q Intelligence

Quarterly
Journal of Advanced Analytics Executive Viewpoint 2
Mikael Hagström

Q1
risk in banking
Moving from stress tests to
broader scenario analyses 3

1O
Mike Stefanick
Positive creativity solves complex risk puzzle 6
Grid computing primer 11
Etienne Hermand

performance management in banking

Toward total bank
performance management 13
fraud in banking
How do social groups
affect your business? 16
Héctor Cobo
Fraud detection with a rapid return 19
Royal Bank of Canada avoids
$15 million in credit fraud losses 21
You become the hunter and
they become the prey 23
Alison Bolen
Global financial services leader relies
on SAS for comprehensive fraud detection 25
q Intelligence
Quarterly
Journal of Advanced Analytics
First Quarter 2010

Editorial Director
Mikael Hagström
mikael.hagstroem@sas.com
Editor-in-Chief
Alison Bolen
alison.bolen@sas.com
Executive Editor
Bob Tschudi
bob.tschudi@sas.com
Managing Editor
Intelligence Quarterly is published
quarterly by SAS Institute Inc. Copyright
© 2010 SAS Institute Inc., Cary, NC,
USA. All rights reserved. Limited copies
may be made for internal staff use only.
Credit must be given to the publisher.
Otherwise, no part of this publication
may be reproduced without prior
written permission of the publisher.
SAS and all other SAS Institute Inc.
SAS is the leader in business analytics
software and services, and the largest
independent vendor in the business in-
telligence market. Through innovative
solutions delivered within an integrat-
ed framework, SAS helps customers
at more than 45,000 sites improve per-
formance and deliver value by making
better decisions faster. Since 1976 SAS
has been giving customers around the
world THE POWER TO KNOW. ®

Anne-Lindsay Beall product or service names are registered

anne-lindsay.beall@sas.com trademarks or trademarks of SAS Insti-
tute Inc. in the USA and other countries.
Copy Editors ® indicates USA registration. Other
Amy Dyson • Trey Whittenton brand and product names are trade-
marks of their respective companies.
Editorial Contributors
Anne-Lindsay Beall
Caitlin Harvey
Etienne Hermand
Kelly LeVoyer
Kwee Yoong Locke
Vicki Marsland
Pamela Meek
Marcie Montague
Judy Ng
Peter Schütte
Mike Stefanik
Waynette Tubbs
Art Direction
Brian Lloyd
Photography
John Fernez
Steve Muir

Prepare for the war
against the unknown
Risk management will be a core strategy for banks as economies recover
by Mikael Hagström, Executive Vice President of SAS Europe, Middle East, Africa and Asia Pacific
Based on results in the second half of
2009, it appears we are past the worst
of the economic recession, and a recov-
ery is here. The stimulus policies from US
and EU governments have played a key
role in preventing a financial catastrophe,
and there is a lot to be optimistic about.
The economic data is mixed but shows
a clear positive trend globally, while
consumer spending and demand have yet
to significantly recover. Inventory rebuild-
ing as well as stimulus packages (close
to 2 percent of the gross domestic prod-
uct in the EU) are starting to demonstrate
a clear positive impact on the economic
data. The last part of 2009, particularly
benchmark figures for the fourth
quarter, showed greater stability and
improvements in several areas.
On the down side, the more fundamen-
tal financial imbalances behind the crisis
remain. The market, boosted by low
interest rates, seems to act as if the crisis
did not occur. While consumers still need
to lower their credit levels and stay pre-
pared for rising taxes and unemployment
levels, an increase in currency reserves
and a lack of spending is itself a concern.
Fighting the asset bubbles with generous
liquidity policies simply fuels new and
larger bubbles. For instance, the current
setback was clearly larger than the IT
bubble in 2001 and 2002, which was in
IQ|1OQ1|P2
Executive Viewpoint
turn larger than the financial setback of and why it deserves core strategy status.
1997-98. Today, governments and cen- What will the next generation of risk look
tral banks will be forced to tighten their like? Official bodies ranging from The
belts. Act too early, and we risk falling Financial Stability Forum to The Institute
back into recession; too late, and inflation of International Finance continue to
might cause interest rates to spiral. be vocal in their recommendations to
improve risk management. Consolidating
Future economic forecast predictions the different risk types and analyzing risk
are varied. Some economists see the from a firmwide perspective will be key
shape of the recovery as a V, some as a to meeting these recommendations.
U or W, and even some as a square root
or the Nike “swoosh.” No one can say With uncertainty also comes despera-
for sure. We live in times of uncertainty, tion, and so I also chose to emphasize
and what is clear is our need to prepare fraud management in addition to risk
for the unexpected, which has been as an important addition to your core
accelerated by increased regulation that strategy of reducing costs, increasing
further erodes trust. cash flow and helping to achieve your
efficiency goals.
The answer can be simple. Price the
risk right, and you will always come out I hope this issue will contribute to some
on the winning side. The difficulty is in ideas that will help you better prepare for
gathering and analyzing all of the data the unknown. I wish you great success
needed to do so. for 2010. q
I have decided to focus this issue of
Intelligence Quarterly on risk management
As the Executive Vice President of SAS Europe, Middle East,
Africa and Asia Pacific, Mikael Hagström is passionate
about providing a culture where innovation can flourish, re-
sulting in market leadership both for the organization and
its customers. He is responsible for optimizing business
performance, delivering revenue and managing operations
in more than 50 countries with individual P&L (profit and
loss) centers and nearly 4,000 employees.
P3|IQ|1OQ1
Risk in Banking
Moving from stress tests to
broader scenario analyses
How to better understand the business impacts of
events across risk types
Mike Stefanick, Senior Manager, US Risk Practice, SAS
The Federal Reserve, rating agencies and
capital providers are requiring consistent
views of banks that extend far beyond
a simple snapshot of capital reserves.
Today, banks must embrace a richer
brand of scenario analysis: executing a
variety of stress tests and scenarios across
all of their portfolios. The payoff extends
beyond mere regulatory compliance
and institutional health. It also means an
enhanced competitive posture.
Even in the best of economic times,
stress testing a bank’s portfolio is a sound
practice for assessing the sufficiency of
capital reserves as well as the responsive-
ness of the institution’s infrastructure and
reporting process. However, as we all
learned in the 2008-09 financial crisis,
there were significant weaknesses in
these internal stress-testing programs. The
major shortcoming: an inability to assess
vulnerabilities arising from interrelated
events across all risk and asset types.
The inadequacy prevented institutions
from seeing the interactions across risk
types that surfaced in the crisis. As a result,
siloed risk models in various asset classes
lacked the synergy and interrelationships
to properly forecast the cross-asset
impact of abnormal conditions and events.
Today, it’s much clearer that firmwide
stress testing across asset classes,
positions and business lines must
improve in order to ensure appropriate
risk capture and aggregate stress-test
and risk-calculation results more
consistently and effectively. However,
until regulators recently stepped up their
mandates for stress testing, there was
no precedent or strong impetus driving
banks to aggregate their information to
assess vulnerabilities across risk and
asset types. Although the recently com-
pleted first round of the Supervisory
Capital Assessment Program (SCAP)
provided some useful insight into 19
of the largest US banks, those tests
were limited by the available data and
the restriction to two basic scenarios
– a continuing downturn and a slightly
more adverse condition.
What’s more, the SCAP tests were
a process nightmare. The US Trea-
sury Department designed valid and
meaningful stress tests, sent regulatory
letters mandating that banks perform
the tests, compiled results, compared
bank submissions, adjusted values and
interpreted the findings. Collectively,
those tasks took three to four months.
It wasn’t better inside banks. As a result
of these Treasury-orchestrated stress
tests, most banks had to create one-time
manual processes to comply – processes
that will be difficult to extend or repeat.

