CN111553563A - Method and device for determining enterprise fraud risk - Google Patents

Method and device for determining enterprise fraud risk Download PDF

Info

Publication number
CN111553563A
CN111553563A CN202010265182.0A CN202010265182A CN111553563A CN 111553563 A CN111553563 A CN 111553563A CN 202010265182 A CN202010265182 A CN 202010265182A CN 111553563 A CN111553563 A CN 111553563A
Authority
CN
China
Prior art keywords
enterprise
fraud
risk
power
power data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010265182.0A
Other languages
Chinese (zh)
Inventor
王长宝
毕超
李志杰
王冠男
崔艳辉
叶琛
林燕
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guowang Xiongan Finance Technology Group Co ltd
State Grid Commercial Big Data Co ltd
State Grid Credit Co ltd
State Grid E Commerce Co Ltd
Original Assignee
Guowang Xiongan Finance Technology Group Co ltd
State Grid Commercial Big Data Co ltd
State Grid Credit Co ltd
State Grid E Commerce Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guowang Xiongan Finance Technology Group Co ltd, State Grid Commercial Big Data Co ltd, State Grid Credit Co ltd, State Grid E Commerce Co Ltd filed Critical Guowang Xiongan Finance Technology Group Co ltd
Priority to CN202010265182.0A priority Critical patent/CN111553563A/en
Publication of CN111553563A publication Critical patent/CN111553563A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/06Asset management; Financial planning or analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management
    • G06Q10/0639Performance analysis of employees; Performance analysis of enterprise or organisation operations
    • G06Q10/06393Score-carding, benchmarking or key performance indicator [KPI] analysis
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/03Credit; Loans; Processing thereof

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Human Resources & Organizations (AREA)
  • Development Economics (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Economics (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Marketing (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Technology Law (AREA)
  • Educational Administration (AREA)
  • Game Theory and Decision Science (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The application discloses a method and a device for determining enterprise fraud risk, relates to the technical field of data, and is used for determining whether an enterprise has fraud risk. The method comprises the following steps: the server acquires power data of a target enterprise within preset time; the power data is used for representing the power utilization condition of the target enterprise; the server determines fraud scores and risk items of the target enterprises according to the electric power data and the anti-fraud early warning model; the risk item is used for representing unqualified electric power indexes of the target enterprise, and the fraud score is used for representing fraud risk of the target enterprise; the anti-fraud early warning model is used for determining the credit degree of the enterprise; and the server determines whether the target enterprise has fraud risk according to the credit score and the risk item.

