ARMS: Automated rules management system for fraud detection

TL;DR

ARMS is an automated system that optimizes fraud detection rules in real-time, reducing maintenance costs and adapting to concept drift while maintaining detection performance.

Contribution

It introduces an automated rules management approach that evaluates and optimizes rules using heuristic search, addressing challenges of rule degradation and high maintenance costs.

Findings

Maintains detection performance with fewer rules (~20-50%).

Successfully applied to real-world client systems.

Reduces manual rule management effort.

Abstract

Fraud detection is essential in financial services, with the potential of greatly reducing criminal activities and saving considerable resources for businesses and customers. We address online fraud detection, which consists of classifying incoming transactions as either legitimate or fraudulent in real-time. Modern fraud detection systems consist of a machine learning model and rules defined by human experts. Often, the rules performance degrades over time due to concept drift, especially of adversarial nature. Furthermore, they can be costly to maintain, either because they are computationally expensive or because they send transactions for manual review. We propose ARMS, an automated rules management system that evaluates the contribution of individual rules and optimizes the set of active rules using heuristic search and a user-defined loss-function. It complies with critical domain-specific requirements, such as handling different actions (e.g., accept, alert, and decline), priorities, blacklists, and large datasets (i.e., hundreds of rules and millions of transactions). We use ARMS to optimize the rule-based systems of two real-world clients. Results show that it can maintain the original systems' performance (e.g., recall, or false-positive rate) using only a fraction of the original rules (~ 50% in one case, and ~ 20% in the other).