JP2016021182A - Risk management system, risk management method, and risk management program - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a risk management system, a risk management method, and a risk management program for calling an attention to an act which is likely to cause a problem.SOLUTION: A management part 20 is connected to: a principal situation acquisition part 10; a transaction cooperation part 15; a responsible person cooperation part 41; and an external organization cooperation part 42. The principal situation acquisition part 10 acquires the monitoring result of a situation related to a visitor. The transaction cooperation part 15 manages the attribute information or transaction request information of a customer. The management part 20 functions as a determination part 211 and an action part 212. The determination part 211 determines a risk level by using the principal situation determined on the basis of a monitoring result acquired by the principal situation acquisition part 10 or transaction situation information acquired by the transaction cooperation part 15. The action part 212 instructs action execution on the basis of the risk level.SELECTED DRAWING: Figure 1

Description

  The present invention relates to a risk management system, a risk management method, and a risk management program for suppressing actions that may cause problems.

  Conventionally, in a store or the like, a monitoring system that detects an intrusion of a suspicious person or the like from an image captured using a monitoring camera and outputs an alarm has been studied. Here, a technique for improving the identification accuracy of the monitoring target is also being studied (for example, see Patent Document 1). In the technique described in this document, a monitoring target identification unit registers a monitoring target object pattern, and performs identification processing of the monitoring target from a captured image using a pattern matching technique. In this case, the “roughness pattern” to be excluded is used to eliminate the wrinkle in the video using the pattern matching technique. Then, using the behavior suspicious pattern to be monitored, the suspicious action is identified using an optical flow image processing technique.

  In addition, an intruder monitoring system that performs image processing on images obtained from a plurality of cameras and tracks an object has been proposed. Here, a suspicious person detection system that uses the results of image processing methods having different characteristics in an integrated manner has also been studied (see, for example, Patent Document 2). In the suspicious person detection system described in this document, the behavior of the monitoring target is detected using an image processing result from each image processing unit or an integrated processing result obtained by integrating the image processing results. And based on behavior information, it is determined whether it is a suspicious person. In this case, monocular image processing of video output from each camera and stereo image processing of video output from each camera are performed.

  Further, in an automatic transaction apparatus in a financial institution, a transfer fraud that induces an illegal transfer transaction is a problem. For this reason, in unattended transaction terminals, it is determined whether or not the terminal user has suffered fraud damage such as "transfer fraud" Techniques to be developed have also been studied (see, for example, Patent Document 3). In the technology described in this document, a surveillance camera is installed on an unmanned transaction terminal, a user's specific behavior is detected multiple times, and when a specific behavior is detected multiple times, it is determined that there is a `` suspicious behavior '' The terminal asks the user about the transaction status. As a result of answering the question, if it is determined that there is a high possibility of being fraudulent, a warning is displayed on the transaction screen.

JP 2008-152586 A JP 2012-79340 A JP 2008-197939 A

  However, there are a variety of actions that can cause problems, and uniform judgment is difficult. In particular, an action that may cause a problem may not be identified only by the image information of the subject. Further, the behavior of the subject may change depending on the subject's situation and the surrounding situation.

  The present invention has been made to solve the above-mentioned problems, and its purpose is to provide a risk management system, a risk management method, and a risk management program for calling attention to an action that may cause a problem. Is to provide.

  (1) A risk management system for solving the above-mentioned problem is connected to a monitoring unit that acquires monitoring information of the subject, and a logic unit that stores information about the subject's identity and correspondence according to the monitoring information And a control unit for instructing an action using the logic unit. And the said control part acquires monitoring information from the said monitoring part, uses the said logic part, determines a principal situation according to the said monitoring information, and determines a response based on the risk level according to the said principal situation Then, an action corresponding to the response is instructed. Thereby, it is possible to call attention to an action that may cause a problem in consideration of the situation of the subject person.

  (2) In the risk management system, the action unit acquires monitoring information when an action is instructed from the monitoring unit, and based on changes in the monitoring information before and after the action, Is preferably determined. Accordingly, it is possible to call attention to an action that may cause a problem in consideration of the situation of the person based on the change in the monitoring result.

  (3) In the risk management system, it is preferable that the monitoring unit obtains information related to the behavior of the target person and determines the personal status of the target person using the information related to the behavior. Thereby, it is possible to call attention to an action that may cause a problem in consideration of the situation of the person based on the behavior of the target person.

  (4) In the said risk management system, it is preferable that the said monitoring part acquires the vital information of the said subject, and determines the said subject's personal condition using the said vital information. Accordingly, it is possible to call attention to an action that may cause a problem in consideration of the situation of the person based on the vital information of the target person.

  (5) In the risk management system, it is preferable that the monitoring unit obtains the public information of the target person and determines the personal status of the target person using the public information. Accordingly, it is possible to call attention to an action that may cause a problem in consideration of the situation of the person based on the public information of the target person.

  (6) In the risk management system, it is preferable that the monitoring unit obtains the transaction request information of the target person and determines the risk level of the target person using the transaction request information. Thereby, it is possible to call attention to an action that may cause a problem in consideration of the transaction status of the target person.

  According to the present invention, it is possible to call attention to an action that may cause a problem.

The system schematic of this embodiment. Explanatory drawing of the information used in judgment logic. Explanatory drawing of the process sequence of this embodiment. It is explanatory drawing of the process sequence of this embodiment, Comprising: (a) is the situation determination process based on a flow line, (b) is the situation determination process based on operation | movement, (c) is explanatory drawing of the situation determination process based on vital information. . It is explanatory drawing of the process sequence of this embodiment, (a) is the situation determination process based on the latest action, (b) is the situation determination process based on the transaction amount, (c) is the situation determination process based on the supplier, ( d) is a situation determination process based on the transaction date, (e) is a situation determination process based on the transaction place, and (f) is an explanatory diagram of a situation determination process based on the life event. It is explanatory drawing of the process sequence of this embodiment, Comprising: (a) is the situation determination process based on observation, (b) is explanatory drawing of an active monitoring situation determination process. It is explanatory drawing of the process sequence of this embodiment, Comprising: (a) is the adjustment process based on the statistical value of transaction request information, (b) is explanatory drawing of the adjustment process based on the statistical value of vital information.

