Tag Archives: fraud analytics

Police Data: Beyond 'black' and 'white'?

Analytics
Beyond ‘black’ and ‘white’?

Published by Crime Tech Solutions

The notion of predictive policing is hotly debated. Some suggest that the technology removes the elements of racial bias in policing. Others claim that it does little to improve public safety. In fact, the predictive policing world took a hit recently when Milpita Police Department in California canceled a contract with software provider PredPol, suggesting that the tool offered little in way of ROI.

Predictive policing refers to the usage of mathematical, predictive and analytical techniques in law enforcement to identify potential criminal activity. Pulling in data from a variety of sources such as arrest records, calls for service, and geospatial (location) data, the promise of predictive policing offers law enforcement a statistical probability that a crime may occur in a particular location within a particular period of time.

crime-analysisAdvocates say ‘Great, let’s prevent the crime from happening’. Opponents say ‘The output is only as good as the input’. In other words, there are claims that a reliance upon historical data unduly influences the prediction. The position suggests that if police have tended to make arrests in Location A, then of course predictive policing will suggest patrolling Location A.

That argument has some holes, however; not the least of which is the very simple fact that historical data is the only kind of data that can ever exist. It has to happen before it’s data. The best indicator of future behavior is past behavior, says the pro-predictive policing side.

We think RAND Corporation puts it best when they state:

Predictive policing methods are not a crystal ball: they cannot foretell the future. They can only identify people and locations at increased risk of crime … the most effective predictive policing approaches are elements of larger proactive strategies that build strong relationships between police departments and their communities to solve crime problems.

5WThis same RAND statement was printed today by Dan Verton at MeriTalk. In an article entitled “Policing Data Sees Beyond Black and White“, Mr. Verton does an excellent job of discussing predictive policing in the context of current racial tensions in many US cities. The backdrop for the MeriTalk story is a new book by Manhattan Institute fellow Heather Mac Donald who, in her book “The War on Cops: How the New Attack on Law and Order Makes Everyone Less Safe“, uses data and data analytics to counter the argument that America’s police departments are engaged in a campaign of racial bias.

Our take is that predictive policing has merit. It is an important part of the law enforcement arsenal. Unfortunately, the term ‘Predictive Policing’ has also become a buzzword used by software vendors who aim to stake their claim in the law enforcement data analytics game. As a result of the gross overuse of the term, the predictive policing waters have become muddied.

Disagree? We entered the term into Google today and found about 350,000 unique pages.

We also think that the lack of ROI cited in Milpitra PD’s cancellation with PredPol is largely a result of costs. The promise of predictive policing, coupled with the over-hyped flame fanning of advocates (mostly vendors) has made the software relatively expensive.

Crime analytics Mapping Predicitive PolicingNevertheless, it’s hard for law enforcement to deliver a strong predictive policing ROI if they were over sold on its’ merits to begin with. The good news is that the hype is on the downswing and reality is setting in: Predictive policing is not the next greatest thing. Instead, as we suggest, it is an important tool that law enforcement can use to combat and prevent crime.

__

Crime Tech Solutions  is a low price / high performance innovator in crime analytics and law enforcement crime-fighting software. The clear price/performance leader for crime fighting software, the company’s offerings include sophisticated Case Closed™ investigative case management and major case management, GangBuster™ gang intelligence software, powerful link analysis software, evidence managementmobile applications for law enforcement, comprehensive crime analytics with mapping and predictive policing, and 28 CFR Part 23 compliant criminal intelligence database management systems.

