Fraud and Financial Crime Management
Gain protection and peace of mind with Bottomline's fraud prevention solutions for financial institutions
Bottomline Technologies’ Fraud and Financial Crime Management suite of solutions is an innovative end-to-end enterprise fraud management solution which provides a unique combination of comprehensive data capture combined with cross channel analytics and real-time alerting. This allows organisations to reduce risk, prevent fraud and meet regulatory compliance requirements through a highly extensible and flexible platform that delivers unparalleled fraud protection.
The fraud platform is designed in a modular way that enables frictionless deployment of new functionality in order to meet varying use cases.
Bottomline’s Secure Payments solution protects payments across a variety of applications, channels, and payment types. Whether it is one business-critical application, channel and payment type, or a variety, our highly flexible and extensible platform delivers proven protection against payment fraud through advanced analytics of user behavior and transaction flows layered with intelligent machine learning, reducing risk for some of the largest corporations and financial institutions in the world.
Bottomline’s Enterprise Case Manager solution is designed to simplify and streamline the risk management and fraud detection process, along with the various regulatory processes that accompany these efforts. The solution integrates across multiple systems and enables users to track all alerts and cases regardless of their source application. When violations are found, the system helps to automate the filing of Suspicious Activity Reports (SARs) to government agencies.
Bottomline’s Compliance solution provides corporations and financial institutions with a powerful end-to-end offering to accelerate the speed to achieve regulatory compliance requirements while decreasing complexity. Whether the need is around modernising an anti-money laundering program, achieving more reliable sanctions screening, improving payments monitoring, highlighting settlement exposure, or automating suspicious activity reporting to meet regulatory requirements, Bottomline’s Compliance solution offers a modular approach to reducing the cost of compliance and increasing productivity
Bottomline’s Insider and Employee Fraud solution quickly identifies and stops anomalous user activity through intelligent machine learning, rules-based detection, and years of experience protecting some of the largest corporations and financial institutions in the world. The solution captures all user behavior in real-time across all vital systems and provides protection for both external threats in which user credentials have been compromised and internal threats from authorised users.
The Insider and Employee Fraud product is a pre-packaged solution suite designed for financial institutions. It is specifically designed to identify and track suspicious employee activity by monitoring each action a user makes and analyzing those actions for unusual behavior and key risk indicators.
When an employee action or pattern of actions are deemed by the analytics as potentially fraudulent, an alert is created for compliance officers to review and investigate. These analytics take a variety of different factors and data points into account and because the system monitors real-time actions, as well as historical data, it can capture a variety of different fraud schemes while reducing false positives.
As the system monitors employee behavior, it builds an understanding of what is normal for each specific employee and how their behavior compares to that of their peers. This helps to surface suspicious activity without introducing unnecessary false positives. For example, if one employee is designated to only work with VIP accounts you would not want alerts going off every time that employee accessed a VIP account. Instead the system would learn that this is a false positive and add that to its understanding of what is normal for that user. Similarly, this process can be used to identify suspicious behavior. For instance, if a user normally looks at a few records a day but then begins viewing a significantly higher volume of records this could be flagged as suspicious activity for a compliance officer to investigate.
The solution’s analytics have been refined over years of experience working to prevent insider and employee fraud across multiple instances. As a result, the solution is able to identify over 100 different scenarios that have been proven to indicate insider fraud activities. Bottomline is able to work with customers to tune the analytics to help focus on the scenarios that are deemed most important with each implementation.
All alerts generated by the system are displayed in the Investigation Center where they can be tracked and managed by compliance officers. Alerts contain critical data such as the details of the scenario that triggered the alert. The alert also provides additional information such as previously related alerts and other historical data that could be useful for the investigator. This combination of information provides all the relevant information required to begin the investigation process and quickly come to a resolution.
The solution can capture user data through a variety of methods including APIs, MQ, network sniffing, and log capture. As data is gathered from the monitored application, it is passed to the analytics engine for evaluation. This evaluation can be performed in real-time or through an overnight batch process depending on the scenario and solution deployment. If the solution deems any user activity to be a policy violation or generally suspicious, then an alert is generated and an email is sent to the assigned investigators for further evaluation.
