WO2017116311A1 - Procédé de détection de fraude dans les marchés publics et système associé - Google Patents

Procédé de détection de fraude dans les marchés publics et système associé Download PDF

Info

Publication number
WO2017116311A1
WO2017116311A1 PCT/SG2016/050627 SG2016050627W WO2017116311A1 WO 2017116311 A1 WO2017116311 A1 WO 2017116311A1 SG 2016050627 W SG2016050627 W SG 2016050627W WO 2017116311 A1 WO2017116311 A1 WO 2017116311A1
Authority
WO
WIPO (PCT)
Prior art keywords
indicator
transaction
entity
primary
indicators
Prior art date
Application number
PCT/SG2016/050627
Other languages
English (en)
Inventor
Adam Maciej WESTERSKI
Rajaraman Kanagasabai
Sian Hui Kelvin SIM
Original Assignee
Agency For Science, Technology And Research
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Agency For Science, Technology And Research filed Critical Agency For Science, Technology And Research
Priority to SG11201805483VA priority Critical patent/SG11201805483VA/en
Publication of WO2017116311A1 publication Critical patent/WO2017116311A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4016Transaction verification involving fraud or risk level assessment in transaction processing

Definitions

  • the present invention generally relates to a method of detecting fraud in procurement and a system thereof.
  • Procurement is fast emerging as an area of economic importance. It has been reported that the average procurement department of an organization manages about 60% of total enterprise spend, and many of the organization's larger and longer-term opportunities may depend on how well procurement identifies and drives innovation within the organization. A sharp rise in procurement fraud has also been observed, such as reported in a 2014 PwC Global economic crime survey. The survey reported that 29% of the companies are affected by at least one form/type of procurement fraud, making it the second most common economic crime.
  • a method (computer-implemented method) of detecting fraud in procurement, the method comprising:
  • each of the plurality of anomaly indicators generated based on a transactional data associated with the transaction or proposed transaction and provides an indication of the presence of a respective type of anomaly associated with the transaction or proposed transaction;
  • the first primary indicator determining a first primary indicator based on a combination of the plurality of anomaly indicators, the first primary indicator providing a collective indication of whether the transaction or proposed transaction is subject to fraud based on the types of anomalies being detected.
  • the first primary indicator is determined based on a weighted sum of the plurality of anomaly indicators.
  • the sum of the weights respectively assigned to the plurality of anomaly indicators is equal to 1.
  • the plurality of anomaly indicators comprises one or more of an order split indicator, a cut-off rate indicator, and a price deviation indicator, wherein:
  • the order split indicator provides an indication of the presence of a type of anomaly relating to a purchase order being a result of a purchase order splitting
  • the cut-off rate indicator provides an indication of the presence of a type of anomaly relating to a purchase order having a value higher than but close to a minimal predetermined value requiring a purchase order to be subjected to a tender process
  • the price deviation indicator provides an indication of the presence of a type of anomaly relating to a purchase order for one or more items having a value deviating from an expected or average value for the one or more items included in the purchase order.
  • the transactional data is a purchase order data, the purchase order data comprising a first information for identifying the first entity, a second information for identifying the second entity, a third information for providing a description of the transaction or proposed transaction, and a fourth information indicative of at least one value associated with the transaction or proposed transaction.
  • the method further comprises:
  • the overall indicator determining an overall indicator based on a combination of a plurality of primary indicators including the first primary indicator and the second primary indicator, the overall indicator providing an overall indication of whether the transaction or proposed transaction is subject to fraud based on the plurality of primary indicators.
  • the overall indicator is determined based on a weighted sum of the plurality of primary indicators.
  • the second primary indicator is generated based on at least one of a first entity indicator and a second entity indicator, the first entity indicator provides an indication of a reliability of the first entity and the second entity indicator provides an indication of a reliability of the second entity.
  • the first entity indicator is generated based on a history of at least one past transaction involving the first entity
  • the second entity indicator is generated based on a history of at least one past transaction involving the second entity
  • the history of at least one past transaction involving the first entity relates to at least the overall indicator of the at least one past transaction involving the first entity
  • the history of at least one past transaction involving the second entity relates to at least the overall indicator of the at least one past transaction involving the second entity.
  • the second primary indicator is generated based on a weighted sum of the first entity indicator and the second entity indicator.
  • the collective indication and/or the overall indication of whether the transaction or proposed transaction is subject to fraud is expressed as a single numerical value representing a probability that the transaction or proposed transaction is subject to fraud.
  • the method further comprises storing the overall indicator determined for the transaction or proposed transaction between the first entity and second entity in a database, wherein the overall indicator stored is associated with the first entity and the second entity involved in the transaction or proposed transaction.
  • the first entity is a requester or buyer associated with the transaction or proposed transaction
  • the second entity is the vendor or supplier associated with the transaction or proposed transaction.
  • a system for detecting fraud in procurement comprising:
  • an anomaly indicator generator module configured to generate a plurality of anomaly indicators for a transaction or proposed transaction between a first entity and a second entity in the procurement, each of the plurality of anomaly indicators generated based on a transactional data associated with the transaction or proposed transaction and provides an indication of the presence of a respective type of anomaly associated with the transaction or proposed transaction:
  • a first primary indicator determining module configured to determine a first primary indicator based on a combination of the plurality of anomaly indicators, the first primary indicator providing a collective indication of whether the transaction or proposed transaction is subject to fraud based on the types of anomalies being detected.
  • the first primary indicator is generated based on a weighted sum of the plurality of anomaly indicators.
  • system further comprises: a second primary indicator generator module configured to generate a second primary indicator independent of the transactional data associated with the transaction or proposed transaction; and
  • an overall indicator determining module configured to determine an overall indicator based on a combination of a plurality of primary indicators including the first primary indicator and the second primary indicator, the overall indicator providing an overall indication of whether the transaction or proposed transaction is subject to fraud based on the plurality of primary indicators.