black version

Crime Tech Solutions Acquires Case Closed Software

June 1, 2016 (Austin, TX)   Crime Tech Solutions, LLC, a leading provider of analytics and investigation software for law enforcement and commercial markets, today announced that it has acquired Cleveland, TN based Case Closed Software in a cash transaction. The terms of the deal were not released, but according to Crime Tech Solutions’ founder and president Douglas Wood, the acquisition brings together two dynamic and fast-growing software companies with an unparalleled complement of technologies.
For Crime Tech Solutions, the opportunity to add Case Closed Software into the fold was too good to pass up” said Mr. Wood. “We think that the technology offered by Case Closed helps to further differentiate us in the market as the price performance leader for this type of investigative solution.PNG
Crime Tech Solutions, based in the city of Leander, TX, delivers advanced analytics and investigation software to commercial investigators and law enforcement agencies across the globe. Their solution suite includes criminal intelligence software, sophisticated crime analytics with geospatial mapping, and powerful link analysis and visualization software. The company says that the addition of Case Closed Software expands those offerings even further.
Case Closed Software develops and markets investigative case management software specifically designed for law enforcement agencies. The suite is built around four primary software products including best-in-class investigative case management software, property and evidence tracking, a gang database tool, and an integrated link analysis and data visualization tool. The company also plans to release the solution as Case Closed Cloud for cloud-based access.
Case Closed couldn’t be happier than to be joining Crime Tech Solutions,” said Keith Weigand, the company’s founder. “The blending of our technologies creates a suite that will add tremendous value to our mutual customers, and will be hard for others to duplicate.
According to both Mr. Weigand and Mr. Wood, the name Case Closed will continue on as the product brand, given its widespread popularity and loyal customer base. Crime Tech Solutions is expected to retain all Case Closed employees, with Mr. Weigand joining as the company’s chief technical officer.
Crime Tech Solutions says it expects continued growth via ongoing software sales and strategic acquisitions.
About Crime Tech Solutions
(NOTE: Crime Tech Solutions is an Austin, TX based provider of crime and fraud analytics software for commercial and law enforcement groups. Our offerings include sophisticated Case Closed™ investigative case management and major case management, GangBuster™ gang intelligence software, powerful link analysis software, evidence management, mobile applications for law enforcement, comprehensive crime analytics with mapping and predictive policing, and 28 CFR Part 23 compliant criminal intelligence database management systems.)

Guardian Analytics playing NICE?

power-vector_G1pLm0HO_LWe love the head-on approach here by Guardian Analytics. Competition is good, right?
http://www.prnewswire.com/news-releases/guardian-analytics-launches-nice-actimize-replacement-program-300249818.html
__
(NOTE: Crime Tech Solutions is an Austin, TX based provider of crime and fraud analytics software for commercial and law enforcement groups. We proudly support the Association of Certified Fraud Examiners (ACFE), International Association of Chiefs of Police (IACP), Association of Law Enforcement Intelligence Units (LEIU) and International Association of Crime Analysts (IACA). Our offerings include sophisticated link analysis software, comprehensive crime analytics with mapping and predictive policing, and criminal intelligence database management systems.)

Link Analysis and Crime – An examination.

