Presentation is loading. Please wait.

Presentation is loading. Please wait.

Continuous Monitoring & Reporting Compliance & Fraud Monitoring Banking Sector Data2knowledge Inc. Andrew Gonczi, CEO Data2knowledge, Inc. www.d2k.com.

Similar presentations


Presentation on theme: "Continuous Monitoring & Reporting Compliance & Fraud Monitoring Banking Sector Data2knowledge Inc. Andrew Gonczi, CEO Data2knowledge, Inc. www.d2k.com."— Presentation transcript:

1 Continuous Monitoring & Reporting Compliance & Fraud Monitoring Banking Sector Data2knowledge Inc. Andrew Gonczi, CEO Data2knowledge, Inc. www.d2k.com www.d2k.com 16 th World Continuous Auditing and Reporting Symposium Rutgers University, NJ; November 2008

2 Presentation outline About Data2Knowledge Continuous Monitoring Needs Banking Application D2K Secure, Continuous Monitoring System 16 th World Continuous Auditing and Reporting Symposium - 2008

3 About Data2Knowledge Corporate Overview Established in 1999, offices in NJ, UK and Hungary Specialized in continuous monitoring and financial data services Blue chip corporate clients in US and Europe D2K Distil Key financial data found and extracted more accurately, faster and for a fraction of the cost D2K Secure Continuous Fraud and Compliance Monitoring D2K Development Offshore (Hungary) development and service team; Cost effective, innovative D2K's core extraction engine is also available to be embedded in custom applications and as a SDK to partners. 16 th World Continuous Auditing and Reporting Symposium - 2008

4 Continuous Monitoring Needs Why is continuous monitoring becoming a must now? Advances in technology and increased business dynamics enable businesses to change ever more rapidly, Traditional audits and controls are no longer adequate Key drivers Past few years’ events (9/11, malfeasance crisis, complex and creative business models) Subsequent regulations (HIPAA, SOX, Patriot Act, Basel II, MiFID, etc.) Business needs, competitive development of controls to be matched Benefits Immediate notification to management of problems, timely correction Fraud reduction and improved risk management Extensibility across multiple IT systems Independence from operative management 16 th World Continuous Auditing and Reporting Symposium - 2008

5 Fraud prevention & Compliance needs Key Drivers Laws and Regulations Direct P&L impact to prevent losses from fraud Indirect P&L impact – business reputation, client retention and acquisition Continuous Monitoring Requirements To detect fraudulent, unauthorized or money laundering activities, operational systems need to be monitored on an ongoing basis All systems produce activity/transaction logs, but differing formats Centralized Monitoring Dashboard gives clear view across all business transaction and IT systems The Audit Trail Imperative Details of finest granularity needed at all times in near real time Drill-down analysis required Data Source Quality, Data Level Assurance Proof for Internal and Public proceedings Transaction level intervention 16 th World Continuous Auditing and Reporting Symposium - 2008

6 Banking Application Customer Large subsidiary of a major European bank Market cap.: ~20Bn Employees: 50+k Business objectives Meet regulatory compliance requirements Reduce fraud losses, especially internal attacks Continuous and pre-emptive controls Expand scope across all business and IT systems Reduce costs compared to highly manual prior processes 16 th World Continuous Auditing and Reporting Symposium - 2008

7 Banking Application Technical challenges and requirements Growth through acquisitions wide variety of disparate IT systems Data consolidation became a major challenge; multi-terabytes of historical and real time data such as transaction logs, document files, spreadsheets and financial reports stored on Oracle databases. Security administrators were finding it impossible to monitor these vast reservoirs of data in order to detect suspect usage patterns and identify possible fraud before it was too late. Non intrusive solution needed to coexist with other IT systems Independence from other processes to ensure impartial oversight ‘Events of interest’ are hidden across several system logs and multiple log entries Identification of suspicious behavior requires establishing profiles and patterns (ex. multiple account of the same person) 16 th World Continuous Auditing and Reporting Symposium - 2008