  • the second primary indicator is generated based on at least one of a first entity indicator and a second entity indicator, the first entity indicator provides an indication of a reliability of the first entity and the second entity indicator provides an indication of a reliability of the second entity.
  • system further comprises a computer-readable storage medium having stored therein the overall indicator determined for the transaction or proposed transaction between the first entity and second entity in a database, wherein the overall indicator stored is associated with the first entity and the second entity involved in the transaction or proposed transaction.
  • a computer program product embodied in one or more computer-readable storage mediums, comprising instructions executable by one or more computer processors to perform a method of detecting fraud in procurement, the method comprising:
  • each of the plurality of anomaly indicators generated based on a transactional data associated with the transaction or proposed transaction and provides an indication of the presence of a respective type of anomaly associated with the transaction or proposed transaction;
  • the first primary indicator determining a first primary indicator based on a combination of the plurality of anomaly indicators, the first primary indicator providing a collective indication of whether the transaction or proposed transaction is subject to fraud based on the types of anomalies being detected.
  • FIG. 1 depicts a method of detecting fraud in procurement according to various embodiments of the present invention
  • FIG. 2 depicts another method of detecting fraud in procurement according to various embodiments of the present invention
  • FIG. 3 depicts a schematic drawing of a system for detecting fraud in procurement according to various embodiments of the present invention
  • FIG. 4 depicts a schematic drawing of another system for detecting fraud in procurement according to various embodiments of the present invention
  • FIG. 5 depicts a schematic drawing of an exemplary computer system
  • FIG. 6 depicts a framework architecture based on which a method of detecting fraud in procurement may be implemented according to an example embodiment of the present invention
  • FIG. 7 depicts an exemplary implementation of a method of detecting fraud in procurement based on the framework architecture of FIG. 6 according to an example embodiment of the present invention
  • FIG. 8 depicts a schematic drawing illustrating an exemplary system implementation for detecting fraud in procurement according to an example embodiment of the present invention.
  • FIGs. 9 to 11 depict various screen captures of an exemplary display interfaces that may be generated in a method of detecting fraud in procurement according to various example embodiments of the present invention.
  • Procurement in organizations or companies generally refers to acquisition of items of goods and/or services from external sources, such as suppliers/vendors.
  • procurement process involves financial operations between different entities/parties (e.g., requester/buyer of an organization and vendor/supplier of the items of goods and/or services)
  • procurement may be prone to fraud where at least one of the entities/parties in transaction benefits at the cost of the organization or company.
  • detection of procurement fraud may be supported by computer systems.
  • Conventional solutions in fraud detection or assessment deliver a variety of different approaches, which may rely either on statistical methods or machine learning algorithms. However, such conventional approaches may not deliver a solution capable of covering the complexity of real world organization models/issues, where multiple different types of fraud may occur concurrently.
  • embodiments of the present invention provide a method (computer-implemented method) of detecting fraud in procurement and/or a system thereof that seek to overcome, or at least ameliorate, one or more of the deficiencies of conventional techniques/approaches such as the techniques as mentioned in the background.
  • Various embodiments of the present invention provide a technique/method or a framework for combining results of different algorithms, each algorithm configured to detect the presence (e.g., risk or probability) of a respective/corresponding type of anomaly associated with the transaction or proposed transaction in the procurement, into a single output or an overall indicator that summarizes the overall findings on whether the transaction or proposed transaction is subject to fraud.
  • the overall indicator is expressed as a single numerical value representing a probability that the transaction or proposed transaction is subject to fraud.
  • transaction may refer to a purchase order or log that has been executed
  • provision transaction may refer to a purchase order or log that has not yet been executed and/or has not yet been approved, such as by the organization.
  • Various embodiments of the present invention provides a technique/method or a framework for procurement data analytics that is capable of detecting procurement patterns at both macro-level and micro-level, and enables easier identification of fraudulent behaviour. Furthermore, besides fraud detection, various embodiments of the present invention may also be applied to support compliance checking and gleaning insights into improving existing procurement processes.
  • FIG. 1 depicts a flow diagram illustrating a method 100 of detecting fraud in procurement according to various embodiments of the present invention.
  • the method 100 comprises a step 102 of generating a plurality of anomaly indicators for a transaction or proposed transaction between a first entity and a second entity in the procurement.
  • each of the plurality of anomaly indicators is generated based on a transactional data associated with the transaction or proposed transaction and provides an indication of the presence of a respective/corresponding type of anomaly associated with the transaction or proposed transaction.
  • the method 100 further comprises a step 104 of determining a first primary indicator based on a combination of the plurality of anomaly indicators.
  • the first primary indicator provides a collective indication of whether (e.g., probability or risk) the transaction or proposed transaction is subject to fraud based on (e.g., from the point of view of) the types of anomalies being detected.
  • each anomaly indicator may be generated based on a respective/corresponding algorithm or technique configured to provide an indication of the presence of a respective/corresponding type of anomaly associated with the transaction or proposed transaction based on (e.g., analysing or processing) the transactional data associated with the transaction or proposed transaction.
  • each anomaly indicator may be expressed as a numerical value representing a probability that the transaction or proposed transaction is subject to the corresponding type of anomaly.
  • the numerical value may be a single numerical value, and preferably, may be expressed in or normalized to a range from 0 to 1 (or equivalent, such as 0% to 100%), where "0" may indicate that the probability that the transaction or proposed transaction is subject to that corresponding type of anomaly is non-existent or most unlikely (lowest probability), and "1" may indicate that the probability that the transaction or proposed transaction is subject to that corresponding type of anomaly is most likely (highest probability) or holds full confidence.
  • the plurality of anomaly indicators may comprise one or more of an order split indicator, a cut-off rate indicator, and a price deviation indicator.
  • the order split indicator may provide an indication of the presence of a type of anomaly relating to a purchase order being a result of a purchase order splitting.
