DISCLAIMER - NIKZAFRI.BLOGSPOT.COM


Today, Knowledge Management today are not limited merely to : (A) 'knowing' or 'reading lots of books/scholarly articles' or (B) data mining, analysis, decision making, preventive actions, or (C) some Human Resources Management issue or (D) some ICT issue. Knowledge Management is about putting your knowledge, skills and competency into practice and most important IT WORKS! For you and your company or your business (Nik Zafri) Can I still offer consultancy or training? Who claims otherwise? Absolutely, I can.

The information comprised in this section is not, nor is it held out to be, a solicitation of any person to take any form of investment decision. The content of the nikzafri.blogspot.com does not constitute advice or a recommendation by nikzafri.blogspot.com and should not be relied upon in making (or refraining from making) any decision relating to investments or any other matter. You should consult your own independent financial adviser and obtain professional advice before exercising any investment decisions or choices based on information featured in this nikzafri.blogspot.com can not be held liable or responsible in any way for any opinions, suggestions, recommendations or comments made by any of the contributors to the various columns on nikzafri.blogspot.com nor do opinions of contributors necessarily reflect those of http://www. nikzafri.blogspot.com

In no event shall nikzafri.blogspot.com be liable for any damages whatsoever, including, without limitation, direct, special, indirect, consequential, or incidental damages, or damages for lost profits, loss of revenue, or loss of use, arising out of or related to the nikzafri.blogspot.com or the information contained in it, whether such damages arise in contract, negligence, tort, under statute, in equity, at law or otherwise.


MY EMPLOYERS AND CLIENTELLES



BIODATA - NIK ZAFRI


 



NIK ZAFRI BIN ABDUL MAJID,
CONSULTANT/TRAINER
Email: nikzafri@yahoo.com, nikzafri@gmail.com
https://nikzafri.wixsite.com/nikzafri

Kelantanese, Alumni of Sultan Ismail College Kelantan (SICA), IT Competency Cert, Certified Written English Professional US. Has participated in many seminars/conferences (local/ international) in the capacity of trainer/lecturer and participant.

Affiliations :- Network Member of Gerson Lehrman Group, Institute of Quality Malaysia, Auditor ISO 9000 IRCAUK, Auditor OHSMS (SIRIM and STS) /EMS ISO 14000 and Construction Quality Assessment System CONQUAS, CIDB (Now BCA) Singapore),

* Possesses almost 30 years of experience/hands-on in the multi-modern management & technical disciplines (systems & methodologies) such as Knowledge Management (Hi-Impact Management/ICT Solutions), Quality (TQM/ISO), Safety Health Environment, Civil & Building (Construction), Manufacturing, Motivation & Team Building, HR, Marketing/Branding, Business Process Reengineering, Economy/Stock Market, Contracts/Project Management, Finance & Banking, etc. He was employed to international bluechips involving in national/international megaprojects such as Balfour Beatty Construction/Knight Piesold & Partners UK, MMI Insurance Group Australia, Hazama Corporation (Hazamagumi) Japan (with Mitsubishi Corporation, JA Jones US, MMCE and Ho-Hup) and Sunway Construction Berhad (The Sunway Group of Companies). Among major projects undertaken : Pergau Hydro Electric Project, KLCC Petronas Twin Towers, LRT Tunnelling, KLIA, Petronas Refineries Melaka, Putrajaya Government Complex, Sistem Lingkaran Lebuhraya Kajang (SILK), Mex Highway, KLIA1, KLIA2 etc. Once serviced SMPD Management Consultants as Associate Consultant cum Lecturer for Diploma in Management, Institute of Supervisory Management UK/SMPD JV. Currently – Associate/Visiting Consultants/Facilitators, Advisors for leading consulting firms (local and international) including project management. To name a few – Noma SWO Consult, Amiosh Resources, Timur West Consultant Sdn. Bhd., TIJ Consultants Group (Malaysia and Singapore) and many others.

