Date post: | 18-Dec-2015 |
Category: |
Documents |
Upload: | juniper-wilcox |
View: | 220 times |
Download: | 0 times |
© Copyright Digital Harbor Inc 2005© Copyright IBM Corporation 2005
John E. Clark Executive ConsultantIBM Corporation
Financial institutions are being asked to investigate and manage threats like the CIA does, but are not equipped to do so.
Learn how ‘Composite’ investigative capabilities developed for national security can help you connect-the-dots across compliance silos to increase effectiveness and reduce risk
Austin WellsVice PresidentDigital Harbor Inc.
Are You Exposed?Are You Exposed?
2
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Today‘s Discussion: Applications of Semantic Web TechnologyEnterprise Investigation & Case Management
Part I: AML & Fraud Market Trends, Observations, & Conclusions- AML and Fraud are on the rise, with stricter scrutiny and increased cost of failure- A unified view across compliance functions (e.g. AML, Fraud, EDD) reduces cost & risk- Enterprise Case Management is essential in BSA, Patriot Act, & Basel II compliance
Part II: Example of a New “Compositing” Approach- National security techniques help FSIs fight money laundering, fraud, & security incidents- Technology: Ontology as the middleware to achieve semantic fusion- Lessons Learned: Integration and investigation must supplement workflow
3
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Total Funds Laundered WorldwideUS $ Billions
Spending Implications for FSIs
• Increased spending on personnel and systems to manage growing problem
• Increased risk of fines from regulation
830
926
900
890
855850
2000 2001 2002 2003 2004 2005
Source: Celent Research
28% North America
According to Tower Group, up to 30% of IT compliance spending is "waste.“ Its recommendation: “Integrated compliance systems that attack AML comprehensively”
Money Laundering is on the Rise:Arms race as FSIs increase spending to keep pace with activity
4
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Case management solutions for FS compliance
Call Center (typical case management)Objective: efficient and high quality process through:
- Automation to ensure proper procedures and time frames- Standardization of steps to ensure desired outcome- Integration of processes with context appropriate data
Assumptions: to achieve the objective, you must have:- Predictable process: definitively map the steps needed to ensure
desired outcome. Can be complex with decision points, but is primarily known.
- Known inputs: data needed to support decisions and outcome are known and defined before the process begins.
Investigations (compliance need):Objective: effectively mitigate risk to the enterprise by:
- Process: Skillfully and accurately executing established programs as required by the regulating entities (OFAC, 314, CIP, KYC, transaction monitoring, etc)
- Discovery: Uncovering and eliminating real risks in the enterprise (investigating unusual activity and suspicious entities)
Assumptions: to achieve this objective you must have:- Flexible process within controlled environment, objective rather
than step by step plan- Dynamic data discovery of all relevant data inside and outside
the enterprise, i.e. the ability to follow the trail using human cognitive skills, reasoning, and logic
The compliance need is really about supporting complex human decisions, in addition to automation of the predictable aspects of the process.
Within compliance investigations, there is a common requirement for case management. That is, there are multiple sources of unusual activity and there needs to be a consolidated process and capability to follow up on this information while enforcing regulatory requirements.
However, the Alerts and other sources of unusual activity are only the starting point. The biggest challenge is conducting a high quality and consistent investigative process to facilitate intelligent human decisions.
5
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Fraud is on the Rise:Quantity and variety of frauds schemes are growing exponentially
POS
Fraud
DepositFraud
CheckFraud
OnlineBanking
InternetFraud
NewAccount
Phishing
MassTakeover
IdentityTheft
Insider
Smurfing
Credit
Abuse
Kiting
Forgery
AccountTakeover
Altera
tions
Counter-Feiting
Tele-Marketing
Credit Card
FraudLoanApplications
…and even when we deploy solutions, we don’t connect them in ways that allow one
silo to know what is happening in another silo
6
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Recap for Mary Smith
034893-3544 transfer $7,703.00
099349-3554 new loan $5,000.00
074493-5456 withdraw $8,723.00
049793-5834 withdraw $8,374.00
034893-3544 withdraw $995.00
049793-5834 withdraw $5,897.00
Key Management Challenges:Cross Account Visibility
Mary’s accounts are being drained. + New borrowing
+ She’s usually a saver! = Trouble, visible only across accounts
Consumer Loan Log034207-9485 new loan $847.00
053284-4335 new loan $3,230.00
049793-5834 balance inquiry
099349-3554 new loan $5,000.00