  • the cutoff rate indicator may provide an indication of the presence of a type of anomaly relating to a purchase order having a value higher than but close to (e.g., only slight higher than) a predetermined minimum value requiring a purchase order to be subjected to a tender process. It can be understood that the predetermined minimum value may be set by an organization as appropriate based on various factors (e.g., compliance rules) and circumstances.
  • a value higher than but close to a predetermined minimum value may be between about 100% to 120%, 100% to 1 10%, 100% to 105%, 100% to 102%, or 100% to 101% of the predetermined minimum value.
  • the difference margin considered to be sufficiently close to the predetermined minimum value is not limited to the above-mentioned ranges and may be set as appropriate or as desired based on various factors or circumstances without going beyond the scope of the present invention.
  • the price deviation indicator may provide an indication of the presence of a type of anomaly relating to a purchase order for one or more items having a value deviating from an expected or average value for one or more items included in the purchase order, such as deviating by an amount considered to be suspicious or improper.
  • Such a deviating amount may be expressed as a percentage of the expected or average value and may set by an organization as appropriate based on various factors and circumstances.
  • the above-mentioned three types of anomaly indicators will be described in further detail later below according to various example embodiments of the present invention. It can be understood that the present invention is not limited to the above-mentioned three types of anomaly indicators which are provided merely by way of examples only, and alternative or additional anomaly indicators generated based on other algorithms or techniques, each configured to provide an indication of the presence of a respective/corresponding type of anomaly associated with the transaction or proposed transaction, may be included as appropriate or desired based on various factors or circumstances without going beyond the scope of the present invention.
  • the first primary indicator is determined based on a weighted sum of the plurality of anomaly indicators.
  • the first primary indicator may be a single indicator providing a collective indication of whether (e.g., probability or risk) the transaction or proposed transaction is subject to fraud based on the types of anomalies being detected, such as a numerical value in the range of 0 to 1 representing a probability that the transaction or proposed transaction is subject to fraud.
  • the sum of the weights respectively assigned to the plurality of anomaly indicators may be equal to 1.
  • the transactional data may be a purchase order data.
  • the purchase order data may comprise a first information/data for identifying the first entity, a second information for identifying the second entity, a third information for providing a description of the transaction or proposed transaction, and a fourth information indicative of at least one value associated with the transaction or proposed transaction.
  • the first entity may be a requester or a buyer associated with the transaction or proposed transaction and the first information may be, for example, the first entity's name and/or identification (ID).
  • ID the first entity's name and/or identification
  • the second entity may be the vendor or supplier associated with the transaction or proposed transaction and the second information may be, for example, the second entity's name and/or identification.
  • the third information may provide a description of the transaction or proposed transaction, such item description (e.g., summary of the items involved) and/or identification of the transaction or proposed transaction. It can be understood that the present invention is not limited to the above-mentioned types of information included in the transactional data, and for example, additional information such as the status of the transaction may be included as appropriate or desired based on various factors or circumstances without going beyond the scope of the present invention.
  • the method of detecting fraud in procurement further comprises a step 206 of generating a second primary indicator independent of (i.e., not based on) the transactional data associated with the transaction or proposed transaction, and a step 208 determining an overall indicator based on a combination of a plurality of primary indicators including the first primary indicator and the second primary indicator, the overall indicator providing an overall indication of whether the transaction or proposed transaction is subject to fraud based on (e.g., from the point of view of) the plurality of primary indicators.
  • the method with the above additional steps is denoted by reference numeral 200 as shown in the flow diagram of FIG. 2.
  • the second primary indicator is generated based on at least one of a first entity indicator and a second entity indicator.
  • the first entity indicator provides an indication of a reliability (e.g., credibility or trustworthiness) of the first entity and the second entity indicator provides an indication of a reliability (e.g., credibility or trustworthiness) of the second entity.
  • the first entity indicator is generated based on (e.g., by analysing) a history of at least one past transaction involving the first entity
  • the second entity indicator is generated based on (e.g., by analysing) a history of at least one past transaction involving the second entity.
  • the history of at least one past transaction involving the first entity relates to at least the overall indicator of the at least one past transaction involving the first entity
  • the history of at least one past transaction involving the second entity relates to at least the overall indicator of the at least one past transaction involving the second entity. That is, in such embodiments, the first entity indicator is generated based on the overall indicator of the at least one past transaction involving the first entity, and the second entity indicator is generated based on the overall indicator of the at least one past transaction involving the second entity.
  • the second primary indicator, along with the first and second entity indicators, will be described in further detail later below according to various example embodiments of the present invention.
  • the second primary indicator may be generated based on a weighted sum of the first entity indicator and the second entity indicator.
  • the second primary indicator may be a single indicator providing a collective indication of whether the transaction or proposed transaction is subject to fraud based on (e.g., from the point of view of) the first and second entity indicators.
  • each of the first and second entity indicators may be expressed or normalized as a numerical value in the range of 0 to 1 (or equivalent, such as 0% to 100%), and the second primary indicator may simply comprise the first and second entity indicators.
  • the first entity indicator may be referred to as the second primary indicator
  • the second entity indicator may be referred to as a third primary indicator.
  • the overall indicator may be determined based on a weighted sum of the plurality of primary indicators, such as including the first and second primary indicators, or including the first to third primary indicators as described hereinbefore.
  • the overall indicator may be a single indicator providing an overall indication of whether the transaction or proposed transaction is subject to fraud based on the plurality of primary indicators, such as a single numerical value in the range of 0 to 1 (or equivalent, such as 0% to 100%) representing a probability that the transaction or proposed transaction is subject to fraud.
