IBM Counter-Fraud Management, Version 1.5, Feature Pack 1

Read Me First

This readme file is intended for IBM Software Lab Services to help deploy the IBM Counter-Fraud Management solution. It contains product information about the installation of Feature Pack 1 (FP1) and known problems, restrictions, and solutions for this release.

What's new in Feature Pack 1?

The following new functionality and important changes are contained in IBM Counter-Fraud Management, Version 1.5, Feature Pack 1.

Quickstart Analytics template
Provides the customer and implementation teams with a Quickstart Analytics template that contains the basic essentials for most analysis flows. There are two components to the analysis flows:
  1. Quickstart Analytics template, which is distributed as an IBM Integration Bus (IIB) pattern
  2. SPSS® Job Invoke Adapter, which is a deployable SPSS® BAR file

The user creates an instance of the Quickstart Analytics template specific to an industry use case. This instance is configurable with respect to the path for running specific SPSS jobs, the invoke queue, and criteria for generating case messages. The user also configures the SPSS Job Invoke Adapter to be a server-wide reusable component that communicates via queues with deployed instances of the Quickstart Analytics template and other analysis flows to run jobs.

More reports and improvements
FP1 includes new identity reports, which provide information on entities and role alerts contained in IBM InfoSphere® Identity Insight.
  • The Entity Resume report allows the user to explore summarized and detailed entity information and contains a drill through to more detail on role alerts for the entity.
  • The Role Alert Detail report displays alert information, which includes an alert summary, alert paths, and entity snapshots.

A new Investigator Dashboard displays information on investigations for a given investigator, such as the number of cases closed by case type, the close rate of an investigator versus all investigators, and case information for an investigator, including case IDs, statuses, and open/resolution dates. FP1 also includes improvements and additional measures on Analysis Flow Dashboard and Analysis Flow Detail reports.

IBM i2® Intelligence Analysis Platform Data Access On-Demand Connector

The IBM i2 Intelligence Analysis Platform (IAP) allows teams to work collaboratively by sharing information and decisions in real time. Adding support to access Counter Fraud Business Data allows customers to leverage additional information for investigating and analyzing potential fraudulent scenarios. This is made possible through the Counter Fraud Data Access On-Demand (DAOD) connector that is integrated into IAP. By using the DAOD connector, you can query information from the data source. Using the IBM i2 Analyst's Notebook Premium, you can explore the repository to query the Counter Fraud Business Data for information that can be added to any chart. This results in a more complete scenario that you can save and review in real time. In addition, you can filter Counter Fraud Business Data properties at various levels, allowing for a detailed search of specific information.

Counter Fraud Management (CFM) V1.5.0.1 begins integrating IBM i2 IAP fraud analysis tools with access to the Counter Fraud Business Data fact store objects. This is accomplished by mapping the data to items in the default IAP schema. Using the Intelligence Portal, an investigator or analyst can search the local repository, or Counter Fraud Business Data, by selecting the data source. In turn, the data source calls Counter Fraud Search Services, which accesses and filters the data for consumption and use in charts and copying into IAP.

Automated case creation process

FP1 provides automatic case creation based on the scoring result of each analytic. The Quickstart Analytics template provides a prebuilt interface to case creation, based on a threshold that can be configured at deployment.

Public REST services

Provides a set of public REST interfaces to Counter-Fraud Management. Anyone with access to the CFM system can call these interfaces; for example, IBM Software Lab Services or a third-party application. Tests are also available to ensure that the CFM system is operational. REST services tests are as follows:

  • Audit Test Project
  • REST Project Anaysis_Config
  • REST Project Fact

For more information about CFM REST services and data stores, access the product documentation (see Step 2).

Step 1: Evaluate hardware and software requirements

The official statements for hardware and software support for IBM Counter-Fraud Management are provided in IBM Counter-Fraud Management detailed system requirements. Ensure that you review new requirements for supported software, including:
  • Intelligence Analysis Platform (IAP), Fix Pack 1
  • FileNet® P8 Content Platform Engine, Fix Pack 3

Also, review the product license to ensure that you have the necessary authorizations to support a particular topology and that you understand the usage restrictions for all software components that are included with the product.

Step 2: Access the product documentation (IBM internal access)

The online IBM Counter-Fraud Management Information Center is available to members of the IBM Counter-Fraud Enablement Community. This online repository contains the latest installation documentation.

If you have a question regarding this product and how it works, post your question in the IBM Counter-Fraud Enablement Community Forum for a quick response. Additionally, it is a good idea to review FP1 Enablement Training and Education Content also provided in this community.

Step 3: Review known issues (IBM internal access)

Known problems, restrictions, and solutions are documented in the form of individual techdocs. As problems are discovered and resolved, the IBM Counter-Fraud Development team updates the knowledge base. By searching the knowledge base, you can quickly find workarounds or solutions to problems. To view known problems, see the IBM Counter-Fraud Management 1.5 techdoc query. Enter counter-fraud in the Search field and click Search to display release notes and relevant documentation. To view a document, click its number.

Step 4: Install the feature pack

To install FP1 (ID: HICMNA150) from IBM Fix Central, follow the instructions about deploying and installing Counter-Fraud Management components in the IBM Counter-Fraud Management Information Center. FP1 is a cumulative release that contains interim fixes and new features and functionality for Counter-Fraud components. It is not necessary to reinstall the base products.