Posted by Tyler Wood, Operations Manager at Crime Tech Solutions
Pic003The topic of fraud is widely discussed, and the focus of thousands upon thousands of articles. Television shows such as Crime, Inc and American Greed have become popular due, in part, to our fascination with the topic of fraud.
The organizations that are affected by fraud are also fascinated… but for entirely different reasons. Some estimates suggest that the US economy loses 11 trillion dollars each year due to one form of fraud or another. It’s little wonder, therefore, that the companies most frequently defrauded have been heavily investing in anti-fraud technologies at an increasing rate over the past decade or more.
The biggest problem with fraud, of course, is that it is always evolving in a very Darwinian fashion. Like a living, breathing entity, fraud schemes change over time in order to survive. As the targets of fraud schemes put new policies, procedures and/or systems to deter the activities, the schemes modify and find new ways to survive.
v1
So, since the nature of criminal activity is such that they constantly change, how do investigators find a fool proof methodology to ensure they are 100% safe from them? The answer, of course, is that they can’t. They never will; at least not until we live in a world such as the one depicted in the 2002 film Minority Report, starring Tom Cruise. In that movie, criminals are arrested prior to committing a crime based upon the predictions of psychics called ‘Precogs’. Corporations and individual targets of fraud can only wish.
Nope, there are no Precogs running around locking up would-be practitioners of fraud that would protect banks, insurance companies, Medicaid and Medicare programs, victims of Ponzi schemes, victims of identity theft, and countless others. Instead, organizations rely upon skilled knowledge workers using purpose-built crime and fraud analytics technology that can detect anomalies in patterns, suspicious transactions, hotspot mapping, networks of fraudsters, and other sophisticated data analytics tools.
v4
Crime and fraud analytics
Any discussion of analytics and investigation software must touch upon the topic of ‘big data’. No longer just a buzz word, big data literally fuels the insights gathered by organizations in every area of business. Naturally, then, organizations who have been traditionally targeted by fraudsters have increasingly invested in crime technology such as investigation software and analytics in order to exploit the phenomenon.
gotbigdata.pngOf course, big data in and by itself does nothing. It just sits there. Nobody has ever yelled “Help! We’ve been defrauded! Call the big data!” Big data is only useful when it can be transformed into ‘smart data’. In other words, understanding the big picture of costly fraudulent activities is not akin to understanding the specifics of ‘who’ is defrauding you, and ‘how’ they are doing it.
Those questions can best be answered through the powerful data mining and link analysis software tools offered by Austin, TX based Crime Tech Solutions in partnership with Sterling, VA based Visallo. Effective link analysis complements big data analytics platforms, helping to expose previously undetected fraud, and the entities (people or organizations) committing it.
Link Analysis – Transforming big data into smart data
By definition, link analysis is a data analysis technique that examines relationships among people, places, and things. As a visual tool, link analysis provides users a powerful method to quickly understand and ‘see’ what is happening. Because of this, it is widely used by financial institutions such as banks and insurance companies to uncover criminal networks, improve fraud investigations, detect insider fraud, and expose money laundering schemes. Similarly, government agencies use link analysis to investigate fraud, enhance screening processes, uncover terrorist networks and investigate criminal activities.
At Crime Tech Solutions, we liken the question of how to detect and deter fraud to ‘How do you eat an elephant?’ The answer, of course, is one bite at a time. If big data is the elephant, comprehensive link analysis software is part of the one ‘bite’ at a time. Or should we say ‘byte’.
(NOTE: Crime Tech Solutions is an Austin, TX based provider of investigation software and analytics for commercial and law enforcement groups. We proudly support the Association of Certified Fraud Examiners (ACFE), International Association of Chiefs of Police (IACP), Association of Law Enforcement Intelligence Units (LEIU) and International Association of Crime Analysts (IACA). Our offerings include sophisticated link analysis software, an industry-leading investigation case management solution, and criminal intelligence database management systems.)

Uncovering Fraud means Uncovering Non-Obvious Relationships

Posted by Tyler Wood, Operations Manager at Crime Tech Solutions
Although no fraud prevention measures are ever 100% foolproof, significant progress can be achieved by looking beyond the individual data points to the relationships between them. This is the science of link analysis.
Looking at data relationships isn’t straightforward and doesn’t necessarily mean gathering new or more data. The key to battling financial crimes it is to look at the existing data in a new way – namely, in a way that makes underlying connections and patterns using powerful but proven tools such as the Sentinel Visualizer software offered by Crime Tech Solutions.
Unlike most other ways of looking at data, link analysis charts are designed to exploit relationships in data. That means they can uncover patterns difficult to detect using traditional representations such as tables.
Now, we all know that there are various types of fraud – first-party, insurance, and e-commerce fraud, for instance. What they all have in common is the layers of dishonesty to hide the crime. In each of these types of fraud, link analysis from Crime Tech Solutions offers a significant opportunity to augment existing methods of fraud detection, making evasion substantially more difficult.
Let’s take a look at first-party fraud. This type of fraud involves criminals who apply for loans or credit cards but who have no intention of ever paying the money back. It’s a serious problem for banks, who lose tens of billions of dollars every year to this form of fraud. It’s hard to detect and the fraudsters are good at impersonating good customers until the moment they do their ‘Bust-Out,’ i.e. cleaning out all their accounts and disappearing.
Another factor is the nature of the relationships between the participants in the fraud ring. While these characteristics make these schemes very damaging, it also renders them especially vulnerable to link analysis methods of fraud detection.
That’s because a first-party fraud ring involves a group of people sharing a subset of legitimate contact information and bogus information, and then combining them to create a number of synthetic identities. With these fake identities, fraudsters open new accounts for new forms of loans.
The fraudsters’ accounts are used in a normal manner with regular purchases and timely payments so that the banks gain confidence and slowly increase credit over time. Then, one day… Poof! The credit cards are maxed out and everyone has disappeared. The fraudsters are long gone and ready to hit the next bank down the road.
Gartner Group believes in a layered model for fraud prevention that starts with simple discrete methods but progresses to more elaborate types of analysis. The final layer, Layer 5, is called  “Entity Link Analysis” and is designed to leverage connections in data in order to detect organized fraud.
In other words, Gartner believes that running appropriate entity link analysis queries can help organizations identify probable fraud rings during or even before the fraud occurs.
 