Description

Method and device for determining enterprise fraud risk
Technical Field
The application relates to the technical field of data, in particular to a method and a device for determining enterprise fraud risk.
Background
With the popularization of the mobile internet and the development of financial electronization and digitization, efficient and flexible diversified financial services gradually enter the lives of users. Diversified financial services reduce the threshold of users for enjoying convenient services on one hand and greatly improve the user experience; on the other hand, it also presents a new challenge to the marketing of financial institutions. For the cheating molecules with specific labor division and meticulous plan, the traditional anti-cheating means cannot accurately identify, early warn, prevent and control the cheating behaviors. Thereby posing a great threat to the security exhibition industry of the financial institution.
Currently, anti-fraud methods are mainly directed to individuals. And determining whether the individual has fraud risk according to the credit card data, the operator data, the association relation, the network loan blacklist and other data of the individual. However, when a problem occurs in production and operation, enterprises often cheat financing by false production and operation data, so that a huge fraud risk exists. Therefore, how to determine whether the enterprise has the fraud risk becomes a problem to be solved urgently.
Disclosure of Invention
The embodiment of the application provides a method and a device for determining enterprise fraud risk, which are used for determining whether an enterprise has fraud risk.
In order to achieve the above purpose, the embodiment of the present application adopts the following technical solutions:
in a first aspect, a method for determining an anti-fraud risk of an enterprise is provided, the method including:
the server acquires power data of the target enterprise within preset time, wherein the power data is used for representing the power utilization condition of the target enterprise. The server determines a fraud score and a risk item of the target enterprise according to the power data and the anti-fraud early warning model, wherein the risk item is used for representing an unqualified power index of the target enterprise, the fraud score is used for representing a fraud risk of the target enterprise, and the anti-fraud early warning model is used for determining the credit degree of the enterprise. And the server determines whether the target enterprise has fraud risk according to the credit score and the risk item.
Based on the scheme, in the application, the server acquires the power data of the target enterprise. Because the power data has the characteristics of high reliability, strong timeliness, good continuity and wide coverage, the power data of the enterprise can well reflect the actual operation condition of the enterprise. And the server obtains the fraud score and the risk item of the target enterprise according to the electric power data of the target enterprise and the anti-fraud early warning model. The fraud score of the target enterprise is used for representing the fraud risk of the target enterprise, and the risk item is used for representing the unqualified power index of the target enterprise. In this way, the server can identify the fraud of the enterprise according to the fraud score and the risk item of the target enterprise. Therefore, the technical scheme of the application can help a bank to identify enterprises with fraud risks, and meanwhile, the risk identification cost before the enterprise loan is reduced.
In a second aspect, there is provided an apparatus for determining a fraud risk of an enterprise, where the apparatus may be a server or a chip applied to the server, and the apparatus may include:
the communication unit is used for acquiring power data of a target enterprise within preset time; the power data is used for representing the power utilization condition of the target enterprise; the processing unit is used for determining fraud scores and risk items of the target enterprise according to the electric power data and the anti-fraud early warning model; the risk item is determined according to a plurality of electric power indexes of the target enterprise, and a fraud score is used for representing the fraud risk of the target enterprise; the anti-fraud early warning model is used for determining the credit of the enterprise. And the processing unit is also used for determining whether the target enterprise has fraud risk according to the credit score and the risk item.
In a third aspect, there is provided a readable storage medium having instructions stored thereon which, when executed, implement the method of the first aspect.
In a fourth aspect, there is provided a computer program product comprising at least one instruction which, when run on a computer, causes the computer to perform the method of the first aspect.
In a fifth aspect, a chip is provided, the chip comprising at least one processor and a communication interface, the communication interface being coupled to the at least one processor, the at least one processor being configured to execute computer programs or instructions to implement the method of the first aspect.
The above-mentioned apparatuses, computer storage media, computer program products, or chips are all configured to execute the corresponding methods provided above, and therefore, the beneficial effects that can be achieved by the apparatuses, the computer storage media, the computer program products, or the chips refer to the beneficial effects of the corresponding schemes in the corresponding methods provided above, and are not described herein again.
Drawings
Fig. 1 is a first flowchart of a method for determining a risk of enterprise fraud according to an embodiment of the present application;
fig. 2 is a second flowchart of a method for determining a fraud risk of an enterprise according to an embodiment of the present application;
fig. 3 is a third flowchart of a method for determining a risk of enterprise fraud according to an embodiment of the present application;
FIG. 4 is a box diagram one provided by embodiments of the present application;
FIG. 5 is a box diagram two provided by an embodiment of the present application;
FIG. 6 is a schematic diagram of a ROC curve provided by an embodiment of the present application;
fig. 7 is a first structural diagram of an apparatus for determining a risk of enterprise fraud according to an embodiment of the present application;
fig. 8 is a structural schematic diagram of a device for determining a risk of enterprise fraud according to an embodiment of the present application;
fig. 9 is a schematic device structure diagram of a chip according to an embodiment of the present disclosure.
Detailed Description
For the purpose of clearly describing technical solutions of the embodiments of the present application, in the embodiments of the present application, words such as "exemplary" or "for example" are used to indicate examples, illustrations or explanations. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.
In the present application, "at least one" means one or more, "a plurality" means two or more. "and/or" describes the association relationship of the associated objects, meaning that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone, wherein A and B can be singular or plural. The character "/" generally indicates that the former and latter associated objects are in an "or" relationship. "at least one of the following" or similar expressions refer to any combination of these items, including any combination of the singular or plural items. For example, at least one (one) of a, b, or c, may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or multiple.
A method for determining enterprise fraud according to an embodiment of the present application will be described in detail with reference to fig. 1 to 9.
It should be noted that the embodiments of the present application may be referred to or referred to, for example, the same or similar steps, method embodiments and apparatus embodiments may be referred to, without limitation.
As shown in fig. 1, fig. 1 illustrates a method for determining an enterprise fraud risk provided by an embodiment of the present application, where the method may include:
step 101, a server acquires power data of a target enterprise within preset time.
The power data is used for representing the power utilization condition of the target enterprise. The power data may include information that a target enterprise registers or registers with a power system, such as a consumer system of a national grid. Such as a business name, a uniform social credit code for the business, a power consumer number, an electricity meter number, or a business electricity code, etc. The power data also comprises power consumption data, application information, power consumption inspection information and power payment conditions of the target enterprise. The power data can well reflect the real conditions of enterprise production and operation.
For example, the electricity data may include the amount of electricity used by the target enterprise over a preset period of time. Wherein the preset time may be one year. The electricity consumption data may be the total amount of electricity consumed by the target enterprise in a year and the amount of electricity consumed per month. The power payment condition can comprise payment times, defaulting amount and the like of preset time of the target enterprise.
And step 102, the server determines a fraud score and a risk item of the target enterprise according to the power data of the target enterprise and the anti-fraud early warning model.
Wherein the fraud score is used to characterize the fraud risk of the target enterprise. Risk item the risk item is determined from a plurality of power metrics of the target enterprise. The anti-fraud early warning model includes a plurality of power metrics. The anti-fraud early warning model is used for determining the credit of the enterprise.
It should be noted that, in the embodiment of the present application, the risk item may include a plurality of power indicators. After the server outputs the risk items, a manual determination may be made as to whether the enterprise has fraudulent activity.
Wherein the power indicator may comprise at least one of: the system comprises an enterprise start index, a power failure risk index, a power utilization difference index, a power utilization fluctuation index, a power utilization level index, a power utilization increase rate index and a default power utilization risk index. Each power index may also include a plurality of sub-power indices. Exemplary, as shown in table 1.
TABLE 1 electric power index
Figure BDA0002441007760000041
Figure BDA0002441007760000051