In FP1, you can use a prebuilt HelloWorld BAR file to validate a CFM solution. This prebuilt sample is designed to run immediately and produce (sample) analyzed results. Because this sample flow provides faux, analyzed results, you can use it in end-to-end testing or system validation. For more information about verifying a CFM environment, see the IBM Counter-Fraud Management Information Center.

Program specifications

IBM Counter-Fraud Management V1.5.0.1 helps strengthen the response to fraud and financial crime, may strengthen compliance objectives, and can help maintain a positive customer experience. It helps enable enterprises to coordinate and manage fraud occurrence across affected lines of business to help ensure a robust and consistent response. Counter-Fraud Management helps enable line-of-business contributors to collaboratively construct rich insight into fraud occurrence by assisting subject matter experts to progressively engage in four diagnostic activities:
  • Detect: Detection is used to check customer, account, or transaction data. This data is compared to data and insights that come from cases that are known to be fraudulent based on input from the users. This capability helps enable the identification of suspicious transactions before they are completed, while valid transactions are paid quickly and with greater confidence.

    Detection uses the intelligence that was identified during the discovery and investigation processes. When fraudulent activity patterns appear in a business process, they are recognized and highlighted for further analysis by the investigations team.

  • Respond: Response helps stop undesirable activities by demonstrating to potential perpetrators that there is suspicion of fraud, and that the risks associated with the transaction are high. It helps encourage fraudsters to abandon their planned schemes by showing that enough is known about the scheme to put them in jeopardy.
  • Discover: Discovery is the process of identifying new fraud patterns in big data by using a rich set of analytic capabilities. These capabilities support the investigation of specific instances of fraud and help identify new instances that were not previously detected. This information can then be encoded as business rules, predictive models, anomaly detection models, and entity analysis models. These models can then be deployed into operational systems for real-time, near-real-time, or batch-processing, fraud detection.
  • Investigate: Investigation is the process of running and managing deep inquiries into suspicious activities. It also supports the compilation of evidence and provides the thorough analysis that is required to help finalize decisions that are based on identified suspicious activity. It includes the management of the resources and workflow that is associated with the analysis, investigation, and disposition of cases. The process results in the assembly of evidence that can be used to build cases for prosecution, recoveries, or denial of payments and help drive system and process changes to avoid repetition.
The Counter-Fraud Management offering can:
  • Help improve profitability by reducing loss write-off.
  • Strengthen fraud response by helping to construct rich information as a potential basis for prosecution.
  • Support compliance objectives by demonstrating robust fraud management processes.

Further, by improving the accuracy of fraud identification, enterprise resources can be more accurately focused on high-propensity fraudulent activity while confidently protecting the genuine customer experience to help improve customer satisfaction.

DESCRIPTION

Counter-Fraud Management delivers an integrated solution that provides four implementation entry points to support detection, response, discovery, and investigation that can be further integrated with existing systems to provide or improve line-of-business-specific, counter-fraud capabilities.

IBM Counter-Fraud Management provides a holistic solution for countering fraud, financial crimes, and improper payments, that includes the following:

  • Statistical and predictive modeling: The modeling capability is used to help identify suspicious and anomalous activity and to prioritize investigations. Domain expertise and advanced analytics are combined to recognize suspicious and anomalous transactions as they occur. Integrating this capability in your operational processes strengthens the prevention of undesirable transactions. Your investigation team is alerted to high-risk interactions, where transaction information is combined with extra relevant content to help uncover and visualize the fraud.

    Furthermore, transactions that are not flagged as suspect can be identified and processed more quickly, aiding operational cost reduction and helping to exceed customer expectations.

  • Identity resolution: Identity resolution provides real-time assistance to predict and preempt financial crime by providing a comprehensive picture of a person. This picture includes who a person is, who they know, and what they do. Advanced recognition algorithms are used to extract entities from corporate transactional data and combine these entities with other data (for example, watchlists or social security records). These algorithms provide a statistically referenceable identity in situations in which criminals are attempting to conceal their identities. This data provides alerts early on in the transaction, helping to prevent high risk transactions. The data is also invaluable to the Investigation process, assisting the team to combine high-quality entity information with related content to document criminal activity.

  • Content Analytics: Unstructured data forms up to 80% of total enterprise content. Essential information is held in the notes field, emails, CRM systems, and other line-of-business applications that capture data. Not surprisingly, this content contains significant amounts of high value intelligence to support fraud and financial crime investigations. Connecting your analysts and investigators directly to this content provided by the users has real operational advantages. The investigation team can use Content Analytics to turn this vast, unstructured data into insights that support their investigation.

  • Link and social network analysis: This analysis helps reduce the time, cost, and complexity that is associated with fraud investigation. Critical insights and usable intelligence can be distilled from vast, seemingly unrelated data to support the investigations to help protect an organization’s reputation and revenue.

    A distributed and collaborative investigation helps combat current, complex threats. Evidence is provided in various visual formats that can be used to assist repudiation, recovery, and prosecution.

  • Case management: The case management capability supports the entire stakeholder community to:
    • Help manage case, tasking and auditing;
    • Provide documentary evidence to support recovery, repudiation, and prosecution;
    • Deliver operational dashboards, and support ad hoc workflows that help drive and manage the investigation process.

  • Operational systems and data integration: The Counter-Fraud Management solution is integrated with the business applications and transaction systems that deliver customer service to clients. These applications and systems are analyzed for inappropriate activities.