Izengard Sherlock – Enterprise Fraud, Prevent your Organization from external and insider threats

Izengard Sherlock : Enterprise Fraud


Izengard Sherlock treats fraud holistically.  No longer do you need to buy an ID fraud, an Application Fraud, a Transaction Fraud and an Employee/Internal Fraud solution separately.  Izengard protects against social engineering, account takeover, BOT attacks and other cyber-crime related fraud due to the integration of financial crime with cyber-security.  In Izengard unlike many of the fraud solutions on the market, there is no need to manage the separate infrastructure and databases and to have several different versions of the “single” view of the customer. Izengards modules, including the Enterprise Fraud solution all use the same common Izengard Mind Map module which profiles the customer from several angles and helps in the combined cyber-security, IT risk and financial crime fight against criminals. 

Izengard believes in Fraud and AML together, we are unique because of the 3 domains and because we integrate all of financial crime in a single software solution to give you the most powerful FRAML (Fraud & Transaction Monitoring AML) solution in the market.  Fraud is also often a predicate offence when faced with higher charges for money laundering.

Izengard Device Detection - Behavioral Device Data to ward off the following types of issues

Device Intelligence

Izengard Device Detective – EndPoint CyberSecurity meets Financial Crime

Izengard integrates a strong device intelligence technology that can be integrated into your channels via a SDK, this allows Izengard to prevent in real time the following kinds of frauds/attacks:

a) ID takeover – BOTs, RATs, Trojans, Keyloggers

b) Account Take Over – Login credentials and passwords are correct but from another device

c) Social Engineering – Knowing your behaviour and behaviour under duress

d) Man in the Middle/Man in the Browser attacks – detecting SQL/API injection attacks

e) Phishing – compromised URLs, based on comparison to bank URLs, so that customers are warned in browser or via app that they are clicking on a link and should they proceed then the institution may place  temporary suspension on the account.

Izengard Sherlock - Key Functional Differentiators

  • Adaptive Typology Coverage – International knowledge and experientially learned typologies

    Criminals are constantly changing their modus operandi.  They adapt to new technologies and exploit loopholes in controls faster than the industry they are targeting. In effect, they are always at least one step ahead. To thwart them, you can't rigidly stick to a typology but look for the likelihood that although tactics may be different, it is in effect the same end goal.  In this way, as new signals are detected and as threat intelligence picks up potential for new/emerging/active threats then Izengard provides clients an updated model library which covers the adaptation in typologies.

  • Real Time Fraud Detection and Handling Slowly Moving Typologies

    Izengard has the ability to detect Fraud under 50-30ms and to network score against a range of complex risk indicators involving cyber risk, ID fraud risk, application fraud risk and in many cases money laundering risk.  In addition, Izengard has the model detection capability of realizing that some typologies are slowly moving and actual fraudulent events happen later, but there were a series of events earlier that didn't conclusively proof that there was fraud or money laundering happening.

  • Lowest false positives of any fraud solution in the market - Stronger Unified Risk Indicators - Higher precision

    Izengard combines risk factors from the 3 domains for which Izengard has been designed for, as a result it has more context and more risk factors to consider when it makes a decision that an activity is suspicious.  For this reason, Izengard will outperform any siloed solution making a prediction without these additional risk indicators.  Also due to explainability and the number of risk factors, Izengard can obtain a higher precision and faith in it's detection than many other solutions.

  • Rules but used for more simplistic detection and to direct actions - not used as main detection mechanism

    Izengard uses rules but sparingly, it relies on statistical models and then machine learning to do most of it's detection.  Rules can be set up by clients, but in general Izengard uses them for very atomic level detection and for instigating actions once detection models have produced an output which needs action to be taken.

  • Models and Scenario Management

    Izengard provides a complete model management environment to create Causal AI models, ingest data, perform data quality and encoding, conduct feature engineering, build data pipelines and to use Causal AI partner based Izengard ML models, client's own Causal AI models and to test models. In addition, it allows version control, gitlab integration, jupyter style notebooks and a range of algorithms available for use. Finally, it has sandboxes where clients can perform lookbacks and use models that were in force during the lookback period. Izengard also employs strong explainability using Causal AI which is more easy to explain than traditional XAI for deep learning methods Izengard will not treat these as black box and unexplainable.

  • Automated Level 1 Cases Handled by RPA

    Izengard's unified case management system brings multiple alerts related to a party or related parties into a singular view, so that all case analysts are aware of other issues and can jointly investigate.  Izengard also has RPA capability which allows automated level 1 case assessment to be done by robots which are unlimited and not charged to a client on a per robot basis.

  • Intelligent Investigation - Forensic data collection and weightage of evidence with stronger/additional data points

    Izengard has a forensic approach to investigations and starts every interaction it has with zero trust. Izengard does not wait for a crisis to happen before an investigation, it quietly builds up data that may be required for an investigation later on.  

Izengard Sherlock - Key Detection Model Differentiators

Machine Learning
Izengard Merlin : Causal AI Machine Learning & Statistical Data Mining

In many cases a range of statistical inference models are needed (much like the data mining days) and you don’t have to reach out to machine learning.  Many of these statistical models are effective at catching fraud (for example Bayesian techniques) and do not take up the compute power and resources needed for  machine learning. Izengard data scientists are conscious of when to use techniques that won’t cause a large usage overhead for our clients

Izengard employs state of the art in-memory anomaly detection which is scaled at minimum for 3 years of data but can be scaled for more. In any case aggregates for further years, suspicious events history and payee, value, volume history is always kept.  Izengard brings best practices that is across all 3 domains of Cyber-security, IT Risk Management and Financial Crime and therefore does not need multiple anomaly detection models which are consuming the same data and more or less doing similar detections.  Izengard’s anomaly detection approach improves the quality of detection and makes it ready for risk scoring. In addition, Izengard costs institutions less than multiple siloed solutions.

Many of Izengard’s typologies for fraud and money laundering have been built using supervised methods. The applicability of these are then trained on client data and where necessary augmented by our consortium data. As indicated Izengard’s models are adaptive, so they will learn and respond to new signals sometimes with Human in the Loop.  Izengard is a believer in Causal AI and use these techniques in combination with known techniques to deliver you better detection of typologies. Typologies discovered through unsupervised techniques can be promoted to supervised techniques once the risk indicators and flow of funds in the typology are known.

Izengard takes the notion that in effect, typologies are viruses that mutate.  As they mutate there are new challenges in discovery and re-inforcement learning allows the Izengard environment to react to it with the basis of cumulative award being accurate detection. 

In addition to this, we have seen mistakes in traditional machine learning to misinterpret correlation as causation.  This approach is wrong as items can be positively or negatively correlated.  Traditional complex machine learning models also do not fully uncover explainability with complex methods, our partner uses Causal AI to overcome this and we co-work with our client SMEs to create more robust AML/Fraud models.

Izengard combines the above techniques and uses Causal AI consciously in order to determine fraud, bribery, corruption or money laundering. In general one technique alone is too limited to achieve stronger detection, so Izengard uses ensemble models.  Overall, since Izengard is using singular models with scale and performance, they are cheaper than operating multiple siloed models and have a higher accuracy ratio of prediction of a suspicious event, due to the multiple risk factors from the 3 domains taken into account.