1. Proceedings
  2. I3M
  3. 2018
  4. EMSS
  5. 10.46354/i3m.2018.emss.021

On the GDPR introduction in EU and its impact on financial fraud research

  • Edgar Alonso Lopez-Rojas  ,
  • Dincer Gultemen  ,
  • Erjon Zoto  
  • a , b, c The Norwegian University of Science and Technology (NTNU)
Cite as
Lopez-Rojas E.A., Gultemen D., Zoto E. (2018). On the GDPR introduction in EU and its impact on financial fraud research. Proceedings of the 30th European Modeling & Simulation Symposium (EMSS 2018), pp. 150-156. DOI: https://doi.org/10.46354/i3m.2018.emss.021

Abstract

With the introduction of GDPR in the European Union (EU) in May 2018, personal data contained within financial records will become even more restricted to researchers due to the strict organisations’ internal policies. This is mainly a consequence of the huge fines that will potentially receive the financial institutions that does not comply with GDPR. As a consequence of this, researchers will suffer from getting access to necessary data to develop and implement proper controls and prevention mechanism for fraud in the financial domain. This paper aims to analyse the impact of GDPR from the financial services perspective regarding the handling of personal data. We argue that the impact for researchers with the introduction of GDPR can be reduced by using simulation of financial transactions as a valid approach that prevent the risk of possessing personal data when doing research with financial data and address, among others, the GDPR article 89(1) on the safeguards for processing or archiving personal data with scientific purposes.

