Identity Resolution Daily

By Douglas Wood, Infoglide Senior Vice President

On the heels of the very successful Association of Certified Fraud Examiners (ACFE) conference last month comes an industry event which represents investigators of financial crimes and fraud.  The International Association of Financial Crimes Investigators (IAFCI) meets in Washington, DC next week with an agenda that is chock full of sessions involving discussions of best practices for solving and preventing financial crimes.

With an audience looking to share thoughts on insider trading detection, mortgage fraud, organized crime ring detection, anti-money laundering and insurance claims fraud, the conference is sure to be buzzing!

One thing for certain is that there is no one “right” answer to prevention and investigation.  As I pointed out in a previous post here, it is clear that predictive analytics technologies have been a valuable tool for organizations to “catch” fraudsters based upon their behaviors.   With more and more organizations adopting identity resolution technology, however, those “best practices” are becoming even better.

Identity resolution technology goes at the heart of who’s who… and who’s working with whom… by “gliding” across an organization’s data (internal and/or third party) and searching for those tiny pieces of forensic data attributes that are the golden nuggets of financial crime investigation.  Identity resolution helps investigators understand the identity matches and non-obvious relationships between individuals across enterprise data – despite input errors or deliberate attempts to deceive.

In combating financial crimes, identity resolution technology has become the next big ‘thing’, as it provides answers to the following types of questions:

• Does someone in an incident database resemble someone in another database… and who else is connected to them?
• Is the witness in an insurance claim suspiciously similar to someone in the SIU data?
• Do credit card applicants share subtle attributes that would point to bust-out fraud?
• Does the loan applicant have a non-obvious relationship with an employee?  Or a known fraudster?
• How is the stock trader connected (by degrees of separation) to an insider?
• Is an applicant somehow connected to a Denied Person?

Infoglide Software Corporation, the leader in identity resolution engine technology, will be attending IAFCI next week and we would encourage you to drop by our booth and say hello. Otherwise, drop a note to sales@infoglide.com and I will have someone reach out to you directly to explain how this all works.

Share This

By Douglas Wood, Infoglide Senior VP

The Association of Certified Fraud Examiners (ACFE) held its annual conference and exhibition in Washington, DC this week.  Through the keynote address and the plethora of wonderful speakers, one message became loud and clear - fraudsters are becoming more and more creative in finding ways to circumvent your policies.

We heard stories of insider trading, bust-out fraud, mortgage fraud, insurance claims fraud and organized retail crime.  Despite the diligence and hard work by the certified fraud examiners, too many of these stories ended up with a common theme - the crooks got away with an awful lot of booty before getting caught.

Predictive analytics and behavioral analytics have provided organizations with a great weapon in combating fraud.  Establishing norms and ranking activities against those norms can have a dramatic effect on reducing losses to fraud and crime.  What has been missing, however, is the wide-scale adoption of a tool that allows fraud examiners to “automatically connect the dots” between the bits and pieces of forensic information they have.  Identity Resolution is that tool… and it has been the talk of the conference here.

The powerful federated similarity search capabilities of identity resolution help investigators understand the hidden relationships between individuals across enterprise data (Applicants, SARs, Incidents, Employees, Claimants, Witnesses, etc).  Let’s face it, the fraudsters are typically not stupid.  They know how to get around the systems by engaging their family and friends to form a profitable fraud ring.  Identity Resolution gives companies the power to search into ALL their data with  a view to understanding “who’s who” and “who’s working with whom” - despite deliberate attempts to deceive.

We believe this technology is becoming absolutely critical for corporations to predict and examine fraudulent activity, and that mainstream adoption is happening right now.

Share This

[Post from Infoglide] Insider Collusion

“Stories about financial services fraud are on the rise. Consider the recent article about an employee of a financial services company who had charges filed against him for conspiring to rig bids for investments in municipal bond projects…”

SafetyAtWorkBlog: OHS regulator reveals a blog about OHS fraud and crime

“For the last couple of months, Washington State’s Department of Labour & Industries has been running a blog written by its Fraud Prevention and Compliance Manager, Carl Hammersburg.  The blog matches the remit of the regulatory authority and covers a range of industrial enforcement actions.  Occasionally it has included its own video surveillance  of potential workers’ compensation fraudsters.”

