Robbing the Casket, What Happens In Vegas, and Railroad Ripoffs: Selected Financial Crimes Snapshot 12/21/2013

To all of our readers… Have a great Christmas season and see you in 2014!
Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Another case of worker’s compensation premium fraud. You may recall my previous post on this subject. It’s worth reading.
You’ve heard of robbing the cradle. This is robbing the casket, I suppose…
He’ll have 8 years to choo choo choose a new way to make a living…
What happens in Vegas… Stays in a federal penitentiary.

Part 2: Investigating the Investigations – X Marks the Spot

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Part One of this series is HERE.
Most of the financial crimes investigators I know live in a world where they dream of moving things from their Inbox to their Outbox. Oh, like everyone else, they also dream about winning the lottery, flying without wings, and being naked in public. But in terms of the important roles they perform within both public and private sectors, there is simply Investigating (Inbox) and Adjudication (Outbox). Getting there requires a unique blend of their own capabilities, the availability of data, and the technology that allows them to operate. In the diagram below, ‘X‘ marks the spot where crimes are moved from the Inbox to the Outbox. Without any of those three components, an investigation becomes exponentially more difficult to conclude.
In part one of this article two weeks ago, I wrote about the Investigation Management & Adjudication (IMA) side of financial crimes investigations. I coined that term to call out what is arguably the most integral component of any enterprise fraud management (EFM) ecosystem. The original EFM overview is here.

   “The job is almost unrecognizable to those who once used rotary phones in smoke filled offices…

Twenty years ago, IMA was based primarily upon human eyes. Yes, there were technology tools available such as Wordperfect charts and Lotus 1-2-3 spreadsheets, but ultimately it was the investigator who was tasked with finding interesting connections across an array of data elements including handwritten briefs, telephone bills, lists of suspect information, and discussions with other investigators. The job got done, though. Things moved from the Inbox to the Outbox, arrests were made and prosecutions were successful. Kudos, therefore, to all of the investigators who worked in this environment.
Fast forward to today, and the investigator’s world is dramatically different. The job is the same, of course, but the tools and mass availability of data has made the job almost unrecognizable to those who once used rotary phones in smoke filled offices. Organizations began building enterprise data warehouses designed to provide a single version of the truth. Identity Resolution technology was implemented to help investigators recognize similarities between entities in that data warehouse. And today, powerful new IMA tools are allowing easy ingestion of that data, improved methods for securely sharing across jurisdictions, automated link discovery, non-obvious relationship detection, and interactive visualization tools, and -importantly – packaged e-briefs which can be understood and used by law enforcement, prosecutors, or adjudication experts.

     “Without any of these components, everything risks falling to the outhouse…

With all these new technologies, surely the job of the Investigator is becoming easier? Not so fast.
IMA tools – and other EFM tools – do nothing by themselves. The data – big data – does nothing by itself. It just sits there. The best investigators – without tools or data – are rendered impotent.  Only the combination of skilled, trained investigators using the best IMA tools to analyze the most useful data available results in moving things from the Inbox to the Outbox. Without any of these components… everything eventually risks falling to the Outhouse.
Kudos again, Mr. and Mrs. Investigator. You’ll always be at the heart of every investigation. Here’s hoping you solve for X every day.

Bananas, Politicians and Navy Blue: Selected Financial Crimes Snapshot 01/02/2013

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Be sure to check out “Investigating the Investigations” Part One and Two! In the meantime, here are this week’s weird headlines:
I can’t believe he tried to slip this one past investigators. Maybe he’ll win on a peel…
A dishonest politician?  Now I’ve heard everything!
He couldn’t just wait for Black Friday like everyone else?
Navy blue about this one…

Investigating the Investigations.

Posted by Douglas Wood, Editor.
A few years ago, I read a book called Fraud Analytics by Delena Spann.  Ms. Spann is with the U.S. Secret Service, Electronic & Financial Crimes Task Force. The book is an overview of investigation analytics with specific information about some former technology leaders in this area.
The IBM i2 toolset is discussed, along with offerings from Raytheon, Centrifuge, and SAS, and FMS’ Link Analytics, and others. (My friend Chris Westphal, formerly of Raytheon Visual Analytics, by the way, published his book ‘Data Mining for Intelligence, Fraud & Criminal Detection’ a few years ago and is another one I strongly recommend.)
Both books offer advice and use cases on how technology can be applied in the fight against crime. A few months ago, I summarized the types of technology being put to use as tools to prevent, detect, and investigate fraud and other criminal activities. (It’s worth a quick read.) What I’m investigating today, however, is… well, investigations.

“IMA is the most critical connection between technology and investigators.”

In my technology summary, I termed this area Investigation Management & Adjudication (IMA). IMA is the most critical connection between technology and humans within an enterprise fraud management ecosystem. Incorporating key elements of enterprise case management, collaboration, link visualization, information dissemination and knowledge discovery, this layer of functionality is designed to uncover insights which aid in investigating complex incidents. The result ought to be actionable visualization of critical entities, and documented results for potential litigation and regulatory compliance.
IBM i2 has long been considered a thought and market leader in this segment – deservedly or not. Palantir Technologies plays in this area as well. Perhaps no company is more in tune with this market, though, than Visallo with their leading investigation analytics platform. Each platform clearly adds value to investigation case management solutions by providing powerful, emerging functionalities that allow easy and intuitive consumption of data in any form. For investigators, the more data – and the easier that data is to consume – the better.

