Our Wired World

The New Income Protection

Leveraging machine learning to detect and prevent fraud in retirement accounts

by Varun Sood

Mr. Sood is an Engagement Manager with EXL Service and has over 15 years of analytics consulting experience primarily in the insurance domain. He has managed and led several large analytics engagements in areas like risk, fraud, collections, pricing, operations and customer analytics for various large corporations across the globe. Visit exlservice.com/

Retirement account scams have been increasing steadily and made up 9% of non-credit and debit card fraud in 2018, up from 3% in 2017 as per a study on consumer fraud from Javelin Strategy & Research. Fraud cases have increased despite many financial institutions introducing fraud prevention solutions like two-step authentication. Scammers are becoming more adept at taking over mobile phone accounts to gain temporary passwords, with the number of victims of such cases doubling to 680,000 last year according to WealthManagement.com.

Due to the increasing sophistication of fraud prevention techniques in the banking and credit card industry, retirement accounts, which typically have a much higher balance, have become an easy and lucrative target for the fraudsters. All types of accounts including 401(k) or 403(b), IRA, and Health savings account are at an increased risk of being defrauded. The fraud incidents not only result in a financial loss for the financial organizations but also diminished reputation and brand value along with additional cost burden of performing a manual investigation of a large number of cases which soon becomes unmanageable and non-scalable.

Many companies in the past used to accept a certain amount of fraud as a “cost of doing business.” But given heightened regulatory scrutiny—and, more importantly, the speed with which once-private errors now become public knowledge via social media—there’s more at stake than just bearable direct cost. Left unchecked, even minor incidents can raise questions on the organization’s integrity and vigilance.

Retirement Transaction Fraud

Fraudulent transactions on a retirement account can happen using various methods to steal personal data by exploiting a vulnerable link in the transaction journey and making a withdrawal through any of the available channels. Reliance on basic fraud rules, data silos and inability to utilize unstructured data are the key challenges organizations are facing in countering emerging forms of financial crime and the increasingly sophisticated groups who commit them.

Because conventional fraud management depends on rules, it assumes fairly specific knowledge of previous fraudulent behaviors. It’s also labor-intensive, since it requires subject-matter experts to write, apply, and continuously modify these rules. In practice, traditional fraud management also typically looks at business risks in isolation while ignoring the interactions and patterns. It’s an inefficient model that’s not able to quickly counter evolving fraud schemes and behaviors. So companies keep bearing loss—and are always a step behind.

The Advanced Analytics Intervention to Counter Retirement Frauds

As businesses continue to move more of their operations online, there is a growing need for adaptive security solutions that protect data assets, improve compliance, and manage risk. Irrespective of the stage of fraud detection capability, the broader goals of the organization remain similar. All organizations are trying to improve their fraud detection so that they can reduce fraud losses and improve the customer experience while keeping their operating costs low.

However, lately with the increased usage of online channels and straight-through processing, a large percentage of transactions are being processed without any human oversight. By deploying advanced analytics mechanisms, financial institutions can identify fraudulent transaction-behavior patterns in a pro-active fashion. A major aspect of fraud detection lies in discovering aberrations: events that, when compared to expected behavior, simply do not ‘fit in’.

Machine learning can be leveraged to understand and anticipate behaviors at a granular level across each aspect of a transaction. The information is tracked in profiles that represent the behaviors of each participant, plan sponsor, account, and device. These profiles are updated with each transaction, in real-time, in order to compute analytic characteristics that provide informed predictions of future behavior. In addition to the valuable insights provided by the transaction data, even non-transactional data like account updates can prove to be a gold mine of information when it comes to predicting fraud transactions.

Fraud Analytics Solution

Various piecemeal solutions are available from different product vendors and have been deployed by the financial organizations to tackle the issue of fraud but all of them look at the fraud problem from one direction or the other lacking the holistic view required for effectively tackling the issue. There are solutions addressing identity management, multi-factor authentication, payment verification, and contact center authentication but unless they talk to each other, there will always be loopholes for fraudsters to target.