The shift to scenario analysis
Simply replicating the tests on an industry-
wide basis would be challenging enough.
But as the thin and limited results of the
first round of SCAP show, it’s clear that
regulators and institutions alike will need
to expand their view from simple stress
testing. It’s now clear that the SCAP tests
were not a one-time exercise, and that
improved stress-testing processes and
analytics will remain a high priority for
the foreseeable future. Mastery of these
tests will not only be required to respond
to regulatory requirements; they will also
enable banks to perform ad hoc stress
analyses and more effectively manage
their economic capital.
But this first phase only hints at the scale
and scope of the broader challenge.
Going forward, banks will need a broader
class of scenario analyses that leverage
standardized processes and improved
data aggregation.
In simple stress testing, the bank models
and calculates the effect on a particular
asset class of a change to a single risk
factor or set of risk factors by a given
amount. For instance, what happens to
the mortgage-securities assets if equity
prices decrease by 10 percent? This
can be used to analyze how sensitive an
asset is to a large change in a specific
market factor, i.e., how exposed they are.
But banks need to expand stress testing
across the portfolio, often called sce-
nario analysis. This involves calculating
the effects on a portfolio of stressing
all underlying risk factors arising from a
pre-defined market scenario. Scenario
analysis is better suited to reproducing
the effects of historical events, such as
Black Monday, a period of loss in the
bank’s history or a potential future event.
Needed: Integrated framework
To achieve this broader scope of test-
ing, banks need a framework that
allows managers and analysts to easily
run many different market and credit
risk scenarios across a variety of
risk factors and portfolios. Business
users and risk analysts need a graphical
interface to simplify the building and
reviewing of stress-test scenarios. The
ability to use pre-defined scenarios or
create user-defined scenarios is critical
as is a robust visualization capability to
compare the impact of scenarios across
specific key performance indicators.
A framework that enables senior execu-
tives and business analysts alike to view
consolidated results for a variety of stress-
test scenarios, and that can extend and
enhance the ability to perform sensitivity
and “what if” analyses, would be a
powerful asset, especially in the current
challenging economic conditions.
IQ|1OQ1|P4
Risk in Banking
Three ways to improve
stress testing
1. Break down the silos – Transition
stress testing from its narrow silo view
to look more broadly across the firm.
Don’t focus solely on areas where it
is known that there’s elevated risk.
Implement a framework to aggregate
enterprise position data to look at all
asset classes.
2. Implement a flexible framework
for integrated stress testing and ad
hoc analyses – The business driver is
to provide a “desktop” stress-testing
solution that allows analysts to imme-
diately react to changes in the market
by defining possible stresses and
scenarios and observing their effects
on the exposure in their portfolios,
without the need for intervention by
another party/department.
3. Continually refine the process –
Banks should continually test and
refine their models to validate their
scenarios. Back-testing of models with
historical data and events can increase
the confidence in those models as part
of an overall model-validation strategy
to manage model risk.
 P5|IQ|1OQ1
Risk in Banking

A holistic, strategic approach to risk

Source Systems Stress and Scenario Tests Risk Engine Aggregation and Reporting

Market/ Define and Reverse

Static Data Manage Stress Testing
Integrated
Front Office/ Generate
Dashboard
Portfolios Scenario Data

Risk Analysts Business Management

and Risk Advisory
Committees

Ultimately, the vision for all financial institutions is to have one risk engine that provides the risk analytics for all areas of the
business, providing truly integrated scenario analysis.

Coverage of asset types and consis- testing and scenario analysis would
tency of criteria are large barriers to help remove some of the subjectivity
more effective stress tests and scenario from asset valuation and provide a more
analyses. That coverage is hindered consistent risk calculation methodology.
because disparate information prohib-
Information from stress testing and sce-
its a consolidated view of all assets.
nario analyses provides tremendous
What’s more, multiple versions of data,
benefits to financial institutions. The
valuation methods and models persist
results point to specific operational
throughout the process.
gaps, vulnerabilities and threats that
Financial institutions need an integrated the banks can address. This makes the
approach to risk evaluation to under- institutions stronger, more competitive
stand events that have effects across risk and better positioned to provide better
types (e.g., market risk, credit risk and services to customers. q
operational risk) that, when combined,
could result in exposure beyond isolated
test results. Clear regulatory and industry ONLINE
Free 44-page Enterprise Risk Management report:
standards for stress tests are essential to
www.sas.com/reg/gen/corp/riskreport
align asset classes and risk measurement
methodologies across the industry for use
within banks and between the banks and
regulators. These standards for stress

Mike Stefanick is Senior Manager of US Risk Prac-

tice for SAS. Prior to joining SAS, Stefanick served
as Vice President of Risk Architecture and Finance
Transformation with SunTrust Group, and as Chief
Architect and Vice President of Business Risk
Systems for Fifth Third Bank. He also has extensive
consulting experience with many financial
institutions. Mike.Stefanick@sas.com

Positive creativity solves
complex risk puzzle
Banking CRO discusses how to calculate the interplay between risk classes
and develop better risk controls for the banking industry – in near-real time
Here’s a simple way of thinking about
risk in banking: All risk is good risk,
as long as it’s priced right. When you
understand that fundamental principle,
the importance of accurate pricing
becomes clear pretty quickly.
For many of today’s large, multinational
banks, however, pricing assets and
optimizing portfolios are immensely
complex endeavors. In fact, we’ve all
witnessed the recent global effects of
bad bets on pricing and loan decisions.
When you don’t get the math right, you
don’t see the risk and you don’t reserve
enough capital to protect the bank
against potential losses.
But it can take days – literally – to cal-
culate multiple risk factors on millions
of loans and security instruments from
just one division of a large, global bank
– and that’s before you start combin-
ing credit risk with market risk to get
a broader, firmwide picture of an
organization’s true risk.
Recently, SAS and United Overseas
Bank (UOB) have partnered to attack this
large computation problem with a high-
performance computing solution that
combines grid computing, matrix-based
calculations and in-database analytics.
IQ|1OQ1|P6
Risk in Banking
UOB’s Chief Risk Officer Tham Ming
Soong explains how that project got
started and how near-real-time risk
calculations will benefit the banking
industry. Mikael Hagström, Executive
Vice President of SAS Europe, Middle
East, Africa and Asia Pacific, leads
the interview.
Mikael Hagström: How has the environ-
ment in the banking industry changed
compared to this time last year?
Tham Ming Soong: The industry has
changed quite a bit. We’ve all witnessed
how the current crisis unfolded. Particu-
larly for Asian banks, we found ourselves
in a situation where we were overtaken
by events that were pretty much out
of our control. In coming months we
anticipate increases in regulatory
requirements both from the capital and
liquidity perspectives. Unfortunately,
what banks have not been able to do is
to move away from marking off regula-
tory check boxes to developing internal
motivations to create better controls.
Hagström: You head risk management
for the whole bank, which includes
credit risk, market risk and operational
risk. How have the requirements changed
in this area compared to a year ago?
P7|IQ|1OQ1
Risk in Banking
“The financial stability of
any system can only be
as strong as the financial
institutions themselves.”
Tham Ming Soong
Chief Risk Officer,
United Overseas Bank
Ming Soong: More than a year ago,
in 2006, we began reviewing our risk
management requirements. Back then,
we were looking at integrating our cred-
it, market, and liquidity risk frameworks
together. Now, the current crisis has
pushed us toward a greater urgency
to have a better understanding of the
interplay between the risk classes. Credit
risk traditionally has been managed in a
silo, but if you look at how non-performing
loans impact funding requirements, for
example, the connection has been
grossly understated for the longest time.
Hagström: Why is it important to
manage risk and capital allocation on
an enterprise level as opposed to a
departmental level?
Ming Soong: If you look at particular
transactions or pools of transactions by
themselves, they can look very profitable.
But if you integrate them into the larger
portfolio, it can be quite negative for the
entire portfolio. Unless we are able to see
the interplay, we are not going to attain
that efficiency that we are seeking. When
we started this journey back in 2006 at
the United Overseas Bank, we came up
with three basic tenets. One of them is to
be able to attain long-term, sustainable
growth. To do that, we need the ability
to find efficiencies, identify inefficiencies
and address those inefficiencies.
Hagström: SAS and UOB started to
work together about a year ago on
portfolio optimization. Can you describe
the problem that we’re trying to solve?
Ming Soong: Traditional portfolio op-
timization looks at asset allocation.
When we started looking at portfolio op-
timization, we looked at it from a fairly
different angle. We look at it as a capital
allocation problem. UOB operates in 18
countries with subsidiaries in Thailand,
Malaysia, Indonesia and China. Capital
is not readily fungible across borders.
We need to decide from a strategic per-
spective where we are going to put our
investments, and we have to look at it
from a returns perspective, figuring out
the expected rates of return for different
environments within which we invest. So
when we have a portfolio that stretches
across five major countries in Southeast
Asia, I look at it as no different from a
traditional asset management portfolio
problem. The only thing is, we’re not op-
timizing the assets. We’re optimizing the
deployment of capital. So I’m hoping to
look at the asset allocation solution and
turn it around and say, can we use the
same technology to allocate capital?
Hagström: What were your require-
ments for this project?
Ming Soong: When we started look-
ing for an enterprise risk solution, SAS
responded to the RFP. I was originally
looking for an open source solution, but
when I began to understand deeper
the capabilities of the SAS platform, it
®
became clear that this was a possible
solution for us to build our risk manage-
ment practice. Very often we’ve seen
organizations that have gone in to buy
out-of-the-box solutions, but these have
a fairly short shelf life. The last thing I
wanted to do was to have to go to my
Board every five years or so and ask for
a whole bunch of money to upgrade
our risk systems. I also needed the flex-
ibility to prototype, since we have a lot
of ideas that we want to test, and SAS
certainly does give us the ability to do
that. Since starting this journey with SAS
back in the spring of 2008, we came

