March 19, 2008

Eliot Spitzer and Enterprise Architecture

While Eliot Spitzer didn’t get caught in bed with his mistress, he did get caught with his pants down.

How did Spitzer get caught and ultimately lose the powerful NY governorship?

Good solid enterprise architecture did Eliot Spitzer in.

In this case, the enterprise is the global financial system and the architecture is the business rules and technology that routinely check for suspicious activity.

One of the ways to catch bad guys—whether Eliot Spitzer, mob bosses, or even Al Quaeda fugitives—is by following the money trail, processing gazillions of transactions through sophisticated technology that filters out the anomalies and flags suspicious activity.

MIT Technology Review, 19 March 2008 reports that “anti-money-laundering software scrutinizes customers’ every move no matter how small.

“All major banks, and even most small ones, are running so-called anti-money-laundering software, which combs through as many as 50 million transactions a day looking for anything out of the ordinary.”

The software from one vendor, for example, contains more than 70 flags for identifying suspicious activity.

“In Spitzer’s case, the three separate $5,000 wire-transfer payments…would likely have triggered one of the most obvious of these [flags].”

“Banks are constantly on the lookout for activity that seems to be an effort to break up large, clearly suspicious transactions into smaller ones that might fly under the radar, a practice called structuring.”

The Bank Secrecy Act requires a “report of cash payments over $10,000 received in a trade or business, if your business receives more than $10,000 in cash from one buyer as a result of a single transaction or two or more related transactions.” ( Spitzer’s multiple $5,000 wire-transfer was a fairly blatant act that set off the trip wire for suspicious activity.

The technology also “groups customers and accounts into related ‘profiles’; or ‘peer groups’ in order to establish more-general behavioral baselines…each category is analyzed to determine patterns of ordinary behavior…and transactions stretching back as far a year, are then scrutinized for evidence of deviation from the norm.”

So for example, an elementary school teacher in Wyoming that deposits $25,000 would be flagged possibly as a deviation from the norm of what an ordinary teacher in Wyoming would be doing. If he deposit is in cash, well that’s even more of a no-brainer since it would be reportable as a cash transaction over $10,000.

“Every bank has a group of people who personally scrutinize transactions that have been flagged…if the human reviewers can’t explain the activity they will produce an official suspicious activity report [SAR].” This goes to the IRS and Treasury’s Financial Crimes Enforcement Network (FINCEN)…most SARS are ultimately reviewed by regional teams of investigators, drawn from the IRS, the FBI, the DEA, and the U.S. Attorney’s office.”

The number of SARs in 2006 reached “567,080…and 2007 was on track to set a new record.”

The target architecture for financial anomaly detection will continue to get us better and better results as it will to incorporate “analyzing customers’ social networks, tapping into the vast databases of information held by companies such as LexisNexis and ChoicePoint.”

From an enterprise architecture standpoint, you can see the sophistication of the business rules and the technology working in tandem in order to achieve the impressive results of tracking suspicious money activity. This is a great example of clearly identifying the mission requirements, using that to drive technology solutions, and effectively planning and governing the solutions, so that people cannot hide suspicious financial transaction, like needles in the haystack of the information glut out there.


No comments: