Investigative Data Mining Articles

The fraud examiner is often faced with the task
of sifting through thousands or even millions of
transactions in order to identify symptoms,
indicators and evidence of fraud or malpractice.
Data mining (and we will also include data matching methods in this category) assists the fraud examiner by using computerised techniques to analyse electronically held data to "filter" these voluminous databases of information and to graphically represent fraudulent transactions. As well as being an effective tool for the detection and investigation of corporate fraud, data mining programmes can also be used to identify potential loopholes or weaknesses in controls and show where operational procedures should be improved and more robust fraud prevention strategies implemented. The diagram below graphically represents the use of data mining as a means of sifting out the patterns in data that are indicative of fraudulent behaviour.

Data mining is not, however, a universal panacea, but is one of the important weapons in the fraud examiner's armoury. Arguably, with increasing constraints on the legal investigative methods available to the fraud examiner, the use of data mining will increase. Data mining does, of course, possess its own unique problems due to the requirements of data protection legislation and it is not recommend that data mining is performed without first obtaining legal opinion or other expert advice. See the legal section of the manual, which provides expert coverage of this area.

The fraud examiner is likely to encounter data mining techniques in a number of areas:

"one off" extracts or matches, where the organisation has a particular key concern (for example, a charity wishing to identify if grants have been awarded to employees);
stand alone testing, where the organisation simply requires a number of fraud profiles to be run against data files in a discreet exercise;
as part of a fraud risk, operational or security review, in order to identify hard-to-ignore cases examples of operational failings, security breaches or cases of possible fraud;
as an investigation tool, providing the ability to "drill down" into vast quantities of data/numbers of transactions and identify particular trends, transactions, business counterparties or individuals;
in litigation support, for example, to quantify possible losses;
as a visualisation tool to facilitate effective presentation of findings to senior management or legal counsel. (Some of the case examples that are included demonstrate that data mining is not limited to a major number "crunch", but that effective graphical representation and analysis is equally important); and
as an indicator of operational failings and to identify where controls may need improvement or review.