In table 1, N and M are positive integers. For example, N may be 3 and M may be 36. The following explains the 7 power indexes:
1. and (5) enterprise operation indexes. 3 sub-power indexes of the enterprise operation index are as follows: if the enterprise logs out the power account, the power consumption enterprise account cancellation state is 0; and if the enterprise does not log out the power account, the power utilization enterprise accounts sales state is 1. If the enterprise has the ammeter installation behavior, the power transmission state of the enterprise is 1; if the enterprise does not have the ammeter installation behavior, the enterprise power transmission state is 0. And the start-up verification score is the enterprise sales state and the enterprise power transmission state. For example, in the case where the enterprise has logged off the power account or the enterprise has no meter installation activity, the start of work verification score is 0. For another example, in the case where the enterprise does not log out the power account and has meter installation behavior, the start verification score is 1.
2. And (5) power failure risk indexes. The power outage risk means that the enterprise has a power outage risk when the power consumption of the enterprise on a plurality of production days is lower than a first threshold. For example, a business normally has an average power consumption of 1000 degrees per production day in a month. But in 3 months, the power consumption of 10 production days in one month of the enterprise is lower than 1000 degrees, and the enterprise has the risk of power failure. The short-term power failure risk refers to that the enterprise has the short-term power failure risk under the condition that the power consumption of the enterprise in K continuous production days in one month is lower than a first threshold value. Wherein the first threshold is lower than the electricity consumption of the enterprise on a normal production day. For example, K is 7. The medium outage risk refers to the situation that an enterprise has a medium outage risk in the case that the enterprise has a short outage risk for many months in a year. For example, in 12 months of 2018, if there is a short-term outage risk in 8 months, the enterprise has an intermediate-term outage risk in 2018. The long-term power failure risk means that the enterprise has a long-term power failure risk under the condition that the enterprise has the long-term power failure risk every year within N continuous years. For example, businesses have mid-term outage risks for 3 years (or 2 years) in a year.
3. The power consumption difference index. The power consumption difference degree refers to the difference between the power consumption of each production day in half a year of an enterprise. The short-term electricity consumption difference degree risk refers to that the enterprise has the short-term electricity consumption difference degree risk under the condition that the difference value between the electricity consumption of a plurality of adjacent production days is larger than a second threshold value in each month. The medium-term power utilization difference risk means that within half a year of an enterprise, if the short-term power utilization difference risk exists in S months, the enterprise has the medium-term power utilization difference risk. Wherein S is more than or equal to 4 and less than or equal to 6. The long-term electricity consumption difference risk means that in N consecutive years of an enterprise, R half years have the medium-term electricity consumption difference risk, and then the enterprise has the long-term electricity consumption difference risk. Wherein, R is more than or equal to N and less than or equal to 2N.
4. And (4) using the electricity fluctuation index. The power utilization fluctuation refers to the increase rate of annual power consumption of an enterprise. For example, the increase rate of the electricity usage of an enterprise in 2016 is 10%, the increase rate of the electricity usage of 2017 is 11%, and the increase rate of the electricity usage of 2018 is 1%. The abnormal electricity utilization fluctuation of the enterprise in 2018 indicates that the production operation condition of the enterprise may be poor. The short-term fluctuation risk refers to the risk that the enterprise has short-term fluctuation when the electricity consumption exceeding H production days is less than or equal to a third threshold value within one month. The medium-term power fluctuation risk refers to a condition that the short-term power fluctuation risk exists in an enterprise more than Q months in one year, and the enterprise has the medium-term power fluctuation risk. The long-term power utilization fluctuation risk refers to that an enterprise has a medium-term power utilization fluctuation risk under the condition that the medium-term power utilization fluctuation risk exists every year in N continuous years of the enterprise. H. Q is a positive integer.
5. Electricity usage level indicator. The power consumption level refers to the half-year power consumption of the enterprise. The short-term electricity utilization level risk means that the enterprise has the short-term electricity utilization level risk under the condition that the electricity consumption exceeding W months is lower than a fourth threshold value within half a year of the enterprise. The medium-term electricity utilization level risk means that if the enterprise has short-term electricity utilization level risk within one year and more than half a year, the enterprise has the medium-term electricity utilization level risk. The long-term electricity utilization level risk means that the enterprise has medium-term electricity utilization level risk every year in N continuous years, and then the enterprise has the long-term electricity utilization level risk. W is a positive integer.
6. The electricity utilization growth rate index. The electricity consumption increase rate refers to the increase rate of the electricity consumption of the enterprise. The short-term electricity utilization growth rate risk means that the enterprise has the short-term electricity utilization growth rate risk under the condition that the electricity utilization growth rate of Y months is lower than a fifth threshold value within half a year of the enterprise. The intermediate power utilization level risk means that the enterprise has the risk of short-term power utilization growth rate within half a year, and then the enterprise has the risk of intermediate power utilization growth rate. The long-term electricity utilization level risk means that the enterprise has the risk of medium-term electricity utilization growth rate in N consecutive years and more than L half years, and then the enterprise has the risk of long-term electricity utilization growth rate. Y is a positive integer.
7. And default electricity utilization risk indicators. The default electricity utilization risk means that the enterprise can illegally use electricity due to arrearage or late-payment electricity charges. The long-term default electricity utilization and electricity stealing risk refers to the long-term default electricity utilization and electricity stealing risk of an enterprise under the condition that the enterprise pays late charges in M months within one year. Long term arrearage risk an enterprise has a long term arrearage risk if the amount owed for M months within the enterprise's year exceeds a sixth threshold.
The first to sixth thresholds may be values preset in the server. The magnitudes of the first threshold to the sixth threshold may be set manually.
In one possible implementation, the server inputs the power data of the target enterprise into the anti-fraud early warning model, and outputs a fraud score of the target enterprise. Wherein the higher the fraud score, the higher the fraud risk of the target enterprise. And under the condition that the fraud score of the target enterprise is larger than a preset threshold value, the anti-fraud early warning model outputs the risk item of the target enterprise.
Exemplary, the output fields of the anti-fraud early warning model are shown in table 2.
Table 2 output fields and corresponding field types
Figure BDA0002441007760000071
Figure BDA0002441007760000081
In table 2, the user number, the unified social credit code, the enterprise name, and the enterprise industry code are information of the enterprise. The anti-fraud risk model may be pre-set with an anti-fraud early warning level for the enterprise. For example, under the condition that the fraud score of the enterprise is more than or equal to 0 and less than 20, the anti-fraud early warning level of the enterprise is primary early warning; under the condition that the fraud score of the enterprise is more than or equal to 20 and less than 80, the anti-fraud early warning level of the enterprise is secondary early warning; and under the condition that the fraud score of the enterprise is not less than 80 and not more than 100, the anti-fraud early warning level of the enterprise is three-level early warning. Wherein, the higher the anti-fraud early warning level is, the higher the fraud risk of the enterprise is.
And 103, the server determines whether the target enterprise has fraud risk according to the fraud score and the risk item of the target enterprise.
In one possible implementation manner, the server may determine that the target enterprise is at risk of fraud when the fraud score of the target enterprise is higher than a preset value. When the target enterprise has fraud risk, the anti-fraud early warning model can output risk items.
Illustratively, the server has a display unit, and the server can display the fraud score, the anti-fraud early warning level and the risk item through the display unit. The staff member can determine whether the target enterprise has fraud risk through the display unit. For example, when the fraud score of enterprise a is higher than a preset value and the target enterprise has multiple risk items, the server may determine that the target enterprise has a fraud risk.
In the embodiment of the application, the server acquires the power data of the target enterprise. Because the electric power data has the characteristics of high reliability, strong timeliness, good continuity and wide coverage, the electric power data of the enterprise can well reflect the actual operation condition of the enterprise. And the server obtains the fraud score and the risk item of the target enterprise according to the electric power data of the target enterprise and the anti-fraud early warning model. The fraud score of the target enterprise is used for representing the fraud risk of the target enterprise, and the risk item is used for representing the unqualified power index of the target enterprise. In this way, the server can identify fraud for the enterprise based on the fraud score and the risk terms for the target enterprise. Therefore, the technical scheme of the application can help a bank to identify the enterprises with fraud risks, and meanwhile, the risk identification cost before the enterprise loan is reduced.