Equity Line Log
073837-4634 payment $50.00
093245-3454 balance inquiry
049793-5834 withdraw $8,484.00
074493-5456 withdraw $8,723.00
Credit Card Log
034207-9485 transfer $847.00
053284-4335 deposit $3,230.00
093245-3454 balance inquiry
049792-4334 withdraw $8,374.00
023428-0044 withdraw $880.00
034893-3544 withdraw $995.00
034893-3544 transfer $7,703.00
Debit Card Log
034207-9485 deposit $847.00
093245-3454 balance inquiry
024393-5543 transfer $8,923.00
023428-0044 withdraw $880.00
049793-5834 withdraw $5,897.00
049793-5834 withdraw $8,374.00
7
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Example: AML & Fraud Investigation
For any suspicious event, analyst needs to know…
• what (Transaction Alert)• where (Branches)• which (Transactions)• when (Frequency) • why (Associate Links)• who responds (Managers)
Need to relate—not just copy—information from
many sources
CRM GISBI Tools ALERTSACCOUNTS
8
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
AML KYCSEC 17a-4,
NASD
Settlement Research
Compliance
Sarbanes Oxley
Basel IIFraud
Surveillance
Risk & Compliance Dashboard Workload Monitoring X X X X X X X Process Control X X X X X X X Reporting X X X X X X X
Case Management & Collaboration X X X X X X X
Business Rules & Workflows X X X X X X X
Information Integration & Correlation X X X X X X X
Query and Train-of-Thought Analysis X X
Government Reporting X X X X X X
Patriot Act SEC
Common Capabilities Needed Across Risk & Compliance Functions
“Companies that select individual solutions for each regulatory challenge they face will spend 10 times more on IT portion of compliance projects than companies that take on a proactive and more integrated approach.” -Gartner
9
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
AlertCapture
Investigation
22
11
33
44
55
!
Case Management
Contextual Collaboration
Event Resolution
- A “compositing” problem
- Integrate many detection systemsin AML, Fraud, Op Risk, EDD, SOX
- Logically map to multiple sources
- Flexible: not just alerts, but other data, docs, web, images, email
- Real-Time Correlated View
- Customizable to fit situation
Holistic View of Risk & Compliance
Detection Software Alone is Not Enough: Must Investigate & Respond
RiskResponse
Cycle
Lessons Learned in National Security:Not just work items to be processed…Risks to be investigated.
10
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Within silos, you need information from many sourcesResponding to any individual AML or Fraud alert, conducting enhanced due diligence, or assessing
operational risk requires information from many sources to get the “complete picture”.
Investigation = Composing a Picture
To respond to any event, you look at many sources to compose a picture of the situation:
• Detection tools• Internal databases• Lists• Case systems• Web• Documents• Images• Email
Today, we often go to each source separately and draw links in our heads to make decisions.
AlertsData
WarehouseDocuments &
WebCase
Management
Digital Harbor logically links live data from many sources as if they were one
11
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Across silos, you need to see how events are relatedDifferent systems monitor different kinds of events;
Case management connects the dots so you can respond intelligently
Convergence = Composite
ApplicationsEvents in different dimensions may be related (e.g. by customer or household). It’s the links between things that make them meaningful.
•Anti-Money Laundering•Fraud•Enhanced Due Diligence•Operational Risk•Sarbanes-Oxley
Today, we often don’t tie these dimensions together, so we have a fragmented view
Composite applications connect the dots so you get a complete picture
12
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Xaction EmailAML HRCustomer
Unique Technology: The PiiE™ Platform
Composite UI (Smart Client)Present information to users in a real-time,
interactive XML interface
Composite Schema
(Business Ontology)A Business Ontology describes the semantics of
data relationships, workflow, and events
Composite Queries (EII)Logically map multiple databases or web
services as if they came from a single source
13
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Integration, not just
Workflow- Directly accesses data in detection engines
- Links alerts with auxiliary information in other systems
-Datasources, processes, and UI can be completely customized
- Applies across risk and compliance functions
Composite = Integrated, Holistic Solution
Multiple External Systems
Images(e.g. Checks Statements)
Documents(e.g. Reports, Excel, All file
types)
XMLMessages(e.g. MQ,
Tibco)
Multiple Internal Systems
Intranet(e.g. Portal)
-Investigation-Case Management-MIS Dashboard-Integration-Drill Down/Drill Across-Trend Analysis-Audit Process
Public Web(e.g. Google)
Web Services(e.g. FinCEN,Govt)
Private Web(e.g. LexisNexis)
Databases(e.g. Treasury,
Payment, AML, Fraud,
Sales Practice)
-AML-Fraud-Sales Practice-EDD-Operational Risk-Sarbanes-Oxley
68©Searchspace 2004. All rights reserved.
