63 rd RBAP Annual National Convention and General Membership Meeting Cebu City 24 May 2016 www.pwc.com
63rd RBAP Annual National Conventionand General Membership Meeting
Cebu City24 May 2016
www.pwc.com
PwC 2
PwC
Stark realities of Fraud
3
J.P. Morgan Advisor Admits Stealing $22MFrom Clients
Seniors lose $36.48B each year to elderfinancial abuse
Card fraud costs the US billions each year
Payment card fraud cost the US $7.9 billion lastyear alone, an increase of almost 60% from fiveyears earlier…. In 2014, the US generatedalmost half of the world’s total card fraud despiteonly comprising one-quarter of transactions.That's because the US had the least securepayment card ecosystem.
U.S. charges three in huge cyberfraudtargeting JPMorgan, othersU.S. prosecutors on Tuesday unveiled criminal charges accusing threemen of running a sprawling array of hacking and fraud schemes,including a huge 2014 attack against JPMorgan Chase & Co, thatgenerated hundreds of millions of dollars of illegal profit.
Prosecutors said the enterprise dated to 2007 and included pumpingup stock prices, online casinos, payment processing for criminals, anillegal bitcoin exchange, and at least 75 shell companies and accountsaround the world.
FBI: $1.2B Lost to Business Email ScamsThe FBI today warned about a significant spike in victims anddollar losses stemming from an increasingly common scam in
which crooks spoof communications from executives at the victimfirm in a bid to initiate unauthorized international wire transfers.According to the FBI, thieves stole nearly $750 million in such
scams from more than 7,000 victim companies in the U.S.between October 2013 and August 2015.
City Odds Capital Director Charged in $78 MillionPump and Dump Scheme
Citi May Face$872M Charge
over AIB RougeTrader Suit FBI: Public & Private Sector Officials at Risk
for Social Engineering to Gain Access toVictims’ Data
Fraud threats and attacks are becomingly increasingly common and impact brand, competitive advantage, and shareholder value.
PwC 4
1,5
50
1,7
26
1,9
51
2,2
25
2,5
75
3,0
15
3,5
71
10.0%
11.4%
13.0%
14.0%
15.7%
17.1%
18.4%
0.0%
2.0%
4.0%
6.0%
8.0%
10.0%
12.0%
14.0%
16.0%
18.0%
20.0%
-
500
1,000
1,500
2,000
2,500
3,000
3,500
4,000
2013 2014 2015 2016 2017 2018 2019
Market Size Growth Rate
Expected to reach US$3.6B billionby 2019, growing at an averageCAGR of 15.6%, as compared to5.6% for AML
This includes fraudauthentication, analytics,reporting & visualization, andGRC
Source: Markets and Markets; CAGR is 2014 to 2019; excludes insurance
Global fraud detection and prevention market revenue in banking& capital markets sector
PwC
PwC’s Financial Crimes Unit (FCU)
5
PwC's Financial Services Financial Crimes Unit (FCU) provides a holistic and integratedapproach to navigating financial crimes. Four key areas collectively form the foundationfor our financial crimes approach:
1) Cybersecurity, 2) Anti-Money Laundering and Sanctions (AML),3) Fraud, and 4) Anti-Bribery and Corruption.
Financial crime is a major threat to the safety and soundness of financialinstitutions worldwide. As a result, it has become a top agenda item forThe White House, Regulators, and both the Boards and CEOs of majorfinancial institutions.
Deep subject matter expertise and industryexperience— Led by Former Deputy Director ofthe FBI, Sean Joyce, the FCU is comprised ofmore than 300 professionals with experience asformer forensic investigators, regulators,law-enforcement officials, national securityofficials and seasoned consultants.
Strategic alliances with key vendors—Our numerous relationships with key vendorsenhance engagement efficiency and technologyimplementation; these include Tanium, IronNet,FireEye and Securonix (to name a few).
Innovative and efficiency gaining tools—We have a repository of tools andaccelerators help our clients addresstheir various financial crime challenges;including Game of Threats, Computer-Assisted Subject Examination andInvestigations Tool (CASEit), ourSanctions investigations forensics toolkitand our fraud threat library and our fraudrisk assessment apps.
Unparalleled knowledge of industryleading practices—PwC has assisted manyof the largest global, US and regionalinstitutions across the banking & capitalmarkets, asset management and insuranceindustries to fully address the complexbusiness issue of financial crimes fromboard-level advice and strategy throughexecution.