Professor urges increased use of technology in fighting crime

risk_terrain_modeling_resizedPosted by Crime Tech Solutions
This article originally appeared HERE in Jamaica Observer. It’s an interesting read…
A University of the West Indies (UWI) professor is calling for the increased use of technology by developing countries, including Jamaica, to assist in the fight against crime.
Professor Evan Duggan, who is Dean of the Faculty of Social Sciences, said there have been “amazing advancements” in information and communications technologies (ICT), over the past six decades, which offer great potential for improving security strategies.
The academic, who was addressing a recent National Security Policy Seminar at UWI’s Regional Headquarters, located on the Mona campus, pointed to Kenya as a developing country that has employed the use of inexpensive technology in its crime fighting initiatives.
“Potential applications and innovations have been implemented through the use of powerful but not very expensive technologies that have allowed law enforcers to make enormous leaps in criminal intelligence, crime analysis, emergency response and policing,” he said.
He pointed to the use of a variety of mobile apps for crime prevention and reporting, web facilities, and citizen portals for the reporting of criminal activity.
Professor Duggan said that in order for Jamaica to realise the full benefit of technology in crime fighting, national security stakeholders need to engage local application developers.
“I would enjoin our stakeholders to engage the extremely creative Jamaican application developers, who now produce high quality apps for a variety of mobile and other platforms. I recommend interventions to assist in helping these groups to cohere into a unified force that is more than capable of supplying the applications we need,” he urged.
The UWI Professor pointed to the Mona Geoinformatic Institute as one entity that has been assisting in fighting crime, through analyses of crime data as well as three dimensional (3D) reconstruction of crime scenes; and mapping jurisdictional boundaries for police posts and divisions, as well as the movement of major gangs across the country.
In the meantime, Professor Duggan called for “purposeful activism” in the fight against crime and lawlessness which, he said, are “serious deterrents to economic development and national growth prospects” and could derail the national vision of developed country status by 2030.
“In the current global landscape where security challenges are proliferating across borders and have taken on multifaceted physiognomies, all hands on deck are vital,” he stressed.
“We need to …consolidate pockets of research excellence in this area …to provide the kinds of insight that will lead to more fruitful and productive collaborative engagements that are required to help us better understand the security challenges and threats from crime in order to better inform our national security architecture and direction,” he added.

What is Link / Social Network Analysis?

Posted by Crime Tech SolutionsPic003

Computer-based link analysis is a set of techniques for exploring associations among large numbers of objects of different types. These methods have proven crucial in assisting human investigators in comprehending complex webs of evidence and drawing conclusions that are not apparent from any single piece of information. These methods are equally useful for creating variables that can be combined with structured data sources to improve automated decision-making processes. Typically, linkage data is modeled as a graph, with nodes representing entities of interest and links representing relationships or transactions. Links and nodes may have attributes specific to the domain. For example, link attributes might indicate the certainty or strength of a relationship, the dollar value of a transaction, or the probability of an infection.