to realize that we have pretty similar
objectives, and being of like minds it
gives us the opportunity to develop
common solutions.
Hagström: How does the near-real-time
risk reporting compare to the environ-
ment you lived in before?
Ming Soong: When we first ran our
credit risk economic capital models
using a Monte Carlo simulation, it took
us in excess of three days. After working
with SAS for an improvement, we did it
in about eight hours. But then we start-
ed adding the market risk piece and
realized it was going to take 11 days.
The improvements we saw yesterday
with grid computing are amazing.
We could run complex calculations in
minutes. Of course, we need to balance
between the current resources that we
have and the grid resources that SAS
has at its disposal. In between, there lies
a solution that we can work with.
Hagström: What will be the benefits of
understanding risks in real time?
Ming Soong: In reality, I don’t need real
time. What we really need is something
near real time. Markets are changing
rapidly. The ability to understand market
changes before your competitors gives
you the additional advantage. It means
that we can take products to market a
lot sooner or exit markets a lot sooner.
Certainly, the speed also allows us to
dream bigger dreams and ask, “What
else could we do?” In practice, it gives
us a lot more value by being able to do
“what if” analyses on the fly. And we
have the added computational capacity
that would give us that additional edge.
IQ|1OQ1|P8
Risk in Banking
Hagström: If you can do this in two to
three minutes, what would that lead to?
How would that change what you are
able to do?
Ming Soong: It will enable risk man-
agement to demonstrate the effects
of large credit decisions to senior man-
agers. They will be able to see how
particular credit decisions impact the
entire portfolio in almost real time. Also,
if we have the capacity and the capa-
bility to make complex credit decisions
with any degree of accuracy or comfort
in near-real time, it could endear us to
our customers and create a safer envi-
ronment for us to operate. [The ability The current crisis
to perform valuation of collaterals more
frequently and accurately would lead to
has pushed us toward
the ability to accept narrower margins, a greater urgency to
build business volume and improve have a better
financial performance.]
understanding of
Hagström: How will these capabilities the interplay between
compare with other banks in the country?
the risk classes.
Ming Soong: I am sure my counter-
parts are also thinking about developing
similar capabilities. Our intention is not to
be the leader in risk technology. Our in-
tention really is to be able to put available
technology to work and to help us be a
more financially sound organization.
Hagström: What real problems would
the bank solve if you had this?
Ming Soong: For one thing, pricing. With
some of the complex transactions that
we do in-house right now, we don’t have
very much pricing capability. We back
out a lot of our transactions with other
counterparties, and we don’t warehouse
very much risk. In doing so, spreads are
given away. Being able to price better
and being able to understand our risk
P9|IQ|1OQ1
Risk in Banking
better allows us to warehouse risk, and
we keep the spreads.
Hagström: And as a chief risk officer,
how will near-real-time access to risk
calculations change your work?
Ming Soong: Oh, tremendously. It will
come to a point where it’s not enough
to be able to control risk. Our approach
to managing risk goes beyond just our
line of control. We look at how we could
deploy risk management resources to
help identify business opportunities.
We look at how we could deploy risk
management resources to contribute to
the financial soundness of the organiza-
tion. I’m altruistic about protecting the
broader financial system too. We have
a piece of the entire financial sector
jigsaw puzzle, and the financial stabil-
ity of any system can only be as strong
as the financial institutions themselves.
I can’t control what my peers do or
don’t do, but I certainly can make a
contribution through my organization by
ensuring, or at least contributing to, the
financial soundness of the organization.
Hagström: What about the individual
business units? If you are able to provide
them near-real-time risk calculations,
how would that change their work?
Ming Soong: For one, we can empower
the traders with tools to look at how they
can shape their portfolios. If they made
a decision that has shaped the portfolio
in a way that they had not intended, the
unwinding cost involved could be very
costly. Another potential is the ability to
perform scenario analyses to develop
a better understanding of how market
changes impact business portfolios,
whether it is by business lines or by
geography. The ability to develop better
business analytics can only result in
better information for decision making.
Hagström: What might be the broader
industry implications?
Ming Soong: This could offer a lot of
opportunities for us to engage the regu-
lators. The regulatory environment has
changed to the extent that there will be
increased requirements on banks to
perform stress testing. Another favorite of
the regulators right now is what they term
reverse stress testing: getting banks to
define the parameters that would break
their balance sheets. Such stress tests,
while extremely useful, are very intensive
computationally.
We need to be able to engage the regu-
lators and say, “This is where our current
capabilities are. Infrastructures may not
be sufficiently mature for us to do what
needs to be done. We recognize why it’s
important, but could we get some help in
terms of subsidies to help us achieve what
we as collective stakeholders need to get
done?” I know from conversations with
my peers that all of us are struggling with
this problem. When we started looking at
the SAS solution, this crisis hadn’t even
started to evolve yet. But our experience
has certainly put us on the right track.
And it would be worthwhile being able to
share this experience with our peers.
We’d like to have the rest of the indus-
try go on this journey with us rather than
going at it alone and saying, “We’re the
leader of the pack.” That doesn’t really
help the industry as a whole, at least
speaking from my position as chair
of the Risk Management Standing
Committee of The Association of
Banks in Singapore.
 IQ|1OQ1|P10
Risk in Banking

Hagström: Where do you see this solu- observing that trust has basically been
tion taking the industry as a whole three eroded. If an organization is able to
years from now? demonstrate that it knows where its I think what the industry
Ming Soong: I think what the industry
exposures are, and it is willing and able needs is positive creativity
to communicate that to stakeholders,
needs is positive creativity. I’m very cau- certainly that trust can be rebuilt. What … We need to be able to
tious when I use this term because we is more important to develop, and very see what available tech-
need to be able to see what available
technology there is, and ask ourselves
difficult to do so, is moral courage. And nology there is, and ask
that’s what it takes for a CRO to step up
what can we do with such technology? to the front and say, “Hey guys, I think
ourselves what can we
How can we leverage technology to we’re going down the wrong track.” q do with such technology?
help us do things better? I’ll give you How can we leverage
an example.
technology to help us do
Currently we have about 10 PhDs working things better?
in risk management, which is the largest
concentration of PhDs in the entire bank.
But we are not tapping their full potential.
They are pretty bogged down with model
validations. I would like to industrialize
that work, and I believe technologies
are in place for us to do that. Being able
to do so will free up those resources to
look at research and development work
in product development, market devel-
opment, you name it.

