S&T Business Solutions for Insurance Industry - · PDF fileS&T Business Solutions for...

www.snt.ro

S&T Business Solutions for Insurance IndustryNicoleta CHIVU, Business Application Sales Representative

Content

S&T Romania PortfolioFirstApex – End-to-end Core Insurance SolutionBusiness Intelligence (Reporting &Analysis)Intellinx – Internal Fraud detection

Member of S&T AG

AT HU

BACS

ALMK

BG

RO

MD

HRSI

UA

CZ

PL

TR

RU

SK

DE

CH

USACN JP

CH

BA

MKMKAL

DE

CH

ATHU

BG

RO

MD

HRSI

UACZ

PL

TR

RU

SK

RS

ME

Over 3,000 employees in 22 countries

CHI JP

S&T has developed strong IT resources in Romania, organically and through acquisitions

IT resources in S&T Romania

S&T builds a flexible structure based on a strong core team anda reliable network of local partners

• Over 250 specialists in Romania

• 13+ years of experience

• Network of local partners

People

• Consulting

• Project management

• Multi-vendor skills

• Software development

• Data centre

• Training facilities

• Help-desk

• Logistics and spare parts on stock

Knowledge Infrastructure

N e twayN e tway®®

1994

2001

2002

2003

2006

2007

• Leading manufacturer independent system integrator in Romania

• #1 IT services provider in Romania (IDC, 2005)

• # 1 IT system integrator in Romania in 2006 (INS, 2007)

• # 1 ERP services provider in Romania in 2006 (PAC, 2007)

Market position

S&T Software

S&T Romania

Service Offering Insurance

Business Consulting

Insurance Core SolutionsDesign & Implementation

Customer Management

System Integration and Custom Development

Stra

tegy

Proc

esse

sSy

stem

s

IT ApplicationImplementation

Business Intelligence

CRM

Content Management

PortalsIT Application Implementation

GL, AR/AP

CFM, CML

BI

Insurance CFO ConsultingAccountingConsolidationFin. ReportingSolvency II

Collections & Disbursement

Commission Management

Claims Management

Policy Management

Lean Services Insurance: Operational Excellence

Business Domain Architecture

Change/Transformation Management

SOA Architecture

IT Management

Value Creation Engine

Closed File Analysis

Process Optimisation Management

Content


Profile of FirstApex

• Started by ex-IBM Executives

• Specialist provider of Insurance IT Solutions since 1980s

• Corporate Head Office in Singapore– Offices in India, Japan, China, South Korea and Hong Kong (Warsaw, Poland office

coming up)

• All in one J2EE solutions, Insurance industry oriented, predefined, multi-language/multi-currency, etc

• Offerings Cover all Lines of Business in Insurance– Property and Casualty including Fire, Motor, Marine Cargo & Hull, Liability, Engineering,

Household, Travel, PA, WC, Indemnity and Managed Care, etc– Reinsurance including Treaty, Facultative, Proportional, and Non-Proportional

• Over 120 implementations in over 20 countries

• International standards for quality– SEI CMM Level 4 – ISO 9001

FirstGen Neo 5j: Non-Life Insurance Policy Management System

FirstRe Neo 5j: Professional Reinsurance Management System

Excerpt from FirstApex Reference List

Content


DataWarehouseQuery and ReportingOnline analytical processing (OLAP)Statistical analysisPlanning and BudgetingScoreCard and Dash BoardData Mining

S&T Romania BI solutions

over 30 consultants in Romania, Slovenia and Czech Republic, Russia4 consultants in RomaniaCognos CC in Czech Republic

S&T Resources

Oracle IBM CognosSAP (Business Objects)MicroStrategy

BI products portfolio

Raiffeisen Bank Ro, At, Cz: Cognos Reporting Platform (~250K€ in Ro)Mediplus Exim: Cognos Planning and BI Implementation (~200K€)Sensiblu: Cognos Planning Implementation (~150K€)Metrorex: Oracle Planning & BI Implementation Danone Ro, Ru: MicroStrategy Reporting Solution Petrom and Ursus: SAP Datawarehouse & BIČeská Spořitelna / Erste bank: Project Cognos Reporting PlatformGenerali Cz - Cognos BI Implementation

S&T Experience in CPM projects

S&T DataWarehouse & BI Portfolio

Performance Management

Financial Management

ExpenseManagement

RevenueManagement

Long Term Asset Management

PERFORMANCE

Performance Management Capabilities

How are we doing?Financial Management

ExpenseManagement

RevenueManagement


PERFORMANCE


Why?


ExpenseManagement

RevenueManagement


PERFORMANCE


Why?


ExpenseManagement

RevenueManagement


PERFORMANCE

What should we be doing?

