Banks collaborating! Shock! Horror!

Written By:
Published:
Content Copyright © 2012 Bloor. All Rights Reserved.
Also posted on: The IM Blog

I have been periodically following the identity resolution market for some time and I have been especially interested in what IBM calls anonymous resolution. This is the ability to pass information about fraudsters, money launderers and other desirables between and within organisations without actually disclosing personally identifiable details that would be counter to data protection and privacy laws.

However, the problem has always been twofold. First, banks are reluctant to exchange information even though it is well-known that fraudsters will frequently target multiple banks and it would make obvious sense for them to collaborate to prevent this happening. Second, the solutions for identity resolution are complex: you have to be able to match across multiple data sources just within a single sub-division of a bank. This means that such solutions also represent a significant investment in terms of both time and money. As a result, if you happen to have invested in a solution from Infoglide Software or IBM then you could, in theory, collaborate with other users of Infoglide or IBM but not with users of the other product or with other solutions that might have been adopted. Moreover, even between users of the same technology there has not been an easy lightweight method of enabling such collaboration. Until now.

Infoglide has released a product called I-BIRDS. This works against what Infoglide calls a FrAML (Fraud and AML) bin: that is, a central repository of all the people that you know to be, or suspect of being, “bad people”. When a query (which can be created using a web browser) is received with details of a potential malefactor the Infoglide software (you have to install an instance of this) will compare the incoming data and match it against your FrAML bin. It will then return a reference ID together with a match rating (high, medium, low) etc. No personally identifying information is transmitted. If a match is indicated then the requester can get on the phone to discuss this potential match with his opposite number at the receiving bank or banks (you would normally send a request to all collaborating banks at once).

There are two points to note. One of these is technical and one compliance-oriented. To deal with the second point first: in the US the Patriot Act section 314(b) specifically allows banks to collaborate in exchanging information about bad people. In addition, Infoglide has taken legal opinion to confirm that its technology complies with US law. Of course, that doesn’t mean that this would also be the case in other jurisdictions but since no personal details are being shared I would expect that the technology would also be legal in Europe and elsewhere.

The second point is technical. I mentioned the complexity and scale of identity resolution solutions. However, in this case, there is no need for federated search capabilities spanning multiple databases as the match processes simply run against a single FrAML data source. Therefore the implementation will be very much simpler. Infoglide provides a reference schema for the database and one would expect that it would be easy to populate from an IBM or other environment. Infoglide estimates that a couple of weeks is all that it would take to set up the FrAML bin for each participant. A lightweight instance of Infoglide’s identity resolution matching technology will also be required but this should be relatively low cost compared to a fully comprehensive solution.

I have been waiting for a solution such as this for a long time. Banks: go to it!