I see this solution as an enabler for the in-

dustry to develop better risk and business
analytics. With these, we have the basis
for moving towards a greater financial
and economic stability. When the indus-
try witnesses the capabilities, hopefully,
it will encourage a stronger risk culture
evolving into financial soundness.

Hagström: The global financial crisis

resulted also in a crisis in trust. Do you
believe that solutions of this nature can
help to establish more of that trust?

Ming Soong: The question of trust will

not be addressed by technology alone.
Banks and financial institutions are the
bloodline of the economy. You’re right in
P11|IQ|1OQ1
Risk in Banking

Grid computing primer

How to tackle large computational problems with grid computing
Etienne Hermand, Risk Management Consultant, SAS EMEA Risk Practice

The portfolio optimization and capital Let’s consider an optimization associated

allocation problem that international with N simulations to be performed on M
banks like United Overseas Bank (UOB) instruments with some of those M instru-
face is quite complex (see page 6). Their ments being valued using binomial trees
goal is to find a portfolio composition that or Monte Carlo simulations.
maximizes the bank’s expected return,
subject to a set of limits expressed in Parallel programming or grid computing
terms of risk measures and bounds. can speed up the optimization valuation
process at three different levels:
An example is maximizing a commod-
ity trading portfolio’s expected return for 1. At the simulations level: by splitting the
a given (99 percent one-day horizon) workload linked to the N simulations in
maximum value-at-risk level of US$1 x parallel streams.
million and subject to a diversification
2. At the portfolio level: by splitting the
rule that limits the exposure to a particu-
evaluation of M instruments into y
lar commodity to 10 percent of the total
parallel streams.
portfolio exposure.
3. At the instrument level: by splitting
Applying grid computing
the evaluation of the binomial tree
The optimization process for a problem
or Monte Carlo simulations into z
like this relies on the valuation of a set of
parallel streams.
N simulations – i.e. simulating possible
market conditions in a number of ways By making the valuation process faster,
and evaluating the assets’ value under parallel programming ultimately resolves
those conditions. The simulations are the optimization and capital allocation
based on simulated market states at problem faster.
specified future time points and can be
generated using different techniques,
including model-based Monte Carlo
simulations, covariance matrix-based
simulations, historical simulations or
scenario simulations.

Essentially, risk analyses that had to run in the
back office at the end of the day could now be run
in a few seconds at the front office.
Other uses for grid computing
Besides portfolio optimization, paral-
lel programming can reduce the time
required to perform many other risk
calculations and banking processes,
including:
1. Mark-to-market portfolio valuation.
2. Stress tests scenarios valuation.
3. Sensitivity analysis.
4. Value at risk computation.
In the past, these types of risk cal-
culations were often performed after
the fact or once the deal was done.
Grid computing makes it possible to
make that information available before
executing the deal, using real-time
and what-if calculations.
Benefiting the industry
While past gains in performance were
incremental and allowed the banks to
price instruments with more and more
precision, the new method of calculat-
ing risk using parallel pricing methods is
transformational: by reducing the time to
price an instrument by a factor greater
than 100. Essentially, risk analyses that
had to run in the back office at the end
of the day could now be run in a few
seconds at the front office.
IQ|1OQ1|P12
Risk in Banking
The bank’s Chief Risk Officer could
ultimately benefit from this solution by
being able to impose risk boundaries be-
fore they are broken. Likewise, the Chief
Financial Officer will gain on two sides:
Not only will his company behave in a
more controlled manner, but this will come
at a reduced cost, as the performances/
costs ratio gets higher and higher.
Overall, calculating risk in near-real time
will give the industry a tool to detect cat-
astrophic deals before they occur and
will help remove the Sword of Damocles
that the banking sector puts above the
global economy. q
ONLINE
SAS Grid Computing:
www.sas.com/technologies/architecture/grid
Etienne Hermand is a financial engineer with
broad experience in market risk, equity and
fixed income derivatives pricing. He especially
enjoys bringing new research development
from the academic and quantitative world to the
business arena. He holds a master’s degree in
civil engineering from the University of Louvain
and an MBA from Columbia Business School.
P13|IQ|1OQ1
Performance Management in Banking
Toward total bank
performance management
Commerzbank looks to SAS – from marketing to sophisticated risk management
®
The longest journey starts with a
single step – even if the destination is
total bank performance management.
Commerzbank took the first step on this
journey with SAS many years ago in 1982.
Germany’s second-largest credit institute
depends on SAS Business Intelligence
for optimizing its sales performance
management, reporting, planning and
implementation of marketing campaigns,
and credit risk performance manage-
ment. Recently, it added the SAS
for Performance Management solution.
Dresdner Bank, which merged with
Commerzbank in May 2009, uses SAS
for core company functions, such as de-
veloping methods to determine, validate
and calibrate credit risk parameters.
Commerzbank is one of Europe’s
most important credit institutions, and
its merger with Dresdner Bank made
it one of Germany’s leading private
and commercial banks. The new
Commerzbank has nearly 15 million pri-
vate and corporate customers around
the world, and its approximately 1,200
branch offices surpass the amount
of any other German bank.
Regulatory requirements
met with SAS®
Over the years, the relationship between
SAS and Commerzbank has changed
dramatically. Where SAS was formerly
a software vendor, it is now a strategic
partner of this well-known financial insti-
tution. Commerzbank no longer looks to
SAS just for reporting and controlling, but
also depends on it for strategic areas like
credit risk performance management. A
reporting and analysis system developed
jointly by SAS and Commerzbank is a
central element of companywide credit
risk controlling, and allows individual
evaluations (such as portfolio analysis
breakdown) by ratings or industries.
The system uses the Commerzbank
central risk data warehouse as a
management information system. It
constantly monitors the risk situation,
including vulnerability analyses and the
early recognition of negative trends. The
result is a system that provides a sound
basis for the definition of risk-related
actions. There is a consistent, correct
and reliable overview of the credit risk
management situation.

