Anomaly Detection in Finance #1
Learning tasks in finance as in most other fields, can be divided into the two usual classes of continuous (regression) and categorical (classification) target prediction. Regardless of this division however, most tasks are subject to the imbalanced (or skewed) data problem. On the extreme end, severe imbalance calls for usage of anomaly detection techniques. Herein, we will have a brief introductory overview of anomaly detection efforts at Swedbank.
Anomaly detection techniques can be used for a wide variety of problems in daily banking: prediction of churn, scoring of risk, or identification of fraud. It is clear that churners tend to constitute a very small portion of clients just as risk scores are above prohibitive levels only for a slim minority of customers. Likewise in regards with fraud, only a negligible number but highly critical group of cases merit due attention and process. In this latter case, anomaly detection techniques seems to be especially suitable.
Fraud schemes tend to evolve and speciate through time, partly due to the inherent need to constantly innovate on the fraudster’s side and partly due to the constant disruption on the technological and legal aspects of financial businesses, e.g. introduction of new transaction/payment platforms or establishment of new corporate legal frameworks.
This pace of change usually leaves us with a severe lack of access to adequate training data; fraudulent financial behavior from ten years ago has little to do with today’s schemes. Thus, to correctly identify today’s fraudulent cases we need to rely on correctly identifying today’s non-fraudulent, “normal” cases. Indeed, the definition of what a normal case or behavior is comes with a fair degree of heterogeneity and this is exactly where anomaly detection techniques can be of significant help.
Another advantage of anomaly detection techniques in identifying frauds is that mathematically speaking, fraud cases tend to be drawn from disparate probability distributions; there is no such thing as an arch-typical fraud case, rather many diverse cases with a varying degrees of complexity. Seen as a binary 0/1 classification problem, we have many different types of 1's.
At Swedbank, we employ an agnostic approach to model selection and preference. The primary aspects when choosing a model are business needs, compliance requirements and the model’s operational suitability. Thus, regarding anomaly detection techniques, we use a spectrum of models from simpler tree-based models to multi-headed, multi-objective generative adversarial networks, with the ultimate choice of model depending on the type of problem we are confronted with.
Other aspects that usually come into play are business-driven needs for interpretability and computational feasibility. In the former, a specific business case might be in need of actionable insights or concrete guidance, hence justifying the use of simpler interpretable models or adding an interpretation layer to the final model. As for computational feasibility, some models have to be run on a daily basis or on streaming batches, consequently calling for admissible computational expenditure.
In the following posts, we will have a closer look at some of our frequently used methods such as Isolation Forests and multi-objective GANs along with our experience-based takes on their advantages and drawbacks.
Be sure to tune in!