8 Proactively combating fraud & reducing compliance costs D2K Secure reviews 12 -15 Gb per day of data in order to spot suspicious activity before it becomes a problem With automatic querying and real time alerts, the bank can now be truly proactive in the fight against fraud D2K Secure saves costs every day what previously would take 10 - 15 man days to piece together now takes 3 - 4 hours to run automatically Banking Application 16 th World Continuous Auditing and Reporting Symposium - 2008

9 D2K Secure – Continuous Monitoring System Summary D2K Secure is a flexible and scalable system designed to transform the contents of an unlimited number of audit log files into a single structured database and perform CM on the aggregate dataset Security analysts are provided with relevant information with links back to the original audit trail sources With appropriate reporting modules, the system is capable of generating automatic real time alerts if certain usage patterns are recognized in the logs 16 th World Continuous Auditing and Reporting Symposium - 2008

10 D2K Secure System architecture 16 th World Continuous Auditing and Reporting Symposium - 2008

11 D2K Secure – Key Features Modular architecture allows integration with other analytical applications Combines several complementary methods to provide near 100% matches Data may be retrieved from any kind of structured or semi structured source, including but not limited to; web pages, entire web sites, document files, text based log files, any type of relational databases and EDI systems The system can monitor multiple data sources and generate digests or reports from collated real-time or buffered information, based on the requirements of the application The massively parallel architecture allows simultaneous processing of individual information units, enabling real time processing of virtually unlimited amounts of data with suitable hardware support 16 th World Continuous Auditing and Reporting Symposium - 2008

12 Sample Transactional log Banking System: Equation 1130 line types, 172 transaction

13 Log parser - XML configuration Sample (part of the xml file)

14 Event linking from transactional logs 16 th World Continuous Auditing and Reporting Symposium - 2008

15 Reporting UI example

16 Monitored events - AML 2 years expired between the current and last transaction and the minimum amount is 8k EUR High amount transactions in a week E-bank transactions above 8k EUR Card transactions above 8k EUR in 2 hours Data browsing with no transaction Data browsing within 3 days without transaction Transaction cancellation above 8k EUR Transactions of the same customer at the same administrator Incoming amount over 400 EUR from other bank to worker account Incoming >8k EUR to an account opened with <400 EUR Inquiry last 6 months without transaction FATF country transactions 16 th World Continuous Auditing and Reporting Symposium - 2008

17 Monitoring events – Dormant Accounts Data browsing of dormant account w/ debit transaction last month No host branch Multiple debits in 2 hours, 1 months Same supervisor access of multiple dormant accounts Card initiated requests Outgoing transfers Trading in own account with government securities 16 th World Continuous Auditing and Reporting Symposium - 2008

18 Monitored events Event typeMonitored events Money Laundering13 Dormant account10 Hold m ail4 E-channels2 Internet, E-mails11 CUA4 Others12 Summary table 16 th World Continuous Auditing and Reporting Symposium -2008

19 Ad-hoc vs. Continuous Monitoring MonitoringAd-hocContinuous Setup time / $$ lessmore Detection after the factpreventive Learning/profiling limited technology supportcaptured by CMS config Latency was 30+ days1 day Scaling procedures collapsed w/ growth 15GB / day works fine Operating costs proportional to data growth & query frequency – Not able to scale cost effectively minimal after initial setup Data structure changes braked time series analysis consistency allows consistent time series analysis across multiple point of changes Summary 16 th World Continuous Auditing and Reporting Symposium - 2008

20 Thank you for your attention Andrew Gonczi Andrew.Gonczi@d2k.com 646-479-4496 Data2knowledge, Inc. www.d2k.com 16 th World Continuous Auditing and Reporting Symposium - 2008


Download ppt "Continuous Monitoring & Reporting Compliance & Fraud Monitoring Banking Sector Data2knowledge Inc. Andrew Gonczi, CEO Data2knowledge, Inc. www.d2k.com."

Similar presentations


Ads by Google