Frankfurt skyline, including the Commerzbank tower (center).
High-speed reporting
Commerzbank also developed its sales
performance management system to-
gether with SAS. Appropriately named
“Performance Manager,” the new solu-
tion provides transparency in the bank’s
private customer business and enables
performance-based management.
Now all information and data are brought
together in a truly unified system.
Formerly, there were different tools
for different questions and areas (e.g.,
controlling new and existing business).
These tools are now integrated. Depend-
ing on the task, the solution gives its
approximately 6,000 users daily, weekly
or monthly reports. This provides
Commerzbank with truly standard
reporting for its branch sales, using the
same system and methodology for all
areas and users, and delivering uniform
and consistent information. Performance
Manager provides individual users with
data that’s important to them. Thus,
customer representatives get a view of
their key results and activities: revenue,
customer and volume growth, appoint-
ments and sales closed.
Integrated campaign
drives marketing ahead.
For many years, SAS has provided
Commerzbank with tools for control-
ling, performance and risk management.
IQ|1OQ1|P14
Performance Management in Banking
Now, the bank is also relying on SAS’ an-
alytical expertise for its marketing efforts,
including data integration, data mining, Bank expands use
reporting and campaign management. of SAS expertise
®
With SAS Marketing Optimization, The successful merger of Commerzbank
Commerzbank can change its marketing with Dresdner Bank created a new lead-
strategy. Marketing was formerly cen- ing bank in Germany. SAS for Performance
tered on individual products and finding Management will be used companywide
the right customers for each, but now at the new bank to alleviate post-merger
the focus is on the customer. For each business pains, including the reorgani-
customer, Commerzbank can identify zation and expansion of existing control
the products and sales channels that will systems. With this decision in favor of
SAS, Commerzbank once again illustrates
bring the most revenue. At the same time,
its strong understanding of the value SAS
the bank can center campaign planning
software provides. Consequently, its usage
around objectives other than business- of SAS has grown broader.
field revenue, such as representative
capacity or business volume. q
ONLINE
Banking performance management:
www.sas.com/industry/banking/spm/
Special, 52-page report on banking
and financial services:
www.sas.com/apps/forms/index.jsp?id=pmsupp
 Egyptian Plovers aren’t picky about where they find food.
They can’t resist taking perilous chances.
But you can. With proven risk management software and services from SAS.

www.sas.com/plovers

SAS software helps companies a c r o ss every industry discover innovative ways to i n c r e as e profits, manage risk and optimize performance.

SAS® for Enterprise Risk Management

Visit www.sas.com/plovers for a free white paper

• Compliance • Fraud detection and prevention

• Credit risk and scoring • Operational risk
• Market risk • Risk-based performance management

SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies. © 2009 SAS Institute Inc. All rights reserved. 00000US.0109

How do social groups
affect your business?
From identifying influential consumers to nabbing fraud rings, social network analysis
digs into social group dynamics and presents a clear picture of connections
Héctor Cobo, Director of Professional Services for SAS Latin America North
While the study of human relationships
has existed for centuries, it was not
until 1908, when Georg Simmel presented
his network-based analysis, that social
systems were depicted through graphs
that used nodes to represent individuals
and ties to represent the relationships
between them. Known as social network
analysis, the types of relationships that
make up a network can be diverse,
including friends, classmates, deposits,
purchases and personal interests.
Social networks allow us to recognize
and understand customer behaviors
that, as isolated behaviors, might other-
wise seem ordinary. A closer inspection
of customer behaviors is now possible
through advances in computer sys-
tems and through historical data about
customer transactions. In many cases,
these tools allow us to identify the
relationships that customers maintain
by way of their transactions, contact
information, addresses, telephone
numbers, acquaintances or referrals.
How can social network analysis be
applied to your business? Here are a
few examples:
• Banks use it to detect money laundering.
•T
 elco marketers use it to identify the
most influential members of a social
community.
IQ|1OQ1|P16
Fraud in Banking
• Credit providers use it to better assess
the risk of individual applicants.
Recognizing fraud
Banks maintain information regarding
transactions that occur between
accounts. If we link these transactions
and factor in demographic information
– and the times at which the transac-
tions occurred – we can create a social
network that identifies communities
or groups of connected people within
the network. These communities could
be friend groups, family groups who
live in separate homes, or groups of
individuals organized to commit fraud
or money laundering.
Social network analysis identifies
behaviors because it analyzes rela-
tionships on multiple levels. Instead of
linking only one account with another, it
links all accounts that have had some
sort of relationship during a given period
of time, assessing these relationships
and identifying high-risk groups.
Marketing to the leaders
In marketing terms, social network
analysis can identify the most influen-
tial members of a community or social
group. These individuals are invaluable
if you want to quickly spread a marketing
campaign. As leaders, they are well-
connected and have a high response
level within the community.
P17|IQ|1OQ1
Fraud in Banking

Like Kryptonite
for fraudsters
How does SAS Social Network Analysis
keep fraudsters at bay? No other fraud
solution provides the same level of
detection, automation and ease of use.
With SAS, you can:
• Visualize social networks and see
previously hidden connections and
relationships in a highly intuitive manner.
• Achieve unrivaled detection rates using
advanced data network building and
analytic techniques.
• Maintain extremely low false-positive
rates with true large-scale network
analytics that deliver more alerts than
ever before.
• Perform supervised and unsupervised
scoring, using predictive analytics to
spot anomalies in the data.
• Gain a true enterprise view of fraud
by aggregating alerts from multiple
systems into a single environment.
• Increase ROI per investigator tenfold
with fewer false positives, prioritization
of higher-value networks and more
accurate, efficient investigations.
For example, telephone and cellular
telephone companies collect data about
customer phone calls. A social network
analysis of this data can identify highly
related telephone user communities
through processes that increase con-
nections among these communities
and separate telephone users into dis-
tinct groups. The ages, socioeconomic
levels and needs of a particular group
can be inferred based on community
characteristics, allowing telephone
companies to develop new products
and marketing campaigns directed
at the leader and more influential
members of that community.
By marketing to the community lead-
ers, the number of contacts is reduced
and the campaign’s reach is broadened
at reduced costs. Campaigns aimed
at the specific needs of a community
can increase group loyalty and create a
new draw to the community.
Assessing credit risk
Credit approval has been so well studied
that few people believe any new
information exists on the subject.
However, social network analysis can
be employed to qualify individuals who
request loans. Advanced methods
evaluate individuals not only by their
defining characteristics (as is standard
practice), but also by the risk that
such individuals pose based on their
membership within a given social
group. Social network analysis can
be used to enhance standard credit
scorecard models with variables that
evaluate an applicant’s social environ-
ment. The examples provided here are
only a few of the many applications of
social network analysis. In general, it al-
lows us to identify complex relationships
that cannot be identified any other way.
Today, social network analysis makes it
possible to study social networks made
up of millions of members, connected
through their communications, bank
transactions, homes, shopping centers
and more, in a matter of hours.
Social network analysis focuses on
the relationships between individuals –
without prejudice or too much attention
to the characteristics of the individuals
themselves – such as age, salary and
education. It is precisely this focus on
relationships that has proven to be an
effective factor for the purposes of
information dissemination, campaign
management, disease control, con art-
ist identification, exposure of complex
money-laundering schemes, detection
of tax evasion and client retention. q

Héctor Cobo is the Director of Professional Services

for SAS Latin America North. Over the course of his
career, he has specialized in developing business
intelligence projects focused on improving a
company’s relations with their customers to increase
client retention rates and extend their life cycle. He
has carried out multiple projects in the financial and
telecommunications industries. Hector.Cobo@sas.com
 IQ|1OQ1|P18
Fraud in Banking

Social network analysis: Dashboard metrics

SAS Social Network Analysis includes reporting and dashboard capabilities to help track fraudulent claims by region,
calculate amount of claims by channel, and integrate additional fraud and audit reports. Dashboard metrics and displays
are customizable and the interactive dashboard provides critical information and reports formulated to meet user needs.

