Fraud is a regularly recurring topic on the front pages of the newspapers. The outrage among politicians and citizens is invariably large, because it is often about public money. The indignation does not surprise me. But what I find disturbing is that all kinds of data analysts claim that they can discover fraud with some clever queries. What an optimistic view of the world.
Know the law and be ethical
Fraud detection activities are limited by law. This prevents anyone just crawling through data looking for abnormalities without reasonable cause. With personal data now protected under the GDPR, these limitations have become even more strict. From a legal perspective, any data processing requires legal approval and a specific, explicit, and legitimate purpose that restricts the use of that data. Combining data with other, external data sets can also be problematic. What is technically possible is not always feasible or even legal.
A fraud detection system needs to be ethical as well as legal. Data analytics are all about statistics, which means errors are inherent. How do data analysts deal with these (Type I) errors? And who is at fault when someone is wrongly accused?
Data isn’t the full story
Your data isn’t the whole story, not even a shadow in a cave, to reference Plato. Personal data can only be collected and kept for predefined purposes, which mostly revolve around enabling business processes, not fraud detection, and analysts cannot gather more data than they strictly need.
Good fraudsters know that no process is foolproof – there are always blind spots that can be abused. Fraudsters follow the process as required, but they also know the loopholes and exceptions. In other words, the data set may look innocent even when fraud is happening.
In most cases, there’s an external event that triggers fraud detection. Most commonly, it’s someone that talks too much. Take care of your whistle-blowers, they might point you to more serious fraud cases than petty crimes data analytics usually reveal.
Be humble and reflect on your actions
In China, the social credit system is gathering pace. In the end, all Chinese citizens’ behavior will be monitored. If it’s within the lines drawn by the government, they’ll get benefits, if it’s not, they ’ll be excluded from basic services. Data analytics will make all this possible, but is this the society we want to live in?
What are the potential side effects of claims that massive data analysis is the cure for fraud? If we are monitoring everyone’s personal data for anomalies, in other words, possible fraud, what kind of community are we creating? A place where exceptions are suspicious, where you need to be mediocratic to have a pleasant life.
Fraud prevention limits our freedom. An invisible eye monitoring every single transaction we make could be one of the greatest, and least expected, threats to freedom we have ever encountered. A world without fraud is a utopian concept, but also a prison I don’t want to live in.