Financial Fraud Law: Guilty Plea By Former Financial Services Employee In Muni Bond Bid-Rigging And Fraud Conspiracy

“According to court documents: Zaino engaged in a bid-rigging conspiracy from at least as early as October 2001 until March 2006.  As a part of the bid-rigging conspiracy, Zaino, acting as a broker of investment agreements, and co-conspirator providers designated in advance which co-conspirator provider would be the winning bidder for certain investment agreements brokered by Zaino’s employer.”

TravelDailyNews: ASTA works with TSA on secure flight compliance

“‘ASTA has and will continue to work closely with the TSA to notify members through member alerts and updates, of upcoming changes and deadlines that impact the travel agency community and the traveling public. We have, throughout the implementation period, met with TSA and provided updates and direction to our members regarding compliance,’  said ASTA President and Chair Chris Russo.”

Share This

By Mike Betron, Infoglide Software Director of Marketing

Stories about financial services fraud are on the rise. Consider the recent article about an employee of a financial services company who had charges filed against him for conspiring to rig bids for investments in municipal bond projects:

“According to court documents: [Mark] Zaino engaged in a bid-rigging conspiracy from at least as early as October 2001 until March 2006.  As a part of the bid-rigging conspiracy, Zaino, acting as a broker of investment agreements, and co-conspirator providers designated in advance which co-conspirator provider would be the winning bidder for certain investment agreements brokered by Zaino’s employer.  After the winning co-conspirator provider was designated, Zaino caused the other co-conspirator providers to submit intentionally losing bids, giving the false appearance that the investment agreements had been bid competitively in accordance with relevant Treasury regulations.”

If you’re familiar with the capabilities of identity resolution, this is a classic case of uncovering hidden entity relationships. Warning signs about Zaino’s alleged relationships with several providers were almost certainly available. Connecting the right set of disparate databases and using similarity searching and transitive matching would have certainly turned up Zaino’s connections to his alleged co-conspirators.

We’ve been involved in detecting  insider trading, a similar type of fraud. In writing about available data sources, we said that “besides lists that individuals put together and post on the web, public and private databases offer all sorts of information on people that are useful in addressing multiple types of business problems and opportunities,” and we went on to list a few.

In addition to these types of data, financial institutions have their own massive data sets derived from operations. Combining their internal data with easily obtainable external public and private source offers opportunities to avoid the kind of bad publicity associated with that lead story above.

It all begs the question: Why aren’t more organizations protecting themselves with commercial due diligence systems using identity resolution?

Share This

 [Post from Infoglide] The Big Short: How the Credit Scoring World Has Shifted

“The hottest non-fiction book at the moment is The Big Short: Inside the Doomsday Machine. Best-selling author Michael Lewis explores and explains what went on behind the scenes during the years leading up to the big stock market crash in 2008 and answers a crucial question: “Who understood the risk inherent in the assumption of ever-rising real estate prices, a risk compounded daily by the creation of those arcane, artificial securities loosely base on piles of doubtful mortgages?” While misguided government policies together with greed and stupidity provide the larger answer, events during that time beg certain questions about the specific ways in which credit risk is evaluated.”

BANK INFO SECURITY: 22 Banking Breaches So Far in 2010

“There have been 173 reported data breaches so far in 2010, and 34 of these involve financial services companies. This means that in less than one quarter of the year, we already have seen more than one-third of the 62 banking-related breaches reported in all of 2009… If the breach trends do continue as they did in 2009, then financial service companies will continue to experience malicious hacking and insider theft. The challenge for organizations such as the ITRC is that many organizations fail to report their breaches.”

nbc4i: Clerk Faces Felony Charges After Alleged Lottery Fraud

“Both tickets were presented to Ikhlayel by undercover lottery investigators posing as customers. In both instances, Ikhlayel told the investigators the tickets were not winning tickets. An investigation indicated both tickets were validated at the Downtowner Marathon shortly after being presented to Ikhlayel, authorities said.”

San Francisco Examiner: Posh Bagel’s managers charged with workers’ comp fraud

“Employers that aim to lower their workers’ comp expense through dishonest means try all sorts of tricks, from under-reporting payroll to lying about the state in which their employees work. Such ruses seldom succeed since insurers regularly audit insureds for premium fraud, and they’ve seen every trick in the book. Moreover, the modest boost that premium fraud gives the bottom line is hardly worth the risk.”