Social network analysis: Node details

In this fraud scenario, people with different names were opening accounts, but they were linked by a similar
address or phone number. This social network analysis view shows a first-party fraud ring with open, unsecured
credit lines (green nodes) and a suspicious mortgage application (red node). Note the number of open credit lines
that could indicate a “bust out” fraud ring.
 P19|IQ|1OQ1
Fraud in Banking
Fraud detection
with a rapid return
Within months, Commonwealth Bank of Australia
sees 95 percent increase in check fraud detection efficiency
Using SAS, the Commonwealth Bank
of Australia has detected twice the level
of check fraud than in its previous sys-
tem and had a 60 percent improvement
in Internet banking fraud-alert volumes.
John Geurts, Executive General Man-
ager for Group Security and Chief
Security Officer, offers his thoughts about
Commonwealth Bank’s use of SAS and
®
the importance of taking a unified look at
financial crimes.
Banks often take a siloed approach to
addressing fraud – check fraud is han-
dled by one group, credit card fraud
by another. The Commonwealth Bank
has taken a single platform approach
to address all financial crime,
including money laundering. Why did
you choose a platform approach?
Geurts: Financial crime is constantly
evolving. Local and transnational crimi-
nal groups are very fluid in their structure
and approach. Equally as important, the
Commonwealth Bank provides a range
of integrated financial services that
include retail banking, private banking,
business banking, institutional banking,
funds management, superannuation,
insurance and investment, and share
brokerage products and services.
We adopted a platform approach
because we needed a holistic view
of fraud and financial crime that was
independent of product, channel or
geography. We were also looking to
achieve an economy of scale, reduc-
ing data storage costs, enabling reuse
across the group. In addition, we needed
the flexibility to add new products,
services and channels to the platform
at a far lower incremental cost than
installing another customized fraud
detection system.
An integrated approach also provides
us with the data integrity and modeling
sophistication that allows us to make
substantial operational improvements
in alert volumes, false-positive ratios
and rate of fraud detected. We simply
needed to be able to future-proof
our fraud systems to adapt to any
foreseen or unforeseen changes in
our business requirements.
Did you migrate everything at once?
Geurts: No, we took a staged approach
with our financial crimes platform and
have migrated our siloed capability onto
the platform, including: Internet fraud,
internal (staff) fraud, application fraud,
check fraud, merchant fraud and debit
card fraud. We also use the platform to
conduct the analysis required to get the
best out of our credit card fraud system,
which is provided by a bureau. And
of course, transaction monitoring for
anti-money laundering/counterterrorism
financing compliance uses the same
platform. This has saved us an enor-
mous amount of data integration and
data management rework.
How did you address the issue of staff
malpractice or internal fraud, which
is an area that you can’t typically get
from an “out of the box” solution?
Geurts: I must make it clear that we
do not specifically monitor our staff’s
bank accounts, which is a common
misperception. Our staff members are
entitled to the same degree of privacy
and protection that all of our cus-
tomers receive. I believe we have a
sophisticated approach that balances
the need for privacy with the need to
protect the group and our customers
from internal fraud.
In the past, it felt a little like finding a
needle in a haystack. We understood
most of the methods of how one would
commit such crimes, but it was almost
impossible to detect who was perpe-
trating these acts without detailed data
readily available. You are dealing with
individuals who know and have access

to the bank’s systems and have an
understanding of our internal control
environment. This is the value of a
platform approach, enabling sophis-
ticated models and data mining to
detect unusual behavior between our
staff and single or multiple accounts
held with the bank.
Internal fraud shares a number of
behaviors with suspected money
laundering and terrorist financing. So
we need to look at a range of data
sets that are not just related to bank
accounts, an approach that requires a
platform view. We also uncovered both
check fraud and application fraud – you
couldn’t get this detection capability
without a platform approach.
Did your aggressive goals for fraud
detection present new challenges in
terms of the data required?
Geurts: We initially underestimated
the complexity of the task. The data
previously available was never de-
signed to assist us with what we were
now looking to achieve. The level of
aggregation and the availability of data
were not appropriate. To overcome
this, we needed to extract some data
from the source systems, particularly
for the bank’s demand deposit system.
We had to prioritize where to start,
which system to address first, and
so on. This was a huge undertaking
but when I look back I realize that, in
building such a significant asset to be
leveraged by the Commonwealth Bank,
getting the data right was critical.
What results are you seeing so far?
Geurts: Check-fraud detection efficiency
has improved from a false-positive rate
of one in 2,000 to approximately one in
100 – which is a 95 percent improve-
ment, with a similar improvement in alert
volumes. We are also detecting twice the
IQ|1OQ1|P20
Fraud in Banking
level of check fraud in the SAS-based
FCP [financial crimes platform]. We have
achieved more than a 60 percent im-
provement in Internet banking fraud-alert
volumes and are detecting a higher rate
of fraud; we are consistently achieving a
one to 12 false-positive ratio in our cards
fraud-detection platform, which again is
better than industry benchmarks.
Most importantly, on an indexed basis,
our check and Internet fraud loss-to-
turnover ratios are 50 percent and 80
percent better, respectively, than five
years ago, and our card fraud losses are
marginally better. Given the sustained
growth in business volumes in those
five years, the reduced loss ratios have
translated to a real and substantial
reduction in fraud loss expense for the
group since the FCP was implemented in
July 2007.
What ROI did you achieve? “The reduced loss ratios
Geurts: We achieved very rapid benefits, have translated to a
within months, in terms of the efficiency real and substantial
of the rate of fraud detected as well
as the financial benefit from retiring
reduction in fraud
multiple legacy systems. As we’ve loss expense for the
grown, we haven’t had to add staff. The Commonwealth Bank.”
staff we have can handle the work with
John Geurts,
help from the SAS solution.
Executive General Manager
What did you learn from for Group Security,
the experience? Commonwealth Bank of Australia
Geurts: We need to access highly gran-
ular data at its source, that the system
must be used for transactional analysis,
modeling and data discovery, and that
your implementation partner is impor-
tant. SAS brought a significant amount
of knowledge to this solution. q
ONLINE
SAS Fraud Framework:
www.sas.com/industry/fsi/fraud
 P21|IQ|1OQ1
Fraud in Banking

Royal Bank of Canada avoids

$15 million in credit fraud losses
How to prevent fraud without affecting legitimate customers

According to a Government of Canada

1
report, the Canadian banking industry
estimates that losses from mortgage
fraud range into the hundreds of millions
of dollars annually. Mortgages are just
one product within a bank’s credit port-
folio, so this represents a mere fraction
of the total lost to fraud each year. Royal
Bank of Canada (RBC) wanted to use
analytics software to predict credit fraud
“Since we launched our SAS-supported as a way of preventing such theft before
fraud-rules engine, RBC has avoided approximately it happens – without affecting its relation-
$15 million in credit fraud losses.” ships with legitimate customers.

Brian Samarasekera, Head of Fraud Risk, Analytics and Detection, RBC “The best possible antifraud scenario is
to prevent it from happening in the first
place, but it’s a fine line between man-
aging your customer relationships and
catching fraudsters – you don’t want to
interfere with providing service to good
customers,” said Brian Samarasekera,
Head of Fraud Risk, Analytics and
Detection, RBC. “Lending products like
mortgages, loans and credit lines are
highly competitive, so it’s essential to
hit the fraudsters only and not impact
people who might go to another bank if
they have a bad experience.”

