatory requirements create. In the case of BASEL IV, we’re already seeing an increase in demand for strong talent, and a demand for people who are passionate about Risk Management and model development.  For businesses, new regulations also provide the chance to not only improve their teams, but to  create new models that can be utilised to optimise and automate. A lot of financial institutions are already aware of this and are using these models to gain competitive advantage over their competitors, as well as to stay one hundred percent compliant.  If you’re looking to build out you Risk Management team or take on a new Risk opportunity for yourself, we may be able to help. Take a look at our latest opportunities or get in touch with one of our expert consultants to find out more. 

RELATED Jobs

Salary

660000kr - 760000kr per annum + BENEFITS

Location

Stockholm

Description

Want to use your analytical programming skills to develop models to the next level? This opportunity offers you just that chance! Apply now!

Salary

£45000 - £60000 per annum + car allowance + bonus

Location

London

Description

A highly regarded technology company specialising in defence are looking for a Fraud SME to join their Insurance and Financial Services team.

Salary

£70000 - £80000 per annum

Location

London

Description

Exciting new opportunity to join one of the leading banks!

recently viewed jobs