Presentation is loading. Please wait.

Presentation is loading. Please wait.

Trusting your organisation UK Card Fraud Conference 2012 Keith Dewey, 28 March 2012.

Published byJohnathan Cameron Modified over 7 years ago

Similar presentations

Presentation on theme: "Trusting your organisation UK Card Fraud Conference 2012 Keith Dewey, 28 March 2012."— Presentation transcript:

1 Trusting your organisation UK Card Fraud Conference 2012 Keith Dewey, 28 March 2012

2 UK Card Fraud Conference 2012 Trusting your organisation Page 2 Introduction Trusting Your Organisation Effective Fraud Management engages the whole business A centralised approach must create direction and ownership The business components must know what to do The activities must be performed correctly and effectively Effective Fraud Management engages the whole business A centralised approach must create direction and ownership The business components must know what to do The activities must be performed correctly and effectively Frameworks for the holistic picture Some case studies from our experience Frameworks for the holistic picture Some case studies from our experience

3 UK Card Fraud Conference 2012 Trusting your organisation Page 3 About Ernst & Young Fraud Management FS Fraud Management Systems and Controls Policies and Procedures Strategy & Approach Technology Enablement IT Security Deployment & Review Investigations Remediation Performance Improvement Partnering with clients to support their business

4 UK Card Fraud Conference 2012 Trusting your organisation Page 4 Common Fraud Management Framework Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

5 UK Card Fraud Conference 2012 Trusting your organisation Page 5 Common Fraud Management Framework Revenue and Profit Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

6 UK Card Fraud Conference 2012 Trusting your organisation Page 6 Common Fraud Management Framework Management Approach Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

7 UK Card Fraud Conference 2012 Trusting your organisation Page 7 Common Fraud Management Framework Lifecycle Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

8 UK Card Fraud Conference 2012 Trusting your organisation Page 8 Common Fraud Management Framework Process Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

9 UK Card Fraud Conference 2012 Trusting your organisation Page 9 Common Fraud Management Framework Technology Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

10 UK Card Fraud Conference 2012 Trusting your organisation Page 10 Common Fraud Management Framework Consistency Governance Operational Systems Reporting Analytics Risk and Control Assessment Strategy Processes Operational Integration Internal and External Intelligence Assurance Deter Prevent Detect Investigate Remediate Data Management Customer Proposition

11 UK Card Fraud Conference 2012 Trusting your organisation Page 11 Case Study 1 - Governance Trust was placed in each function to perform their role High credit losses, low fraud, low recoveries Fraud losses erratic What we saw Increased centralised oversight and integration Shared understanding of risks and controls Ensuring the right staff are doing the right job correctly Managing functional overlaps and gaps Opportunities

12 UK Card Fraud Conference 2012 Trusting your organisation Page 12 Case Study 2 - Investigations Trust was solely placed in Internal Audit to manage fraud Cases were approved for investigation by the board Low fraud reported (gross, recoveries, net) What we saw Utilisation of the “3 lines of defence” model Independent training and process review Redefine, analyse, investigate and report fraud losses and costs Cross functional integration and delivery of cultural change Proactive data utilisation – structured and unstructured sources Opportunities

13 UK Card Fraud Conference 2012 Trusting your organisation Page 13 Case Study 3 – IT Architecture Trust was placed in the IT solution Extensive industry benchmarking and vendor selection Adoption of “best of breed” prevention systems Losses and costs far exceeded those of competitors What we saw Enhance data management – availability and quality Build insight (analytics and reporting), configuration & optimisation Strategic systems review – what is needed, where and why Attune functions – IT, Ops, Risk, Compliance – cultural change Total cost analysis and programme support Opportunities

14 UK Card Fraud Conference 2012 Trusting your organisation Page 14 Case Study 4 – System Security Trust was placed in the prevention controls Rapid development of online customer proposition Extensive penetration testing to create “secure” IT solution Considerable and erratic fraud losses What we saw Additional data capture and collation to identify root causes Formal, multi-function fraud risk and control assessment Enhanced detection and monitoring controls Cross platform analytics (CRM value add) Greater integration between Business, IT and IT Security functions Opportunities