* Ex-Resident Weekly Columnist of Utusan Malaysia (1995-1998) and have produced more than 100 articles related to ISO-9000– Management System and Documentation Models, TQM Strategic Management, Occupational Safety and Health (now OHSAS 18000) and Environmental Management Systems ISO 14000. His write-ups/experience has assisted many students/researchers alike in module developments based on competency or academics and completion of many theses. Once commended by the then Chief Secretary to the Government of Malaysia for his diligence in promoting and training the civil services (government sector) based on “Total Quality Management and Quality Management System ISO-9000 in Malaysian Civil Service – Paradigm Shift Scalar for Assessment System”

Among Nik Zafri’s clients : Adabi Consumer Industries Sdn. Bhd, (MRP II, Accounts/Credit Control) The HQ of Royal Customs and Excise Malaysia (ISO 9000), Veterinary Services Dept. Negeri Sembilan (ISO 9000), The Institution of Engineers Malaysia (Aspects of Project Management – KLCC construction), Corporate HQ of RHB (Peter Drucker's MBO/KRA), NEC Semiconductor - Klang Selangor (Productivity Management), Prime Minister’s Department Malaysia (ISO 9000), State Secretarial Office Negeri Sembilan (ISO 9000), Hidrological Department KL (ISO 9000), Asahi Kluang Johor(System Audit, Management/Supervisory Development), Tunku Mahmood (2) Primary School Kluang Johor (ISO 9000), Consortium PANZANA (HSSE 3rd Party Audit), Lecturer for Information Technology Training Centre (ITTC) – Authorised Training Center (ATC) – University of Technology Malaysia (UTM) Kluang Branch Johor, Kluang General Hospital Johor (Management/Supervision Development, Office Technology/Administration, ISO 9000 & Construction Management), Kahang Timur Secondary School Johor (ISO 9000), Sultan Abdul Jalil Secondary School Kluang Johor (Islamic Motivation and Team Building), Guocera Tiles Industries Kluang Johor (EMS ISO 14000), MNE Construction (M) Sdn. Bhd. Kota Tinggi Johor (ISO 9000 – Construction), UITM Shah Alam Selangor (Knowledge Management/Knowledge Based Economy /TQM), Telesystem Electronics/Digico Cable(ODM/OEM for Astro – ISO 9000), Sungai Long Industries Sdn. Bhd. (Bina Puri Group) - ISO 9000 Construction), Secura Security Printing Sdn. Bhd,(ISO 9000 – Security Printing) ROTOL AMS Bumi Sdn. Bhd & ROTOL Architectural Services Sdn. Bhd. (ROTOL Group) – ISO 9000 –Architecture, Bond M & E (KL) Sdn. Bhd. (ISO 9000 – Construction/M & E), Skyline Telco (M) Sdn. Bhd. (Knowledge Management),Technochase Sdn. Bhd JB (ISO 9000 – Construction), Institut Kefahaman Islam Malaysia (IKIM – ISO 9000 & Internal Audit Refresher), Shinryo/Steamline Consortium (Petronas/OGP Power Co-Generation Plant Melaka – Construction Management and Safety, Health, Environment), Hospital Universiti Kebangsaan Malaysia (Negotiation Skills), Association for Retired Intelligence Operatives of Malaysia (Cyber Security – Arpa/NSFUsenet, Cobit, Till, ISO/IEC ISMS 27000 for Law/Enforcement/Military), T.Yamaichi Corp. (M) Sdn. Bhd. (EMS ISO 14000) LSB Manufacturing Solutions Sdn. Bhd., (Lean Scoreboard (including a full development of System-Software-Application - MSC Malaysia & Six Sigma) PJZ Marine Services Sdn. Bhd., (Safety Management Systems and Internal Audit based on International Marine Organization Standards) UNITAR/UNTEC (Degree in Accountacy – Career Path/Roadmap) Cobrain Holdings Sdn. Bhd.(Managing Construction Safety & Health), Speaker for International Finance & Management Strategy (Closed Conference), Pembinaan Jaya Zira Sdn. Bhd. (ISO 9001:2008-Internal Audit for Construction Industry & Overview of version 2015), Straits Consulting Engineers Sdn. Bhd. (Full Integrated Management System – ISO 9000, OHSAS 18000 (ISO 45000) and EMS ISO 14000 for Civil/Structural/Geotechnical Consulting), Malaysia Management & Science University (MSU – (Managing Business in an Organization), Innoseven Sdn. Bhd. (KVMRT Line 1 MSPR8 – Awareness and Internal Audit (Construction), ISO 9001:2008 and 2015 overview for the Construction Industry), Kemakmuran Sdn. Bhd. (KVMRT Line 1 - Signages/Wayfinding - Project Quality Plan and Construction Method Statement ), Lembaga Tabung Haji - Flood ERP, WNA Consultants - DID/JPS -Flood Risk Assessment and Management Plan - Prelim, Conceptual Design, Interim and Final Report etc., Tunnel Fire Safety - Fire Risk Assessment Report - Design Fire Scenario), Safety, Health and Environmental Management Plans leading construction/property companies/corporations in Malaysia, Timur West Consultant : Business Methodology and System, Information Security Management Systems (ISMS) ISO/IEC 27001:2013 for Majlis Bandaraya Petaling Jaya ISMS/Audit/Risk/ITP Technical Team, MPDT Capital Berhad - ISO 9001: 2015 - Consultancy, Construction, Project Rehabilitation, Desalination (first one in Malaysia to receive certification on trades such as Reverse Osmosis Seawater Desalination and Project Recovery/Rehabilitation)