RBC wanted to address what

Samarasekera described as “a sizable”
fraud loss component in its credit portfo-
lio of mortgages, loans and credit lines. As
head of the bank’s Fraud Risk, Analytics
and Detection team, he was tasked with
developing detection tools to prevent
Left to right: Kameron Yiu, Analytics and Modeling Manager, and Brian Samarasekera, Head of Fraud Risk, Analytics and Detection as much fraud loss as possible, without

diminishing business growth or affecting
RBC’s standing with customers.
Credit application documents contain
information provided to the bank by
customers applying to borrow funds.
According to Samarasekera, SAS
enables RBC to develop solutions to
assess the veracity of customer informa-
tion at a more advanced, detailed and
corroborative level, ultimately helping the
bank differentiate between fraudulent
and legitimate credit applications.
Previously, RBC had depended primar-
ily on base-level fraud rules, negative
file and credit bureau fraud alerts to
identify and prevent credit fraud. The
bank wanted a more effective method
to stem its fraud losses.
“We were having difficulty bringing
together disparate data – both from in-
ternal and external sources – and initially,
we did not know what information was
important to us in predicting cases of
fraud,” Samarasekera explained. “But we
knew we needed an advanced analytical
tool to help us analyze all of these dispa-
rate data in order to make decisions.”
Kameron Yiu, Analytics and Modeling
Manager within Samarasekera’s unit,
said it was clear that SAS 9.2 was the
best option for building a solution given
his team’s familiarity with SAS and the
software’s reputation as a powerful
analytical tool within RBC and the in-
dustry as a whole. With SAS Business
Analytics, RBC is now able to bring
together disparate data – including ap-
plication data, bureau data, negative
file data and derived-value data – to
perform sophisticated data mining,
matching and relationship analyses as
a means to detect fraud.
“Data never corrupts on its own. If you
have the right tools to get at the data,
then all the nuggets of relevant infor-
mation can be skimmed to the top,” Yiu
explained. “A good data management
tool is essential because you tend to
find seasonal spikes, recurring patterns,
demographic patterns – all kinds of
information that you can carve from data
by using the right tools. SAS allowed us
to develop a substantially sanitized data
environment which was conducive to
building and validating a few decision
tree models that provided us with
suites of fraud rules to target suspected
fraudulent credit applications.”
The fact that SAS has joined forces
with enterprise data warehouse leader
Teradata to optimize how their two
systems work together was beneficial
to RBC. With the integration of the two,
RBC leverages the power of SAS using
the Teradata Customer Enterprise
Data Warehouse as a single source of
information rather than the multiple
sources that existed before. This pro-
vides RBC with the ability to execute
more quickly on the newest available
customer information containing fraudu-
lent or suspicious indicators.
IQ|1OQ1|P22
Fraud in Banking
®
Yiu’s team used SAS/STAT to develop
spatial mapping to derive fraud predic-
tive values and identify the movement
of fraudsters. This enabled the team to
recognize relationships between fraud-
sters’ behaviors and target areas where
fraudsters are most likely to strike.
“The clustering functionality in SAS
helps us build effective models by iden-
tifying the most significant predictive
variables; we use SAS’ segmentation
methodology extensively to identify
and differentiate fraudulent application
patterns,” Yiu said.
SAS Business Analytics also helped the
team manage the false-positive ratio of
the fraud rules by containing it to accept-
able levels, thereby minimizing negative
impact on legitimate customers.
“Since we launched our SAS-based
fraud-rules engine 12 months ago after
having created a complementing robust
operational/investigative environment
to treat alerts, RBC has avoided ap-
proximately $15 million in credit fraud
losses – a number represented by
applications flagged as potential fraud
and confirmed so upon investigation,
but derived net of all secured provisions,”
Samarasekera said. “Coupled with the
manageable false-positives, we view
that as a huge success.” q
1
Mortgage Fraud and Organized Crime in Canada:
www.cisc.gc.ca/products_services/mortgage_fraud/mortgage_fraud_e.html
 P23|IQ|1OQ1
Fraud in Banking
You become the hunter
and they become the prey
Alison Bolen, Intelligence Quarterly Editor-in-Chief
Is it even possible to reduce fraud? After
all, today’s fraudsters are smart, global,
networked and high-tech. As soon
as you catch one, another steps in.
And once you put a system in place to
combat a certain type of fraud, a whole
different type of fraud appears that you
probably never anticipated.
“Fraudsters are very much like a pack of
wolves,” says Chris Swecker, corporate
security expert and former Assistant
Director of the FBI. “And the financial
institutions are the prey: They’re
really trying not to be the next victim,
and they’re trying to outrun each other
Chris Swecker, corporate security expert and former or hide the best they can.”
Assistant Director of the FBI
But it doesn’t have to be that way. “I
think those roles can be reversed,” says
Swecker. “With the help of analytics de-
signed to look at ring-related network
activity, you become the hunter and the
fraudsters become the prey.”
Rex Pruitt, a Business Analyst at
PREMIER Bankcard LLC, agrees that it
is possible to reduce fraud, and he has
the numbers to prove it. Using predictive
models to anticipate fraud activity before
it occurs, his organization reduced the
rate of fraud in its portfolio from 6.7
percent down to 3 percent.
Rex Pruitt, Business Analyst, PREMIER Bankcard LLC
“That equates to about $9 million in
total revenue to the company,” says
Pruitt. “You gain a lot by being able to
identify those fraudsters.”
How does it work? The predictive model
identifies fraudsters with a score during
the application process. Accounts iden-
tified as fraudulent are eliminated from
the portfolio before the bank has even
incurred the cost of fraud. Rex says early
identification can also free up volume
capacity, so the bank can bring on more
good applicants.
The final result is a 36 percent reduc-
tion in first-pay defaults, which equates
to around $21.3 million in annual cost
savings and revenue opportunities. “We
saw millions of dollars worth of oppor-
tunities and gains by implementing SAS
solutions and optimizing our ability to
identify fraud and eliminate it from our
portfolio,” says Pruitt.
To build on the type of analysis PREMIER
is already doing, Swecker suggests
banks use network analysis to identify
rings of fraudsters that can be observed
in the bank’s data. “You’re not going
to eliminate fraud – but you can create
better deterrents and a much higher-risk
environment for fraud,” he says. “The
 IQ|1OQ1|P24
Fraud in Banking

record is very clear: The way to get at
financial crimes is to look at them, address
them and detect them as a network.”
Swecker worked with a large, internation-
al bank on a networked fraud detection
project using SAS and was able to identify
40 new fraud rings almost instantly. “We
had billions of transactions, hundreds of
thousands of customer accounts, and a
myriad of products and services. SAS
provided a way to look at the data and
see the broad network activity that’s
going on using our own data.”
Swecker says there’s a clear supply
chain that you can see when investigat-
ing networked crimes, especially with
Internet crime: You have individuals
who steal and sell the data, buyers
who usually resell it, and eventually the
data makes its way to the people who
exploit it by manufacturing credit cards
and debit cards, which then pop up
somewhere in the hands of someone
committing the detectable fraud act.
Currently, most financial institutions
have systems for day-to-day detection
of fraud, including fraud monitoring
and anti-money laundering alerts. That,
according to Swecker, is a very one-off
approach. Anytime an organized activity
is identified within these current systems,
it’s almost serendipitous. It’s not a sys-
temic way of identifying fraud networks.
In fact, we know an intersection between
fraud and money laundering exists. “If
you take virtually any terrorist network
or related prosecution across the world,
you will probably find criminal statutes
and criminal activity involved,” says
Swecker.
The former federal investigator is ada-
mant that the best way to fight back
is to identify the fraudulent networks.
“Whether it’s a front-end detection tool
that scores the likelihood of any transac-
tion coming from a fraud network, or an
analytic solution on the back end, after
you have an investigation of a known
fraudster, you can network out his
malignant social network and look at
the whole picture.”
Together, network analysis and predic-
tive analysis give financial institutions the
ability to identify the network, determine
critical targets, and predict when and
where targets may take advantage of an
opportunity. q
ONLINE
SAS CEO gives a demo of social network analysis:
www.sas.com/fraud-snademo
Social network analysis:
www.sas.com/fraud-sna