15 UK Card Fraud Conference 2012 Trusting your organisation Page 15 Case Study 5 – Third Parties Trust was placed in the extended organisation Highly secured loan offering Extensive use of third parties for remote sales Complex chains of resellers Customers managed through brokers What we saw Multidimensional performance analytics (long term measures) Profitability based incentives over referral rates Extensive due diligence and third party training Enhanced Know Your Intermediary process Revised go-to-market approach and control via online portal Opportunities

16 UK Card Fraud Conference 2012 Trusting your organisation Page 16 Trusting appropriately, with controls ManagementStaffIntermediaries CustomerForesight Insight Systems DataAnalytics

17 UK Card Fraud Conference 2012 Trusting your organisation Page 17 Questions and Comments Keith Dewey Senior Manager Financial Service Advisory kdewey@uk.ey.com +44 (0) 207 951 6466 +44 (0) 7824 474 043 Trusting Your Organisation

18 UK Card Fraud Conference 2012 Trusting your organisation Page 18 ► The information in this pack is intended to provide only a general outline of the subjects covered. It should not be regarded as comprehensive or sufficient for making decisions, nor should it be used in place of professional advice. ► Accordingly, Ernst & Young accepts no responsibility for loss arising from any action taken or not taken by anyone using this pack. ► The information in this pack will have been supplemented by matters arising from any oral presentation by us, and should be considered in the light of this additional information. ► If you require any further information or explanations, or specific advice, please contact us and we will be happy to discuss matters further. Important Information

Download ppt "Trusting your organisation UK Card Fraud Conference 2012 Keith Dewey, 28 March 2012."

Similar presentations

Module N° 4 – ICAO SSP framework

Module N° 4 – ICAO SSP framework
Rizwan Chughtai. Risk exposure arising from business activities Need to effectively manage because of Potential business losses Ensure business continuity.

Rizwan Chughtai. Risk exposure arising from business activities Need to effectively manage because of Potential business losses Ensure business continuity.
Internal Control–Integrated Framework

Internal Control–Integrated Framework
Debt Management Strategy: Governance and Transparency

Debt Management Strategy: Governance and Transparency
Sharing Good Practice in Quality

Sharing Good Practice in Quality
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Strategy 2022: A Holistic View Tony Hayes International President ISACA 2013-2014 © 2012, ISACA. All rights reserved.

Strategy 2022: A Holistic View Tony Hayes International President ISACA © 2012, ISACA. All rights reserved.
Chapter 5 5-1 © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.
ISEB Qualifications an evolving framework for the future.

ISEB Qualifications an evolving framework for the future.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.

Risk Management at ANZ Banking Group Jun 18, 2008 Patrick Zhu Head of Retail Risk China Partnerships.
Viewpoint Consulting – Committed to your success.

Viewpoint Consulting – Committed to your success.
IS Audit Function Knowledge

IS Audit Function Knowledge
1 Methodology for customer relationship management Author : Ricardo Chalmeta From : The Journal of Systems and Software (2006) Report : Yu-Juan Chiu Date.

1 Methodology for customer relationship management Author : Ricardo Chalmeta From : The Journal of Systems and Software (2006) Report : Yu-Juan Chiu Date.
Office of Inspector General (OIG) Internal Audit

Office of Inspector General (OIG) Internal Audit
Purpose of the Standards

Purpose of the Standards
Lecture 8 Understanding entity and its environment

Lecture 8 Understanding entity and its environment
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.

The Crown and Suppliers: A New Way of Working People & Security15:35 – 16:20 Channels & Citizen Engagement Social Media ICT Capability Risk Management.
Client-Specific, Operational Risk Management, Solution- Building Workshops The following pages show a list of workshops that may be provided individually.

Client-Specific, Operational Risk Management, Solution- Building Workshops The following pages show a list of workshops that may be provided individually.

Similar presentations

Ads by Google