Share This

By Infoglide Software CEO Mike Shultz

The hottest non-fiction book at the moment is The Big Short: Inside the Doomsday Machine. Best-selling author Michael Lewis explores and explains what went on behind the scenes during the years leading up to the big stock market crash in 2008 and answers a crucial question: “Who understood the risk inherent in the assumption of ever-rising real estate prices, a risk compounded daily by the creation of those arcane, artificial securities loosely base on piles of doubtful mortgages?” While misguided government policies together with greed and stupidity provide the larger answer, events during that time beg certain questions about the specific ways in which credit risk is evaluated.

For decades, several well-known organizations have assessed credit risk, i.e. the likelihood that a loan applicant will default on a loan. Financial services organizations like banks, credit card companies, and mortgage lenders base decisions to lend on credit scores like FICO. The scores are based primarily on a person’s financial history, including whether they have taken out loans and paid them back. Two major trends work together to hinder the effectiveness of traditional credit scores.

First, the use of credit cards as a form of payment has become ubiquitous, and a large percentage of people carry a balance from month to month. For example,  according to creditcards.com the average credit card debt per household carrying a balance is over $16,000. It’s clear that an ever-increasing number of households depend on credit cards to manage cash flow.

The second trend is a behavioral one. For many years, past loan history was a reasonable predictor of future behavior. People in general were committed to paying off their mortgage, and if they were in a tight cash flow situation, their highest priority was keeping up their mortgage payments. Now, with zero interest down and interest-only loans, the lack of equity in the home translates to lower commitment, and defaulting on a loan is a less traumatic event. When credit cards are used for cash management and the penalty for mortgage foreclosure is not so high, it’s not hard to predict a much higher rate of foreclosures.

So, if past behavior is less predictive than before, expect a growing desire in the industry for more sophisticated measures that draw on both historical data and other sources, e.g. up-to-the-minute income and banking status. With its ability to combine and score disparate data, identity resolution technology is certain to play a key role in improving the financial industry’s ability to assess risk.

Share This

By Mike Shultz, Infoglide Software CEO

In March 2006, the Communications Fraud Control Association (CFCA) estimated that annual global fraud losses in the telecom sector were between $54 billion and $60 billion, and the losses continue to be substantial. Many types of fraud have been identified, but by far the most prevalent is subscription fraud.

A new subscriber signs up for mobile service using false or stolen identification, with no intention of paying the bill. Since new subscribers are given a grace period of one to three months before the account is shut off, the criminal can make thousands of dollars worth of calls before being detected.

Subscription fraud can be difficult to differentiate from simple bad debt when genuine customers are unable to pay. It’s been estimated that 30% or more of all bad debt is actually subscription fraud.

Different solutions have been tried yet fraud continues to be a problem. One common method is to look for patterns of use that suggest potential fraud, but criminals adapt and learn to probe the limits of these fraud detection systems fairly quickly.

Given the industry’s long history with fraudsters, it seems probable that enough is known about them that they could be spotted at the time they subscribe.  Using similarity searching technology, would-be fraudsters can be vetted against lists of known bad actors. Using multiple public and private data sources, non-obvious relationships can highlight risky individuals, and they can then be asked to submit to a more thorough qualification process.

Identity resolution is already used across multiple industries to solve similar problems. By matching an individual’s attributes with common attributes associated with those committing fraud, the “bad guys” are being detected in areas like lottery fraud, fusion centers, insider trading, and workers’ compensation employer fraud. Part of finding the bad guys is finding hidden relationships, connections that often uncover rings of criminals.

The “birds of a feather” axiom predicts that subscription fraud criminals often share the same types of social networks. Applying identity resolution to subscription fraud problem may be the way to finally solve it.

Share This

By the Infoglide Team

NYTimes Dealbook: Insider Scheme Had Touches of James Bond

“Unlike the Galleon case, where senior officials at corporations passed tips on early earnings estimates to people at the fund, the Goffer case centers on allegations that may sound more familiar to students of the insider trading scandals of 25 years ago — early tips about deals from the people involved in doing them. According to the criminal complaints, Mr. Cutillo passed the information along through a friend, Jason C. Goldfarb, 31, who specialized in workers compensation law at a private firm in Brooklyn and who was also arrested on Thursday.”

Computerworld: Data quality vendors missing the mark, study finds

“One-fifth of respondents felt data quality is a prerequisite to an MDM initiative and wanted to see more vendor offerings integrating those two areas. Hayler says one would expect vendor partnerships between the areas of data quality and MDM, and that is precisely what is currently happening in the industry.”

docinthemachine: Encrypt EHR — Else HIPAA Violations Need Be Reported To Government & Media

“For example, if a physician maintains patient information in a laptop computer containing the unsecured information of more than 500 patients and the laptop is stolen, the physician would be required to notify not only the patients affected by the breach, but would likely need to also notify the DHHS and the media. A medical practice need not report a breach if the patient information has been properly encrypted – because information that is encrypted is not considered ‘unsecure.’”