“Users want actionable intelligence, not endless queries.”

What makes for good IMA? A few things, actually. First among them is the technology’s ability to adapt to the way human beings think and act. Users want actionable intelligence, not endless queries. IMA tools, therefore, ought to interact with the investigator in a consultative way that a fellow investigator would. “Hey, have you thought about this, Mr. Investigator?” and “Maybe you should look at that.”
Second, IMA ought to have context. Technologies that simply point to two entities and say, ‘Hey these things look linked‘ are great but leave all of the thinking up to Mr. Investigator. The IMA tools that I like have contextual values associated to those links. ‘Hey, these things look linked AND here’s why that’s important’. Big difference.
Third, IMA should bring the investigations to closure. There are a lot of data mining tools out there that allow querying with case management. How, though, does the investigator get to the point where an investigation is solved and prosecutable? Once again, the most functional IMA products act the way humans do. They package up the results of the investigation in an easy-to-comprehend document that can be shared internally or with police. No loose ends.

“Every investigation ends with an investigator.”

Predictive analytics, big data, and real-time alert scoring are the current industry buzzwords. They should be. They’re important. At the end of the day, however, every investigation ends with an investigator. Putting the right tools in their hands is often the difference between success and failure in an entire enterprise investigation system.
That’s precisely what Crime Tech Solutions, LLC does. Please take a moment to look us over.
Part Two of this series is now available HERE.

Death Deterrents, Texas Teeth, and 'The Big Easy' Money – Selected Financial Crimes Snapshot 11/07/2013

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Chinese woman sentenced to death for fraud. Ouch. That’s definitely a deterrent…
70 year old Orthodontist sentenced to two years. Fraud laws in Texas have some real teeth in them…
Think they’ll throw the (school) book at her?…
New Orleans cops charged. To Protect and Serve (themselves)…

To 314(b) or not to 314(b)?

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
FinCEN today (November 1, 2013) released a fact sheet regarding data sharing between financial institutions under the Section 314(b) of the US Patriot Act.
314(b) provides financial institutions with the ability to share information with one another, under a safe harbor that offers protections from liability, in order to better identify and report potential money laundering or terrorist activities.  314(b) information sharing is a voluntary program, and FinCEN has always encouraged its use.
A few years ago, I spent considerable time looking at the overall 314(b) program. I interviewed dozens of Chief Compliance Officers (CCO) and AML/Fraud experts. I found that, despite the benefits to financial institutions – reduction of fraud loss, more complete SARs filings, shedding light on financial trails, etc – the program was not particularly well-utilized. The system, for all it’s good intentions, is very manual.
Imagine you are a 314(b) officer at a financial institution. Your job is to facilitate the data sharing amongst the community. So, much of your time is spent interacting with your CCO on which specific cases should be shared, and with whom. When you get that information, you open up you financial crimes investigation tools, and begin contacting your counterparts across the U.S. and asking them “Hey, do you know anything about Douglas Wood?” You’re calling the other officers completely blind with no idea whatsoever if they know Doug. In the meantime, your voicemail inbox is being flooded with other calls from other institutions asking if you know a bunch of other people (or entities).
Finding the institutions that know Douglas Wood is a lot like looking for a needle in a haystack… except you don’t know which haystacks to look in. The system too often grinds to a halt, despite some excellent work being done by 314(b) officers across the country. There has to be a better way, and some have proposed a data contribution system where financial institutions upload their bad guy data into one large third-party haystack, making the needle a little easier to find. As an advocate for the use of technology in the fight against financial crimes, I hope that model finds some success. The problem, of course, is that banks are LOATHED to put their data in the hands of a third party. Also, it’s typically up to each individual bank to decide if and when they choose to upload their data to be inter-mingled with other institutions. Far too often, it is not entirely reliable and not particularly current.
There is a better way. Several years ago, working with some tech-savvy employees, I envisioned a member-based 314(b) program where each institution maintained total control of their data. The model does not require individual banks to contribute their data for inter-mingling.  All ‘bad guy’ data sits and remains securely behind the banks’ respective firewalls. When an individual bank sends out a request to find out who, if anyone, may have information about a suspicious entity, the request is systematically sent out to all members using a secure network such as SWIFT, for example. That electronic search returns to the querying bank only a risk score which indicates the likelihood that another member is investigating the same entity.
No personally identifiable information (PII) is ever shared, yet the search is productive. The enquiring bank now knows that the person of interest was found in the bad guy data from other participating institutions. With this information in hand, the respective 314(b) officers can move their voicemail exchanges from “Have you ever heard of Douglas Wood” to “We’re both investigating Douglas Wood… let’s do it together.” The time-consuming, manual efforts are dramatically reduced and more bad guys are put away.
So if the question is to 314(b) or not to 314(b), perhaps the answer lies in data privacy compliant technology.

