By its very nature, fraud is dynamic. So, a static strategy quickly becomes less accurate over time.
Designing effective fraud detection strategies is challenging because fraud tactics evolve constantly, because the data to monitor is massive and comes in high-volume, and because fraud detection systems must strike a careful balance between identifying fraud and minimizing false positives—all while operating in real time and complying with privacy and regulatory requirements.
An effective fraud detection strategy typically combines various rules together, extended with machine learning for anomaly detection, to address both known fraud patterns and new, emerging threats.
As a result, ongoing performance monitoring and regular fine-tuning is essential to make sure the company adapts to changes in behaviour, evolving processes, and regulatory landscape.
And the secret ingredient to this successful recipe is the “regular fine-tuning”.
What is fine-tuning fraud detection strategies
In essence, this relates to adjusting an existing fraud model or set of fraud detection strategies, so it works better for an organization’s specific business and current fraud patterns.
This can be achieved by changing model weights, thresholds, creating and combining new detection methods, or adjusting fraud rule sensitivity based on new outcomes and investigator feedback. It is usually a continuous cycle: review performance, identify misses and false alerts, adjust, test, then redeploy.
Fine-tuning keeps the fraud system in equilibrium – robust enough to detect fraud while remaining flexible enough to avoid overwhelming investigators with excessive false alerts.
And this is where I would like to introduce a hidden gem embedded within SAP Business Integrity Screening since the very first day, but is not known widely enough in my humble opinion, the Calibration of Detection Strategies.
Calibration of Detection Strategies in SAP Business Integrity Screening
Let’s first take just one step back.
In case you are not familiar with SAP Business Integrity Screening, this solution helps organizations mitigate fraud risk, reduce losses, and improve the detection and prevention of anomalies. The short video below will provide a quick overview:
With this solution, fraud investigation teams can create detection methods with associated thresholds, weighing factors, etc. and then combine them into detection strategies. These then run automatically to surface anomalies that can then be further checked.
To make sure that these detection strategies are optimum, users can leverage the “Calibration of Detection Strategies” capability. This is a real-time simulation function for what-if analyses.
Step 1 – Review actual
In this first step, users get details on the baseline reference strategy to improve:
- Number of confirmed, false positives, and unclassified alerts
- Efficiency ratio of the detection strategy
Step 2 – Fine-tune the settings
In this second step, users can change settings such as:
- Selection period for the data that is relevant for the simulation
- Threshold data point of the strategy
- Weighing factors and parameter values of each detection method
- … and run the simulation
This will create a new tile with a new calculated efficiency ratio based on the following performance indicators:
|
KPI |
Description |
|
Confirmed |
Number of alert items that would have been created and classified as Confirmed for detection objects that already have been identified as Confirmed in the actual data. |
|
False Positives |
Number of alert items that would have been created and classified as Confirmed for detection objects that already have been identified as False Alarm in the actual data. |
|
New Alert Items |
Number of alert items that will be created during simulation and that have not been created within the actual data. |
|
Missed Alert Items |
Number of alert items that were created by the strategy in the past but were not found during the current simulation. |
|
Found Alert Items |
Number of alert items that were both created by the strategy in the past and were found during the current simulation. |
|
Risk Value of New Alert Items |
Sum of all the risk values of the new alert items found during the current simulation that were not found by the strategy in the past. |
|
Risk Value of Found Alert Items |
Sum of all the risk values of the alert items that were both created by the strategy in the past and were found during the current simulation. |
|
Risk Value of Missed Alert Items |
Sum of all the risk values of the alert items that were created by the strategy in the past but were not found during the current simulation. |
[optional] Step 3 – Get best fit suggestions
Of course, users can run as many simulations as they like until they get the best outcome for their requirements: reduce the number of positives, not miss any alerts, etc.
Should users also want some automated proposal, they can use the Find Best Values capability available. The system will then suggest the best values determined.
Step 4 – Roll it out
Once the detection strategy is adjusted to a satisfactory level, users can save the new set of settings.
By saving the results of the calibration, the system creates a new detection strategy version with status inactive. It would then simply need to be activated so that it can be executed routinely.
See it in action
Benefits of fine-tuning detection strategies
 |
Reduces false positives so fraud investigators can focus on what matters |
 |
Improves detection method with adaptive measures as behaviours or tactics change, which keeps the strategy relevant over time |
Interested in learning more?
In addition to the section on the SAP Help Portal, there is also an SAP Learning Course focused exclusively on this solution – Exploring SAP Business Integrity Screening, with a dedicated section on “Monitoring and Improving Detection Quality”:
What about you, how does your company ensure that its detection strategies continue to perform well over time? I look forward to reading your thoughts and comments on this blog.
And if you are interested in learning more about SAP solutions for Governance, Risk, and Compliance, feel free to fill-in the demo request form!