  Hereinafter, an embodiment in which a risk management system, a risk management method, and a risk management program are embodied will be described with reference to FIGS. In the present embodiment, it is assumed that a risk management method is applied to a customer (target person) transaction request at a store of a financial institution.

As shown in FIG. 1, in the present embodiment, a person status acquisition unit 10, a transaction cooperation unit 15, a management unit 20, a person-in-charge cooperation unit 41, and an external organization cooperation unit 42 are used.
The person-in-charge cooperation unit 41 is a processing unit that cooperates with a computer terminal (person-in-charge terminal or the like) used by a person in charge who supports a customer's transaction in the store. This person-in-charge terminal includes an output unit and an input unit. The output unit is configured by a display or the like and is a means for outputting various information. The input unit includes a keyboard and a pointing device, and is a means for inputting various information.

The external organization cooperation unit 42 is a processing unit that reports to an external organization such as a security company or the police.
The personal status acquisition unit 10 as a monitoring unit is a processing unit that monitors a store visitor and provides a monitoring result to the management unit 20. This monitoring includes “passive monitoring” and “active monitoring”. In “passive monitoring”, the subject is observed and observed as it is. In “active monitoring”, a stimulus (action) is given to a subject, and the response and reaction are observed and observed. For example, the action includes “calling” the person in charge speaks, “transaction hold” for temporarily holding the transaction.

  The transaction cooperation unit 15 is a processing unit that cooperates with a system that manages customer attribute information and transaction information (transaction request information and transaction performance information). The transaction cooperation unit 15 monitors a transaction request from a customer or performs a transaction corresponding to an action instruction described later.

  The management unit 20 is an information processing unit (computer) that supports risk management in a store visitor's transaction request. The management unit 20 includes a logic unit that stores information on the subject person's identity and correspondence in accordance with the monitoring information. And the management part 20 has a control means provided with subject person memory, such as CPU, RAM, and ROM, and performs the corresponding process for risk management. The management unit 20 functions as the determination unit 211 and the action unit 212 by executing the risk management program for this purpose.

  The determination unit 211 executes processing for acquiring a monitoring result and transaction result information from the principal situation acquisition unit 10 and the transaction cooperation unit 15. Further, the determination unit 211 estimates the identity of the store visitor (for example, mental and physical conditions) based on the monitoring result. Further, the determination unit 211 calculates the transaction status (for example, statistical value of transaction amount) of the store visitor based on the transaction record information. Then, as will be described later, the determination unit 211 determines a risk level (possibility of causing a problem) according to the personal situation and transaction status, and executes a process of determining a response according to the risk level. The determination unit 211 has a determination logic for this determination. By using this judgment logic, the risk level is judged by using a general trend, a personal tendency, a trend based on the transaction status, etc., and a response is determined.

  The action unit 212 instructs execution of an action corresponding to the response determined based on the determination result in the determination unit 211. Then, the action unit 212 outputs instructions and support information for this action. This action includes “leading response” and “support response”. In “leading correspondence”, a direct instruction is transmitted to the person-in-charge cooperation unit 41, the external institution cooperation unit 42, and the transaction cooperation unit 15. In “support type correspondence”, support information for the person in charge is transmitted to the person-in-charge cooperation unit 41. This support information includes judgment contents in the judgment logic (such as observation contents and evidence of logic leading to the judgment, etc., if necessary) and recommended action plans. The person in charge determines whether or not an instruction to the target person, the person in charge of business, the security / police, and the transaction system is necessary.

  The management unit 20 includes a subject person memory that stores information related to the subject person. In the target person memory, information related to the monitoring result, the personal status information, the customer identifier, the transaction status information, the risk level, and the correspondence content is recorded in association with the target person identifier.

The target person identifier is an identifier for specifying each target person (visitor).
The monitoring result is information related to observation contents such as an image obtained by photographing the subject and a location, a flow line, and an action specified based on the image.

The personal status information records the personal status determined based on the monitoring result.
The customer identifier is information for identifying the customer specified based on the transaction request information for the target person.

The transaction status information is information obtained by evaluating the transaction request content of the target person. As the transaction status information, a “deviation transaction” different from the normal transaction amount, a transaction with a point requiring attention, validity of a transaction place, and the like are recorded.
The risk level is an evaluation value of the risk determined based on the monitoring result.
The response content is a response content determined according to the risk level.

  Next, information used in the determination logic of the determination unit 211 will be described with reference to FIG. In this embodiment, information used in the determination logic is acquired from the in-store device 51, the user terminal 52, the transaction terminal 53, the SNS server 54, the customer information system 55, the transaction management system 56, the person in charge terminal 57, and the like.

Here, the personal status acquisition unit 10 acquires monitoring results such as the latest action information, vital information, and behavior information from the in-store device 51, the user terminal 52, and the like.
The in-store device 51 includes a monitoring camera installed in the store, a monitoring camera incorporated in the transaction terminal 53, and the like. The personal status acquisition unit 10 acquires the behavior, motion, and vital information (information such as body temperature, breathing, and pulse) of the subject from the image captured by the monitoring camera.

  The user terminal 52 is a computer terminal (smart phone, wearable device, etc.) used by the target person. The user terminal 52 includes, for example, a call history recording unit and a camera. The principal situation acquisition unit 10 identifies the latest action based on the call history. Furthermore, the person status acquisition unit 10 acquires vital information (information such as body temperature, breathing, and pulse) from an image captured by the camera. Further, by using the user terminal 52 provided with a biosensor, vital information detected by the biosensor can be acquired.

