According to the Dutch Centre for Crime Prevention and Safety (Centrum voor Criminaliteitspreventie en Veiligheid - CCV), retail theft has been on the rise over the past few years. The severity of the problem has been highlighted in recent reports from supermarkets, but other retailers, such as toy stores and clothing stores, are also experiencing increases in theft. Factors contributing to this trend include the cost-of-living crisis, the introduction of self-scan cash registers, increased aggression towards personnel, and a growing moral acceptance of theft. A recent survey by Q&A Retail found that one in five consumers consider theft acceptable under certain conditions.

Corporate security is also facing rapid developments in various areas. For example, the shift to remote work can impact the effectiveness of traditional security measures. Issues such as shrinkage, retail theft, employee theft, and misconduct remain highly relevant.

While some organizations are considering reverting to traditional measures, such as limiting or removing self-scan cash registers, we should also explore how technology can help us advance without compromising corporate security. At the same time, data privacy regulations needs to be adhered to. This is where Fraud Data Analytics (FDA) combined with Artificial Intelligence (AI) comes into play. By leveraging advanced analytics and AI, organizations can detect and prevent fraudulent activities more effectively. This blog explores the journey an organization can take to experiment with unsupervised models, supervised models, and process mining for fraud monitoring.

The Importance of Fraud Data Analytics

FDA involves the use of statistical methods and AI to analyze patterns and detect behavior and anomalies that may indicate fraudulent activities. FDA can target known risky behavior using rule-based monitoring, but anomaly detection is also important to assess whether there are risks or modi operandi an organization is not yet aware of. This approach complements traditional controls such as cameras, security gates, and strategic placement of goods (e.g., placing certain products behind the cash register). Although FDA generally operates post-event, the resulting measures can also lead to proactive means of safeguarding against fraud. Especially in cases of employee theft or collusion, it is often possible to conduct follow-up actions after the fact.

Organizations vary in their maturity levels when it comes to implementing FDA. Here is a step-by-step journey that organizations can undertake to enhance their fraud detection capabilities, ranging from the basics to more complex approaches. These steps are complementary, and combining them can help your organization be more vigilant.

Initial Stage: Understanding the Basics

At the initial stage, organizations should focus on building up the capabilities, knowledge, governance and IT infrastructure to enable FDA. The secondary objective at this level is to collect, centralize, and analyze historical fraud data to understand common patterns and indicators, and to ensure there is an understanding of the data available. Basic statistical analysis and rule-based monitoring can be employed to begin this process. Organizations can focus on historical incidents and use that knowledge to deploy simple rules to monitor for similar behavior. Rules used by similar organizations could also be useful. Additionally, simple analyses could focus on one-dimensional outliers by looking at the highest and lowest values (e.g., login times outside of normal working hours, amounts significantly higher than average transaction amounts, orders with an unusually high number of items). By understanding these foundational elements, organizations lay the groundwork for more advanced techniques. An additional benefit is that with more traditional techniques, it is generally easier to consider elements as privacy and (data) bias.

Intermediate Stage: Experimenting with Unsupervised Models

Once the basics are well understood, organizations can move on to experimenting with unsupervised models. The goal here is to identify new patterns and anomalies without training systems on historical fraud cases. This is especially important for organizations that do not yet have historical fraud cases neatly labeled in a database. Additionally, unsupervised models focus on new patterns and help organizations remain vigilant for new typologies and the unknown unknowns. Algorithms like K-means clustering, Isolation Forest, and Local Outlier Factor (LOF) can be particularly useful within the domain of fraud and theft. For example, detecting unusual transaction patterns that deviate from historical data or similar product types becomes possible. These terms might seem complex, and it can be difficult to correctly implement such algorithms, but there are also many tools, like WEKA, that allow you to easily start with and test with such techniques. At this stage, it is also important to start tagging or labeling data so that supervised models can be employed when enough data is collected.

Advanced Stage: Leveraging Supervised Models

In the advanced stage, organizations can leverage supervised learning models to monitor behavior and transactions if there is enough labeled data. This involves training algorithms on historical fraud data to classify future transactions as relevant or not relevant. Techniques such as decision trees, random forests, and neural networks are effective tools at this stage. For instance, predicting potential employee theft by analyzing past incidents and identifying similar behaviors in current data can significantly enhance fraud detection efforts. When developing such models, the organizations also need to be aware of principles regarding the responsible usage of artificial intelligence.

Expert Stage: Implementing Process Mining

The expert stage involves using process mining to gain insights into business processes and detect deviations that may indicate fraud or at least instances that require further follow-up. A frequent example of process mining is the evaluation of the procurement process for deviations (e.g., order, sign-off, and delivery within the same minute). Process mining techniques allow organizations to visualize and analyze the flow of transactions, goods, or other artifacts and identify irregularities in processes. Although this is frequently considered a technical exercise, to fully benefit from such analyses, it is key to ensure that from the start stakeholders who understand compliance and how business processes should run are, included. Tools like Celonis or Disco make it relatively easy to start with process mining, but the real complexity with process mining lies in the correct data modeling to provide the tools with valuable information in the right format and structure.

Ethical Considerations and Privacy

While FDA and AI offer powerful tools for fraud detection, they also raise ethical and privacy concerns. Organizations must balance the need for security with respect for customer and user privacy. Ensuring that data collection and analysis comply with privacy regulations such as GDPR is paramount. Transparency about data usage and obtaining informed consent are critical steps in maintaining trust. Additionally, addressing potential biases in AI models is essential to avoid unfair targeting or discrimination.

Conclusion

The journey towards effective fraud detection through FDA and AI is a continuous process of learning and adaptation. By understanding their maturity level and progressively implementing more advanced techniques, organizations can enhance their security and better protect themselves against fraud. Balancing technological advancements with ethical considerations and responsible usage, ensures that organizations not only prevent fraud but also build trust and maintain their reputation. By embracing this journey, organizations can transform their approach to fraud detection, leveraging the power of data and AI to stay ahead of fraudsters and safeguard their operations.

KPMG Forensic provides services to help organizations build up their FDA capabilities. Want to know more? Visit the KPMG Forensic website via Forensic Services - KPMG Netherlands or contact us directly.

Empower your forensic consulting endeavors with AI-driven precision. Together, we can fortify defenses and uphold integrity in an increasingly digital world.

We will keep you informed by email.
Enter your preferences here.