Drag Queens, Silk Road Shutdowns, and Video Killed the Real Estate Fraud – Selected Financial Crimes Snapshot 10/29/2013

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Perhaps there is no Spanish term for “lay low, fraudster”?
Feds take down “eBay for drugs” site. I wonder if “Buy it Now” was popular?
Drag Queen Shakedowns… Only on Bourbon Street.

Lottery Fraud – How lucky can you get?

Posted by Douglas Wood, Editor.
Two weeks ago, I wrote in this space about some interesting experiences I’d had working through Workers Compensation Premium Fraud at a government run program. This week, I received a fraud alert about a retailer being banned from ever selling lottery tickets, and it reminded me of a great exercise I underwent with a government run Lottery corporation several years ago.
Lottery retailer fraud is simple and widespread.  NBC Dateline ran a two hour episode several years ago, outlining the problem and going undercover to catch some bad guys in action.
In a nutshell, there are many unscrupulous retailers who outright lie to patrons when asked to check their numbers.  Joe the customer hands the ticket over to the clerk and asks her to see if it’s a winner. She scans the barcode and says “Sorry, Joe… you didn’t win“. Then, as Joe heads out the door, she picks the ticket up from the trash bin knowing full well that it’s a big winner. Here’s a real life example.
How bad is the problem? According to Dateline NBC, a Philadelphia retailer cashed eighteen lottery tickets in three months for a total of $45,000.  In New Jersey, a retailer cashed 105 lottery tickets for more than $236,000. In Illinois, it found one store where four employees and five of their relatives cashed a total of 556 winning tickets, for more than $1,600,000. In California, lottery investigators were seeing the same thing. In fact, in 2007, the five most frequent winners in California were retailers. One store owner in Los Angeles allegedly cashed 121 tickets for more than $160,000.
As a result of shrinking public trust and outrage, many lottery corporations have taken to more tightly scrutinize ‘winning’ ticket claims from lottery retailers. What, though, if the lottery clerk has her husband cash the ticket? Or her next door neighbor? How can you scrutinize large winning ticket claims without grinding the process to a halt?
That’s precisely where my customer was when they called me.
As with any fraud prevention program, the availability of data was of utmost importance as we scoped out the technology solution. The lottery corporation obviously knew who their retailers were (XYZ Groceries, ABC Petroleum, etc) but how did that help point to a specific Suzie Employee within that retailer? After all, companies weren’t cashing in winning tickets.  People were.
Well, we helped them realize that they had employee names as a result of the mandatory training they offered retailers for handling sales of lottery tickets. Each employee of a retailer was required to take a brief online course for certification purposes, and entered some of their personal data (name, date of birth) in order to begin the training.
That got us through step one – the employees. In order to get to the next level of culprit  (the family or neighbors of employees), we incorporated publicly available data into the mix.
Through a defined process of business discovery and problem resolution, we designed a process where individuals redeeming winning tickets above a certain value would be compared to the data of retail employees. If it was determined that a winner closely resembled a retail employee, an alert was automatically generated for investigators.
If a winner was determined to be closely acquainted to a retail employee via relationship-detection technology and public data, an alert was again generated. The specifics of how relationships were determined and analyzed won’t be disclosed for obvious reasons, but one example would be a shared address or telephone number.
This particularly lottery corporation was fortunate that they had a mechanism by which to collect employee data. In meeting with dozens of other Lotteries in the years since, I’ve learned that not enough of them have a similar process in place. Unfortunately, without that initial data set, it’s more difficult to detect this type of fraud.
In the case of my client, however, they began immediately seeing benefits in the new process and several fraudulent retailers were exposed. It was some very interesting work, and a cool exercise in problem solving for complex fraud.
Posted by Douglas G. Wood. Check out my site at www.crimetechsolutions.com

Shockers, Lawyers, and Worst Boss Ever – Selected Financial Crimes Snapshot 10/11/2013

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
Shipping a car to Nigeria? Seems like an awful lot of work for a fairly stupid scam…
SHOCKER! Online advertising is often fraudulent!
Why is it so darned hard to feel sorry for lawyers?
“Here’s your paycheck. Gonna need half of it back, though.” Worst. Boss. Ever.
Posted by Douglas G. Wood. Click on ABOUT for more information and follow Financial Crimes Weekly on Twitter @FightFinCrime

Gypsies, Tramps, and Thieves – Selected Financial Crimes Snapshot 10/4/2013

Posted by Douglas Wood, Editor.  http://www.linkedin.com/in/dougwood
I’m sure the Gypsies just wanted to help… No?
You just can’t make this stuff up. Thai prostitutes hired to kill rhinos in trophy hunting scam.
Ummm… she may have had a ‘brain injury’ when she thought this one up….
Good cop? No… bad cop
Posted by Douglas G. Wood. Click on ABOUT for more information and follow Financial Crimes Weekly on Twitter @FightFinCrime

Investigation Technology and Analytics News