The transaction cooperation unit 15 acquires transaction request information (customer identifier and transaction request content) from the transaction terminal 53.
The transaction terminal 53 is a computer terminal (such as an automatic teller machine) that inputs transaction request information when a target person requests a transaction. This transaction request information includes a customer identifier and transaction request details (information related to business partners, transaction amounts, etc.).

The principal situation acquisition unit 10 acquires life event information from the SNS server 54.
The SNS server 54 records the public information in association with the user specifying information (name etc.). Based on this public information, life events (for example, ceremonial occasions, childbirth, moving, etc.) can be specified.

The principal situation acquisition unit 10 acquires customer attribute information and corporate calendar information from the customer information system 55.
The customer information system 55 records information related to customer attributes (age, sex, affiliation) in association with the customer identifier. In the case of a corporate customer, corporate calendar information (for example, corporate special date information such as the closing date of the customer) is recorded in association with the customer identifier.

The transaction cooperation unit 15 acquires transaction status information from the transaction management system 56.
The transaction management system 56 acquires transaction request information from the transaction terminal 53. When the transaction is completed, the transaction request content is associated with the customer identifier and managed as transaction result information. In the transaction request information, it is possible to acquire information on the business partner and the transaction amount. Further, in the transaction result information, it is possible to acquire information related to the past transaction contents (transaction time, customer, transaction amount) of this customer.

The principal status acquisition unit 10 acquires the observation result information input by the person in charge from the person in charge terminal 57.
The storage unit 60 stores general vital information, caution behavior patterns, general transaction range lists, caution destination lists, general special day lists, special time zone lists, life event lists, and change caution patterns.

In the general vital information, a statistical value range of general vital information (for example, body temperature, respiratory frequency, pulse rate, etc.) is recorded.
The behavior pattern requiring attention records a behavior pattern that may cause a problem. For example, there is a call on a mobile terminal immediately before a transaction.

In the general transaction range list, transaction statistical value ranges (for example, transaction amount ranges) are recorded in correspondence with customer attributes (for example, gender and age).
The watch list includes a black list and a gray list. In the black list, information on a person or group that should deter transactions is recorded, and in the gray list, information on a person or group that requires attention at the time of trading is recorded.

In the general special day list, special days on the calendar such as fifty days, year-end and New Year holidays, and consecutive holidays are recorded.
In the special time zone list, special time zones such as immediately after opening a store and immediately before closing are recorded.
A keyword for specifying a life event is recorded in the life event list. Furthermore, information on a period (influence period) affected by the life event is recorded in each keyword. For example, for the keyword specifying “marriage” as the life event, 6 months is set as the influence period.

  In the change attention pattern, a pattern of a change in the monitoring result that occurs before and after the action (leading correspondence) is recorded in a subject who is performing an action that may cause a problem. For example, the change attention pattern includes “behavior avoiding human eyes” after the action “calling”.

Next, the outline of the process in the risk management method will be described with reference to FIG.
First, the management unit 20 executes a store visitor recognition process (step S1-1). Specifically, the personal status acquisition unit 10 identifies the target person image in the in-store image taken using the in-store device 51. Then, the principal situation acquisition unit 10 assigns a subject identifier and a risk level (initial value) to the subject image.

  Next, the management unit 20 executes a monitoring process (step S1-2). Specifically, the personal status acquisition unit 10 of the management unit 20 continuously acquires the monitoring result of the target person. This monitoring includes “observation” and “observation”. In “Observation”, the behavior and vital information (transition) of the subject are mechanically monitored via cameras and sensors. In “Observation”, the person in charge inputs a checklist and a guess result related to the subject and monitors them. Then, the management unit 20 records the acquired monitoring result in the target person memory in association with the target person identifier.

  Further, the management unit 20 acquires transaction request information input at the transaction terminal 53. This transaction request information includes information relating to customer identification information (customer identifier) and transaction request details (customer and transaction amount). Then, the management unit 20 records the customer identifier in the subject memory in association with the subject identifier. Furthermore, when acquiring the customer identifier of the target person, the management unit 20 acquires transaction result information from the transaction management system 56 via the transaction cooperation unit 15.

  Next, the management unit 20 executes a situation determination process (step S1-3). Specifically, the determination unit 211 of the management unit 20 uses the determination logic to make adjustments by raising or lowering the risk level based on the situation information recorded in the subject person memory. For example, as will be described later, the risk level is changed to “1” (observation required), “2” (monitoring required), “3” (caution required), etc. according to the situation. And the judgment part 211 determines the response | compatibility according to this risk level.

  Next, the management unit 20 executes action processing (step S1-4). Specifically, the determination unit 211 of the management unit 20 transmits an action instruction for the determined response to the transaction cooperation unit 15, the person-in-charge cooperation unit 41, and the external organization cooperation unit 42. This action instruction includes information related to the subject image and location recorded in the subject memory.

  For example, for the target person, a warning message is output to the transaction terminal 53 via the transaction cooperation unit 15 according to the risk level. Further, according to the risk level, the transaction management system 56 is instructed to interrupt or stop the transaction due to the transaction suspension via the transaction cooperation unit 15.

  For the person in charge, a message regarding alerting, instruction, and support is output to the person in charge terminal 57 via the person-in-charge cooperation unit 41. In this case, the person in charge performs a call to the target person or a direct intervention (situation confirmation act) in the transaction request.

  In addition, for security / police, information provision and notification / notification are performed via the external organization cooperation unit 42 according to the risk level. Here, depending on the risk level, in addition to providing real-time information, it is possible to use post-mortem information provision, or statistical information about visitor identity information and transaction status information.

Then, the action unit 212 records the correspondence contents in the target person memory in association with the target person identifier.
The management unit 20 that has executed the action process (step S1-4) returns to the monitoring process (step S1-2) and repeats the above process. This repetition is continued until it is determined that the subject person image cannot be detected by the in-store device 51 and the user leaves the store.

[Specific example of situation determination]
Next, specific examples of the monitoring process (step S1-2) and the situation determination process (step S1-3) will be described with reference to FIGS.

(Situation judgment processing based on flow lines)
The situation determination process based on the flow line will be described with reference to FIG.
Here, the management unit 20 executes a flow line identification process (step S2-1). Specifically, the determination unit 211 of the management unit 20 acquires the captured in-store image from the personal status acquisition unit 10. Next, the determination unit 211 sequentially specifies the target person image in the in-store image and specifies the flow line of the target person. Then, the determination unit 211 records a flow line in the target person memory as a monitoring result in association with the target person identifier.

  Next, the management unit 20 performs a motion determination process that avoids human eyes (step S2-2). Specifically, the determination unit 211 of the management unit 20 calculates a statistical value of the distance between the flow line of the subject person and the location from the other person in the store. If the statistical value of the distance is equal to or greater than the distance reference value, the determination unit 211 determines that the human eye is avoided and records it in the subject person memory as personal status information.

  Then, the management unit 20 executes a corresponding determination process (step S2-3). Specifically, if the determination unit 211 of the management unit 20 determines that the human eye is avoided, the determination unit 211 increases the risk level of the target person, and determines the response according to the risk level. For example, notification to the person in charge via the person-in-charge cooperation unit 41 is determined as a monitoring target. Further, in this situation, when a specific transaction act (for example, cash withdrawal operation) is detected at the transaction terminal 53, the risk level is adjusted according to the transaction request content, and the response corresponding to the risk level is determined. For example, an output of a call instruction to the person in charge via the person-in-charge cooperation unit 41 or an output of a transaction hold instruction via the transaction cooperation part 15 is determined.

(Situation judgment process based on action)
The situation determination process based on the operation will be described with reference to FIG.
Here, the management unit 20 executes operation information specifying processing (step S3-1). Specifically, the determination unit 211 of the management unit 20 acquires the captured image of the subject person from the personal status acquisition unit 10. In this target person image, information on the line of sight and the movement of the face is specified as the operation information. Then, the determination unit 211 records the operation information in the subject memory as a monitoring result in association with the subject identifier.

  Next, the management unit 20 executes a determination process of a movement that cares about human eyes (step S3-2). Specifically, the determination unit 211 of the management unit 20 specifies the location of another person in the movement direction (the line of sight or the face direction) of the target person using the in-store image. If another person is detected in the line-of-sight direction or the face direction, the determination unit 211 determines that the person is concerned about the person and records it in the subject person memory as personal status information.

  And the management part 20 performs a corresponding | compatible determination process (step S3-3). Specifically, when the determination unit 211 of the management unit 20 determines that the person is concerned, the risk level of the target person is increased and a response corresponding to the risk level is determined. Further, in this situation, when a specific transaction act (for example, cash withdrawal operation) is detected, the risk level is adjusted according to the contents of the transaction request, and the response corresponding to this risk level is determined.

(Status judgment process based on vital information)
A situation determination process based on vital information will be described with reference to FIG.
Here, the management unit 20 executes a vital information specifying process (step S4-1). Specifically, the determination unit 211 of the management unit 20 acquires the captured image of the subject person from the personal status acquisition unit 10. In this subject image, information relating to breathing, body temperature, pulse, etc. is specified as vital information. Then, the determination unit 211 records vital information as a monitoring result in the subject memory in association with the subject identifier.

  Next, the management unit 20 executes a determination process for the possibility of abnormality (step S4-2). Specifically, the determination unit 211 of the management unit 20 compares the vital information of the target person with the statistical value range of the general vital information recorded in the storage unit 60. When it is determined that the subject's vital information is outside the statistical range (for example, when the body temperature is high, the respiratory frequency is high, or the pulse rate is high), abnormalities (for example, poor physical condition or It is determined that there is a possibility of being injured, and is recorded in the subject person memory as personal status information.

  Then, the management unit 20 executes a corresponding determination process (step S4-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a possibility of abnormality, the risk level of the target person is raised according to the difference between the vital information of the target person and the statistical value range, Determine the response according to this risk level. Further, in this situation, when a specific transaction act (for example, cash transfer operation) is detected at the transaction terminal 53, the risk level is adjusted according to the transaction request content, and the response corresponding to the risk level is determined.

(Situation determination process based on the latest action)
The situation determination process based on the latest action will be described with reference to FIG.
Here, the management part 20 performs the acquisition process of the latest action (step S5-1). Specifically, the determination unit 211 of the management unit 20 acquires the latest action information from the user terminal 52 via the personal status acquisition unit 10. As the latest action information, for example, a call history within a predetermined period (for example, the latest 10 minutes) recorded in the user terminal 52 is acquired. Then, the determination unit 211 records the latest action information in the subject memory as a monitoring result in association with the subject identifier.

  Next, the management unit 20 executes a process for determining the possibility of action requiring attention (step S5-2). Specifically, the determination unit 211 of the management unit 20 compares the latest action information and the action pattern requiring attention recorded in the storage unit 60. If it is determined that the latest action matches the action requiring attention pattern, it is determined that there is a possibility of action requiring attention with risk, and is recorded in the subject person memory as personal status information.

  Then, the management unit 20 executes a corresponding determination process (step S5-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a possibility of action requiring attention, the determination unit 211 increases the risk level of the target person and determines a response according to the risk level. Further, in this situation, when a specific transaction act (for example, cash transfer operation) is detected at the transaction terminal 53, the risk level is determined according to the transaction request content, and the response according to the risk level is determined.

(Status judgment process based on transaction amount)
The situation determination process based on the transaction amount will be described with reference to FIG.
Here, the management unit 20 executes transaction amount information acquisition processing (step S6-1). Specifically, the determination unit 211 of the management unit 20 acquires the transaction amount in the transaction request information acquired from the transaction terminal 53 via the transaction cooperation unit 15.

  Next, the management part 20 performs the determination process of the possibility of a deviation transaction (step S6-2). Specifically, the determination unit 211 of the management unit 20 acquires customer attributes from the customer information system 55 via the transaction cooperation unit 15 using the customer identifier. For example, in the case of an individual customer, in the general transaction range list recorded in the storage unit 60, a statistical value range (transaction amount) corresponding to a customer attribute (for example, age) is acquired. And the judgment part 211 compares the statistical value range (general transaction range) corresponding to a customer attribute, and the transaction amount of the transaction request information of this object person. Further, the determination unit 211 acquires transaction result information associated with the customer identifier of the target person from the transaction management system 56 via the transaction cooperation unit 15. When the transaction performance information can be acquired, the determination unit 211 calculates a statistical value range (customer transaction range) of the transaction amount of the transaction performance information. Then, the determination unit 211 compares the customer transaction range with the transaction amount of the transaction request information of the target person. When it is determined that the transaction amount exceeds the statistical value range (general transaction range or customer transaction range), it is determined that there is a possibility of a deviation transaction, and is recorded in the target person memory as transaction status information.

  Then, the management unit 20 executes a corresponding determination process (step S6-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a possibility of a deviation transaction, the risk level of the target person is increased according to the difference between the transaction amount and the statistical value range, and this risk Determine the response according to the level.

(Situation judgment process based on suppliers)
The situation determination process based on the business partner will be described with reference to FIG.
Here, the management unit 20 executes a supplier information acquisition process (step S7-1). Specifically, the determination unit 211 of the management unit 20 acquires information related to the supplier in the transaction request information acquired from the transaction terminal 53 via the transaction cooperation unit 15.

  Next, the management unit 20 executes a process for determining the possibility of a need for attention (step S7-2). Specifically, the determination unit 211 of the management unit 20 determines whether or not the business partner is included in a list of required attentions (black list, gray list) recorded in the storage unit 60. Further, the determination unit 211 acquires transaction result information from the transaction management system 56 via the transaction cooperation unit 15. Then, the determination unit 211 determines whether or not there is a transaction record at a predetermined frequency within a predetermined period in the transaction record information. Here, when it is determined that the business partner is included in the watch-to-watch list recorded in the storage unit 60, it is determined to be a transaction with the watch-to-watch destination. Further, when the business partner does not have a transaction record with a predetermined frequency within a predetermined period and is determined to be the first transaction or a rare transaction, the transaction is determined to be a transaction with a cautionary customer. In this case, the transaction status information is recorded in the target person memory.

  Then, the management unit 20 executes a corresponding determination process (step S7-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a possibility of a transaction with a point requiring attention, the risk level of the target person is increased. When there is no transaction record with a predetermined frequency within a predetermined period with a business partner, the risk level is raised to the first stage, and a response (for example, a monitoring target) corresponding to this risk level is determined. When the business partner is registered in the greylist, the determination unit 211 raises the risk level to the second stage higher than the first stage, and takes a response (for example, a call instruction) according to the risk level. decide. When the business partner is registered in the black list, the determination unit 211 raises the risk level to a third level higher than the second level, and takes a response corresponding to the risk level (for example, a transaction hold instruction). decide.

(Situation judgment process based on transaction date and time)
A situation determination process based on the transaction date and time will be described with reference to FIG.
Here, the management unit 20 executes transaction date acquisition processing (step S8-1). Specifically, the determination unit 211 of the management unit 20 acquires information regarding the transaction date and time in the transaction request information acquired from the transaction terminal 53 via the transaction cooperation unit 15.

  Next, the management unit 20 executes a transaction determination process for special dates (step S8-2). Specifically, the determination unit 211 of the management unit 20 compares the transaction date and time with the special date recorded in the general special date list of the storage unit 60 and the special time zone recorded in the special time zone list. In addition, the determination unit 211 acquires corporate special day information on the customer from the customer information system 55 via the transaction cooperation unit 15. Next, the determination unit 211 compares the transaction date and time with the corporate special date information. When it is determined that the transaction date / time is included in a special date, a special time zone, or a corporate special date, the transaction date / time is determined to be a special date / time transaction and is recorded in the subject person memory as transaction status information.

  Then, the management unit 20 executes a corresponding determination process (step S8-3). Specifically, when the determination unit 211 of the management unit 20 determines that the transaction is a special date and time, even when the risk level is high, the risk level of the target person is lowered and a response corresponding to the risk level is taken. To decide.

(Situation judgment process based on transaction location)
The situation determination process based on the transaction place will be described with reference to FIG.
Here, the management part 20 performs the acquisition process of transaction place information (step S9-1). Specifically, the determination unit 211 of the management unit 20 acquires information regarding the transaction place in the transaction request information acquired from the transaction terminal 53 via the transaction cooperation unit 15.

  Next, the management unit 20 executes validity determination processing (step S9-2). Specifically, the determination unit 211 of the management unit 20 acquires transaction result information from the transaction management system 56 via the transaction cooperation unit 15. Next, the determination unit 211 compares the transaction place range (store address range) where the transaction was performed with the transaction place based on the transaction record information. When it is determined that the transaction place is more than a predetermined distance from the transaction place range, it is determined that there is a possibility that the transaction place is not valid, and the transaction place information is recorded in the subject person memory.

  Then, the management unit 20 executes a corresponding determination process (step S9-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a possibility that there is no validity, the determination unit 211 increases the risk level of the target person and determines a response according to the risk level.

(Situation determination process based on life events)
The situation determination process based on the life event will be described with reference to FIG.
Here, the management part 20 performs the acquisition process of life event information (step S10-1). Specifically, the determination unit 211 of the management unit 20 specifies the SNS server 54 used by the customer based on the customer attribute information acquired from the customer information system 55 via the transaction cooperation unit 15. Next, the determination unit 211 acquires public information of the latest predetermined period (influence period) from the SNS server 54 via the transaction cooperation unit 15.

  Next, the management part 20 performs the determination process of the possibility of a life change (step S10-2). Specifically, the determination unit 211 of the management unit 20 matches the acquired public information with a keyword recorded in the life event list of the storage unit 60 to determine whether there is a life event. When it is determined that there is a life event, information on the possibility of life change is recorded in the subject person memory as the personal status information.

  And the management part 20 performs a corresponding | compatible determination process (step S10-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a life event, the determination unit 211 decreases the risk level of the target person and determines a response according to the risk level. In this situation, even when a specific transaction act (for example, a transaction operation different from normal) is detected, the risk level is lowered and a response corresponding to the risk level is determined.

(Situation judgment processing based on observation)
The situation determination process based on observation will be described with reference to FIG.
Here, the management unit 20 executes an observation information acquisition process (step S11-1). Specifically, the determination unit 211 of the management unit 20 observes from the person-in-charge terminal 57 of the person in charge who observes the behavior and situation of the store visitor via the person-in-charge cooperation unit 41 and the person status acquisition unit 10. Get the result. Then, the determination unit 211 records the observation result in the subject memory as the personal status information.

  Then, the management unit 20 executes a corresponding determination process (step S11-2). Specifically, the determination unit 211 of the management unit 20 changes the risk level according to the observation result, and determines the response according to the risk level. For example, when behavior suspicious information is acquired from the person-in-charge terminal 57, the risk level is increased. On the other hand, when operation trouble information is acquired from the person-in-charge terminal 57, the risk level is lowered. And the response | compatibility according to this risk level is determined.

(Active monitoring status judgment process)
The active monitoring situation determination process will be described with reference to FIG.
Here, the management unit 20 executes a change specifying process before and after the action (step S12-1). Specifically, the determination unit 211 of the management unit 20 specifies a change (change in behavior or action) of the monitoring result recorded in the subject person memory when an action (leading correspondence) is performed.

  Next, the management unit 20 executes a determination process for the possibility of shaking (step S12-2). Specifically, the determination unit 211 of the management unit 20 compares the change in the monitoring result with the change caution pattern recorded in the storage unit 60. When the change in the monitoring result matches the change attention pattern, it is determined that there is a possibility of shaking, and is recorded in the subject person memory as the personal status information.

  Then, the management unit 20 executes a corresponding determination process (step S12-3). Specifically, when the determination unit 211 of the management unit 20 determines that there is a possibility of upset, the determination unit 211 increases the risk level of the target person and determines a response according to the risk level.

[Specific examples of situation judgment combinations]
Hereinafter, specific examples of combinations of situation determinations are shown.

(A) Risk management (screening) for customers
(A1) Monitoring: The temperature of the visitor is acquired at the entrance.
(A2) Situation determination: When the body temperature of the visitor is higher than the reference temperature, it is determined as “high body temperature”.
(A3) Risk level: set to “1”.
(A4) Response: An action for active monitoring (first stage) is performed with a visitor as an observer. For example, the person-in-charge terminal 57 is instructed to move to a position within the field of view of the observer who needs to observe.

(B) Risk management for target persons with risk level “1” (first stage active monitoring)
(B1) Monitoring: The first stage active monitoring is performed. Observe the situation when the person in charge (or security guard) enters the field of view of the person who needs the observation.
(B2) Situation determination: When a behavior such as a change caution pattern “Remove line of sight” or “Avoid” is detected, it is determined as “escape”. When vital information (breathing, pulse) exceeds a reference value, it is determined as “tension”.

(B3) Risk level: Change to “2”.
(B4) Response: Perform centralized monitoring of subjects with risk level “2”. The person-in-charge terminal 57 is notified of the presence of a subject at risk level “2”.

(C) Risk management (transaction check) for target persons with risk level “2”
(C1) Monitoring: Transaction details are acquired from the transaction terminal 53.
(C2) Situation determination: When it deviates from normal existing transaction contents (amount, supplier, transaction place, etc.) and transaction risk is high, it is determined as “attention required”

(C3) Risk level: Change to “3”.
(C4) Response: Notifying the person-in-charge terminal 57 of the presence of the subject at risk level “3”. Implement actions for active monitoring (stage 2). For example, a transaction suspension for the transaction management system 56 or a call to a person requiring attention is instructed to the person in charge terminal 57. In the transaction suspension, for example, the transaction is interrupted and an apology or a message “Please wait” is output. Moreover, in calling out to a person who needs attention, for example, confirmation of apologetics, transaction contents, and state is performed.

(D) Risk management for target persons with risk level “3” (2nd stage active monitoring)
(D1) Monitoring: Second stage active monitoring is implemented. Observe the situation when holding a transaction or calling a person in charge.
(D2) Situation determination: When a change caution pattern, for example, “sticking to a transaction execution request” is observed, it is determined that “it may be involved in a crime”.

(D3) Risk level: Change to “4”.
(D4) Response: Notify the person-in-charge terminal 57 of the presence of the subject at risk level “4”. Implement actions for active monitoring (stage 3). For example, the transaction management system 56 is instructed to accept the transaction in a state where the transaction can be interrupted immediately.

(E) Risk management for subjects with risk level “4” (3rd stage active monitoring)
(E1) Monitoring: The third stage active monitoring is performed. Observe and observe the situation when accepting transactions.
(E2) Situation determination: When a change attention pattern, for example, “a change in mental state (for example, extreme sense of security, etc.) based on vital information” is detected, “there is a high possibility of being involved in a crime” judge.

(E3) Risk level: Change to “5”.
(E4) Response: Cooperation with an external organization is performed via the external organization cooperation unit 42. For example, a report including background information is performed.

According to this embodiment, the following effects can be obtained.
(1) In this embodiment, the management part 20 performs a monitoring process (step S1-2), a situation determination process (step S1-3), and an action process (step S1-4). Accordingly, the situation of the person can be predicted by monitoring, and attention can be given to an action that may cause a problem based on the situation of the person.

  (2) In the present embodiment, the management unit 20 executes a situation determination process based on the flow line. Accordingly, it is possible to call attention to an action that may cause a problem in consideration of the person's situation by a flow line that considers the surrounding situation.

  (3) In the present embodiment, the management unit 20 executes a situation determination process based on the operation. Thereby, it is possible to call attention to an action that may cause a problem in consideration of a movement that cares about human eyes.

  (4) In the present embodiment, the management unit 20 executes a situation determination process based on vital information. Thereby, it is possible to call attention to an action that may cause a problem in consideration of the mind and body of the subject.

  (5) In this embodiment, the situation determination process based on the latest action is executed. Accordingly, it is possible to call attention to an action that may cause a problem in consideration of the latest action of the subject.

  (6) In this embodiment, the management part 20 performs the situation determination process based on transaction amount. Thereby, it is possible to call attention to an action that may cause a problem in consideration of a deviation from the normal transaction amount.

  (7) In this embodiment, the management part 20 performs the situation determination process based on a business partner. Thereby, it is possible to call attention to an action that may cause a problem in consideration of the situation of the business partner.

  (8) In this embodiment, the management part 20 performs the situation determination process based on transaction date. Thereby, it is possible to call attention to an action that may cause a problem in consideration of deviation from the normal transaction date and transaction time zone.

  (9) In this embodiment, the management part 20 performs the situation determination process based on a transaction place. Thereby, it is possible to call attention to an action that may cause a problem in consideration of a deviation from a normal transaction place.

  (10) In the present embodiment, the management unit 20 executes a situation determination process based on a life event. When a life event occurs, there may be a change in the previous behavior. For example, the occurrence of a life event may cause a change in transaction amount, a change in transaction place, or a transaction time. Therefore, it is possible to call attention to actions that may cause problems in consideration of changes in life events.

  (11) In the present embodiment, the management unit 20 executes a situation determination process based on observation. For example, in a financial institution store, a person in charge of the financial institution or a security guard monitors (observes) the situation of the store visitor. Such observation results can be used to call attention to actions that may cause problems.

  (12) In the present embodiment, the management unit 20 executes an active monitoring status determination process. Unlike the case of monitoring by passive observation or observation, there is a possibility that the subject's identity can be more accurately grasped by active monitoring that gives stimulation to the subject. With such active monitoring, it is possible to alert an action that may cause a problem in accordance with a change in the monitoring result.

In addition, you may change each said embodiment as follows.
In the above embodiment, each situation determination process has been individually described using the situation determination process based on the flow line to the active monitoring situation determination process. Furthermore, the specific example of the combination of situation determination was demonstrated. Here, the combination of situation determination and the order of determination are not limited to this. Various situations may be determined in an arbitrary order by combining all pieces of information used for each situation determination process or any part of information.

  -In above-mentioned embodiment, the management part 20 determines a subject's identity condition and a response | compatibility according to monitoring information. Here, the person status acquisition unit 10 may determine the person to be monitored and the contents according to the person status. In this case, the personal status acquisition unit 10 is used to identify the monitoring status necessary for determining the subsequent personal status and response in response to the determination result of the personal status and risk level and the preceding action. A necessary information table is retained. Here, the principal situation acquisition unit 10 obtains a determination result (principal situation, risk level) and action information based on the preceding monitoring information, and uses the necessary information table to narrow down monitoring information necessary for subsequent judgment. Then, the personal status acquisition unit 10 provides the narrowed monitoring information to the management unit 20. Further, the person status acquisition unit 10 may correct the narrowed monitoring information based on the preceding determination result.

  In the above embodiment, the situation determination process based on the transaction amount is executed. Here, in the case of an individual customer, the determination unit 211 of the management unit 20 acquires a statistical value range corresponding to a customer attribute (for example, age) in the general transaction range list recorded in the storage unit 60. And the judgment part 211 compares the statistical value range (general transaction range) corresponding to a customer attribute, and the transaction amount of transaction request information of this object person, and determines correspondence. Instead, the response may be determined in consideration of transaction request information of other customers. In this case, adjustment processing based on the statistical value of the transaction request information is performed.

The adjustment process based on the statistical value of the transaction request information will be described with reference to FIG.
Here, the management part 20 performs the acquisition process of the transaction request information of the in-store customer first (step S13-1). Specifically, the determination unit 211 of the management unit 20 acquires transaction request information of all the customers in the store.

  Next, the management part 20 performs the calculation process of the statistical value of transaction request information (step S13-2). Specifically, the determination unit 211 of the management unit 20 calculates a statistical value using the transaction request information of all target persons. For example, the average value and variance of transaction amounts are calculated as statistical values.

  Next, the management unit 20 executes an evaluation process for the transaction request information of the target person (step S13-3). Specifically, the determination unit 211 of the management unit 20 compares the transaction request information of the target person in the store with the statistical value. And the judgment part 211 performs statistical evaluation about a transaction request information of an object person. As the statistical evaluation, for example, a deviation value of the transaction request information of the target person is calculated.

  Next, the management unit 20 executes a corresponding determination process using the evaluation result (step S13-4). Specifically, the determination unit 211 of the management unit 20 changes the risk level according to the statistical evaluation. For example, when the deviation value of the transaction amount is high, the risk level is set higher than when the deviation value is low.

  The statistical value range of the transaction amount varies depending on, for example, the time zone and the location of the store. By using the statistical value of the transaction request information of the customer in the store, it is possible to call attention to an action that may cause a problem in consideration of the situation in the store.

