“It’s A Responsibility For Us All” Derek Dempsey On The Fraud Industry: Part One

Rosalind Madge our consultant managing the role
Posting date: 2/26/2019 9:31 AM


Derek is a Director of Fraud Analytics for leading fraud analytics software provider, FICO. With a background in Philosophy, he is passionate about the application of advanced analytics in furthering the Fraud industry. I recently met with him to discuss the latest Fraud trends, tools and challenges for the industry.


Fraud is an ever changing landscape. What trends do you anticipate for the next 12 months and beyond? 

It is ever-changing indeed. As other routes are shut down, we will see new Fraud attacks that reflect the changing payments landscape and the continuing shift to digital, mobile and the introduction of new players due to PSD2.

For example, we’ve seen a significant shift in card Fraud following the introduction of chip and pin towards card not present or ID Theft and Application Fraud. We’re also seeing Fraudsters using AI to mount ever-more sophisticated attacks. 

From a Fraud Detection perspective, this has led to a convergence of Fraud teams towards a more holistic financial crime approach, as well as increasing use of AI techniques alongside requirements for greater explainability. 

What are the biggest risk areas for businesses to be aware of? 

I’d say one of the main areas is the risk of data breach through hacking and internal leaking. 

In terms of cyberattacks, companies may feel that they can address this fairly readily. However, they need to be vigilant as hackers have some very sophisticated techniques at their disposal. FICO have recently introduced some of our AI fraud techniques into the cybersecurity domain to combat this.  

However, internal leaking probably causes bigger issues. This is more often due to social engineering than a malicious internal leak but these types of breach are difficult to detect. You need an additional level of control to detect unusual, but permitted, activity and this is challenging.  

Financial Service organisations also need to be aware of risk areas associated with new products and services. The proliferation of mobile payments and new account and payment service providers in the new PSD2 ecosystem marks another shift in payment services and this will bring in many new players. However, new products tend to be targeted by professional fraudsters.  So while we all like the greater ease and convenience, anti-Fraud measures need to keep on top of this. 

For aspiring Fraud-fighters, what skills do you think are key to being successful in the industry? 

It varies really. I got into this because I’d previously been a mathematics lecturer and then did a Master’s in AI and Cognitive Science. Fraud was, and remains, one of the best areas to apply these skills and techniques. Certainly it helps to have a Mathematical or Statistical background, but ultimately a problem-solving mindset is what really matters. 

The modern-day Data Scientist needs to be equipped with a range of technical skills to be effective, so it is useful to understand Big Data technologies such as Hadoop and Spark and how to interact with cloud-based services. Python and R have become the key analytical programming languages. Visualisation is also important so its useful to have skills in this as well. 

Soft skills are probably not the most important when it comes to Fraud Analytics but communication skills are essential - you need to work in teams and be able to ask questions and provide answers to others. Primarily, you need the ability to interrogate your Data, understand what it actually represents, understand its source and its reliability. And you need to do all this whilst keeping in mind your business objectives.

It's well known that Fraudsters are sharing their approaches, so why is the industry not? 

There are examples of sharing in industry. In the UK we have CIFAS which is one of the leading organisations for Data sharing and this provides a great service to its affiliated businesses. We have the IFB and other organisations that are based on sharing Data. The introduction of cloud-based technologies should encourage companies to share more and FICO have invested heavily in a cloud-based strategy. The next generation of FICO's flagship Falcon fraud product, Falcon X, is a flexible cloud-based, platform solution. 

However, a lot of information is currently held by the commercial sector which limits how much sharing can be done. There are many companies who provide specialised Data on email addresses, devices, IPs but all of this is under a commercial umbrella and companies do need to protect assets that they have built up over many years of research.  But most businesses do support sharing activity and see that that it’s to their benefit and there is definitely a willingness there. 

Personally, I would like to see more sharing in terms of guidance, education and awareness to customers. This is a responsibility for all of us in the sector and we need to be more proactive than just leaving information sitting on a website. Companies should be under greater pressure to provide this awareness training and, if they do, I would predict a significant reduction in certain types of fraud. 

There were a string of high profile Data breaches in the news last year such as Facebook and Carphone Warehouse. Do you think businesses are doing enough to protect customers?

I don't think so. Obviously this something we take this very seriously and, for us, most of the Data we use is anonymised so we already minimise the risk. I know that banks are investing very heavily in this and being proactive as, more than anything, there’s a huge reputational risk to a large-scale Data breach. Other sectors probably need to do more however and all sectors can improve.

Hopefully GDPR will make a big difference within the EU. There are large fines for failing to take adequate measures. Other countries are adopting similar legislation and we’re seeing non-EU businesses embrace the same guidelines as well, so hopefully that will help. 

If you could change one thing in the industry, what would it be? 

I think increasing awareness and education would make a big difference. One company I worked with mounted a big customer campaign and it made a huge impact in driving down Fraud. I think this is an underrated area. I'm aware that the FCA and other industry bodies such as IFB do produce materials but I think much more could be done.