In Commercial Confidence-for Internal Use Only
Black and gray lists
EmailArchive
Rich Visualization
Ad-HocDrilling
Enterprise Investigation & Case Management Software provides glue to tie together Risk and Compliance systems in a Composite Solution
Multiple Detection Engines
Invisible WebHistorical Web
Dri
ll D
ow
n
Drill Across
14
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
With the right Enterprise Case Management solution you can extend the capabilities of transaction monitoring solutions for multiple risk areas including AML, Fraud, EDD, and corporate security
Holistic View (Fuse Services from Multiple Apps)- Transaction Monitoring & Anti-Money Laundering - Enterprise Linking- Visualization
EDD
Email Retention & Discovery
Fraud
Link Analysis
EnterpriseData
AML
15
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
TACTICAL VIEW:Benefits of a Composite Approach to Case Management
1. Link multiple systems in a single composite view
2. Avoid manual work to “connect the dots”
3. Avoid missed cases
4. Have more control over data via ad-hoc drill down/drill across
5. Better auditing and traceability across systems
6. Aggregation of information, both structured and unstructured
7. Digital information on each case, including “as was” snapshots
8. Process management, with automatic escalation
9. Visualize information in best form (maps, timelines, link analysis)
10. Single approach with process controls for web, documents, and data
16
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Key Dimensions to Evaluating the Overall Value
•Reduce aggregate cycle time to process alert queue by 50%
•Reduce risk of fines/reputational damage by investigating to eliminate false + & -
•“SAR process fragmentation allows opportunities for control deficiencies.”
•Understanding risk and compliance performance requires a composite picture
•Allow same people to do more with less to manage manage workload, handle attrition
•Eliminate Redundant Effort and Redundant Data by logically mapping to data.
•Leverage same data & functionality across silos to improve overall efficiency and effectiveness
STRATEGIC VIEW:Seven Pillars of Value for Evaluating Enterprise Case Management
17
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Third-order organization Supporting complex human decisions requires full use of explicitly related data (inside and outside the enterprise), but more importantly the
ability to discover new relationships. In the past our way of thinking has been shaped by the physical world, (i.e. no object can be in two places at the same time) leading to traditional
“tree” type organizational schemas forcing objects to be classified in a single bucket. Third order organization of data is not confined by the same limits since the objects being organized are data, which can exist in many places at once.
First Order Organization: Organization of physical items themselves. Example: books arranged on a shelf by author. Flat and hierarchal databases are also examples of first order organization. Relationships are not explicit but are implied by the order.
Second Order Organization: Organization of data about physical items. Example: a card catalog at the library. Still pointing to the physical order of items. Relational databases are the most advanced form of second order organization, relationships are explicit.
Investigator
Third Order Organization: Data exists in many places at once and relationships need not be explicit. Users are able to sort and organize data in any way that suites their needs. Example Google uses explicit data relationships and the point in time needs of the user to dynamically relate information.
“The rise of third-order organization changes the jobs of…knowledge managers. Their role is no longer to build trees that define the relationship of every bit of data in the company but to build enriched pools of data objects whose relationships to one another change constantly, depending on who is looking at them.” Harvard Business Review
18
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Third order organization grows data into actionable intelligence
Investigator applies logic andmakes cognitive connections
to produce intelligence that canbe acted on
Unusual Activity
Searchspace
Atchley
CIP
Composite ApplicationAdd context and syntax to
information to form knowledge
Data: unprocessed sensory observations.
Information: data placed into syntax or context.
Knowledge: information that is cognitively useful because it is semantically assimilated into a body of prior knowledge grounded in experience.
Intelligence: knowledge that has been assessed and evaluated for its logical consistency and relationships to what is already known. When transformed into hypotheses, becomes the basis for action.
Action
The world produces raw data constantly
Data is stored as information for specific contexts and reasons
The compliance organization needs a system that can assimilate information into knowledge, so that the investigator can focus on producing intelligence, forming hypotheses, and taking action…true human value adds.
The growth of intelligence is the desired core competency. Additionally, the system must provide workflow and audit capabilities to ensure regulatory processes are followed, provide process traceability, and provide feedback for improvement.
19
Business Consulting Services
© Copyright Digital Harbor Inc 2005
© Copyright IBM Corporation 2005
Related Applications in the Government:
1. Improper Payments
2. Financial Compliance (A-133)
3. Compliance & Audit Enforcement
4. Security Investigations (facility, personnel)
5. Operational Risk Management
6. Grant Management
7. Fraud Management (housing, employment, medicare,..)
8. Intelligence & Counterintelligence
9. Criminal Investigation, Legal Case Management
10. Performance Management
© Copyright Digital Harbor Inc 2005© Copyright IBM Corporation 2005
For More Information, Please Contact Us At:
Web: www.dharbor.com
Email: [email protected]
Phone: 703-476-7347
Austin WellsVice PresidentDigital Harbor Inc.<[email protected]>703-476-7347
QuestionsQuestions