  • the sum of the weights respectively assigned to the plurality of primary indicators may be equal to 1.
  • the weights assigned to various elements may be selected or determined as appropriate based on various factors or circumstances. For example, a weight may be used to denote or assign a level of importance to an indicator, e.g., a larger weight may be assigned to an indicator that is considered to more important and a smaller weight may be assigned to an indicator that is considered to be less important such that the indicator that is considered to be more important would have a greater effect on (or make a larger contribution to) the resultant indicator obtained.
  • the weights may be predetermined or may be determined by a user and applied accordingly, such as based on various feedbacks.
  • the overall indicator determined for the transaction or proposed transaction between the first entity and second entity is stored in a database, such as for future reference (e.g.. to enable the history of the past transaction(s) involving the first and second entities to be analysed).
  • the overall indicator stored is associated (e.g., linked/referenced in a data structure) with first entity and the second entity involved in the transaction or proposed transaction.
  • the overall indicator and an identifier (e.g., name or identification) of the associated first and second entities may be stored together in a dataset.
  • various embodiments of the present invention provide a data analytics framework, which operates on top of an input dataset composed of transactional data (e.g., purchase order data).
  • a single purchase order or log may be a set of information, which describes transaction details between a particular buyer/requester (first entity) and a particular seller/vendor (second entity).
  • a purchase order may relate to a transaction that has already taken place (e.g., has been executed) or may relate to a formal log, which documents a desire to acquire certain goods and/or services (e.g. pending a formal approval within an organization).
  • purchase orders may be characterised by a variety of information that identify the buyer/requester (first information), the seller/vendor (second information), the subject/description of transaction (third information), value(s) of the purchase order (fourth information), the status of transaction, and so on. From the perspective of the described framework, the amount or structure/configuration of various features/elements is not constrained or limited in any way. As mentioned hereinbefore, it can be understood that the present invention is not limited to the types of information included in the transactional data, and for example, additional information may be included as appropriate or desired based on various factors or circumstances without going beyond the scope of the present invention.
  • various embodiments of the present invention may analyse a dataset of transactional data (e.g., purchase order data) and provide an assessment of those purchase orders with regard to fraud detection.
  • the method of detecting fraud is based on multiple different points of view/reference such as the assessment or evaluation of the transactional data determined by independent or separate (and possibly concurrently executed) algorithms/technique (e.g., each algorithm/technique for detecting a corresponding type of anomaly associated with the transactional data).
  • the assessment may be performed individually for each purchase order and by each algorithm separately.
  • the assessment of fraud suspicion/risk may or may not rely on previous computations of earlier processed purchased orders.
  • PFI procurement fraud indicator
  • OSI order suspicion indicator
  • the overall indicator or PFI/OSI may be a quantified measure of fraud suspicion/risk, and may take a value in the range of 0 to 1. Therefore, the overall indicator may be interpreted as a probability measure which denotes the probability of whether a given purchase order (transaction or proposed transaction) is subject to fraud or not.
  • the value of overall indicator may equal to 0 when the fraud probability is non-existent, while may equal to 1 when the algoritrini/technique holds full confidence that a given purchase order is subject to fraud.
  • the method of detecting fraud advantageously combines/integrates the results of various different, independent fraud detection algorithms/techniques into a single, final measure of fraud suspicion/risk. In various embodiments, this may be achieved by combining/integrating the results/indicators determined based on various fraud detection algorithms/techniques on multiple tiers of processing, such as the anomaly indicators (which may also interchangeably be referred to as fragmentary indicators) and the primary indicators.
  • FIG. 3 depicts a schematic drawing of a system 300 for detecting fraud in procurement according to various embodiments of the present invention.
  • the system 300 comprises an anomaly indicator generator module or circuit 302 configured to generate a plurality of anomaly indicators for a transaction or proposed transaction between a first entity and a second entity in the procurement. Each of the plurality of anomaly indicators is generated based on a transactional data associated with the transaction or proposed transaction and provides an indication of the presence of a respective type of anomaly associated with the transaction or proposed transaction.
  • the system 300 further comprises a first primary indicator determining module or circuit 304 configured to determine a first primary indicator based on a combination of the plurality of anomaly indicators.
  • the first primary indicator provides a collective indication of whether the transaction or proposed transaction is subject to fraud based on (e.g., from the point of view of) the types of anomalies being detected.
  • the system 300 further comprises a computer processor 306 capable of executing computer executable instructions (e.g., the anomaly indicator generator module 302 and the first primary indicator determining module 304) to perform one or more functions or methods (e.g., to generate an indication of the presence of a corresponding type of anomaly associated with the transaction or proposed transaction), and a computer-readable storage medium 308 communicatively coupled to the processor 306 having stored therein one or more sets of computer executable instructions (e.g., the anomaly indicator generator module 302 and the first primary indicator determining module 304).
  • a computer processor 306 capable of executing computer executable instructions (e.g., the anomaly indicator generator module 302 and the first primary indicator determining module 304) to perform one or more functions or methods (e.g., to generate an indication of the presence of a corresponding type of anomal
  • the system for detecting fraud in procurement may further comprise a second primary indicator generator module or circuit 406 configured to generate a second primary indicator independent of (i.e., not based on) the transactional data associated with the transaction or proposed transaction, and an overall indicator determining module or circuit 408 configured to determine an overall indicator based on a combination of a plurality of primary indicators including the first primary indicator and the second primary indicator.
  • the overall indicator provides an overall indication of whether the transaction or proposed transaction is subject to fraud based on (e.g., from the point of view of) the plurality of primary indicators.
  • the system with the above additional modules is denoted by reference numeral 400 in the schematic drawing as shown in FIG. 4.