* Has appeared for 10 consecutive series in “Good Morning Malaysia RTM TV1’ Corporate Talk Segment discussing on ISO 9000/14000 in various industries. For ICT, his inputs garnered from his expertise have successfully led to development of work-process e-enabling systems in the environments of intranet, portal and interactive web design especially for the construction and manufacturing. Some of the end products have won various competitions of innovativeness, quality, continual-improvements and construction industry award at national level. He has also in advisory capacity – involved in development and moderation of websites, portals and e-profiles for mainly corporate and private sectors, public figures etc. He is also one of the recipients for MOSTE Innovation for RFID use in Electronic Toll Collection in Malaysia.

Note :


TO SEE ALL ARTICLES

ON THE"LABEL" SECTION BELOW (RIGHT SIDE COLUMN), YOU CAN CLICK ON ANY TAG - TO READ ALL ARTICLES ACCORDING TO ITS CATEGORY (E.G. LABEL : CONSTRUCTION) OR GO TO THE VERY END OF THIS BLOG AND CLICK "Older Posts"


 

Showing posts with label SCAMMER. Show all posts
Showing posts with label SCAMMER. Show all posts

Friday, August 16, 2024

A BRIEF ON HOW TO DETECT FRAUD IN BANKING AND FINANCIAL SECTORS - Nik Zafri



Please also read my other articles about money laundering and anti-corruption.

Detecting fraud is usually linked money laundering, and corruption in the banking and financial sectors is crucial for maintaining the integrity of the financial system. there are strategies and technologies need to be taken into account.

1. Fraud Detection

a. Transaction Monitoring Systems (TMS)

These systems analyze transaction patterns in real-time or near real-time to detect suspicious activities. They use predefined rules, statistical models, and machine learning algorithms to flag anomalies. This will enable banks to proactively detect and investigate suspicious activities, helping to prevent them from escalating into more significant financial crimes. By identifying and halting illegal transactions early, banks can avoid potential losses and reduce the risk of regulatory scrutiny.

b. Anomaly Detection (AI)

Machine learning techniques (AI), such as supervised and unsupervised learning, are employed to detect deviations from typical behavior. These methods can identify unusual patterns that may indicate fraud. Machine learning models has proven effective in detecting anomalies by identifying unusual patterns in vast datasets. These AI models continuously learn from transaction data, adapting to emerging fraudulent schemes in real-time.

c. Behavioural Analytics

Sometimes, a user behaviour can also indicate fraudulent activity. These include frequent login times, transaction types, and sometimes at different locations and mixture of transactions (frequent use of cash deposit machine with significantly large amounts at different locations and online transfers/interbank transfer) 

d. Multi-factor Authentication (MFA)

Implementing MFA helps in preventing unauthorized access to banking systems, which is a common precursor to fraud. It can pose problems to the customers with too many authentications and verifications but it will protect both customers and bank from fraud and scamming. MFA adds an extra layer of security beyond just a password. Customers must provide two or more verification factors—such as something they know (a password), something they have (a smartphone or security token), or something they are (a fingerprint or facial recognition). This makes it much more difficult for unauthorized users to gain access, as even if they manage to obtain one factor, they would still need the additional factor(s) to successfully log in.

2. Money Laundering Detection (Anti-Money Laundering or AML)

a. Know Your Customer (KYC) and Customer Due Diligence (CDD)

KYC involves verifying the identity of customers, while CDD involves ongoing monitoring of their transactions to help identify potentially suspicious behavior linked to money laundering.

b. Suspicious Activity Reporting (SAR)

Banks are required to file SARs for any transactions that they suspect may involve money laundering. These reports are then reviewed by financial regulatory authorities such as Bank Negara.

c. Risk-Based Approach

Financial institutions categorize customers and transactions based on their risk level. Higher-risk transactions are monitored more closely to detect potential money laundering.

d. Transaction Structuring Detection

Money launderers often structure transactions in small amounts to avoid detection. Advanced algorithms can detect patterns of structuring across multiple accounts or over time.

e. Beneficial Ownership Identification

It's essential to determine the true owners behind complex corporate structures, as money launderers often hide behind layers of corporate entities.

3. Corruption Detection

a. Conflict of Interest Checks

Regular audits and checks can help identify situations where employees or executives of the bank might have conflicts of interest, potentially leading to corrupt activities via specific client favoritisms.

b. Vendor and Third-Party Risk Management

Financial institutions should monitor and evaluate the integrity of vendors and third-party relationships to detect corrupt practices, such as bribery or kickbacks.

c. Whistleblower Programs

Encouraging employees to report corrupt activities internally through protected channels can lead to the early detection of corruption.

d. Internal Audits and Controls

Regular internal audits can identify weaknesses in financial controls that could be exploited for corrupt purposes.

4. Technology and Data Analytics

a. Artificial Intelligence and Machine Learning:

AI and ML are increasingly used to detect complex fraud, money laundering, and corruption schemes. These technologies can analyze large datasets and identify patterns that humans might miss.

b. Blockchain Technology

Blockchain’s transparency and immutability make it a powerful tool in preventing fraud and money laundering, especially in tracking the provenance of funds.

c. Big Data Analytics

Analyzing vast amounts of structured and unstructured data helps in identifying suspicious activities across different systems and jurisdictions.

d. Network Analysis

Analyzing relationships between different entities (e.g., customers, accounts, transactions) can reveal hidden connections that may indicate fraudulent or corrupt activity.

5. Regulatory Compliance and Reporting

a. Regulatory Technology 

Regulatory Technology help financial institutions comply with regulatory requirements by automating the monitoring, reporting, and auditing processes.

b. Continuous Training and Awareness

Financial institutions must regularly train their employees on the latest fraud, AML, and anti-corruption techniques and regulations to ensure vigilance and compliance.

c. Collaboration with Law Enforcement

Financial institutions often work closely with law enforcement agencies such as Bank Negara Malaysia, Security Commission, the Police (PDRM), Company Commission etc. to share information and intelligence, helping to detect and prevent illicit activities.