Optionally, as shown in fig. 2, the method provided in the embodiment of the present application may further include step 104.
And step 104, under the condition that the target enterprise has fraud risk, the server outputs alarm information.
Wherein, the alarm information is used for indicating that the target enterprise has fraud risk.
Illustratively, the server has a display device. The server may display the warning information through the display device. Alternatively, the server may transmit the warning information to the terminal through a communication network.
In a possible embodiment, as shown in fig. 3, the determining method provided in this embodiment of the present application further includes, before step 101:
step 201, the server acquires historical power data of a plurality of enterprises.
Wherein the plurality of enterprises includes enterprises that do not have fraudulent activities and enterprises that do have fraudulent activities.
It should be noted that an enterprise with fraudulent activities refers to an enterprise with abnormal power data but operating normally for external production. For example, the tax statement for Enterprise A shows that the number of products produced per month remains growing and the manufacturing process for that enterprise is not promoted. But the actual power data for that a enterprise remains normal or declines. Then the a enterprise has fraudulent behavior. Alternatively, business B has been demonstrated to have reduced production and operation capabilities, but the actual power data for business B is normal. Enterprise B has fraudulent behavior.
In one possible implementation manner, the server is preset with a power anti-fraud white list and a power anti-fraud black list. The power anti-fraud white list comprises a plurality of enterprises without fraudulent behaviors and power data of the plurality of enterprises without fraudulent behaviors. The power anti-fraud blacklist includes a plurality of enterprises having fraudulent activities and power data of the plurality of enterprises having fraudulent activities.
The server may obtain power data for a first preset number of fraudulent enterprises and power data for a second preset number of non-fraudulent enterprises. The first predetermined number and the second predetermined number may be the same or different.
For each of the plurality of businesses, the server determines a user representation of the business based on historical power data for the business, step 202.
Wherein, the user portrait is used for representing the power utilization characteristics of the enterprise.
In a possible implementation manner, the server determines the power data of the plurality of power types corresponding to each enterprise by classifying and screening the historical power data of each enterprise.
In another possible implementation manner, in order to determine the user image of the enterprise more accurately, the server may process the historical power data of the enterprise as follows:
1. and (6) classifying the data. For the power data corresponding to each power type, the server may first classify the power data for each power type. The classification method may include linear classification as well as non-linear classification. These two classification methods are explained below.
1.1 Linear classification. The linear classification means that the server divides the two types of linearly separable power data into two types through a linear classifier. For example, a linear classifier has a linear classification function: y ═ α × x + β. Where y is the probability of the power data, α and β are coefficients, and x is the power data. In this way, the server may determine a probability for each type of power data. Wherein the probability range of the two power data is [0, 1 ].
1.2 nonlinear classification. The non-linear classification means that for the two types of linearly inseparable power data, the server classifies the power data by adopting a function with differentiability. For example, a logistic function.
Note that the logistic function can be:
Figure BDA0002441007760000101
where f (x) is the probability of the power data, and x is the power data.
2. And matching the power data. The purpose of the power data matching is to generalize and integrate different power data of the same enterprise. The information of the enterprises corresponding to the power data acquired by the server may be inconsistent, for example, power data 1 corresponds to the name of enterprise a, and power data 2 corresponds to the electricity meter number of enterprise a. This results in that the power data corresponds to different information, although the power data is for the same enterprise. In this case, the server determines a plurality of power data corresponding to each enterprise through data matching.
For example, the server sets an identifier for each enterprise, and then associates the power data of each enterprise with the corresponding identifier, so that the server can summarize multiple power data of the same enterprise, so as to determine the credit condition of the enterprise subsequently. The identification may be any of a social credit code, an electronic code, etc. of the enterprise.
3. And (6) data cleaning. In the process of building an anti-fraud early warning model, data cleansing typically takes 50% -80% of the time of the building process. Meanwhile, the result of data cleaning is related to the effect of the anti-fraud early warning model. The following describes data cleansing.
The error value is corrected. For data where scrambling or erroneous characters occur. For example, data of the character type may have an error value such as "# × NULL", the server may delete the data or the server may replace the data with the first character (e.g., 0, or none).
For example, the server needs to acquire the electricity consumption of the C enterprise in each of the 1 month to 12 months of 2018, but lacks the electricity consumption of the C enterprise in the 7 months. In this case, the server may take the average of the electricity usage for the other eleven months as the electricity usage for 7 months. Or, the server may also use the electricity consumption corresponding to the C enterprise in the historical time (for example, 7 months in 2017 or 7 months in 2016) as the electricity consumption in 7 months in 2018.
And thirdly, sealing the top of the outlier. For power data of the same power type of a plurality of enterprises, the server can determine value ranges of the power data of the power type. And then, the server determines the power data corresponding to the type according to the value range.
Wherein the power type includes a plurality of power data having the same category. For example, the amount of electricity used, the amount of charge, the number of meter readings, the number of meter changes, etc.
Illustratively, the server builds a box graph. The server determines a distribution of the plurality of power data in the pictogram. For example, as shown in fig. 4, the power data of the plurality of enterprises has fewer outliers, and the server may determine the value range to be 1% to 99%. The server may delete the type of power data for the enterprise. That is, the server may include 99% power data. As shown in fig. 5, the power data of the plurality of enterprises has a large outlier, and the server may determine that the value range is 25% to 75%. That is, the server may retain 50% of the power data. In fig. 4 and 5, a black dot indicates a power data corresponding to an enterprise.
Note that the power data in fig. 4 and 5 are power data for one power type, respectively.
And fourthly, type derivation. The server can process a plurality of power data of the enterprise to obtain a new power type reflecting the credit status of the enterprise.
Illustratively, as shown in table 3, a plurality of additional power types are provided for the embodiments of the present application.
TABLE 3 newly added Power types
Figure BDA0002441007760000121
4. And selecting the power type. The amount of computation of the server may increase due to the excessive power types of the enterprise. Therefore, in the process of establishing the anti-fraud early warning, the server can screen a plurality of power types to obtain the power types with larger difference of the power data. The server may process the power type as follows:
for one power type, when the power data of the power type is lacking in enterprises in a plurality of enterprises in a ratio exceeding a preset ratio, the server can delete all the power data in the power type, so that the power data is more universal. For example, the electric power type is the prepaid electric power fee, and the preset proportion is 80%. If 89 enterprises do not pay the electricity fee in advance and 11 enterprises pay the electricity fee in advance in the 100 enterprise electricity data acquired by the server. The server may delete the electric power data corresponding to the electric power fee paid in advance.
For the type of the power data which is stable at the unique value, the server can delete the power data of the power type so as to enable the power data to be more representative. For example, the power type is taken as the number of transformers. In the power data of 100 enterprises acquired by the server, the number of transformers of the 100 enterprises is 1. The server may delete the power data corresponding to the number of transformers.
For the power type with the concentration ratio larger than the threshold value in the power data, the server can delete the power data of the type, so that the power data can reflect the difference among enterprises. For example, taking the number of times of payment of each year as an example of the power type, 80% of the obtained power data of a plurality of enterprises are collected into 12. The server may delete the power data corresponding to the number of times the enterprise paid.
And fourthly, data binning and Information Value (IV) calculation. Data binning is used to discretize continuous power data. After the electric power data are discretized, the risk of overfitting of the anti-fraud early warning model is reduced, and the anti-fraud early warning model is more stable. In the embodiment of the application, the server can perform binning in various ways, and a binning result with the largest IV value after binning is used as a training sample for constructing the anti-fraud early warning model.
The IV value is used to measure the prediction capability of the power data of the power type, that is, the contribution degree of the power data of the power type to the enterprise credit. In order to reduce the workload of the server in constructing the anti-fraud early warning model, the server can further screen the power data when training the model.
