March 15, 2019
Fraud cases requiring manual review are proliferating and many organizations struggle to keep pace with the volume. The challenge is that many organizations employ tools that fail to support the scale required to manage the inflow of suspicious events. For example, many organizations leverage existing customer relationship management (CRM) systems or spreadsheets to manage fraud. But the information is often extracted in isolation, and analyzed manually or in separate systems. A lack of automated processing or information routing leads to high manual review rates, routing problems and lack of knowledge sharing. As the volume of fraud cases continues to rise, efficiencies fall further and organizations risk damaging the user experience for trusted customers.
ThreatMetrix Case Management
The ThreatMetrix Case Management solution monitors, updates and isolates transactions that require additional review—providing a smarter, more integrated way to handle increasingly complex caseloads with shrinking resources. It empowers fraud analysts to efficiently manage and review a large volume of potentially fraudulent events and make effective decisions on them. From the initial assignment of events to a case, to the final case closure, this feature provides analysts with all the tools required to analyze, collaborate and to take appropriate action on cases.
Case Management enables flexible policy configuration to govern automation of the case creation process. It is integrated into the ThreatMetrix policy engine and allows rules to drive what criteria cases are to be created under. For example, all international transfers that exceed a financial value threshold and originate from new account holders can be placed in a ‘high risk’ queue. Establishing multiple queues for various use cases or business units allows an efficient division of labor to ensure analysts are focusing on prioritized cases.
The ThreatMetrix Decision Management Portal allows analysts to perform detailed, forensics-based investigation of events. Analysts can manually establish a new case, or add new events to an existing case if they warrant further inspection.
This combination of both automatic and manual case creation ensures maximum flexibility for the analyst, while ensuring business practices are followed. At the conclusion of an investigation, a case may be closed by taking appropriate action on each individual event, or in bulk. Actions that can be taken on cases include accept, reject, and ignore.
Advanced workflow configuration includes Queue Timeout and Overflow, allowing automated decisioning. Queue Timeout is a time-based threshold for unattended cases in a queue. Queue Overflow is a volume-based threshold for the maximum number of events that a queue can contain. Both thresholds allow for automatically accepting or rejecting events, moving them to another queue, or reassigning them to a specific analyst. Fraud teams can configure each queue to better suit business needs based on a known manual review velocity. For example, velocity in terms of response time and number of events per day and or hour. These features aid organizations in meeting service level agreements.
Case Management can also integrate into other solutions via APIs to allow downstream automation, further reducing the need for manual work. Downstream integration with order processing systems that fulfill or reject held orders enables an organization to automatically close the loop and maximize efficiency.
A full audit of all case history is stored to promote collaboration between analysts and even different groups within an organization. This allows teams to share case notes and re-assign them to another analyst or department.
Case Management is part of the Dynamic Decision Platform and is integrated seamlessly with the ThreatMetrix Forensics portal, providing fraud detection and management in a single solution. Case Management is powered by ThreatMetrix Digital Identity Network, leveraging global shared intelligence across millions of daily consumer interactions including logins, payments and new account originations.
Higher Volume, Greater Efficiency, Reduced Fraud
Case Management provides an easy to use workflow interface that consolidates cases, providing the following benefit
Increased Operational Efficiency:
- Near real-time availability for events in cases with customizable case routing
- Flexible criteria for defining a case
- Automated labor distribution for multiple analysts
- More efficient fraud analysis, leading to better productivity
- More collaborative data and knowledge sharing
- Downstream integration to systems of record and third parties
- Effective, information-rich system for forensic analysis and investigation
- Integrated research tools
- Insights around case information collected over time
- Automated event correlation
Fully Integrated and More Efficient Fraud Workflow
Fraud teams can leverage the following Case Management Lifecycle for case review and management:
- Automated processing of events from the policy engine to determine if cases should be handled by work flow/Case Management
- Intelligent search criteria and conditional logic to direct events to pre-existing cases with smart priority ordering
- Enable analysts to create new cases or assign an event to an existing case based on event and case attributes as well as assign, reassign or change priority, as applicable
- Define set of available actions that can be applied to cases, or events within a case for each queue. These actions can include manual review, SMS or external applications/services. For events within a case, the actions can be to accept, remove or close a case
- Empower analysts with historical data and research tools when reviewing a case
- Set dynamic thresholds and rules to drive continuous evolution and learning from past cases/events