6. Challenges and Emerging Threats

a. Cyber Fraud

As banking becomes increasingly digital, cyber fraud (e.g., phishing, hacking) poses a significant threat. Institutions must continuously update their cybersecurity measures.

b. Cross-Border Transactions

Detecting fraud and money laundering in cross-border transactions is challenging due to differing regulations and the complexity of tracking funds across multiple jurisdictions.

c. Cryptocurrency Risks

The rise of cryptocurrencies presents new challenges for detecting money laundering, as these digital assets offer a degree of anonymity and are harder to trace.

Conclusion

Detecting fraud, money laundering, and corruption requires a multi-faceted approach that combines advanced technology, strict regulatory compliance, and robust internal controls. As threats evolve, financial institutions must stay ahead by adopting innovative detection methods and continuously improving their risk management strategies.

Thursday, August 15, 2024

DEFEND YOURSELF AGAINST DEEPFAKES - Nik Zafri



Deepfake technology represents a remarkable achievement in artificial intelligence, offering significant benefits across various industries such as architecture through VR/simulation, gaming, entertainment, healthcare, and more.

However, deepfakes also have the potential to be misused, for instance, to frame or ridicule individuals or to trigger public unrest or part of elaborate scamming. Some deepfakes are so convincingly realistic that they can easily confuse viewers, especially those encountering them for the first time.

As deepfake technology advances, detecting these falsified videos becomes increasingly difficult. Similar to superimposed photos, deepfakes can be identified by examining the source codes or metadata—such as timestamps, locations, and device types—as well as by analyzing the following elements : 

1. Unnatural Facial Movements and Expressions 

e.g. 

blinking - even in the newly improved models, sometimes deepfakes do have issues with realistic blinking patterns. (14 to 17 times a minute)

Pay attention to mouth movement as well especially during a speech. The lips can sometimes be out of sync with the audio or move unnaturally

Facial Expressions can seem to be exaggerated, stiff, or inconsistent with the tone of the speech.

2. Inconsistent Lighting and Shadows

Lighting - deepfakes might struggle with consistent lighting across the face and body. If you watch carefully, you may spot shadows/highlights that don't match scene's overall lighting

Reflections - Glasses, jewelry, or shiny objects should reflect light naturally. If the reflections look off or are missing, it could indicate a deepfake.

3. Unnatural Eye Movements

One of the most obvious element in spotting a deepfake is the gaze direction where yes direction may not align naturally with the head or body movement, or the gaze might appear fixed/static or robotic.

4. Hair and Teeth

Hair - another problem is in the rendering of hair - look at the edges where it meets the background. Hair might appear blurry, or individual strands may not be visible.

Teeth can too perfect, overly white, or lack texture, making them seem unnatural.

5. Audio-Visual Mismatch

Sync Issue where the audio does not match the visual, either due to timing issues or because the deepfake doesn’t accurately replicate the mouth’s movements.

Voice Quality sounding too robotic or doesn’t match the person’s usual tone.

6. Background Anomalies

Inconsistencies - strange distortions or warping in the background, especially near the edges of the face or body.

Blurring - area around the face might be blurred or have different quality levels compared to the rest of the scene.

7. Resolution Discrepancies - Pixelation -  Check for inconsistencies in the video’s resolution. For instance, if the face appears sharper or more pixelated than the rest of the frame, it could be a deepfake.

8. Edge Quality - Pay attention to the edges of the face and body. If they appear too smooth or too sharp compared to the rest of the video, it might be a sign of manipulation.

9. Unusual Artifact - Distortion - Look for any visible distortions, especially when the person moves their head quickly. Deepfakes might struggle to keep up with fast movements.

10. Color Shifts - If the skin tone or color of the face changes abruptly, it might indicate that the video has been tampered with.

11. Content Inconsistencies - Context - Consider the context of the video. If the behavior, speech, or actions of the person seem out of character.

12. Mismatched Statements - Compare the content with known facts or previous statements by the individual - check for any discrepancies.

13. Use of Detection Tools - There are tools and software available that can help detect deepfakes by analyzing inconsistencies that might not be visible to the human eye.