Bank Fraud Detection
(original source: https://github.com/neo4j-contrib/gists/blob/master/other/BankFraudDetection.adoc )
This interactive Neo4j graph tutorial covers bank fraud detection scenarios.
Introduction to Problem
Banks and Insurance companies lose billions of dollars every year to fraud. Traditional methods of fraud detection play an important role in minimizing these losses. However, increasingly sophisticated fraudsters have developed a variety of ways to elude discovery, both by working together and by leveraging various other means of constructing false identities.
Explanation of Scenario
While no fraud prevention measures can ever be perfect, significant opportunity for improvement lies in looking beyond the individual data points, to the connections that link them. Oftentimes these connections go unnoticed until it is too late-- something that is unfortunate, as these connections oftentimes hold the best clues.
While the exact details behind each first-party fraud collusion vary from operation to operation, the pattern below illustrates how fraud rings commonly operate:
A group of two or more people organize into a fraud ring
The ring shares a subset of legitimate contact information, i.e., phone numbers and addresses, combining them to create a number of fictional identities
Ring members open accounts using these fictional identities
New accounts are added to the original ones: unsecured credit lines, credit cards, overdraft protection, personal loans, etc.
The accounts are used as normally, with regular purchases and timely payments
Banks increase the revolving credit lines over time, due to the observed responsible credit behavior
One day the ring "busts out", coordinating their activity, maxing out all of their credit lines, and disappearing
Sometimes fraudsters will go a step further and bring all of their balances to zero using fake checks immediately before the prior step, doubling the damage
Collections processes ensue, but agents are never able to reach the fraudster
The uncollectible debt is written off
Explanation of Solution
Graph databases offer new methods of uncovering fraud rings and other sophisticated scams with a high degree of accuracy, and are capable of stopping advanced fraud scenarios in real time.
How Graph Databases Can Help
Augmenting one’s existing fraud detection infrastructure to support ring detection can be done by running appropriate entity link analysis queries using a graph database, and running checks during key stages in the customer & account lifecycle, such as:
At the time the account is created
During an investigation
As soon as a credit balance threshold is hit
When a check is bounced
Real time graph traversals tied to the right kinds of events can help banks identify probable fraud rings, during or even before the Bust-Out occurs.
Bank Fraud Graph Data Model
Graph databases have emerged as an ideal tool for overcoming these hurdles. Languages like Cypher provide a simple semantic for detecting rings in the graph, navigating connections in memory, in real time.
The graph data model below represents how the data actually looks to the graph database, and illustrates how one can find rings by simply walking the graph:
Entity Link Analysis
Performing entity link analysis on the above data model is demonstrated below. We use brackets in the below table is to isolate individual elements of a collection.
Find account holders who share more than one piece of legitimate contact information
MATCH (accountHolder:AccountHolder)-->(contactInformation) WITH contactInformation, count(accountHolder) AS RingSize MATCH (contactInformation)<--(accountHolder) WITH collect(accountHolder.UniqueId) AS AccountHolders, contactInformation, RingSize WHERE RingSize > 1 RETURN AccountHolders AS FraudRing, labels(contactInformation) AS ContactType, RingSize ORDER BY RingSize DESC
Determine the financial risk of a possible fraud ring
MATCH (accountHolder:AccountHolder)-->(contactInformation) WITH contactInformation, count(accountHolder) AS RingSize MATCH (contactInformation)<--(accountHolder), (accountHolder)-[r:HAS_CREDITCARD|HAS_UNSECUREDLOAN]->(unsecuredAccount) WITH collect(DISTINCT accountHolder.UniqueId) AS AccountHolders, contactInformation, RingSize, SUM(CASE type(r) WHEN 'HAS_CREDITCARD' THEN unsecuredAccount.Limit WHEN 'HAS_UNSECUREDLOAN' THEN unsecuredAccount.Balance ELSE 0 END) as FinancialRisk WHERE RingSize > 1 RETURN AccountHolders AS FraudRing, labels(contactInformation) AS ContactType, RingSize, round(FinancialRisk) as FinancialRisk ORDER BY FinancialRisk DESC
Was this page helpful?