“I’m careful not to use the word ‘or-

ganized crime,’ because it’s ‘network
Alison Bolen is the editor of Intelligence Quarterly and
crime,’” says Swecker, and there’s a dif-
the sascom voices blog, where SAS experts publish
ference. “It’s not like a hierarchy with a their thoughts on popular and emerging business and
crime boss on top and layers below him technology trends worldwide. Since starting at SAS in
in an org chart. Fraud networks are spi- 1999, Alison has edited print publications, Web sites,
dered out. It is a network, and we ignore e-newsletters, customer success stories and blogs.
the network at our own peril.”
P25|IQ|1OQ1
Fraud in Banking
Global financial services leader
relies on SAS for comprehensive
fraud detection
Aiming to reduce its global losses from
fraudulent transactions and rapidly
changing threats, HSBC has deployed
SAS Fraud Management as the foun-
dation for its real-time fraud detection
and ongoing fraud management across
its global network. The solution is live in
the US, Europe and Asia, protecting 100
percent of credit card transactions in real
time. HSBC envisions expanding these
initiatives to encompass fraud across
multiple lines of business and multiple
sales channels.
The credit card transaction request
comes in – a $4,500 purchase for a
high-end, flat-screen high-definition
television – and you have one second to
make a high-stakes decision: Approve
it or reject it as potentially fraudulent.
If you reject a legitimate purchase, you
anger a loyal customer, lose the fee
income from the purchase and risk an
account churn. But if you approve a
fraudulent purchase, you’ve allowed
your customer to become a crime vic-
tim, and ultimately, your bank is out
$4,500. With fraud levels surging around
the world, banks are facing greater
regulatory scrutiny, as well as the risks
®
associated with damaging publicity
from fraud. The ability to correctly make
these split-second decisions – before
the fraud occurs – is more important
than ever.
With assets of approximately US$2.5
trillion, HSBC Holdings plc is one of the
world’s largest banking and financial
services organizations, serving more
than 100 million customers through
10,000 offices in 86 countries and ter-
ritories. Not surprisingly, combating all
forms of fraud – payment cards, online
transactions and even first-party (cus-
tomer) fraud – has vaulted to the top of
the corporate agenda.
According to Derek Wylde, Head of
Group Fraud Risk, Global Security and
Fraud Risk for HSBC, the bank has
extensive anti-fraud policies that span
the entire enterprise. A big part of a
bank’s relationship with customers is
giving them confidence that you are
protecting them against fraud, and
balancing that with their need to have
access to your services. “Fraud losses
are true operating costs that go directly
to the bottom line and affect our ratios,”
he said. “So, it’s an incredibly important
focus for HSBC. Like most institutions,
we’ve implemented policies to segregate
duties, create dual controls and estab-
lish strong audit trails to spot anomalies.
But what sets our anti-fraud strategies
apart is our commitment to technol-
ogy to monitor and score the millions of
transactions we process every day. SAS
Fraud Management is the cornerstone
of these efforts.”
A development partner
“We’ve enjoyed a long partnership with
SAS in many areas of our organization,”
Wylde said. “When we were listing the
criteria for a fraud management partner
– global reach, analytical strength and
collaborative abilities – SAS was the
logical choice. We liked that, starting
out, this wasn’t an off-the-shelf product.
It was exciting to be able to help develop
the requirements and have some mean-
ingful interest in the direction that the
product has taken.”
HSBC’s first implementation of SAS
went live in the United States in June
2007. “The US is our biggest portfolio –
we have about 30 million cards issued

there,” Wylde said. “That’s an awful lot of
transactions with significant spikes, but
they’re all scored seamlessly in real time.
In fact, we have very little downtime with
SAS. It’s very stable and very fast – and,
obviously, those are key.
“We wanted to have the biggest impact
as quickly as possible with SAS – and
that’s certainly the case with the US de-
ployment. Since then, we’ve fully imple-
mented in a number of other markets.
The UK market is fully protected by SAS
for both debit and credit cards, and we’ve
implemented in eight other countries in
Asia. As the deployments have contin-
ued, we’ve been able to do more of the
work ourselves – but SAS is still there if
we need the help. We anticipate rolling
out SAS to protect the remainder of our
card portfolio in the next 24-36 months.
“We’re very pleased with the SAS mod-
els,” he said. “In particular, we’ve found
that our detection rates on debit ATM
transactions have been very, very good.
We believe we have the best anti-fraud
models that the marketplace can of-
fer right now. The proof is in our fraud
numbers – our detection rates and our
false-positives – which continue to
meet our aggressive goals.”
Staying a step ahead
of the fraudsters
Of course, financial fraud is an incred-
ibly dynamic phenomenon – and fraud
models have a very short shelf life. Once
HSBC closes up one loophole, thieves
devise new threats to exploit other po-
tential vulnerabilities. As a result, fraud
monitoring algorithms and scoring mod-
els require constant refreshing. “Because
of the nature of this battle, it’s critical
to constantly monitor fraud detection
IQ|1OQ1|P26
Fraud in Banking
performance,” said Wylde. “Our solution through the same solution and a single
from SAS provides a wealth of up-to- database. Most banks still operate in
date information about the performance silos, with one system for monitoring
of our fraud defenses and allows us to credit cards, one for debit cards, one
adapt, as needed, to battle changing for checks, and others for monitoring
threats. We also need different models online and telephone payments and
for different regions of the world. The staff activity. According to Wylde, even
models that have been developed and though the institution is using the same
deployed by SAS have helped us to de- solution in each area, it is less likely to
tect these evolving threats. We’re very, catch the fraudster because the areas
very pleased with the results. SAS has aren’t communicating with one another.
been able to identify individual fraudulent “It’s also a better customer experience
transactions much more effectively than to be consulted once, instead of three
any other solution we’ve deployed.” separate contacts,” explains Wylde.
According to Wylde, SAS has been
Expanding to other channels
an ideal partner to work with in
Moving forward, HSBC is expanding
achieving its impressive results and pur-
its SAS deployment to monitor multiple
suing its future objectives. “We’ve seen
transactions across different channels
some quite exceptional improvements
to obtain a customer-centric view of
that exceeded the results we achieved
fraud threats. Rather than have sepa-
rate, isolated teams looking at online with previous systems,” he said. “SAS
is committed to ensuring that we con-
bill payments, debit-card transactions
tinue to have a leading-edge anti-fraud
and credit-card purchases, HSBC will
solution. We are very pleased with the
be using SAS to look at that data in the
results. Our IT guys like it, the business
aggregate. “Sometimes there are sub-
guys like it and the finance guys like it
tler threats that – when viewed sepa-
as well. Fraud analytics can often bring
rately – can appear benign. But when
significant benefits, and that’s certainly
you bring them together, you can spot
been our experience with SAS.” q
fraud earlier,” said Wylde. “For instance,
if a customer’s credit card is used
shortly after his debit card and there
is also activity on the Internet banking
ONLINE
channel, you don’t want all of that ac- For up-to-date financial services information,
tivity being reviewed by three separate subscribe to SAS Financial Services News:
analysts in three different locations. In- www.sas.com/news/newsletter/fs
stead, all of your customers’ transac-
tions should be viewed together – in a
customer-activity detection system.”
HSBC Hong Kong will be the first to
use the new integrated system from
SAS. The system will screen all of a
customer’s non-card transactions and
put all forms of payment transactions
SAS Institute Inc. World Headquarters   +1 919 677 8000
To contact your local SAS office, please visit: www.sas.com/offices
SAS and all other SAS Institute Inc. product or service names are registered trademarks or trademarks of SAS Institute Inc. in the USA
and other countries. ® indicates USA registration. Other brand and product names are trademarks of their respective companies.
Copyright © 2010, SAS Institute Inc. All rights reserved. 551047.0110