  In the above embodiment, the situation determination process based on vital information is executed. Here, the determination unit 211 of the management unit 20 compares the vital information of the subject and the statistical value range of the general vital information recorded in the storage unit 60, and determines the correspondence. Instead of this, the correspondence may be determined in consideration of vital information of other customers. In this case, adjustment processing based on the statistical value of vital information is performed.

The adjustment process based on the statistical value of the vital information will be described with reference to FIG.
Here, the management part 20 performs the acquisition process of the vital information of an in-store customer first (step S14-1). Specifically, the determination unit 211 of the management unit 20 acquires vital information of all the customers in the store.

  Next, the management unit 20 executes a statistical value calculation process for vital information (step S14-2). Specifically, the determination unit 211 of the management unit 20 calculates a statistical value using vital information of all target persons. For example, the average value and variance of respiration frequency and pulse rate are calculated as statistical values.

  Next, the management unit 20 executes an evaluation process for the vital information of the target person (step S14-3). Specifically, the determination unit 211 of the management unit 20 compares the vital information of the target person in the store with the statistical value. And the judgment part 211 performs statistical evaluation about a subject's vital information. As the statistical evaluation, for example, a deviation value of vital information of each subject is calculated.

  Next, the management unit 20 executes a corresponding determination process using the evaluation result (step S14-4). Specifically, the determination unit 211 of the management unit 20 changes the risk level according to the statistical evaluation. For example, when the deviation value of respiration frequency or pulse rate is high, the risk level is set higher than when the deviation value is low.

  For example, depending on the time zone just before closing, since everyone is in a hurry, the statistical value range of vital information such as respiratory frequency and pulse rate may be high. By using the statistical value of the vital information of the customer in the store, it is possible to call attention to an action that may cause a problem in consideration of the situation in the store.

  In the embodiment, the situation determination process based on the flow line to the observation has been described. The situation determination method is not limited to these. It is also possible to use a situation determination method using other elements or a risk level determination method combining some of these.

  -In the said embodiment, the visitor in the store of a financial institution was made into the object person. The target person is not limited to this, and can be applied to a target person who may perform an action that may cause a problem. For example, in a transaction using a channel such as the Internet, the situation of the subject person may be determined to determine the response. In this case, the management unit 20 holds determination logic for determining the risk level in this channel.

In the above embodiment, the transaction cooperation unit 15 acquires transaction request information (customer identifier and transaction request content) from the transaction terminal 53. Here, the information for identifying the customer is not limited to the customer identifier from the transaction terminal 53. For example, device identification information (for example, a terminal identification code) may be acquired from the user terminal 52 of the customer. In this case, in the customer information system 55, the device identification information of the customer user terminal 52 is stored in association with the customer identifier. Further, face recognition may be performed based on an image taken by the in-store device 51, and a customer may be identified based on the face recognition information. In this case, the customer information system 55 stores the customer face identification information in association with the customer identifier. By using these pieces of information, it is possible to acquire various types of store visitor information using the SNS server 54 and the like before the transaction terminal 53 is operated.
Further, in the customer information system 55, a plurality of identification information for identifying the customer such as device identification information and face identification information may be registered, and the customer may be identified using the plurality of identification information. . Thereby, impersonation etc. can be suppressed and a customer can be identified more correctly.

  DESCRIPTION OF SYMBOLS 10 ... Personal condition acquisition part, 15 ... Transaction cooperation part, 20 ... Management part, 211 ... Judgment part, 212 ... Action part, 41 ... Person in charge cooperation part, 42 ... External organization cooperation part, 51 ... In-store apparatus, 52 ... User Terminal, 53 ... Transaction terminal, 54 ... SNS server, 55 ... Customer information system, 56 ... Transaction management system, 57 ... Person in charge terminal, 60 ... Memory | storage part.

Claims (8)

Connected to the monitoring department that acquires the monitoring information of the target person,
In accordance with the monitoring information, a logic unit that stores information on the subject's identity, correspondence, and
A risk management system comprising a control unit for instructing an action using the logic unit,
The control unit is
Obtaining monitoring information from the monitoring unit,
A risk characterized in that the logic unit is used to determine the situation of the person according to the monitoring information, determine the action based on the risk level according to the situation of the person, and instruct an action according to the action. Management system. Obtain monitoring information from the monitoring unit when instructing the action,
The risk management system according to claim 1, wherein the personal status of the target person is determined based on a change in monitoring information before and after the action.   The risk management system according to claim 1 or 2, wherein the monitoring unit acquires information related to the behavior of the target person, and determines the identity of the target person using the information related to the behavior.   The risk according to any one of claims 1 to 3, wherein the monitoring unit acquires vital information of the target person, and determines the identity of the target person using the vital information. Management system.   The risk according to any one of claims 1 to 4, wherein the monitoring unit acquires public information of the target person, and determines the identity of the target person using the public information. Management system.   The said monitoring part acquires the transaction request information of the said subject person, and determines the risk level of the said subject person using the said transaction request information, The any one of Claims 1-5 characterized by the above-mentioned. Risk management system. Connected to the monitoring department that acquires the monitoring information of the target person,
In accordance with the monitoring information, a logic unit that stores information on the subject's identity, correspondence, and
Using the logic unit, a risk management system using a risk management system including a control unit for instructing an action,
The control unit is
Obtaining monitoring information from the monitoring unit,
A risk characterized in that the logic unit is used to determine the situation of the person according to the monitoring information, determine the action based on the risk level according to the situation of the person, and instruct an action according to the action. Management method. Connected to the monitoring department that acquires the monitoring information of the target person,
In accordance with the monitoring information, a logic unit that stores information on the subject's identity, correspondence, and
Using the logic unit, a risk management system using a risk management system provided with a control unit for instructing an action,
The control unit
Obtaining monitoring information from the monitoring unit,
Using the logic unit, determining the identity situation according to the monitoring information, determining a response based on the risk level according to the identity status, and functioning as a means for instructing an action according to the response A featured risk management program.

Images