It perhaps goes without saying that I also think that increased usage, and better usage, of Data and Advanced Analytics is crucially important to reducing levels of fraud.

Derek spoke to Senior Consultant, Rosalind Madge. Get in touch with Rosalind or take a look at our latest job opportunities here.

Related blog & news

With over 10 years experience working solely in the Data & Analytics sector our consultants are able to offer detailed insights into the industry.

Visit our Blogs & News portal or check out the related posts below.

How Will New Financial Risk Regulations Affect European Banks?

How Will New Financial Risk Regulations Affect European Banks?

The financial crisis of 2007-2008 changed banking. The world moved from taking mortgage loans in our dogs’ names to introducing strict regulations for banks prohibiting them from giving out loans to “anyone” without assessing Risk properly. In 2010 the Basel Committee on Banking Supervision (BCBS) introduced BASEL III, a regulatory framework that builds on BASEL I, and BASEL II. This framework changed how banks and financial institutions asses risk. It introduced an Advanced Internal Rate Based Approach (Commonly known as the AIRB approach).  Now, the committee has introduced new changes and, by 2022, all banks and institutions will have to implement the revised IRB Framework, as well as new revised regulations for the standardised approach, CVA Framework and new frameworks for Operational Risk and Market Risk. So, what does this mean for those working Risk? Change Is Coming Change is inevitable, no matter what you do. If you work in Risk Management and Compliance, change is something you can expect to happen, often. As mentioned above, by 2022 there will be lots of changes. The Basel Committee calls this initiative the “finalised reforms”, or BASEL IV which builds on the current regulatory framework BASEL III. Quickly summarised, the changes limit the reduction in capital that effect banks IRB models.  This change is predicted to impact banks in Sweden and Denmark the most, with estimations that capital ratio will fall by 2.5-3%, far higher than the 0.9% expected for the average European bank.  So what does all this mean for Swedish and Danish banks?  What’s Happening Now? One of the main things that Swedish and Danish banks need to revise for these new regulations, are their internal models. The new regulations introduced a new definition of Probability of Default, measured through a model commonly known as a PD model. Effectively this means that every bank must “re-develop” their internal PD Models in the IRB approach. Consequently, we are already seeing a clear response from the banks in their strategies moving forward. It has already become quite apparent that many banks are looking to make IRB model development their focus for 2019-2020 and 2021. This has resulted in a boom in the hiring space for developers with experience in IRB Modelling and Credit Risk Modelling in general, which in turn has led to high demand in the face of the low supply of these types of candidates. Understandably aware of this, modellers are now looking to negotiate higher salaries.  What You Can Do  For candidates that hold the right experience, there are good opportunities at hand. If so inclined, they can utilise this chance to finally see if the grass actually is greener on the other side, or not. However, there are a couple of things worth considering before making a move.   Firstly, are you actually keen on switching jobs? Your skills are probably equally in demand at your current employer and, if you are having doubts about moving from the get-go, you may well be able to negotiate a rise without pursuing a new opportunity. However, if you are serious about finding something new, this is a great time to do so. The majority of banks have found that these new regulations are creating an unsustainable workload,  and are now looking for talent externally to expand their teams. This means that the experienced modeller can pretty much have their pick of the litter.  Furthermore, if you are a junior modeller, there are now plenty of opportunities for you to enter a niche area known for being exciting and innovative. So, wherever you are in your career, these regulatory changes  are likely to have a large impact and open up new avenues for you to explore.   We all know that regulations in banking and finance are now essential, we all agree, even if they can be a little frustrating. However, what people often fail to think of are the opportunities new regulatory requirements create. In the case of BASEL IV, we’re already seeing an increase in demand for strong talent, and a demand for people who are passionate about Risk Management and model development.  For businesses, new regulations also provide the chance to not only improve their teams, but to  create new models that can be utilised to optimise and automate. A lot of financial institutions are already aware of this and are using these models to gain competitive advantage over their competitors, as well as to stay one hundred percent compliant.  If you’re looking to build out you Risk Management team or take on a new Risk opportunity for yourself, we may be able to help. Take a look at our latest opportunities or get in touch with one of our expert consultants to find out more. 