Some linkage data, such as telephone call detail records, may be simple but voluminous, with uniform node and link types and a great deal of regularity. Other data, such as law enforcement data, may be extremely rich and varied, though sparse, with elements possessing many attributes and confidence values that may change over time.
Various techniques are appropriate for distinct problems. For example, heuristic, localized methods might be appropriate for matching known patterns to a network of financial transactions in a criminal investigation. Efficient global search strategies, on the other hand, might be best for finding centrality or severability in a telephone network.
Link analysis can be broken down into two components—link generation, and utilization of the resulting linkage graph.
Link Generation
Link generation is the process of computing the links, link attributes and node attributes. There are several different ways to define links. The different approaches yield very different linkage graphs. A key aspect in defining a link analysis is deciding which representation to use.
Explicit Links
A link may be created between the nodes corresponding to each pair of entities in a transaction. For example, with a call detail record, a link is created between the originating telephone number and the destination telephone number. This is referred to as an explicit link.
Aggregate Links
A single link may be created from multiple transactions. For example, a single link could represent all telephone calls between two parties, and a link attribute might be the number of calls represented. Thus, several explicit links may be collapsed into a single aggregate link.
Inferred Relationships
Links may also be created between pairs of nodes based on inferred strengths of relationships between them. These are sometimes referred to as soft links, association links, or co-occurrence links. Classes of algorithms for these computations include association rules, Bayesian belief networks and context vectors. For example, a link may be created between any pair of nodes whose context vectors lie within a certain radius of one another. Typically, one attribute of such a link is the strength of the relationship it represents. Time is a key feature that offers an opportunity to uncover linkages that might be missed by more typical data analysis approaches. For example, suppose a temporal analysis of wire transfer records indicates that a transfer from account A to person X at one bank is temporally proximate to a transfer from account B to person Y at another bank. This yields an inferred link between accounts A and B. If other aspects of the accounts or transactions are also suspicious, they may be flagged for additional scrutiny for possible money laundering activity.
A specific instance of inferred relationships is identifying two nodes that may actually correspond to the same physical entity, such as a person or an account. Link analysis includes mechanisms for collapsing these to a single node. Typically, the analyst creates rules or selects parameters specifying in which instances to merge nodes in this fashion.
Utilization
Once a linkage graph, including the link and node attributes, has been defined, it can be browsed, searched or used to create variables as inputs to a decision system.
Visualization
In visualizing linking graphs, each node is represented as an icon, and each link is represented as a line or an arrow between two nodes. The node and link attributes may be displayed next to the items or accessed via mouse actions. Different icon types represent different entity types. Similarly, link attributes determine the link representation (line strength, line color, arrowhead, etc.).
Standard graphs include spoke and wheel, peacock, group, hierarchy and mesh. An analytic component of the visualization is the automatic positioning of the nodes on the screen, i.e., the projection of the graph onto a plane. Different algorithms position the nodes based on the strength of the links between nodes or to agglomerate the nodes into groups of the same kind. Once displayed, the user typically has the ability to move nodes, modify node and link attributes, zoom in, collapse, highlight, hide or delete portions of the graph.
Variable Creation
Link analysis can append new fields to existing records or create entirely new data sets for subsequent modeling stages in a decision system. For example, a new variable for a customer might be the total number of email addresses and credit card numbers linked to that customer.
Search
Link analysis query mechanisms include retrieving nodes and links matching specified criteria, such as node and link attributes, as well as search by example to find more nodes that are similar to the specified example node.
A more complex task is similarity search, also called clustering. Here, the objective is to find groups of similar nodes. These may actually be multiple instances of the same physical entity, such as a single individual using multiple accounts in a similar fashion.
Network Analysis
Network analysis is the search for parts of the linkage graph that play particular roles. It is used to build more robust communication networks and to combat organized crime. This exploration revolves around questions such as:

  • Which nodes are key or central to the network?
  • Which links can be severed or strengthened to most effectively impede or enhance the operation of the network?
  • Can the existence of undetected links or nodes be inferred from the known data?
  • Are there similarities in the structure of subparts of the network that can indicate an underlying relationship (e.g., modus operandi)?
  • What are the relevant sub-networks within a much larger network?
  • What data model and level of aggregation best reveal certain types of links and sub-networks?
  • What types of structured groups of entities occur in the data set?

Applications
Link analysis tools such as those provided by Crime Tech Solutions are increasingly used in law enforcement investigations, detecting terrorist threats, fraud detection, detecting money laundering, telecommunications network analysis, classifying web pages, analyzing transportation routes, pharmaceuticals research, epidemiology, detecting nuclear proliferation and a host of other specialized applications. For example, in the case of money laundering, the entities might include people, bank accounts and businesses, and the transactions might include wire transfers, checks and cash deposits. Exploring relationships among these different objects helps expose networks of activity, both legal and illegal.

How Can Crime Analysis Help Police Reduce Crime?