Initiate Blog: The Brittle Nature of Data Warehouses

“Usually, only a small percentage of the data are ever used. So why bother? The TCO for extracting, copying, converting, transferring, transforming, integrating, propagating, backing-up, loading, and verifying the data skyrockets far beyond its value and injects significant risk and brittleness into the entire ecosystem.”

Share This

[Post from Infoglide] Data Source Disintermediation?

“According to Wikipedia, ‘disintermediation is the removal of intermediaries in a supply chain: ‘cutting out the middleman’… Buyers bypass the middlemen (wholesalers and retailers) in order to buy directly from the manufacturer and thereby pay less.’”

[Jim Harris] OCDQ Blog: The Two Headed Monster of Data Matching

“Data matching is commonly defined as the comparison of two or more records in order to evaluate if they correspond to the same real world entity (i.e. are duplicates) or represent some other data relationship (e.g. a family household). Data matching is commonly plagued by what I refer to as The Two Headed Monster…”

CorpWatch: CorpWatch announces release of the CrocTail application and open CorpWatch API

“CrocTail provides an interface for browsing information about several hundred thousand U.S. publicly traded corporations and their many foreign and domestic subsidiaries. Information from company Securities and Exchange Commission (SEC) filings has been parsed and annotated by CorpWatch to highlight specific corporate accountability issues. CrocTail also serves as a demonstration of the features and data available through the CorpWatch API.”

Vos Is Neias: Washington - TSA Advising Travelers To Book Airline Tickets Using Full Real Names

“While the T.S.A. has announced Aug. 15 as a target date for the airlines to begin asking for each passenger’s full name, gender and date of birth, and has already begun publicizing the program, called Secure Flight, the agency acknowledged that it would go into effect in phases as the airlines update their systems.”

Share This

By Robert Barker, Infoglide Senior VP & Chief Marketing Officer

According to Wikipedia, “disintermediation is the removal of intermediaries in a supply chain: ‘cutting out the middleman’… Buyers bypass the middlemen (wholesalers and retailers) in order to buy directly from the manufacturer and thereby pay less.” Some famous disintermediation examples are:

•    Bookselling (e.g., Amazon’s long-tail marketing of millions of books online)
•    Travel (e.g., Southwest Airlines selling tickets direct to consumers on the web)
•    Computers (e.g., Dell selling computers direct to consumer and businesses over the internet).

Disintermediation was THE hot topic during the dot com boom, but the heady prediction that virtually every industry would be disintermediated has yet to become a reality. Nevertheless, over the past decade or so we’ve all tracked the news as one business model after another is attacked by competitors who seek a way to “disintermediate” a particular sector.

Part of the power of identity resolution solutions derives from the data sources upon which they’re based, and both the quantity and quality of data sources can affect the results. One challenging identity resolution problem we’ve written about that relies on a variety of data sources is insider trading (see Leveraging Identity Resolution Data Sources). Drawing on multiple data internal and external, public and private data sources, identity resolution unwinds multiple degrees of business, friendship, and familial relationships to uncover likely illegal stock market gains.

Now potential disintermediation plays related to data sources are emerging. CrunchBase is a well-known example, offering a free database of technology companies, people, and investors that anyone can edit. San Francisco-based CorpWatch is a non-profit engaged in “investigative research and journalism to expose corporate malfeasance and to advocate for multinational corporate accountability and transparency”. They’ve just announced an API that makes it easier to search SEC data:

“Although the SEC provides a search interface for locating company filings (EDGAR / IDEA), and the subsidiary information is not presented in a standardized format suitable for automated use or insertion into a database. The CorpWatch API uses parsers to “scrape” the subsidiary relationship information from Exhibit 21 of the 10-K filings and provides a well-structured interface for programs to query and process the subsidiary data.”

The free CorpWatch API enables identity resolution and other applications to look up the formal names of corporations, ascertain their relationships to other corporations, find their locations around the world, learn their alternate and formal names, and access other useful information. Up to now, you could only get this kind of information from relatively expensive paid subscriptions from commercial data providers.

Is it possible that the efforts of organizations like CorpWatch point to a future in which an abundance of new, free sources of data will make it even easier to create identity resolution applications?

Share This