Oracle Comprehensive, Integrated BI SuiteEnables single enterprise BI architecture

OracleOracleBI ServerBI Server

ProactiveProactiveDetectionDetectionand Alertsand Alerts

DisconnectedDisconnectedAnalyticsAnalytics

AdAd--hochocAnalysisAnalysis

MS OfficeMS OfficePlugPlug--inin

Reporting & Reporting & PublishingPublishing

Interactive Interactive DashboardsDashboards

OLTP & ODSSystems

Data WarehouseData Mart

SAP, OraclePeopleSoft, Siebel,

Custom Apps

FilesExcelXML

BusinessProcess

Multidimensional Calculation and Integration Engine Multidimensional Calculation and Integration Engine

Intelligent Caching ServicesIntelligent Caching Services

Simplified Business Model and Abstraction LayerSimplified Business Model and Abstraction Layer

Intelligent Request Generation and Optimized Data Access ServiceIntelligent Request Generation and Optimized Data Access Servicess

Advantages:Consolidate and standardize BI toolsUnified BI metadata and infrastructureSeamless BI user experience

Oracle BI Suite Enterprise EditionOracle BI Suite Enterprise Edition

Content


Intellinx – Prevent & Detecting internal fraud and information leakage

© Intellinx Ltd. All Rights Reserved.Intellinx Ltd. All Rights Reserved

Intellinx was a part of Sabratec which had 2 product lines:

Legacy integration solutions for enterprises worldwide since 1997

Intellinx - Fraud detection and Compliance since 2003

Software AG acquired Sabratec’s Legacy Integration business on January 2005 and Intellinx has become an independent entity -Intellinx Ltd.

R&D in Israel, a subsidiary in NYC, a worldwide chain of partners

Selected by Gartner as a “Cool Vendor”, Security and Privacy, 2006

About IntellinxAbout Intellinx


The ACFE (Association of Certified Fraud Examiners) 2008 survey

Average Cost of Fraud - 7% of annual revenues

60% of all fraud involve employees

65% of fraud are detected by tipping or by accident

The average scheme goes on for 24 months prior to detection

The US Secret Service research on Financial Sector (June 2005)

In 78% of the incidents, the insiders were authorized users utilizing Simple, legitimate user commands

Insider Threat –A Critical Problem for Enterprises


…Except for Authorized User Access

LAN

Application Server Database Server Mainframe

Web Server FTP Server Mail Server

DMZ

Internal User Internal User Internal User

WEB

Firewall

VPN Gateway

Remote User

Every Element is Secured…

Existing Security Solutions


Utilizing External Fraud Detection Solution for Internal Fraud

Based on Logs and Database Analysis

Critical data is missing for detecting Internal Fraud:

– Typically only update transactions are logged, while queries are excluded

– Log content varies by application – in many cases the specific data accessed by the user is not included

– Privileged users are typically not covered

No true reflection of user flow of activities

Batch oriented – REACTIVE

Long set-up phase

Conclusion:Not Sufficient for proactive insider fraud detection


• Patent-Pending Agent-less network traffic sniffing

• No Impact on performance

• Highly scalable architecture

• Very short installation process (several hours), with no risk to normal IT operations

• Recordings stored in extremely condensed format

• Recording files are encrypted and digitally signed – potentially admissible in court when needed

Intellinx Technology

Monitored Platforms: IBM Mainframe: 3270, MQ, LU0, LU6.2IBM System I (AS400): 5250, MPTNWeb: HTTP/ HTTPSClient/Server: TCP/IP, MQ Series, MSMQ, SMBVT100, SSHSWIFT, FIX, ISO8583 (ATM), other application-to-application protocols can be configured


Record and Replay

• Record all end user interaction with host

• Visual Replay of full user sessions

Analyze Screen Content• Automatic recognition of screens and fields• “Google like” search on screen content, e.g. Who accessed a specific customer

account in a specific timeframe?

Identify User Activity Events• Continuous analysis of user activity• Identify user transactions which may be comprised of several screens

Analytic Engine

• Customizable rules track user behavior patterns triggering alerts in real-time

• New rules may be applied after-the-fact

• Case Management workbench support alert evaluation and case investigation

Intellinx – Record, Analyze, Respond!



Which red-flags should have been spotted to prevent such event in time?A combination of -> Excessive number of queries and browse through low activity accounts> Money Transfers from low activity accounts

Existing Log Analysis & Transaction Tracking solutions > Can track: Money Transfers from low activity accountsx Cannot track in many systems: Queries and other Read-Only actions are

not included in most existing log files hence are not available for analysis

Lack of visibility to user behavior, may cause Existing Solutions to generate high rates of False Positive Alerts, becoming ineffective

The Chase Case: Stealing from Dormant Accounts


Planning an Effective Internal Audit on Access to Dormant Account

Case #4: Chase Bank - Stealing from Dormant Accounts

How Can the Auditor Spot the Red-Flags?


www.snt.ro

Thank you!

31

[email protected]

mailto:[email protected]

Date post:	13-Mar-2018
Category:	Documents
Upload:	vunhi
View:	216 times
Download:	3 times

S&T Business Solutions for Insurance Industry - · PDF fileS&T Business Solutions for...

Documents