For example, there are 200 types of power data. The server screens the power data meeting the preset conditions from the 200 types to obtain a module entering variable list. The module entering variable list comprises a plurality of types meeting preset conditions and corresponding power data. Wherein the preset condition may include: the prediction capability of the power data, the correlation between the power data, the robustness of the power data, the interpretability of the power data in service, and the like.
In the embodiment of the application, the binning method may include any one of equal-score binning or traversal combined binning. The two binning methods are explained below.
1) Equal-score binning
The step of equally dividing the bit number into boxes means that continuous power data are equally divided into N parts, the number of each part of power data is not lower than a preset value, and the IV value of each box is the largest.
2) Traversing combined sub-box
Traversing the combination binning means that continuous power data is divided into a plurality of combinations, and then each combination is traversed to take the combination meeting preset conditions as an optimal binning. For example, the power type is power data of the business state of the enterprise. The power type comprises 8 operation states: persistent, in-business, cancel, move-in, move-out, shut down, liquidation. The preset conditions are as follows: the power data is divided into 4 sections, the proportion of each section is not lower than 5%, and the IV of the power data is maximum.
Exemplary binning results are shown in table 4.
TABLE 4 binned results
Box separation section State of operation Ratio of
1 Continuing and stopping business 32.5%
2 Under business, logout 26.5%
3 Immigration and suspension pin 20.6%
4 Emigration and settlement 20.4%
The server may obtain a plurality of power data sets after binning the power data, where each power data set has a corresponding power type and a plurality of power data. Each power data set includes power data for a fraudulent enterprise and power data for an enterprise that does not have fraudulent activity.
According to the embodiment of the application, for a plurality of power data sets of each power type, the server can calculate the IV value corresponding to each power type after binning through a formula I.
Figure BDA0002441007760000141
Where S represents the number of power data sets of power type j, BiIs the amount of power data in the ith power data set in power type j without fraud, BtThe total amount of power data having no fraud in the power type j. GiIs the number G of fraudulent power data in the ith power data set in power type jtIs the total amount of power data with fraudulent activity in power type j.
Illustratively, the power type is taken as an example of the power utilization increase rate. As shown in table 5, the results are one of the binning results corresponding to the power usage increase rate.
TABLE 5 binned results corresponding to power usage growth rate
Figure BDA0002441007760000151
Combining the data in Table 1 and formula one, the server can calculate the corresponding electricity growth rate
Figure BDA0002441007760000152
Figure BDA0002441007760000153
In the embodiment of the application, after the server processes the power data of the plurality of power types, a plurality of power data sets can be obtained. Each power data set corresponds to a user image.
And step 203, the server establishes an anti-fraud early warning model according to the user figures of the enterprises and a preset algorithm.
In a possible implementation manner, the server may import user images of multiple enterprises into the score card model, and train power data corresponding to the user images by using a Logistic-Regression algorithm (Logistic-Regression), so as to obtain an anti-fraud early warning model. The scoring card model and the logistic regression algorithm may refer to the prior art, and are not described in detail in the embodiments of the present application.
In a possible embodiment, after the anti-fraud early warning model is established, the server may further verify the validity of the anti-fraud early warning model.
In a possible implementation manner, the server may verify the effectiveness of the anti-fraud early warning model through Kolmogorov-Smirnov (KS) and/or Receiver operating characteristic curve (ROC) of the anti-fraud early warning model. Next, KS index and ROC curve are introduced separately.
1. KS index.
And the KS index is used for verifying the distinguishing capability of the anti-fraud early warning model on good and bad customers. Wherein, good clients refer to enterprises without fraudulent activities, and bad clients refer to enterprises with fraudulent activities. Combining the binned plurality of power data sets without step 202. The server may determine the KS index in the following manner.
1.1, the server correspondingly predicts the result according to each power data set of the anti-fraud early warning model. The prediction result comprises the following steps: the prediction result of the actual good client is a bad client; the prediction result of the good client is also the good client; the prediction result of the actual bad client is a good client; the prediction result of the actual bad client is also the bad client.
And 1.2, the server determines the accumulated bad customer rate and the accumulated good customer rate corresponding to the plurality of power data sets. The bad client rate is the ratio of the number of bad clients to the total number of bad clients. The cumulative bad customer rate is a sum of bad customer rates of the plurality of power data sets. The good customer rate is the ratio of the number of good customers to the total number of number customers of the prediction result. The cumulative good customer rate is a sum of good customer rates of the plurality of power data sets.
And 1.3, the server determines the value of the KS index according to the difference value of the accumulated bad client rate and the accumulated good client rate.
It should be noted that when the value of the KS index belongs to (-0.2), the fraud prevention early warning model is not distinguishable, when the value of the KS index belongs to (0.2, 0.3), the distinguishing capability of the fraud prevention early warning model is general, when the value of the KS index belongs to (0.3, 0.4), the distinguishing capability of the fraud prevention early warning model is good, when the value of the KS index belongs to (0.4, 0.5), the distinguishing capability of the fraud prevention early warning model is excellent, and when the value of the KS index belongs to (0.5, + ]), the fraud prevention early warning model is abnormal, whether the power data has a problem needs to be checked.
2. ROC curve
In this embodiment of the application, the server may determine the ROC curve of the anti-fraud early warning model through the following steps.
Step 1, a server needs to determine a plurality of confusion matrices (confusion matrices) according to historical power data corresponding to a plurality of enterprises.
Illustratively, as shown in table 6, a confusion matrix is provided for the embodiments of the present application.
TABLE 6 confusion matrix
Figure BDA0002441007760000171
In table 6, the True Positive (TP) indicates that both the predicted value and the true value are 1; false Positive (FP) means that the predicted value is 1 and the true value is 0; true Negative (TN) means that both the predicted value and the true value are 0; false Negative (FN) indicates that the predicted value is 0 and the true value is 1. The predicted value is 1, and the server determines that the enterprise does not have fraud behavior according to the anti-fraud early warning model. A true value of 1 indicates that the enterprise does not actually have fraud. The predicted value is 0, which means that the server determines that the enterprise has fraud according to the anti-fraud early warning model. A true value of 0 indicates that the enterprise actually has fraudulent behavior.
Step 2, after determining the plurality of confusion matrices, the server calculates a True Positive Rate (TPR) of each confusion matrix according to formula two, and calculates a False Positive Rate (FPR) of each confusion matrix according to formula three.
Figure BDA0002441007760000172
Figure BDA0002441007760000173
And 3, the server determines TPR and FPR of each power type.
In this embodiment of the application, the server may determine the TPR and the FPR of each electrical confusion matrix according to step 1 and step 2. Thus, a plurality of TPRs and FPRs are obtained.
And 4, the server determines an ROC curve according to the TPRs and the FPRs.
Illustratively, as shown in fig. 6, a ROC curve is provided for the embodiments of the present application. The horizontal axis of the rectangular plane coordinate system corresponding to the ROC curve is FPR, and the vertical axis is TPR.
It should be noted that the closer the TPR is to 1 and the closer the FPR is to 0, the better the effectiveness of the anti-fraud pre-alarm model is. That is, the greater the radian of the ROC curve, the higher the accuracy of the anti-fraud pre-alarm model.
Optionally, the server may also verify the validity of the anti-fraud model by determining a Variance-inflationfactor (VIF) of the anti-fraud early warning model.
Where, VIF refers to the ratio of the variance in the presence of multicollinearity to the variance in the absence of multicollinearity between the explanatory variables. The larger the VIF, the more severe the display collinearity. Wherein, when 0< VIF <10, no multicollinearity exists; when VIF is more than or equal to 10 and less than 100, stronger multiple collinearity exists; when VIF ≧ 100, severe multicollinearity exists.
Figure BDA0002441007760000181
Wherein R is2Is XiCoefficients regressed for other independent variables when dependent variables.
VIF can be calculated and analyzed in three steps:
s1, according to formula X1=α2X23X3……+αkXk+C0+ e, calculate k different VIFs, each XiFirst run a normal least squares regression, where XiIs a function of all other explanatory variables in the first equation. For example: if i is 1, the equation holds, where C0 is a constant;
s2, and then calculating the VIF factor.
Wherein R isi 2Is the coefficient of determination of the regression equation in step 1.
S3, VIF size is observed.
Optionally, the server may also verify the validity of the anti-fraud model by a probability score transformation.
Illustratively, the server is preset with a scoring mode: offset, and scale. Wherein, factor is pdo/ln (2), and offset is score-factor ln (odds). odds is p/(1-p), and p is the bad account probability.
Illustratively, table 7 is a set scoring parameter.
TABLE 7 Scoring parameters