These tools include:
Investigators can replay the exact screens the user saw and the actions they took including view-only actions which are not captured in many audit logs. This provides powerful forensic evidence for understanding why an action was taken and if it was legitimate.
The cross-platform search allows investigators the ability to search any term across any monitored application. For example, to find all users who accessed a specific customer account within a specific timeframe. This search can be easily performed on recorded data from a specific platform or on data recorded from several platforms.
The solution is able to report on myriad data including user actions, generated alerts and any other data related to defined entities in the system. A number of pre-configured reports are available to go along with a robust custom reporting engine.
At this point, the investigator can choose how to best resolve the alert by marking it as:
If further investigation is required in order to determine the cause of the fraudulent or suspicious event, the users can take advantage of the Case Management functionality within the Investigation Center. Further information about Enterprise Case Management is available.
The analytics engine provides a data model which supports advanced calculations and correlations in real-time. The data model can maintain static and dynamic information on various types of entities including employees, accounts, customers and others. The data captured by the system from various sources is sent to the analytics engine in a normalised way, so the data can be captured in a way that is transparent to the analytics engine.
Our analytics engine uses a layered approach that looks at past data trends while continuously identifying new anomalies within the data and incorporating investigator feedback into its evaluation criteria. This approach enables customers to get immediate time to value by detecting known bad behaviors while also continuously adapting to emerging threats and refining risk scoring to reduce false positives.
During initial implementation and onboarding, pre-configured analytics are deployed based on the use cases under consideration by the customer. These analytics are based on the library of scenarios available within the Insider and Employee Fraud solution or can be configured on a custom, case-by-case basis as needed. For some use cases, this enables the solution to immediately begin identifying high-risk behavior. This is typically able to occur with more binary use cases, such as policy violations.
In parallel, as the system begins to monitor user behavior it also begins to understand what is normal for employees. As these baselines are established, the solution will begin to raise incidents on a wider range of scenarios. This could include a user performing action more often than they typically do within a work day or a user performing an activity that is not typically performed by someone with their same role.
In addition to identifying known scenarios and anomalous behaviors, Bottomline’s Fraud and Financial Crime Management solutions incorporate machine learning to further refine their analytical capabilities and increase fraud detection capabilities. The solutions utilise supervised and unsupervised learning techniques in order to maximise the analytic capabilities of the solution. Machine learning enables the analytics engine to discover previously unknown anomalies, reduce false positives and continuously refine the analytics based on user interaction with the generated alerts.
These machine learning capabilities are particularly effective as they leverage the depth of fraud detection expertise that the solution provides. All machine learning algorithms are built to leverage expert-defined features within the data while also building in insights from the high-risk behavior and policy violations identified by the standard analytics engine. By leveraging these data points, Fraud and Financial Crime Management is able to provide more insightful and meaningful results for compliance officers.
The Insider and Employee Fraud solution can be deployed across different channels and applications. Customers can elect to deploy a single use case or multiple and all user activity is aggregated into the same Investigation Center for a consistent user experience and streamlined investigations. The following use cases represent a sample of the types of scenarios that the Insider and Employee Fraud solution is capable of identifying for customers. All use cases are refined through the incorporation of machine learning as supervised models improve risk scoring models in the analytics and combine with new outliers found through unsupervised learning.
Account has monetary transaction(s) of a certain category with a large total amount
Account has monetary transaction(s) of a certain category with a large total amount
Account is logged in multiple times from multiple different IP addresses at once
Logging in from new IP address
Logged in from an implausible geo-location based on last login time and place
Deviation from normal working behaviors (e.g., off-hours inquiries, examining other departments’ accounts, inquiring on accounts from other states/ regions/countries)
Employee logged in without swiping badge
Explore the four key insider fraud trends impacting organizations and how you can build your internal fraud prevention strategy.
Our solution experts are here to help.+44 118 925 8250
Chat with one of our solution experts. We'll recommend the right product to fit your needs.
Tell us a bit about you and your business and we’ll get back to you with all the information you need.