  • the overall indicator determined for the transaction or proposed transaction between the first entity and second entity is stored in a database in the computer-readable storage medium 308, such as for future reference (e.g., to enable the history of the past transaction(s) involving the first and second entities to be analysed).
  • a computing system or a controller or a microcontroller or any other system providing a processing capability can be presented according to various embodiments in the present disclosure.
  • Such a system can be taken to include a processor.
  • the system 300, 400 described herein each includes a processor (or controller) and a computer-readable storage medium (or memory) which are for example used in various processing carried out therein as described herein.
  • a memory or computer-readable storage medium used in various embodiments may be a volatile memory, for example a DRAM (Dynamic Random Access Memory) or a non-volatile memory, for example a PROM (Programmable Read Only Memory), an EPROM (Erasable PROM), EEPROM (Electrically Erasable PROM), or a flash memory, e.g., a floating gate memory, a charge trapping memory, an MRAM (Magnetoresistive Random Access Memory) or a PCRAM (Phase Change Random Access Memory).
  • DRAM Dynamic Random Access Memory
  • PROM Programmable Read Only Memory
  • EPROM Erasable PROM
  • EEPROM Electrical Erasable PROM
  • flash memory e.g., a floating gate memory, a charge trapping memory, an MRAM (Magnetoresistive Random Access Memory) or a PCRAM (Phase Change Random Access Memory).
  • a “circuit” may be understood as any kind of a logic implementing entity, which may be special purpose circuitry or a processor executing software stored in a memory, firmware, or any combination thereof.
  • a “circuit” may be a hard-wired logic circuit or a programmable logic circuit such as a programmable processor, e.g. a microprocessor (e.g. a Complex Instruction Set Computer (CISC) processor or a Reduced Instruction Set Computer (RISC) processor).
  • a “circuit” may also be a processor executing software, e.g. any kind of computer program, e.g. a computer program using a virtual machine code such as e.g. Java.
  • a “module” may be a portion of a system according to various embodiments in the present invention and may encompass a “circuit” as above, or may be understood to be any kind of a logic-implementing entity therefrom.
  • the present specification also discloses a system or an apparatus for performing the operations/functions of the methods described herein.
  • a system or apparatus may be specially constructed for the required purposes, or may comprise a general purpose computer or other device selectively activated or reconfigured by a computer program stored in the computer.
  • the algorithms presented herein are not inherently related to any particular computer or other apparatus.
  • Various general purpose machines may be used with computer programs in accordance with the teachings herein.
  • the construction of more specialized apparatus to perform the required method steps may be appropriate.
  • the present specification also at least implicitly discloses a computer program or software/functional module, in that it would be apparent to the person skilled in the art that the individual steps of the methods described herein may be put into effect by computer code.
  • the computer program is not intended to be limited to any particular programming language and implementation thereof. It will be appreciated that a variety of programming languages and coding thereof may be used to implement the teachings of the disclosure contained herein.
  • the computer program is not intended to be limited to any particular control flow. There are many other variants of the computer program, which can use different control flows without departing from the spirit or scope of the invention.
  • modules described herein may be software module(s) realized by computer program(s) or set(s) of instructions executable by a computer processor to perform the required functions, or may be hardware module(s) being functional hardware unit(s) designed to perform the required functions. It will also be appreciated that a combination of hardware and software modules may be implemented.
  • one or more of the steps of the computer program/module or method may be performed in parallel rather than sequentially.
  • Such a computer program may be stored on any computer readable medium.
  • the computer readable medium may include storage devices such as magnetic or optical disks, memory chips, or other storage devices suitable for interfacing with a general purpose computer.
  • the computer program when loaded and executed on such a general-purpose computer effectively results in an apparatus that implements the steps of the methods described herein.
  • a computer program product embodied in one or more computer-readable storage mediums (non-transitory computer- readable storage medium), comprising instructions (e.g., the anomaly indicator generator module 302 and/or the first primary indicator determining module 304) executable by one or more computer processors to perform a method 100 of detecting fraud in procurement as described hereinbefore with reference to FIG. 1 or other method(s) described herein.
  • instructions e.g., the anomaly indicator generator module 302 and/or the first primary indicator determining module 30
  • various computer programs or modules described herein may be stored in a computer program product receivable by a computer system or electronic device (e.g., system 300 or 400) therein for execution by a processor of the computer system or electronic device to perform the respective functions.
  • the software or functional modules described herein may also be implemented as hardware modules. More particularly, in the hardware sense, a module is a functional hardware unit designed for use with other components or modules. For example, a module may be implemented using discrete electronic components, or it can form a portion of an entire electronic circuit such as an Application Specific Integrated Circuit (ASIC). Numerous other possibilities exist. Those skilled in the art will appreciate that the software or functional module(s) described herein can also be implemented as a combination of hardware and software modules.
  • ASIC Application Specific Integrated Circuit
  • the methods or functional modules of the various example embodiments as described hereinbefore may be implemented on a computer system, such as a computer system 500 as schematically shown in FIG. 5 as an example only.
  • a computer system 500 as schematically shown in FIG. 5 as an example only.
  • the method or functional module may be implemented as software, such as a computer program being executed within the computer system 500, and instructing the computer system 500 to conduct the method of various example embodiments.
  • the computer system 500 may comprise a computer module 502, input modules such as a keyboard 504 and mouse 506 and a plurality of output devices such as a display 508, and a printer 510.
  • the computer module 502 may be connected to a computer network 512 via a suitable transceiver device 514, to enable access to e.g. the Internet or other network systems such as Local Area Network (LAN) or Wide Area Network (WAN).
  • the computer module 502 in the example may include a processor 518 for executing various instructions, a Random Access Memory (RAM) 520 and a Read Only Memory (ROM) 522.
  • the computer module 502 may also include a number of Input/Output (I/O) interfaces, for example I/O interface 524 to the display 508, and I/O interface 526 to the keyboard 504.
  • I/O Input/Output
  • the components of the computer module 502 typically communicate via an interconnected bus 528 and in a manner known to the person skilled in the relevant art.
  • FIG. 6 depicts a framework architecture based on which a method of detecting fraud in procurement may be implemented according to an example embodiment of the present invention, and will now be described below.