Cybersecurity
Anti-bribery& corruption AML
Fraud
FCU
Our team and our approach combines:
PwC
Fraud prevention building blocks
6
Fraud ProgramAssessment
Fraud ControlsDesign
EffectivenessAssessment
FraudTechnology
Fraud Analytics
FraudInvestigationsand Readiness
Fraud ControlsDesign and
Effectiveness
Fraud Program andOperating Model
Fraud Risk
FraudTechnology
Fraud Analytics
Fraud Investigationsand Readiness
PwC
Fraud Program and Operating Model
7
Approach Deliverables Samples
Assess Key PerformanceIndicators (KPIs) for the anti-fraud program and operations
Leverage Fraud ProgramAssessment Framework andbenchmarks
Evaluate the governance ofenterprise-wide anti-fraudinitiatives as well as day-to-dayfraud management
Create future state modeldefining the 1st, 2nd, and 3rd
lines of defense
Assess and improve policyincluding whistleblowerhotlines, code of conduct, andanti-retaliation policies
Benchmarking & Peer Comparison
Maturing Model
Current State Observations (KeyThemes) & Recommendations
Magic Quadrant
Prioritized Recommendations
Target Operating Model
Future State Org Chart and StaffingModel
Implementation Roadmap
WM
ISG
Support Functions
Legal ComplianceWM/ISGBusiness
WM/ISG RiskWM
Field/BranchWM Ops
CorporateSecurity
TIR GBT WM Tech ICTOperational
RiskSSBO Call Centres
ISG ProductOps
AML - FIU
OperationsRisk
Branch Ops
Governance
Fraud Steering Committee Fraud Working Groups
Head of Enterprise Fraud*
Mission and Vision
1
Fraud OperationalStrategy
Fraud Budget Success Criteria
Capabilities
Fraud Alert Vetting++
Alert VettingCase
Management
Metrics (KPIs)
Maintain AlertPlaybook
Fraud Change The Bank++
Fraud Risk Assessment (Second line of Defence)
Fraud Analytics and Reporting
New ProductApproval (NPA)
Fraud Technology
QualityControl
Fraud InitiativesCoordination
Fraud ProgramManagement
Fraud Compliance (Second line of Defence)
Fraud solutionsDevelopment
Coordination with otherTechnology teams
Fraud SystemsMaintenance
6
2
4
3
8
5
Fraud TechnologyStrategy
Compliance testingRegulatory guidance
Fraud Policy (Second Line of Defence)
Periodic FRA OversightPeriodic Controls Review
7
Root CauseAnalysis
Threat & TrendAnalysis
MIS Reporting
Communication &Training
RulesOptimization
MaintainRulebook
PolicyDefinition
PolicyEnforcement
NPA Oversight
Target Operating ModelMagic Quadrant
Prioritized Recommendations
Maturity Model
Assess the fraud program and operating model top-down, including performance metrics, design, and policy. Provide a vision for a targetstate operating model, and a roadmap to achieve, taking into account the institutions priorities.
Peer Comparison
PwC
Fraud Risk
8
Approach Deliverables Samples
Evaluate and prioritize fraudthreats based on historic,known, and emerging fraudtrends
Estimate severity andlikelihood of fraud risk events,and inventory existingmitigating factors
Quantify the impact of existingcontrols in order to assessresidual risks and recommendnext steps
Leverage PwC’s FraudTaxonomy and Threat Libraryand other accelerators
Fraud Risk Assessment (FRA)Methodology
Fraud Threats Library
Risk Scoring Model
FRA Questionnaires
FRA Control Library
FRA Heat Maps of Risks
Residual Risk Prioritization
FRA Final Report &Recommendations
Informs our client of their inherent risks, provide a framework to quantify the impact of the control environment relative to those risks,and derive inherent risk, and possible areas for improvement and where to make future anti-fraud investments
Residual Risk PrioritizationRisk Scoring Model
PwC
Fraud Controls Design and Effectiveness
9
Approach Deliverables Samples
Evaluate the design of existingcontrols and procedures;including end-to-end processflows
Assess procedures relative toanti-fraud policies
Apply analytics to assess theeffectiveness of controls and toidentify opportunities forimprovement
Perform “penetration testing”to further assess the efficiencyand effectiveness of currentcontrols
Provide tactical (e.g., new rulesor processes) and strategicrecommendations
Business Process Flows (for fraudprocesses and controls)
Fraud Controls Testing Plan
Fraud Control EffectivenessAssessment
Fraud Control Evaluation
Assessment Dashboard
Tactical and StrategicRecommendations
Detailed assessment and evaluation of anti-fraud processes and controls relative to identified risks in order to identify weaknesses andareas for improvement; provides a forward looking strategy for improving controls.
Fraud Control EffectivenessAssessment Dashboard
Threats Library
Field (WM) / Front Office (ISG) Operations Tech & Data Legal & ComplianceCorpServ.