Doubling the odds every 40 minutes factor= 57.7078016 score=offset-factor*ln(odds)
600 timesharing odds is 1: 21 offset= 424.307303 score-pdo=offset-factor*ln(2*odds)
pdo can be determined according to the following: assume that the score of the power type with the ratio x is P. The score for the point with the ratio of 2x should be p + pdo. In the formula, the following two equations can be obtained: p-a-Blog (x), p-pdo-a-Blog (2 x). x represents the ratio and A, B is a constant.
Illustratively, let the ratio be 1/60, p 600, pdo-20. The expression ratio is 1/60, and the score card outputs a score of 600; when the ratio is increased by 1 fold, the score is increased by-20 (a larger ratio represents a larger number of bad customers, and a larger number of bad customers scores a lower score).
The calculation can obtain:
Figure BDA0002441007760000191
that is, score is 481.89-28.85 ln (odds).
Exemplary, the correspondence between odds and score is shown in table 8.
TABLE 8 correspondence of odds and score
odds score Rate of default
1:480 660 0.2079%
1:240 640 0.4149%
1:120 620 0.8264%
1:60 600 1.6393%
1:30 580 3.2258%
1:15 560 6.2500%
1:7.5 540 11.7647%
Alternatively, the variable score may be determined by equation four.
Figure BDA0002441007760000201
Illustratively, the server may obtain a rating Table 9 as shown in Table 9
Figure BDA0002441007760000202
Figure BDA0002441007760000211
It should be noted that the anti-fraud early warning model sufficiently fuses the power data of the enterprise and the financial service characteristics. The data value of the electric power data in the field of credit wind control of the bank is realized. Based on the scarcity of the electric power data acquisition and the comprehensiveness of the product in the field of credit wind control of banks, the anti-fraud early warning model has obvious advantages. The anti-fraud early warning model can carry out deep analysis on the sum of the electric power data, fully excavate the incidence relation between the electric power data and the bank credit wind control business, construct a characteristic electric power financial wind control model according to the business process of the bank credit, and reasonably apply the electric power data to the bank credit business.
The embodiment of the present application may perform the division of the functional modules or the functional units for the device for determining the enterprise fraud risk according to the above method, for example, each functional module or functional unit may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module may be implemented in a form of hardware, or may be implemented in a form of a software functional module or a functional unit. The division of the modules or units in the embodiment of the present application is schematic, and is only a logic function division, and there may be another division manner in actual implementation.
The embodiment of the present application provides a device for determining an enterprise fraud risk, where the device may be a server or a chip applied to the server, as shown in fig. 7, and the device may include:
the communication unit 601 is used for acquiring power data of a target enterprise within preset time; the power data is used for representing the power utilization condition of the target enterprise;
the processing unit 602 is configured to determine a fraud score and a risk item of a target enterprise according to the power data and the anti-fraud early warning model; the risk item is determined according to a plurality of electric power indexes, and the fraud score is used for representing the fraud risk of the target enterprise; the anti-fraud early warning model is used for determining the credit degree of the enterprise;
the processing unit 602 is further configured to determine whether the target enterprise has a fraud risk according to the credit score and the risk item.
Optionally, the processing unit 602 is specifically configured to:
inputting the electric power data into an anti-fraud early warning model to obtain a credit score;
and the anti-fraud early warning model is also used for outputting risk items under the condition that the credit score is smaller than a preset threshold value.
Optionally, the power indicator includes at least one of the following indicators: the system comprises an enterprise start index, a power failure risk index, a power utilization difference index, a power utilization fluctuation index, a power utilization level index, a power utilization normal rate index and a default power utilization risk index.
Optionally, the communication unit 601 is further configured to obtain historical power data of multiple enterprises;
for each of a plurality of enterprises, a processing unit 602 for determining a user representation of the enterprise based on historical power data for the enterprise; the user portrait is used for representing the electricity utilization characteristics of an enterprise; and establishing an anti-fraud early warning model according to the user figures of the plurality of enterprises and a preset algorithm.
Optionally, the communication unit 601 is further configured to output warning information in a case that the target enterprise has a fraud risk, where the warning information is used to indicate that the target enterprise has the fraud risk.
Fig. 8 shows a schematic diagram of another possible structure of the enterprise fraud risk determination apparatus in the above embodiment. When the determination apparatus is a server, the apparatus includes: one or more processors 161 and a communications interface 162. The processor 161 is used to control and manage the actions of the device, e.g., to perform the steps performed by the processing unit 111 described above, and/or other processes for performing the techniques described herein.
In particular implementations, processor 161 may include one or more CPUs such as CPU0 and CPU1 of fig. 8 as an example.
In one implementation, the communication device may include multiple processors, such as processor 111 in fig. 8, for example. Each of these processors may be a single-core (single-CPU) processor or a multi-core (multi-CPU) processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).
Optionally, the determining means may further comprise a memory 163 and a communication line 164, the memory 163 being for storing program items and data of the apparatus.
Fig. 9 is a schematic structural diagram of a chip 170 according to an embodiment of the present disclosure. Chip 170 includes one or more (including two) processors 1710 and a communication interface 1730.
Optionally, the chip 170 further includes a memory 1740, which may include both read-only memory and random access memory, and provides operational instructions and data to the processor 1710. A portion of memory 1740 may also include non-volatile random access memory (NVRAM).
In some embodiments, memory 1740 stores elements, execution modules, or data structures, or a subset thereof, or an expanded set thereof.
In the embodiment of the present application, the corresponding operation is performed by calling an operation instruction stored in the memory 1740 (the operation instruction may be stored in an operating system).
The processor 1710 may implement or execute various illustrative logical blocks, units, and circuits described in connection with the disclosure herein. The processor may be a central processing unit, general purpose processor, digital signal processor, application specific integrated circuit, field programmable gate array or other programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, units, and circuits described in connection with the disclosure. The processor may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs, and microprocessors, among others.
Memory 1740 may include volatile memory, such as random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, a hard disk, or a solid state hard disk; the memory may also comprise a combination of memories of the kind described above.
The bus 1720 may be an Extended Industry Standard Architecture (EISA) bus or the like. Bus 1720 may be divided into an address bus, a data bus, a control bus, and the like. For ease of illustration, only one line is shown in FIG. 9, but this does not represent only one bus or one type of bus.
Through the description of the above embodiments, it is clear to those skilled in the art that, for convenience and simplicity of description, the above division of each functional unit is only used as an example, and in practical applications, the above function distribution may be completed by different functional units according to needs, that is, the internal structure of the device may be divided into different functional units to complete all or part of the above described functions. For the specific working processes of the system, the apparatus and the unit described above, reference may be made to the corresponding processes in the foregoing method embodiments, and details are not described here again.
The embodiment of the present application further provides a computer-readable storage medium, where instructions are stored in the computer-readable storage medium, and when the instructions are executed by a computer, the computer executes each step in the method flow shown in the above method embodiment.
The computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, and a hard disk. Random Access Memory (RAM), Read-Only Memory (ROM), Erasable Programmable Read-Only Memory (EPROM), registers, a hard disk, an optical fiber, a portable Compact Disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any other form of computer-readable storage medium, in any suitable combination, or values in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. Of course, the storage medium may also be integral to the processor. The processor and the storage medium may reside in an Application Specific Integrated Circuit (ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
Embodiments of the present invention provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the determination method as described in fig. 1, 2, 3.
Since the apparatus for determining an enterprise fraud risk, the computer readable storage medium, and the computer program product in the embodiments of the present invention may be applied to the method described above, the technical effect obtained by the apparatus may also refer to the method embodiments described above, and the embodiments of the present invention are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus, and method may be implemented in other ways. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, the division of the units is only one logical functional division, and in actual implementation, there may be other divisions, for example, multiple units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may also be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims (12)