  • Primary indicators may present an aggregated fraud suspicion/risk overview for a purchase order.
  • the framework architecture may define three scopes/types of such an upper-level or top-level overview (e.g., Tiers 2 to 4 shown in FIG. 6).
  • the three types of primary indicators may include:
  • all primary indicators may operate on information/results that were produced during earlier stages of framework operation rather than raw purchase order data (i.e., data of the purchased order being analysed for fraud detection), for example, results derived from underlying fragmentary/anomaly indicators or previously computed primary indicators or OSI.
  • the final indicator e.g., OSI
  • the final indicator such as in Tier 4 shown in FIG. 6 may be referred to as an overall indicator instead of a primary indicator so as to differentiate from the primary indicators in lower tiers such as in Tiers 2 and 3 shown in FIG. 6.
  • Fragmentary Indicators (or Anomaly Indicators)
  • a fragmentary indicator may represent analysis of a purchase order focusing on a particular aspect of fraud or a specific fraud pattern. For example, such an indicator may not deliver exhaustive information but provides an analysis of a specific fragment/aspect of information related to purchase order (e.g., order split indicator, cutoff rate indicator, and price deviation indicator).
  • fragmentary indicators are introduced in the framework architecture to advantageously decompose the approach/solution to fraud detection into sub-problems/factors, which may be resolved independently and concurrently.
  • the framework architecture is not limited to any number of fragmentary indicators, and may incorporate additional indicators) (e.g., configured or customised for analysing the purchase order data to detect a particular type of anomaly).
  • additional fragmentary indicators will be captured in one of the primary indicators (e.g., the first primary indicator as described hereinbefore) that is determined based on a combination of the plurality of fragmentary indicators (e.g., the first primary indicator may aggregate information from the plurality of fragmentary indicators).
  • An analytics component may be provided in the framework architecture for implementing a feedback loop and provides the framework architecture with additional input(s) for computing the primary and/or fragmentary indicators.
  • the feedback may originate from the user of the framework architecture (e.g. a procurement officer) or be automated algorithmic solution reactive to the Order Suspicion Indicator values and invisible for (unnoticeable by) the end user.
  • the OSI generated may be stored in the procurement database, and an algorithm for computing an entity indicator may be reactive to such an OSI generated in providing an indication of the reliability of the entity.
  • the feedback information (e.g., OSI determined) may also be utilised to adjust/configure the weights of various aggregation functions (e.g., when determining the first primary indicator or when determining the overall indicator (e.g., OSI being determined)) and other possible parameters in the primary and fragmentary indicator computations as appropriate.
  • the framework architecture may advantageously have a continuously self-learning ability.
  • the bottom layer of framework architecture provides access to raw data of procurement purchase orders captured, for example, as already exist or being stored in a variety of procurement management systems. It will be appreciated that the framework architecture does not put any requirements or constraints regarding compatible procurement systems. However, data access component may be needed in order to perform indicator computations, which base their processing on raw data (purchase order data captured).
  • the framework architecture includes a computer- readable storage medium (e.g., 308 as shown in FIGs. 3 and 4) and the procurement database may be stored in the computer-readable storage medium.
  • various procurement fraud indicators determined/generated as described herein may be stored in the computer-readable storage medium for future reference. For example, the Order History Indicator for an entity may then to determined based on the Order Suspicion Indicators stored for previous purchase orders for the entity.
  • the procurement fraud indicators may be calculated in a processing flow comprising four tiers as shown in FIG. 6, with data processing starting at Tier 1 and ending at Tier 4:
  • Tier 1 (Fragmentary Indicators / Anomaly Indicators
  • the lowest tier may involve the execution of all algorithms included in the framework for computing all of the fragmentary indicators.
  • the computations performed at this stage is based on the purchase order data (transactional data or metadata) being analysed.
  • the computations of exemplary fragmentary indicators will be described later below by way of examples only for illustration purpose.
  • the computations may involve a comparison of various element(s) of the purchase order data being analysed with certain reference information (e.g., the remaining purchase orders from the dataset or certain reference indicators).
  • Tier 2 Organic Suspicion Indicator Base
  • Tier 2 an intermediate tier, may rely on the results from Tier 1 in order to combine the results of the fragmentary indicators into a single probability value denoting the collective suspicion assessment related to the purchase order data being analysed.
  • the combination of the fragmentary indicators may be performed using various aggregation functions, e.g., weighted addition/summation, average, maximum, minimum, and so on, as appropriate or desired such as based on the requirements of the framework adopter.
  • Tier 3 an intermediate tier, may analyse the history of entities involved in the purchase order (transaction or proposed transaction), such as past indicators associated with the entities (e.g., past Order Suspicion Indicators of purchase orders related to a requester/buyer). For example, in contrast to the previous tiers, Tier 3 may not involve a comparative study of the purchase order data being analysed with reference information (i.e., is independent of the purchase order data being analysed) but glimpse into past indicators associated with the entity of interest (e.g., indicators previously computed for the entity of interest for other orders).
  • reference information i.e., is independent of the purchase order data being analysed
  • glimpse into past indicators associated with the entity of interest e.g., indicators previously computed for the entity of interest for other orders.
  • Tier 4 may aggregate all the primary indicators (e.g., primary indicator values from Tier 2 and Tier 3). Tier 4 involves combining all the computed primary indicators and presents an overall indication of whether the transaction or proposed transaction is subject to fraud as a signal fraud suspicion probability value (e.g., rank/rating), via various aggregation functions, such as weighted additional/summation. In the various aggregation functions, various weights may be assigned to the primary indicators from Tiers 2 and 3 and to, for example, set or rank their importance in the final Order Suspicion Indicator (overall indicator).
  • a signal fraud suspicion probability value e.g., rank/rating
  • various weights may be assigned to the primary indicators from Tiers 2 and 3 and to, for example, set or rank their importance in the final Order Suspicion Indicator (overall indicator).
  • the framework architecture introduces a number of configurable and extensible elements/features, such as any number of fragmentary indicators 1, 2, ... N, and any number of order history indicators 1 , 2 ... N, as appropriate or desired. Therefore, it will be appreciated to a person skilled in the art that the framework architecture can be implemented in a number of ways.
