It won't be long before computers – using some of the latest developments in artificial intelligence or machine learning – will be able to sift through mountains of invoice and procurement data to identify potentially fraudulent transactions.
That's according to research by Consider Solutions, presented at EuroCACS 2016 in Dublin by COO Hans van Nes. The research points toward the development of systems that will revolutionise financial auditing and fraud control by training computers that can “learn” to recognise anomalous invoicing and procurement patterns.
Van Nes said that existing fraud detection software relied on the development of complex pattern matching rules to identify suspect transactions. The problem with this approach, he said, is it relied on human intelligence to create the rules which can be imperfect and time consuming. This type of software would only find something if there was an exact match or it might work on the basis of “fuzzy” matching but it would still be limited.
For these systems to work, the data that's fed into them has to be carefully structured so the rules can be applied. In addition, as new rules are developed to deal with new frauds, the smart fraudsters simply change their game.
“Wouldn't it be perfect to just have a blob of data and a machine with learning capability to go over the data and find anomalies?” said van Nes. “That's the topic of our research.”
Invoice fraud can be difficult to detect but the more data you can examine, the more correlations that can be made to find the anomalous transaction – and there can be hundreds of data points to look at. For instance, an invoice might look legitimate unless you happen to know that the payee's bank account number matches the bank account of one of your employees.
According to van Nes, AI can combine numerous views of different data sources to find discrepancies, producing results which yield far fewer false positives than other methods.
One of the challenges with AI systems is the presentation of the data. As he says, “Too much love will kill you – if you present too much information then no one will do anything with any of it because it is overwhelming.”
Artificially intelligent computer software will do much to revolutionise the way intelligence is generated from vast quantities of data, he said.
“Much of governance, risk and compliance implementations nowadays simply produce reports every month, every quarter, every year and nothing is being done with it – it is just to satisfy the auditors,” he said.
“We have the idea that you [should] do these things to improve the operation, the bottom line. So what you need to present is business relevant stuff, not volume,” he said.
During the Q&A after the presentation, some of the audience questioned how to make a business case for this technology to senior management when you don't have cases of fraudulent activity to use to demonstrate the need for it.
The answer, said van Nes, is in the data – run your corporate data through these systems and it will turn up anomalous activity which you can then investigate. It doesn't preclude the need for human intervention, it's merely another tool in the arsenal for identifying transactions, which might be caused by human error or as a result of an attempt to defraud the organisation but can be identified because they don't fit the norm.