References

  1. Claudio Alexandre and Joao Balsa. Integrating client profiling in an anti-money laundering multiagent based system. In World Conference on Information Systems and Technologies, pages 931– 941, Recife, Brazil, 2016.
  2. Claudio Reginaldo Alexandre and João Balsa. A multiagent based approach to money laundering detection and prevention. In International Conference on Agents and Artificial Intelligence, number April 2016, pages 230–235, 2015. doi: 10.13140/2.
    1.2227.2327.
  3. The Norwegian Data Protection Authority Datatilsynet. Artificial intelligence and privacy. Technical report, Datatilsynet, The Norwegian Data Protection Authority, 01 2018.
  4. Chrystel Gaber, Baptiste Hemery, Mohammed Achemlal, Marc Pasquet, and Pascal Urien. Synthetic logs generator for fraud detection in mobile transfer services. In 2013 International Conference on Collaboration Technologies and Systems (CTS), pages 174–179. IEEE, may 2013. ISBN 978-1-4673-6404-1. doi: 10.1109/CTS.2013. 6567225.
  5. Dan Gorton. IncidentResponseSim: An agent-based simulation tool for risk management of online Fraud. In Sonja Buchegger and Mads Dam, editors, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), volume 9417 of Lecture Notes in Computer Science, pages 172–187, Cham, 2015. Springer International Publishing. ISBN 978-3-319-26501-8. doi:10.1007/978-3-319-26502-5.
  6. Michal Koščík and Matěj Myška. Data protection and codes of conduct in collaborative research. International Review of Law, Computers & Technology, pages 1–14, 2018.
  7. Dave Lewis, Joss Moorkens, and Kaniz Fatema. Integrating the management of personal data protection and open science with research ethics. In Proceedings of the First ACL Workshop on Ethics in Natural Language Processing, pages 60–65, 2017.
  8. Edgar Lopez-Rojas and Stefan Axelsson. Multi agent based simulation (mabs) of financial transactions for anti money laundering (aml). In Audun Josang and Bengt Carlsson, editors, Nordic Conference on Secure IT Systems, pages 25–32, Karlskrona, 2012a.
  9. Edgar Lopez-Rojas, Dan Gorton, and Stefan Axelsson. Using the RetSim simulator for fraud detection research. International Journal of Simulation and Process Modelling, 10(2):144, 2015.
  10. Edgar Lopez-Rojas, Dan Gorton, and Stefan Axelsson. Using the RetSim simulator for fraud detection research. International Journal of Simulation and Process Modelling, 10(2):144, 2015.
  11. Edgar Alonso Lopez-Rojas. Extending the RetSim Simulator for Estimating the Cost of fraud in the Retail Store Domain. In The 27th European Modeling and Simulation Symposium-EMSS, Bergeggi, Italy, 2015.
  12. Edgar Alonso Lopez-Rojas and Stefan Axelsson. Money Laundering Detection using Synthetic
    Data. In Julien Karlsson, Lars ; Bidot, editor, The 27th workshop of (SAIS), pages 33–40, Örebro,
    2012b. Linköping University Electronic Press.
  13. Edgar Alonso Lopez-Rojas and Stefan Axelsson. Social Simulation of Commercial and Financial
    Behaviour for Fraud Detection Research. In Advances in Computational Social Science and Social Simulation, Barcelona, 2014. ISBN 9789172952782.
  14. Edgar Alonso Lopez-Rojas and Stefan Axelsson. Using the RetSim Fraud Simulation Tool to set
    Thresholds for Triage of Retail Fraud. In 20th Nordic Conference on Secure IT Systems, NordSec
    2015, pages 156–171, Stockholm, 2015. Springer.
  15. Edgar Alonso Lopez-Rojas and Stefan Axelsson. A Review of Computer Simulation for Fraud Detection Research in Financial Datasets. In Future Technologies Conference, San Francisco, USA, 2016.
  16. Edgar Alonso Lopez-Rojas, Stefan Axelsson, and Dan Gorton. RetSim: A Shoe Store Agent-Based  Simulation for Fraud Detection. The 25th European Modeling and Simulation Symposium, 2013. (Best Paper Award).
  17. Donia Malekian and Mahmoud Reza Hashemi. An adaptive profile based fraud detection framework for handling concept drift. In 2013 10th International ISC Conference on Information Security and Cryptology (ISCISC), pages 1–6. IEEE, aug 2013. ISBN 978-1-4799-1638-2. doi: 10.1109/ ISCISC.2013.6767338.
  18. Miranda Mourby, Elaine Mackey, Mark Elliot, Heather Gowans, Susan E Wallace, Jessica Bell,
    Hannah Smith, Stergios Aidinlis, and Jane Kaye. Are ‘pseudonymised’data always personal data? implications of the gdpr for administrative data research in the uk. Computer Law & Security Review, 34(2):222–233, 2018.
  19. Roland Rieke, Maria Zhdanova, Jurgen Repp, Romain Giot, and Chrystel Gaber. Fraud Detection
    in Mobile Payments Utilizing Process Behavior Analysis. In 2013 International Conference on
    Availability, Reliability and Security, pages 662– 669. IEEE, sep 2013. ISBN 978-0-7695-5008-4. doi: 10.1109/ARES.2013.87.
  20. The European Parliament and The European Council. General Data Protection Regulation. Official Journal of the European Union, 2016. ISSN 1098- 6596. doi: http://eur-l= ex.europa.eu/pri/en/oj/dat/2003/l_285/l_28520031101en00330037.pdf.
  21. Sara Day Thomson. Preserving transactional data: Defining the challenges. International Journal of Digital Curation, 11(2):126–137, 2016.
  22. Maria Zhdanova, Jurgen Repp, Roland Rieke, Chrystel Gaber, and Baptiste Hemery. No Smurfs:
    Revealing Fraud Chains in Mobile Money Transfers. In 2014 Ninth International Conference on
    Availability, Reliability and Security, pages 11– 20. IEEE, sep 2014. ISBN 9781479942237. doi:
    10.1109/ARES.2014.10.
  23. Luisa M Zintgraf, Edgar Alonso Lopez-Rojas, Diederik Roijers, and Ann Nowe. Multimaus:
    A multi-modal authentication simulator for fraud detection research. In The 29th European Modeling and Simulation Symposium-EMSS, Barcelona, Spain, 2017.