  • FIG. 7 illustrates an exemplary implementation that involves three types of fragmentary/anomaly indicators (namely, order split indicator, cut-off rate indicator, and price deviation indicator) and two types of order history indicators (namely, requester suspicion indicator and vendor suspicion indicator), and will now be described below.
  • Fragmentary/ Anomaly Indicators (Tier 1)
  • Order Split Indicator provides an indication of the presence of a type of anomaly relating to a purchase order being a result of a purchase order splitting.
  • the OSPI may indicate the probability that selected transaction x is involved in requester splitting a bigger purchase into smaller purchases, and may be determined using the following equation:
  • similarTransactionCount(x) is the number of neighbouring transactions of purchase order x which are detected as similar (e.g. same vendor and similar item descriptions);
  • TC max is the maximal number of similarTransactionCount(x) for all orders in the entire dataset;
  • STC m f n is a constant value which defines a minimum similar transaction count for an order group (group of purchase orders) to be recognized/considered as suspicious (Suspicious Transaction Count).
  • Cut-off Rate Indicator provides an indication of the presence of a type of anomaly relating to a purchase order having a value higher than but close to a minimal predetermined value requiring a purchase order to be subjected to a tender process.
  • CRI may indicate if a given transaction x is suspiciously close to the limit for an un-tendered order, and may be determined using the following equation:
  • CRI(_x) 1 - (Equation 2) tender Lower Range where: orderValue(x) is the value of order x; and tenderLowerRange is a minimum order value as predefined in an organization which obliges the purchase order requester to make a tender rather than regular purchase without making a tender.
  • Price Deviation Indicator provides an indication of the presence of a type of anomaly relating to a purchase order for one or more times having a value deviating from an expected or average value for the one or more items included in the purchase order.
  • PDI may indicate if a transaction x value is suspiciously far from the average transaction value for an item y, and may be determined using the following equation:
  • PDI(x) a corpus of items y being subject of the order; and averageltemUnitValue(x) is the average unit value of the same item y from other orders in the dataset involving that itemj.
  • Order Suspicion Indicator Base provides a collective indication of whether the purchase order is subject to fraud based on the types of anomalies being detected (in the exemplary implementation, the above-mentioned three types of anomalies).
  • OSIB may be computed based on a weighted sum of the fragmentary indicators using the following equation (assuming the above-mentioned three types of fragmentary indicators):
  • OSIB x) OSPlipc) * weight os , + PDl(x) * weight PDI + CRI(x) * weight CRl
  • weight xvz is a value between 0 and 1 denoting the importance of a particular fragmentary indicator for the end result (e.g., OSIB or OSI).
  • the sum of all the weights used for all the indicators is equal to 1.
  • Requester Suspicion Indicator provides an indication of a reliability of the requester, such as, based on the requester's purchasing history.
  • the RSI may indicate the probability for the requester to be involved in a suspicious transaction, and may be determined using the following equation:
  • ordersByRequester(x,t) is the number of purchase orders made by the same requester (examined/processed purchase order "x") up until certain time "t”.
  • Vendor Suspicion Indicator provides an indication of a reliability of the vendor, such as, based on the vendor's purchasing history.
  • the VSI may indicates the probability for vendor to be involved in a suspicious transaction, and may be determined using the following equation:
  • ordersByVendor(x,t) is the number of purchase orders made involving the same vendor (examined/processed purchase order "x") up until certain time "t".
  • the overall indicator may then be computed based on the primary indicators to provide an overall indication of whether the purchase order being analysed is subject to fraud based on the plurality of primary indicators.
  • the OSI may be computed based on a weighted sum of all the primary indicators (assuming the above- mentioned three primary indicators) using the following equation:
  • Table 1 illustrates an exemplary dataset for multiple purchase orders (transaction data for multiple purchase orders).
  • Table 1 Exemplary dataset including raw data for multiple purchase orders
  • the fraud indicators shown in Table 2 below may be generated/computed based on the dataset shown in Table 1 above-
  • Table 2 Exemplary fraud indicators generated based on the dataset shown in Table 1
  • OSIB x OSPI(x) * 0.5 + PDl x) * 0.2 + CRI(x) * 0.3, (Equation 9)
  • STC 10 (Order Split Indicator)
  • weights of 0.8, 0.1, and 0.1 were assigned to OSIB, RSI and VSI, respectively, and from Equation 9, it can be observed that weights of 0.5, 0.2, and 0.3 were assigned to OSPI, PDI and CRI, respectively.
  • the data analytics framework may be incorporated into a larger analytics system, for example, where the framework may work as a service provider analysing input dataset (comprising transactional data) and outputting results of procurement fraud suspicion risk analysis according to various embodiments of the present invention as described herein.
  • the framework may be implemented as a library or a software service in a computer system. As such, it can communicate with other applications and provide functionalities for fraud suspicion/risk analysis.
  • FIG. 8 illustrates an exemplary implementation 800 of such a system according to an example embodiment of the present invention, where the procurement analytics framework may be accessed via APIs (Application Programmable Interfaces) to compute procurement fraud indicators on demand and return the results of the analysis to the main application.
  • APIs Application Programmable Interfaces
  • the framework may be accessed in multiple ways depending on application requirements at a given time, such as:
  • Configurable on-demand indicator calculation - the framework may be invoked to compute procurement fraud indicators in a customized way using the weights feature described hereinbefore.
  • the weights may be modifiers applicable at various tiers of the framework. The weights may for example be altered by the end-user and passed to the framework, e.g., during runtime if the external application provides such a support.
  • FIGs. 9 to 11 show various screen captures 900, 910, 920 of an exemplary display interface that may be generated in a method of detecting fraud in procurement according to various example embodiment of the present invention for illustration purpose only and without limitation.
  • the screen captures illustrate various non-limiting ways indicators generated according to various embodiments of the present invention may be presented to a user. For example, as shown in FIG. 9, new purchase orders may scanned/analysed as they are inputted into the procurement database and various procurement fraud indicators (under SuspicionRank) for the purchase orders may be shown to provide an indication (e.g., likelihood or probability) of whether the corresponding purchase order may be subject to fraud.
  • SuspicionRank procurement fraud indicators for the purchase orders may be shown to provide an indication (e.g., likelihood or probability) of whether the corresponding purchase order may be subject to fraud.
  • the indicators generated advantageously enable fraud suspicion/risk to be quickly and effectively detected such that, for example, appropriate action(s) may be taken for a transaction or proposed transaction detected to be subject to fraud.

