Call them errors made at the speed of commerce. Payments are gaining speed, as is fraud — and sometimes, simple human error is costing companies revenue, precious time or both. That’s especially true in the corporate realm, where transactions increasingly cross borders online, where payments can — depending on the firm and vertical — be worth millions of dollars and where thousands of transactions can happen within a single day.
Finding fraud before it happens can be akin to finding a needle in a haystack, where detecting suspicious patterns can be a fleeting opportunity.
To that end, Citigroup announced last week the launch of the Citi Payment Outlier Detection solution, which has debuted in 90 countries. The solution is offered through Citi’s Treasury and Trade Solutions business, utilizing advanced analytics, artificial intelligence (AI) and machine learning to identify outliers that point to fraud, or perhaps operational oversights that are innocent in nature, but still lead to lost revenues and customers.
The definition of an outlier may be a simple one — namely, a transaction that does not conform to Citi clients’ past patterns of payments activity. Finding those outliers? Well, that’s another matter.
In an interview with Karen Webster, Manish Kohli, global head of payments and receivables at Citi, said the solution allows users to approve or reject the outliers through already existing channels (via, for example, institutional banking platforms, such as CitiDirect BE and CitiConnect — as Kohli said, “it is hosted on our side”), which means the stakeholders skirt the technological heavy lifting that might come with integration. As Kohli told Webster, clients can set different thresholds for examining outliers, such as accounts, transaction types or specific regions.
The use of AI and machine learning becomes critical in a world where firms want to increase the velocity of payment flow, but where security remains top of mind. Kohli noted that, in the B2B realm, there is a recognition among payment professionals that the increased velocity of payments — especially what might be termed as “payments with finality” that come across real-time rails, where transactions are often irrevocable — means risk is on the rise.
The time frame to detect and examine an outlier is limited, and the windows are closing faster than ever. It doesn’t help, of course, that the bad actors — the fraudsters — are getting ever-more sophisticated in their online fraud efforts. As a result, Kohli said, a number of Citi’s corporate clients have sought to change their processes, searching for a solution that allows for increased security, even as B2B transactions cross borders with increasing speed.
Amid that demand, he told Webster, Citi’s launch follows what he said was an extensive, global pilot that included 20 Citi clients, where Citi wanted to make sure this would work for all manner of client segments. “We wanted to make sure it worked across geographies, and we got comfortable with it,” Kohli said.
He noted, too, that there needs to be customization on offer through such a solution, as some Citi clients in the pilot wanted to be able to examine outliers offline, and others wanted to be able to set some levels of sensitivity (classified as low, medium and high). As businesses are flexible in tackling a changing operating environment, so must the technologies they deploy.
The protracted pilot stretched over more than a year, said Kohli, as outlier detection remains crucial, and exists at a critical juncture: between the point when Citi’s clients initiate the transaction and when that payment leaves the bank.
The Diversity Of The Flow
Given the diversity of the flows that move between businesses, defining an outlier would be a challenge amid the complex relationships that exist along supply chains or with large firms, where thousands of transactions can fly across a single day.
It’s a landscape where the old rules-based processes no longer apply, where static fraud detection systems cannot keep up with the speed of commerce.
That all boils down to a pressing question: How does one identify an outlier?
In terms of the mechanics, Kohli said that “it’s more an art than a science,” adding that the newly introduced outlier solution takes a long look at a client’s behavior — finding out, for example, that it’s unusual to make a payment to a specific region. One other hallmark of the system is that it tries to avoid having too many false positives. As he and Webster noted, stopping false positives is an important point, as they create friction and can lead to genuine alerts being overlooked.
Kohli observed that the anomalies found — the outliers, the risky transactions that point toward fraud — are not simply external to firms. Beyond that, Citi’s outlier detection has illuminated outliers internal to firms as well.
Consider the payments sent into the system that were “forgotten” to be made, those that were made and forgotten, only to be rediscovered and in need of reconciliation, or payments that were never intended to be made, but sent out into the ether. All of this comes against a backdrop where human error and oversight are part of the fabric of everyday business life, translating into a loss of efficiency.
The system, as it detects outliers, sends them for feedback within the client company. Depending on the feedback received, the system (machine) learns which is an acceptable transaction and which is not — thus, establishing pattern detection.
Consider it a new arrow in the quiver as companies analyze payment flows. As Kohli said, “We don't position this as a solution to catch fraud or all outliers, but as a tool that should supplement a client’s own internal controls, and as a very healthy add-on in providing more security to the payments flow.”