Pic005Posted by Crime Tech Solutions
The following article was published just over a year ago HERE by Dr. Laura Wyckoff, a Fellow at Bureau of Justice Assistance. We think it is worth exploring:
“Focusing resources on high-crime places, high-rate offenders, and repeat victims can help police effectively reduce crime in their communities. Doing so reinforces the notion that the application of data-driven strategies, such as hotspots policing, problem-oriented policing, and intelligence-led policing, work. Police must know when, where, and how to focus limited resources, as well as how to evaluate the effectiveness of their strategies. Sound crime analysis is paramount to this success.
What is crime analysis exactly? Crime analysis is not simply crime counts or the change in crime counts—that is just information about crime and not an analysis of crime. Crime analysis is a deep examination of the relationships between the different criminogenic factors (e.g., time, place, socio-demographics) surrounding crime or disorder that helps us understand why it occurs. Sound crime analysis diagnoses problems so a response may be tailored to cure it, or reduce the frequency and severity of such problems.
Data-driven policing and associated crime analysis are still in their infancy and are not typically integrated into the organizational culture as well as traditional policing strategies. Many agencies are still not aware of the advantages of an effective crime analysis unit, and others may not have the resources or knowledge to effectively integrate one. Of those that do employ crime analysis, many may not fully understand or accept this approach, or use it to its potential.
Additionally, police command staff typically are not analysts, so they may be unaware of how to guide this work to provide “actionable” crime analysis products that can be helpful for crime reduction efforts. At the same time, analysts are usually not police officers and may not be aware of how police respond to crime problems (both tactically and strategically), or what types of products will be most useful.
To be more effective at combating crime using data-driven strategies, we need to overcome these barriers and knowledge gaps. That is why the Bureau of Justice Assistance (BJA) established the Crime Analysis on Demand initiative. This initiative has a number of training and technical assistance opportunities focused on increasing crime analysis capacity in agencies across the nation. BJA’s National Training and Technical Assistance Center (NTTAC) is providing police agencies access to crime analysis experts that provide recommendations, training, and technical assistance to help agencies improve their application of crime analysis.
Additionally, the Police Foundation’s recent Crime Mapping and Analysis News publication provides a synopsis of the different services offered through this initiative. Other resources for crime analysis can be found on the International Association of Crime Analysts and the International Association of Law Enforcement Intelligence Analysts’ web sites.”
 

IBM Crime Analytics: Missing the mark? CTS Hits the bullseye!

quote-one-may-miss-the-mark-by-aiming-too-high-as-too-low-thomas-fuller-10-41-63Posted by Crime Tech Solutions – Your source for analytics in the fight against crime and fraud.
September 7, 2015. IBM announced this week a major update to its IBM i2 Safer Planet intelligence portfolio that includes a major overhaul of the widely used Analyst’s Notebook product. The product, which has become increasingly abandoned by its user base over the past five years, is now being positioned as ‘slicker‘ than previous versions.
IBM suggests that the new version scales from one to 1,000 users and can ingest petabytes of information to visualize. (A single petabyte roughly translates to 20,000,000 four-drawer filing cabinets completely filled with text).
That’s a lot of data. Seems to me that analysts are already inundated with data… now they need more?
This all begs the question: “Where is IBM headed with this product?”
The evidence seems to point to the fact that IBM wants this suite of products to compete head-to-head with money-raising machine and media darling Palantir Technologies. If I’m IBM, that makes sense. Palantir has been eating Big Blue’s lunch for a few years now, particularly at the lucrative US Federal market level. Worse yet, for IBM i2, is the recent news of a new competitor with even more powerful technology.
If I’m a crime or fraud analyst, however, I have to view this as IBM moving further and further away from my reality.
The reality? Nobody has ever yelled “Help! I’ve been robbed. Call the petabytes of ‘slick’ data!”  No, this tiring ‘big data’ discussion is not really part of the day to day work for the vast majority of analysts. Smart people using appropriate data with intuitive and flexible crime technology solutions… that’s the reality for most of us.
So, as IBM moves their market-leading tool higher and higher into the stratosphere, where does the industry turn for more practical desktop solutions with realistic pricing? For more and more customers around the world, the answer is a crime and fraud link analytics tool from Crime Tech Solutions.
No, it won’t ingest 20,000,000 four-drawer filing cabinets of data, and it’s more ‘efficient‘ than ‘slick‘. Still, the product has been around for decades as a strong competitor to Analysts Notebook, and is well-supported by a network of strategic partners around the world. Importantly, it is the only American made and supported alternative. Period. It’s also, seemingly, the last man standing in the market for efficient and cost-effective tools that can be used by real people doing their real jobs.