1. A method for determining a risk of enterprise fraud, comprising:
the method comprises the steps that a server obtains power data of a target enterprise within preset time, wherein the power data are used for representing the power utilization condition of the target enterprise;
the server determines a fraud score and a risk item of the target enterprise according to the electric power data and an anti-fraud early warning model, wherein the risk item is determined according to a plurality of electric power indexes of the target enterprise, the fraud score is used for representing fraud risk of the target enterprise, and the anti-fraud early warning model is used for determining credit of the enterprise;
and the server determines whether the target enterprise has fraud risk according to the credit score and the risk item.
2. The method for determining according to claim 1, wherein determining credit score and risk item of the target enterprise according to the power data and anti-fraud early warning model comprises:
the server inputs the electric power data into the anti-fraud early warning model to obtain the credit score;
and the anti-fraud early warning model is further used for outputting the risk item under the condition that the credit score is smaller than a preset threshold value.
3. The determination method according to claim 1,
the power indicator includes at least one of: the system comprises an enterprise start index, a power failure risk index, a power utilization difference index, a power utilization fluctuation index, a power utilization level index, a power utilization normal rate index and a default power utilization risk index.
4. The method of any of claims 1-3, wherein prior to said obtaining power data for the target enterprise, the method further comprises:
the server acquires historical power data of a plurality of enterprises;
for each of the plurality of enterprises, the server determining a user representation of the enterprise from historical power data for the enterprise; the user representation is used for representing power utilization characteristics of an enterprise;
and the server establishes the anti-fraud early warning model according to the user figures of the enterprises and a preset algorithm.
5. The method of determining according to claim 1, further comprising:
and under the condition that the target enterprise has the fraud risk, the server outputs alarm information, wherein the alarm information is used for indicating that the target enterprise has the fraud risk.
6. An apparatus for determining a risk of enterprise fraud, comprising:
the communication unit is used for acquiring power data of a target enterprise within preset time; the power data is used for representing the power utilization condition of the target enterprise;
the processing unit is used for determining fraud scores and risk items of the target enterprises according to the electric power data and the anti-fraud early warning model; the risk item is determined according to a plurality of electric power indexes of the target enterprise, and the fraud score is used for representing the fraud risk of the target enterprise; the anti-fraud early warning model is used for determining the credit degree of the enterprise;
and the processing unit is further used for determining whether the target enterprise has fraud risk according to the credit score and the risk item.
7. The determination apparatus according to claim 6, wherein the processing unit is specifically configured to:
inputting the power data into the anti-fraud early warning model to obtain the credit score;
and the anti-fraud early warning model is further used for outputting the risk item under the condition that the credit score is smaller than a preset threshold value.
8. The determination apparatus according to claim 6,
the power indicator includes at least one of: the system comprises an enterprise start index, a power failure risk index, a power utilization difference index, a power utilization fluctuation index, a power utilization level index, a power utilization normal rate index and a default power utilization risk index.
9. The determination apparatus according to any one of claims 6 to 8,
the communication unit is further used for acquiring historical power data of a plurality of enterprises;
for each of the plurality of enterprises, the processing unit to determine a user representation of the enterprise from historical power data for the enterprise; the user representation is used for representing power utilization characteristics of an enterprise; and establishing the anti-fraud early warning model according to the user figures of the enterprises and a preset algorithm.
10. The determination apparatus according to claim 6,
the communication unit is further configured to output warning information when the target enterprise has a fraud risk, where the warning information is used to indicate that the target enterprise has the fraud risk.
11. A readable storage medium having stored therein instructions which, when executed, implement the method of any one of claims 1 to 5.
12. A chip comprising at least one processor and a communication interface, the communication interface being coupled to the at least one processor, the at least one processor being configured to execute computer programs or instructions to implement the method of any one of claims 1 to 5.
CN202010265182.0A 2020-04-07 2020-04-07 Method and device for determining enterprise fraud risk Pending CN111553563A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010265182.0A CN111553563A (en) 2020-04-07 2020-04-07 Method and device for determining enterprise fraud risk