ORD
Fraud Alert / CaseType
Branch/ FrontOffice
CallCenter
GSPSClient
SolutionsBU Risk
FraudOps
FraudAnalytics
PBORisk
BankingOps
CashMgmt.
PaymentSupport
TIR -Online
Security
TIR –iRespond
WMTech
ICTComplia
nceSIU*
Enterprise Legal
BCL EDRCorp.
ServicesOp. Risk
1 Log-Ins: MSO R R A R C R I
2 Log-Ins: BA R R R A R C R I
3 Log-ins:BigDog R R R A R I C R I
4 Pump & Dump R R R A R R I C C C R I
5UnauthorizedTrading (ISG) R R A R I R R
6 EPS Fraud Rules R A R R R R I R I
7 CHAD R R A R I I C C C R I
8 Wires: Branch R R R A R R R I I C C C R I
9 Wires: BA R R R R A R R R I I C C C R I
10 ACH: Branch R R R A R R I I C C C R I
11 ACH: BA R R R R A R R I I C C C R I
12 ACH: MSO R R R A R R I I C C C R I
13 Checks: Branch R R R A R R I I C C C R I
14 Checks: BA R R R R A R R I I C C C R I
15
AAA Check &BillPay:
FraudGuardR R R A R R I I C C C R I
16 Bill Pay: FraudNet R R R A R I I C C C R I
17 Card I I A R I I C C C R I
18UnsolicitedNewAccounts R A R I C R I
19 ReturnedDeposits R R A R I C R I
20 Money Movement R R A R I C R I
21 iRespondFraud R R A R C C C R I
Controls Evaluation
Business Process flows, fraudrisk and controls
PwC
Fraud Technology
10
Approach Deliverables Samples
Perform Current StateAssessment
Gather Business Requirements
Perform Vendor Selection
Implement RelevantTechnology Solution
Post Implementation Testing
Collaborate with Vendors (forJBR firms)
Current State TechnologyInventory
Technology Roadmap
Vendor Selection Scorecard
Business Requirements Document(for any new implementations)
Functional RequirementsDocument
Test Plan and Test Scenarios
Enable clients to inventory existing tools and their effectiveness; inform clients of the specific tactical and infrastructure needs forimplementing new technologies; empower clients to effectively evaluate new solutions; help clients implement technologies and controls.
Technology RoadmapCurrent State Systems Inventory
Vendor Selection Scorecard
Business and FunctionalRequirements Documents
PwC
Fraud Analytics
11
Approach Deliverables Samples
Develop analytical models fordifferent Fraud trends,patterns, segmentation, andfeedback loops
Build reporting andmonitoring dashboards fordescriptive, diagnostic,predictive and prescriptiveanalytics
Test data lineage, evaluate dataquality, and perform modelvalidation
Reporting and Visualization
Root Cause Analysis Procedures
Customer Segmentation and RiskScoring Model
Model Validation andEnhancements
False Positive Analysis
New Rules and Models
Help clients implement improved Fraud Analytics functions to more effectively monitor and improve their programs on an ongoing basis,including reporting, root cause analysis, control testing and optimization, and innovation.
PwC
Fraud Investigations and Readiness
12
Approach Deliverables Samples
Conduct reactive fraudinvestigations and root causeanalyses
Create incident readiness andresponse plans, includingtactical remediation and crisismanagement
Help institutions assess andimprove their internalinvestigative capabilities,including desktop procedures,case management, technology,analytics, and datamanagement
Improve Fraud awareness,including training, tone-at-the-top and regulatorycompliance
Forensic Reporting & Findings ofhigh profile events
Fraud Response Playbook
On-Call Forensic Retainer
Operating model, and roadmap forimproved fraud investigativefunction.
Provide on-call forensic investigation response to high profile fraud and other risk events; help institutions assess and improve theirinternal fraud investigative function.