How to get ahead in Risk Analytics

How To Get Ahead In Risk Analytics

In the world of Risk Management, top talent is always in high demand. Despite this, those who specialise in area know that progression can be difficult and, according to our 2019 Salary Survey, is the slowest in the industry. So, how can you differentiate yourself from the competition, and what steps can you take to make yourself the ideal candidate for that promotion or new job you’ve been hunting?  Whether you are looking to move somewhere new, or trying to climb the ladder in your current company, here are some ways that you can make sure you stand out.  Stay one step ahead in tech Traditionally, the Risk Analytics tech stack has comprised of SAS, SQL and VBA. SAS and SQL remain very much present, but we are also seeing a clear increase in the use of Open Source programming languages, such as R and Python. Unsurprisingly, a lot of Risk Modellers and Analysts are now spending their time in developing their skills in these languages. One might argue that if you know one language, there’s not too much work required to upskill in another when you take on a new role, but this isn’t necessarily true. By being proactive and evolving your skillset in your current position, your CV will have a much bigger impact when it lands on a Hiring Manager’s desk.  Over the past few years, we’ve also seen the arrival of Machine Learning and AI in the world of Risk. Whilst many businesses are still slow to embrace these technologies, do not be surprised to see them make a big impact over the next couple of years. Risk Analytics are catching up to the rest of the industry in regards to technology, and having the knowledge and skillsets required in these areas before they take off will only enhance you profile.  Business-driven Data  In the world of Risk Analytics, it is easy to think that if you have the right programming and analytical skills in the right tools, you’ve all got all you need. You might be off to a really good start, but there’s more to it than that. It about having the balance.  Yes, being data-driven and understanding complex model development is crucial to becoming a good performer in this industry but, what truly separates the good from the great, is business acumen. The ability to understand both what your analytics and models do, and how they impact the overall business is now at the top of most Hiring Manager’s lists.  A person with good quantitative skills will always see something that can be improved, but they also need to know when to stop and be happy with the result. The key to getting this right lies in their understanding of the business and the ability to answer questions like “If I sit and work on this for 8 more hours, will the real-world difference be worth that amount of time and resource?”. By viewing things through the prism of cost vs reward, and understanding that balance, you can demonstrate that your value to a business goes beyond your analytical skills.  React, adapt and attract In this world there are a few things we can take for a certainty; the sky is blue, it will rain on your day off, and there will always be new regulations for financial institutions. Because of the certainty of change, a key thing employers look for in candidates is the ability to react quickly and make changes as soon as they are needed. Fast growing companies such as Klarna, tink and iZettle may seem like fairy-tale success stories, but the real edge they have is their adaptability and agile culture. Whereas some traditional corporations and banks have lengthy and complicated processes required before they adapt to new regulations, these new companies embrace their agility and get things done.  The ability to be agile and adaptable is, therefore, something that a lot of businesses are starting to realise is key. Therefore, if you’re looking to get ahead, you should try to evolve these qualities in your working ways. If you are looking for something new, look to prove you are driven and do not fear change. If you can demonstrate that you are able to work with a business-oriented mindset and embrace change, you’ll stand out as a key player in your team.  Specialist vs Generalist  With the world of Risk Management offering a number of opportunities to become very specialised in very niche areas, it’s worth considering whether this approach is right for you. There are some definite pros, for example, if you are the best developer of PD models for non-retail, you will be highly sought after for roles in this area. Plus, high demand, and a shortage of skillsets means that you will be in a good position to seek a high salary and lots of benefits. However, this does mean that you are likely to only have the opportunity to work in this area for the foreseeable future and, for some, this can become repetitive and not provide enough of a challenge. Additionally, if you were ever were to apply to work in a new area because of this, you would likely find yourself overpriced and needing to take a step down in seniority.  The alternative, therefore, is to become more of a generalist, with a broader, but less advanced skillset. Think being able to play every instrument, but only knowing one song. There are definitely some clear benefits with this approach, not least the ability to work on a diverse set of projects, gain an excellent understanding of how Risk Management affects a business on every level, and be able to slot into a number of roles easily. You will also gain a better idea of which areas of Risk that you like, and which parts you dislike. Whilst many analysts begin as generalists before looking to specialise when they get promoted, they often find that their knowledge will not be as deep as their specialist counterparts. Therefore, it is likely they will have to take a step-down or make a sideways move before they can achieve that promotion.  There is no right or wrong when it comes to the specialist vs generalist argument. However, for those looking for faster progression early-on, a generalist approach may be better suited despite the fact that you may need to change approach before reaching the most senior levels.  Whilst demand will always be high for the best candidates, competition for promotions and senior roles in Risk Analytics remains fierce. Therefore, by proactively thinking about the ways that you work, how effective you are, your business focus, and what your ambitions are, you should be able to get the most out of your career.   If you’re looking to get ahead in Risk Analytics, we may have a role for you. Take a look at our latest opportunities, or get in touch to see if we can help you take that next step. 

RELATED Jobs

Salary

£50000 - £55000 per annum + benefits

Location

London

Description

An opportunity to join a fast paced, innovative company experiencing continuous triple figure yearly growth.

Salary

£25000 - £30000 per annum + Bonus + Benefits

Location

Skipton, North Yorkshire

Description

We are working with a start up Fintech in the Skipton area. they are seeking a fraud and Chargeback analyst.

Salary

£70000 - £85000 per annum + competitive benefits package

Location

London

Description

Are you looking for exposure and variety in the fraud industry? We are looking for an experienced fraud professional with analytical and modelling.

Salary

£90000 - £160000 per annum + Bonus + Benefits

Location

City of London, London

Description

We have a brand new role available with one of the fastest growing boutique Consultancy Firms in the UK. They are seeking a Director of Forensic Analytics

recently viewed jobs