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010265182.0A CN111553563A (en) 2020-04-07 2020-04-07 Method and device for determining enterprise fraud risk

Publications (1)

Publication Number Publication Date
CN111553563A true CN111553563A (en) 2020-08-18

Family

ID=72000597

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010265182.0A Pending CN111553563A (en) 2020-04-07 2020-04-07 Method and device for determining enterprise fraud risk

Country Status (1)

Country Link
CN (1) CN111553563A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112149977A (en) * 2020-09-14 2020-12-29 深圳供电局有限公司 Post-loan risk monitoring and early warning method and system, computer equipment and storage medium
CN112150269A (en) * 2020-09-14 2020-12-29 深圳供电局有限公司 Enterprise borrowing use verification method and system, computer equipment and storage medium
CN112150267A (en) * 2020-09-14 2020-12-29 深圳供电局有限公司 Computer equipment and enterprise power consumption analysis system
CN112241917A (en) * 2020-10-29 2021-01-19 深圳供电局有限公司 Intelligent financial institution pre-loan management method and system
CN112419040A (en) * 2020-10-31 2021-02-26 国家电网有限公司 Credit anti-fraud identification method, credit anti-fraud identification device and storage medium
CN116702950A (en) * 2023-05-06 2023-09-05 中国安全生产科学研究院 Prediction method for enterprise illegal production behavior in coal industry based on electric power big data
WO2024067387A1 (en) * 2022-09-26 2024-04-04 深蓝汽车科技有限公司 User portrait generation method based on characteristic variable scoring, device, vehicle, and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106127522A (en) * 2016-06-29 2016-11-16 苏州迈科网络安全技术股份有限公司 Dig based on network data and analyze method and system according to the enterprise management condition of technology
CN107240014A (en) * 2017-04-28 2017-10-10 天合泽泰(厦门)征信服务有限公司 A kind of credit rating method based on enterprise's reference business
CN109409969A (en) * 2018-10-24 2019-03-01 仲恺农业工程学院 Enterprise tax fraud detection method, electronic equipment and storage medium
CN110458697A (en) * 2019-08-19 2019-11-15 北京百度网讯科技有限公司 Method and apparatus for assessing risk
CN110674970A (en) * 2019-08-19 2020-01-10 广州荔支网络技术有限公司 Enterprise legal risk early warning method, device, equipment and readable storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106127522A (en) * 2016-06-29 2016-11-16 苏州迈科网络安全技术股份有限公司 Dig based on network data and analyze method and system according to the enterprise management condition of technology
CN107240014A (en) * 2017-04-28 2017-10-10 天合泽泰(厦门)征信服务有限公司 A kind of credit rating method based on enterprise's reference business
CN109409969A (en) * 2018-10-24 2019-03-01 仲恺农业工程学院 Enterprise tax fraud detection method, electronic equipment and storage medium
CN110458697A (en) * 2019-08-19 2019-11-15 北京百度网讯科技有限公司 Method and apparatus for assessing risk
CN110674970A (en) * 2019-08-19 2020-01-10 广州荔支网络技术有限公司 Enterprise legal risk early warning method, device, equipment and readable storage medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
程永昌,刘太明, 中国税务出版社 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112149977A (en) * 2020-09-14 2020-12-29 深圳供电局有限公司 Post-loan risk monitoring and early warning method and system, computer equipment and storage medium
CN112150269A (en) * 2020-09-14 2020-12-29 深圳供电局有限公司 Enterprise borrowing use verification method and system, computer equipment and storage medium
CN112150267A (en) * 2020-09-14 2020-12-29 深圳供电局有限公司 Computer equipment and enterprise power consumption analysis system
CN112150269B (en) * 2020-09-14 2024-07-05 深圳供电局有限公司 Enterprise borrowing use verification method and system, computer equipment and storage medium thereof
CN112241917A (en) * 2020-10-29 2021-01-19 深圳供电局有限公司 Intelligent financial institution pre-loan management method and system
CN112241917B (en) * 2020-10-29 2024-07-16 深圳供电局有限公司 Intelligent financial institution pre-loan management method and system
CN112419040A (en) * 2020-10-31 2021-02-26 国家电网有限公司 Credit anti-fraud identification method, credit anti-fraud identification device and storage medium
WO2024067387A1 (en) * 2022-09-26 2024-04-04 深蓝汽车科技有限公司 User portrait generation method based on characteristic variable scoring, device, vehicle, and storage medium
CN116702950A (en) * 2023-05-06 2023-09-05 中国安全生产科学研究院 Prediction method for enterprise illegal production behavior in coal industry based on electric power big data
CN116702950B (en) * 2023-05-06 2024-01-23 中国安全生产科学研究院 Prediction method for enterprise illegal production behavior in coal industry based on electric power big data

Similar Documents

Publication Publication Date Title
CN111553563A (en) Method and device for determining enterprise fraud risk
Lennox Are large auditors more accurate than small auditors?
Wong et al. Predicting banking distress in the EMEAP economies
Curti et al. Fraud recovery and the quality of country governance
CN110852878B (en) Credibility determination method, device, equipment and storage medium
CN107993144A (en) Customer risk grade determines method, apparatus, equipment and readable storage medium storing program for executing
Vania et al. Does earning management happen in islamic bank?(indonesia and malaysia comparison)
Wei et al. Detecting fraud in Chinese listed company balance sheets
Ines The effect of discretionary accruals on financial statement fraud: the case of the French companies
Fidiana et al. Corporate going-concern report in early pandemic situation: Evidence from Indonesia
Peresetsky et al. Models for Moody’s bank ratings
CN117151882B (en) Risk assessment method and system based on multi-variety power transaction
Kusumawati et al. The influence of board of commissioners and audit committee effectiveness, ownership structure, bank monitoring, and firm life cycle on accounting fraud
CN112581291B (en) Risk assessment change detection method, apparatus, device and storage medium
CN117575776A (en) Lending wind control model training method, lending wind control model training equipment and readable storage medium
Dziwok New approach to operational risk measurement in banks
CN113835947A (en) Method and system for determining abnormality reason based on abnormality identification result
CN115147030A (en) Interest rate evaluation method and device, electronic equipment and readable storage medium
Kamuti The dynamic relationship between stock price volatility and trading volume at the Nairobi securities exchange
Brookes Risk modelling and the role and benefits of cat indices
Sharma Operational risk modeling-Approaches and responses
CN114880369A (en) Risk credit granting method and system based on weak data technology
CN111899025A (en) Processing method and device for loan service
Zou et al. The impact of tax policy on firm debt maturity: Evidence from China's VAT reform
Wokeh EFFECT OF INTERNAL CONTROL SYSTEM ON FINANCIAL PERFORMANCE OF LISTED DEPOSIT MONEY BANKS IN NIGERIA.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination