Companies today are facing rapidly evolving AML compliance regulations and increased rates of fraud attacks, making it challenging to keep up with all the work needed to review, prioritize, delegate, investigate, and decision these cases.
With an overload of cases and not enough time to manage them, teams need all the help they can get when it comes to workflow management and optimization. Fortunately, tools like alert scoring can help risk professionals do just that. We’ll explain exactly how below.
What is Alert Scoring?
Alert scoring is the process of assigning a numerical value to a particular activity based on the degree of urgency or intensity with which it should be investigated. Alert scores are designed to be easily interpreted by risk and compliance agents so cases can be prioritized efficiently and workflows can be optimized.
Theoretically, an alert scoring system can use any scale, as long as it’s universally understood within the company. Typically—to make things easy—organizations use a scale of 0-100, with 100 being the highest level of priority. Fraud agents (or, in some cases, the alert scoring system itself) can use these scores to prioritize alerts for investigation and resolution and avoid a backlog of alerts from clogging up their workflow.
While this may not be the case with all risk and compliance solutions, Unit21’s alert scores are determined by a machine learning model that learns from prior decisions on alerts—over time, it will get better at identifying true instances of fraud, significantly reducing false positives. By learning from how risk professionals decision a case, the system itself will get better at scoring cases properly.
Alert scores are a simple way of assigning a ‘threat level’ to transactions and activities (or the individuals or entities that are conducting them). Ultimately, these scores predict the likelihood that a particular action or actor is suspicious of fraud or money laundering.
A common misconception is that alert scores indicate how likely an activity is to be fraudulent, but that’s actually not the case. The alert score is an indicator of how important an alert is to investigate. Higher alert scores shouldn’t be treated as though the activity is more likely to be fraudulent—it should simply be a signal that a certain activity should be investigated before other activity.
How Alert Scoring Works
The core concept is relatively simple:
- The system analyzes a transaction, entity, or activity for suspicious behavior.
- The system uses a variety of indicators to score the behavior.
- The system outputs an alert score, based on the likelihood that the activity is suspicious.
Once alert scoring is complete, a risk analyst will investigate the case and make a decision, either ruling it out or filing a Suspicious Activity Report (SAR). Before that can happen, the alert needs to be integrated into the workflow system and assigned to an analyst.
While this can be done manually, best-in-class alert scoring systems will help teams automate case assignment—alerts will be delegated to staff based on specialty, value, and risk level. Teams can even customize how this queue works to optimize workflow management.
The value system for scoring alerts really doesn’t matter, as long as it’s standardized across the organization. Teams can use a scale of 0-10, 0-100, or 6-42 if they really want to. What’s more important is how alert scores are determined. Alert scoring systems make this process uniform—rules are designed and implemented across the board, so all cases are held to the same standard.
While this can be done manually, it’s significantly more time-consuming. Human error and unintentional bias also come into play. With an alert scoring system, all of that is removed—the system scores the alert based on the framework the risk and compliance team teaches it. The result is an alert scoring system that identifies threats more effectively and with fewer false positives.
How to Use Alert Scores to Detect and Prevent Fraud
How alert scores are determined and scored can be customized and improved through engineering input and the use of machine learning models. Over time, the system scores alerts faster, more accurately, and with fewer errors.
Teams can build highly customized rules that determine when an alert should be generated, how high of a priority the alert is, who the alert should be escalated to, and more. They can even be trained to look for particular behavior by looking for specific sequences of activities.
With the right system in place, alert scores aren’t just for flagging suspicious transactions that exceed daily thresholds—they can be used to signal a variety of suspicious activities, including account logins, account changes, and anomalies from standard customer behavior.
Below, we cover some of the best ways to leverage alert scoring systems:
Prioritize Alerts for Better Workflow Management
Alert scoring gives teams an easy way to visualize which alerts are the highest priority. Teams can escalate the most important cases—typically the highest threats—for investigation and resolution.
By managing alerts based on alert scores, organizations can easily root out the largest threats in terms of value and impact. Staff time can be used more effectively, as they themselves don’t have to prioritize and delegate cases—instead focusing more of their time on the actual investigation.
Manage Alert Queues Efficiently
When leveraged properly, alert scores can be used to streamline the case management queue, assigning cases to different team members based on their level of experience, specialty, risk level, and other defining characteristics.
More challenging tasks can be escalated directly to the most experienced risk and compliance analysts. Teams can even have specialized staff (or dedicated teams) that have unique knowledge of specific threats exclusively handle certain types of cases. With alerts going to the most qualified team member, they’ll be handled fastest and most effectively.
Divert Resources to More Important Tasks
When alert scoring is used to automate workflows, teams can spend more time analyzing and understanding AML & fraud trends, developing strategies for fraud prevention, and updating the organization’s AML compliance program.
Rather than lagging behind, struggling to keep up with case management, and ending up with a backlog that you’ll never overcome, you’ll be able to marshal resources more effectively—and keep pace with incoming threats. With less manual effort going towards managing workflows, teams can be more agile with their resources, leveraging team members where they need them most.
The result is more time being devoted to actual fraud investigations and less time being wasted with balancing staff workloads and prioritizing cases.
Improve Performance with Machine Learning
Machine learning models automatically improve their performance over time, learning from each task they perform. The model actually looks at—and understands—how professionals mark alerts (as true positives, false positives, etc.), and—based on how the team treats alerts—changes how it handles alerts, improving over time.
For fraud alert scoring, this means alert scores are consistently getting better with each iteration—as the system learns to score alerts more accurately and efficiently. As time goes on, alerts will be scored more accurately, consistently assigned to the right staff, and managed more effectively.
Grow and Scale Your Business Unencumbered
With alert scoring helping teams optimize their case management process, it’s much easier for teams to scale without being bogged down. With risk analysts spending most of their time investigating cases, organizations can grow their business by simply adding more investigators to match their caseload.
Instead of continuously struggling to update your workflow management system and worrying about how you’ll handle the new influx of alerts, you can focus on investigating cases and growing your business.
Reduce Customer Friction and Abandonment
While alert scoring is often thought of as a process that helps the risk and compliance team, it also offers the customer a much faster, more effective, and frictionless experience. With automated scoring and approval running in the background, teams can streamline the customer journey.
Certain checks can be validated instantly based on a risk score, with action being taken virtually instantly. Users may even need to input less information if a system has a sufficient risk and compliance scoring system. For example, a user may not need to authenticate their CVV with every purchase based on other factors that are being leveraged in the alert score.
It’s not that customer authentication and verification aren’t happening—they’ve simply been relegated to a background process that the customer never has to see, saving them valuable time and providing a best in-class experience.
Prioritize High-Risk Alerts with Unit21
Alert scores can be created—and customized—based on the unique AML and fraud scenarios organizations are seeing used against them. With the ability to build rules based on sequences of suspicious transactions or activity their customers display, teams can create alert scores that accurately indicate suspicious activity that needs to be reviewed.
Over time, through engineering and machine learning, the system will improve at flagging behavior for review—reducing false positives, and improving operational efficiency.
Alert scoring is great for large and small teams alike—in all cases, they allow teams to focus more of their time and efforts on investigating cases (rather than managing the workload). Teams with an abundance of cases and teams looking to grow (and seamlessly scale while doing so) both stand to benefit greatly from using an alert scoring solution as part of their AML and fraud program.
Schedule a demo to learn how Unit21’s alert scoring can help your team focus their investigation time on the cases that matter most.