Using Link Analysis to untangle fraud webs

Posted by Douglas Wood, Editor.
NOTE: This article originally appeared HERE by Jane Antonio. I think it’s a great read…
Link analysis has become an important technique for discovering hidden relationships involved in healthcare fraud. An excellent online source, FierceHealthPayer:AntiFraud, recently spoke to Vincent Boyd Bryant about the value of this tool for payer special investigations units.
A former biometric scientist for the U.S. Department of Defense, Bryant has 30 years of experience in law enforcement and intelligence analysis. He’s an internationally-experienced investigations and forensics expert who’s worked for a leading health insurer on government business fraud and abuse cases.
How does interactive link analysis help insurers prevent healthcare fraud? Can you share an example of how the tool works?

Boyd Bryant: Link analysis is most often used to piece together different kinds of data from multiple sources–to identify key players, connections between those players and patterns of behavior frequently missed. It can simplify an understanding of the level of involvement of individuals and criminal organizational hierarchies and can greatly simplify visualizing and communicating the operations of complex criminal enterprises.

One thing criminals do best is hide pots of money in different places. As a small criminal operation becomes successful, it will often expand its revenue streams through associated businesses. Link analysis is about trying to figure out where all those different baskets of revenue may be. Insurers are drowning in a sea of theft. Here’s where link analysis becomes beneficial. Once insurers discover a small basket of money lost to a criminal enterprise, then serious research needs to go into finding out who owns the company, who they’re associated with, what kinds of business they’re doing and if there are claims associated with it.
You may find a clinic, for example, connected to and working near a pharmacy, a medical equipment supplier, a home healthcare services provider and a construction company. Diving into those companies and what they do, you find that they’re serving older patients for whom multiple claims from many providers exist. The construction company may be building wheelchair ramps on homes. And you may find that the providers are claiming payment for dead people. Overall, using this tool requires significant curiosity and a willingness to look beyond the obvious.
Any investigation consists of aggregating facts, generating impressions and creating a theory about what happened. Then you work to confirm or disconfirm your theory. It’s important to have tools that let you take large masses of facts and visualize them in ways that cue you to look closer.
Let’s say you investigate a large medical practice and interview “Doctor Jones.” The day after the interview, you learn through link analysis that he transferred $11 million from his primary bank account to the Cayman Islands. And in looking at Dr. Jones’ phone records, you see he called six people, each of whom was the head of another individual practice on whose board Dr. Jones sits. Now the investigation expands, since the timing of those phone calls was contemporaneous to the money taking flight.
Why are tight clusters of similar entities possible indicators of fraud, waste or abuse?
Bryant: When you find a business engaged in dishonest practices and see its different relationships with providers working out of the same building, this gives rise to reasonable suspicion. The case merits a closer look. Examining claims and talking to members served by those companies will give you an indication of how legitimate the operation is.
What are the advantages of link analysis to payer special investigation units, and how are SIUs using its results?
Bryant:  Link analysis can define relationships through data insurers haven’t always had, data that traditionally belonged to law enforcement.
Link analysis results in a visual reference that can take many forms: It can look like a family tree, an organizational chart or a time line. This reference helps investigators assess large masses of data for clustering and helps them arrive at a conclusion more rapidly.

Using link analysis, an investigator can dump in large amounts of data–such as patient lists from multiple practices–and see who’s serving the same patient. This can identify those who doctor shop for pain medication, for example. Link analysis can chart where this person was and when, showing the total amount of medication prescribed and giving you an idea of how the person is operating.
What types of data does link analysis integrate?
Bryant: Any type of data that can be sorted and tied together can be loaded into the tool. Examples include telephone records, addresses, vehicle information, corporate records that list individuals serving on boards and banking and financial information. Larger supporting documents can be loaded and linked to the charts, making cases easier to present to a jury.
Linked analysis can pull in data from state government agencies, county tax records or police records from state departments of correction and make those available in one bucket. In most cases, this is more efficient than the hours of labor needed to dig up these types of public records through site visits.
Is there anything else payers should know about link analysis that wasn’t covered in the above questions?
Bryant: The critical thing is remembering that you don’t know what you don’t know. If a provider or member is stealing from the plan in what looks like dribs and drabs, insurers may never discover the true extent of the losses. But if–as a part of any fraud allegation that arises–you look at what and who is associated with the subject of the complaint, what started as a $100,000 questionable claims allegation can expose millions of dollars in inappropriate billings spread across different entities.