Many companies in the past used to accept certain amount of fraud as a “cost of doing business.” But given heightened regulatory scrutiny—and, more importantly, the speed with which once-private errors now become public knowledge via social media—there’s more at stake than just bearable direct cost. Left unchecked, even minor incidents can raise questions on organization’s integrity and vigilance....

An integrated solution that combines the participant and transactions data with the data from third-party vendor tools can provide a robust shield against fraudsters.

A typical solution should have the following key stages:

  • Data Intake and Aggregation

In this stage, transaction and non-transactions data from various in-house data sources related to withdrawals, contributions, web activity, account information, etc. as well as vendor solution data sources such as Identity Proofing Solution, multi-factor authentication, payment verification, and authentication, contact center authentication are extracted for further processing.

  • Data Processing and Transformation

In this stage, the gathered data is integrated and formatted into a state suitable for creating business rules and statistical models to identify potentially fraudulent transactions. A 360-degree view of the transaction is created which can then be used for model building as well as ad-hoc investigative analysis. Robust data quality, integrity, and governance principles can go a long way in transforming raw data into a gold mine of valuable intelligence.

  • Setting up the Analytical Rules Engine

This stage involves creating a rules engine that is created using a combination of rules created by validating hypothesis, business judgment and machine learning algorithms. A hybrid approach is the recommended one because a machine learning model can identify fraud only on the basis of historical data while business judgment has limitations in identifying fraudulent transactions that are not intuitive enough. Because organized crime schemes are so sophisticated and quick to adapt, defense strategies based on any single, one-size-fits-all analytic technique will produce sub-par results. Each use case should be supported by expertly crafted anomaly detection techniques that are optimal for the problem at hand.

Typically the number of identified fraud cases is very low for supervised modeling algorithms. Unsupervised models which are used primarily to identify anomalies (outliers) can help in overcoming this limitation. K-means clustering algorithm can be used to identify anomalous transaction or account which has unusual characteristics, while Hidden Markov models can be used to identify scenarios where events are occurring in an unexpected order. Unsupervised models are designed to discover outliers that represent previously unseen forms of fraud. These AI-based techniques detect behavior anomalies by identifying transactions that do not conform to the majority. For accuracy, these anomalous transactions are evaluated at the individual level as well as through advanced peer group comparison. An example of an unusual transaction pattern could be – User logs in, changes contact phone number, contact email, adds beneficiary, places withdrawal request. These outliers can then be manually labeled as fraud or not based on business judgment before feeding to the supervised machine learning model as training data.

Supervised models can then be used to determine which of those anomalies are fraudulent and which are just unusual. Over time more and more transactions will go straight from the unsupervised models to supervised models, without manual reviews. Depending on the volume and type of data available, one or more techniques like regression, decision trees, neural networks or gradient boosting can be employed for supervised learning. As a result, both supervised and unsupervised models play important roles in fraud detection and must be blended together to build a cutting edge solution.

Solution Deployment & Operations

The analytics rules can then be deployed on the transaction processing system to scan each transaction submitted and generate alert triggers to flag suspicious transactions. The solution should also provide a slice and dice capability for analyzing the transactions in detail and figuring out if the suspicious transaction is really a fraud or not. Another key component of the solutions is the capability to monitor the performance of fraud rules which can then be used to set up a feedback look to improve the fraud rules continuously. As the nature of fraud keeps evolving, it is critical to maintain a feedback loop using ongoing monitoring of fraud rules to continuously review and refine them. A fraud detection algorithm can never be static and must keep pace with the ever-changing fraud methodologies.


The risk of fraudulent transactions on the retirement account has been increasing and each fraud incident can have a major financial and reputation impact. Financial institutions have to be more proactive in countering this threat by using the power of data through advanced analytics and machine learning.  Financial institutions must take action to better identify and investigate fraud, as well as thwart future attempts by combining artificial intelligence (AI), machine learning, and business judgment with a thorough forensic investigation of fraudster motives and methods. This is critical not only to safeguard the investments of the participants but also to protect their own reputation.