Expense Analysis Link Analysis
Entities Analysis Flow of Funds Analysis
PwC
Sample control points – customer deposit account fraud
13
• Spoofed websitemonitoring
• App StoreMonitoring
• Monitoring of “darkweb” sites forDiscover customercredentials
• Customer andemployee education
• Social mediamonitoring
• CIP and proof ofidentity
• Authentication e.g.,“out-of-wallet”questions
• Data sharing/consortium basedscreening
• Analytics andcustomer/ acct riskscoring
• Online sign-in tocounterparty bank
• Micro-deposit fromoriginating account
• Consortium basedscreening
• Enhanced deposithold policy
• Adaptiveauthentication
• Out of band
• Voice, fingerprint,and iris recognition
• User gesturerecognition
• Hard/ soft token
• Security questions
• Call center/ IVRanalysis
• Trusted deviceidentification
• Geo location basedpre-authentication
• Clickstream analysis
• Payee nameverification (PNV)
• Positive pay
• 4 eye review
• Rules-basedtransactionmonitoring
• Predictive modeling
• Alert/ casemanagement
• Identification andmaintenance ofFraud cases andrelated KRIs, KPIs
• Maintain list ofreviewed/ existedcustomers
• Controls to preventre-entry of exitedcustomers
• Statistical analysisof Fraud event KPIsto derive new orenhance existingcontrols
• Cyveillance• Kaspersky Lab• myNetWatchman• Phishlabs
• Andera• ChexSystems• Early Warning• Equifax• EFiserv• CashEdge• Idology• Experian• LexisNexis• Teletrack• TransUnion
• Andera• CashEdge,• Forte Payment
Systems
• RSA Adaptive• Agnitio Voice ID• BioCatch• Nuance• Pindrop Security• Equifax• Experian• LexisNexis• TransUnion
• CheckFree• Crealogix• Entrust• IBM Trusteer• Iovation• iDetect• Kaspersky Lab• ThreatMetrix• TrustDefender• Silver Bullet’s
Ranger
• Actimize• iDetect• Intellinx• FICO Falcon• BAE Systems• RSA Adaptive• SAS• Memento• Guardian Analytics
• ActimizeEnterprise CaseManager
• BAE Systems• IBM BPM• iDetect• Intellinx• SAS
• IBM (SPSS)• SAP• SAS• Teradata• Theta-ray
Account
OpeningAuthentication Payment
Case
ManagementDeposit Activity
Identity verificationBiometric, out ofband, knowledge
based
Non financialbehavioral, endpoint
malware detection
Funding sourceverification
Transactionmonitoring
Fraud event trackingand record keeping
External Threat
Management
App store / dark webmonitoring
Analytics
Controlenhancements
PwC
Qualifications and memberships:
• University of Minnesota, Minneapolis
• MBA in Management Information Systems and Finance
• BS in Management Information Systems
• Project Management Professional (PMP), ProjectManagement Institute
• Certified Management Consultant (CMC), CanadianAssociation of Management Consultants
Professional background:
• Sam, a secondee from PwC New York, brings eighteenyears of experience in data analytics, anti-moneylaundering, anti-fraud, regulatory compliance, customerrelationship management (CRM), consumer lending,collections, and risk management. His backgroundincludes broad range of financial information systems andapplications covering retail banking, wealth managementand capital markets in North America, Europe, and Asia.
Speaker’s profile
Sam SamodDirector
Tel: +66 6-1417-4424Email: [email protected]
Relevant experience:
• Developed a reference architecture to consolidate and aggregate enterprise data at one of the top banks in Canada.Leveraged Oracle Financial Services Analytical Applications (OFSAA) Framework for data aggregation and reporting toensure compliance with BCBS 239.
• Managed a Fraud Analytics workstream at a large global wealth management institution. Developed a fraud taxonomyand use cases for the proof-of-concept and the strategic roadmap. Demonstrated benefits of analytics to introduceadditional controls and optimize existing detection rules. Identified data requirements to support use cases specificproducts and channels.
• Conducted Customer Risk Rating model calibration at a leading commercial bank. Reviewed algorithms and riskdimensions of GlobalVision’s Patriot Officer. Developed an approach to calibration the model and adjusted one of the riskdimensions to reduce false positives. Realized 20% reduction in the total high risk population and 82% reduction in thenumber of alerts.
• Led an algorithm development team on an AML Look Back project at one of the Fortune 500 financial services firms.Assessed transaction monitoring requirements and mapped them back to key data elements. Identified key risks,performed statistical analysis, generated alerts, and recalibrated final algorithms based on investigations feedback.Aligned processes with IT solutions including Aster, SAS, and Actimize.
• Led Data Analytics workstream in a multi-phase engagement to enhance AML transaction monitoring for CapitalMarkets with initial focus on wires and trade finance transactions. Conducted data mapping and assess data qualityaccording to Oracle Mantas data ingestion requirements to drive alert generation, scenarios tuning, workflows, and userinterfaces. Developed SAS Analytics environment to generate alerts based on custom scenarios.
• Managed high priority multi-workstream projects to centralize AML technology and business processes of all a globalbank’s Private Banking, Wealth Management, and Capital Markets business units globally.
14
Thank you!
This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication withoutobtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted bylaw, PricewaterhouseCoopers LLP, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, inreliance on the information contained in this publication or for any decision based on it.
© 2016 PricewaterhouseCoopers LLP. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers LLP which is a member firm of PricewaterhouseCoopers International Limited, each memberfirm of which is a separate legal entity.