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Pinball Game Machines (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

L'invention concerne un procédé mis en œuvre par ordinateur pour détecter une fraude dans les marchés publics. Le procédé consiste à générer une pluralité d'indicateurs d'anomalie pour une transaction ou transaction proposée entre une première entité et une seconde entité sur la base de données de transaction associées. Un premier indicateur primaire est ensuite déterminé sur la base d'une combinaison de la pluralité d'indicateurs d'anomalie, fournissant une indication collective de fraude. L'indicateur primaire peut ensuite être en outre combiné avec un second indicateur primaire qui peut être basé sur un historique de transaction impliquant la première et/ou la seconde entité, générant ainsi un indicateur global pour fournir une indication de fraude.
PCT/SG2016/050627 2015-12-30 2016-12-30 Procédé de détection de fraude dans les marchés publics et système associé WO2017116311A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
SG11201805483VA SG11201805483VA (en) 2015-12-30 2016-12-30 Method of detecting fraud in procurement and system thereof

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SG10201510786Y 2015-12-30
SG10201510786Y 2015-12-30

Publications (1)

Publication Number Publication Date
WO2017116311A1 true WO2017116311A1 (fr) 2017-07-06

Family

ID=59225903

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/SG2016/050627 WO2017116311A1 (fr) 2015-12-30 2016-12-30 Procédé de détection de fraude dans les marchés publics et système associé

Country Status (2)

Country Link
SG (1) SG11201805483VA (fr)
WO (1) WO2017116311A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116934418A (zh) * 2023-06-15 2023-10-24 广州淘通科技股份有限公司 一种异常订单的检测预警方法、系统、设备及存储介质

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7610040B2 (en) * 2003-02-21 2009-10-27 Swisscom Mobile Ag Method and system for detecting possible frauds in payment transactions
US7970701B2 (en) * 1997-07-28 2011-06-28 Cybersource Corporation Method and apparatus for evaluating fraud risk in an electronic commerce transaction
US8041597B2 (en) * 2008-08-08 2011-10-18 Fair Isaac Corporation Self-calibrating outlier model and adaptive cascade model for fraud detection
US20130036038A1 (en) * 2011-08-02 2013-02-07 Tata Consultancy Services Limited Financial activity monitoring system
US8805737B1 (en) * 2009-11-02 2014-08-12 Sas Institute Inc. Computer-implemented multiple entity dynamic summarization systems and methods

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7970701B2 (en) * 1997-07-28 2011-06-28 Cybersource Corporation Method and apparatus for evaluating fraud risk in an electronic commerce transaction
US7610040B2 (en) * 2003-02-21 2009-10-27 Swisscom Mobile Ag Method and system for detecting possible frauds in payment transactions
US8041597B2 (en) * 2008-08-08 2011-10-18 Fair Isaac Corporation Self-calibrating outlier model and adaptive cascade model for fraud detection
US8805737B1 (en) * 2009-11-02 2014-08-12 Sas Institute Inc. Computer-implemented multiple entity dynamic summarization systems and methods
US20130036038A1 (en) * 2011-08-02 2013-02-07 Tata Consultancy Services Limited Financial activity monitoring system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116934418A (zh) * 2023-06-15 2023-10-24 广州淘通科技股份有限公司 一种异常订单的检测预警方法、系统、设备及存储介质
CN116934418B (zh) * 2023-06-15 2024-03-19 广州淘通科技股份有限公司 一种异常订单的检测预警方法、系统、设备及存储介质

Also Published As

Publication number Publication date
SG11201805483VA (en) 2018-07-30

Similar Documents

Publication Publication Date Title
US11810204B2 (en) Artificial intelligence transaction risk scoring and anomaly detection
US11449931B2 (en) Dynamic business governance based on events
US11244388B2 (en) Methods and systems for assessing performance and risk in financing supply chain
US9661012B2 (en) Systems and methods for identifying information related to payment card breaches
KR20210145126A (ko) 데이터 이상을 검출하고 해석하기 위한 방법, 및 관련된 시스템 및 디바이스
US20150178825A1 (en) Methods and Apparatus for Quantitative Assessment of Behavior in Financial Entities and Transactions
US20240211967A1 (en) Adaptive transaction processing system
Kumar et al. Analysis of classifier algorithms to detect anti-money laundering
Das et al. Firm-specific parameters and earnings management: A study in the Indian context
US20190005198A1 (en) Managing bundled claims adjudication using predictive analytics
US9355071B2 (en) System and method for Multivariate outlier detection
US20240070236A1 (en) Asset-class backed tokenization platform
US20230205663A1 (en) System to track and measure machine learning model efficacy
US20220005041A1 (en) Enhancing explainability of risk scores by generating human-interpretable reason codes
Henrique et al. Contracting in Brazilian public administration: A machine learning approach
Ramasubramanian et al. Machine learning model evaluation
Gupta et al. Machine learning-driven alert optimization
WO2017116311A1 (fr) Procédé de détection de fraude dans les marchés publics et système associé
JP2021197089A (ja) 出力装置、出力方法及び出力プログラム
Liu Design of XGBoost prediction model for financial operation fraud of listed companies
US20230259948A1 (en) Generating a multi-transaction dispute package
US20220084035A1 (en) System and method for facilitating direct trading of electronic transactions
Lee et al. Application of machine learning in credit risk scorecard
CN113094595A (zh) 对象识别方法、装置、计算机系统及可读存储介质
Vaquero LITERATURE REVIEW OF CREDIT CARD FRAUD DETECTION WITH MACHINE LEARNING

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 16882203

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 11201805483V

Country of ref document: SG

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 16882203

Country of ref document: EP

Kind code of ref document: A1