Aci Prm Enterprise Risk

ACI

Proa

ctiv

e Ri

sk M

anag

er™ f

or E

nter

pris

e Ri

skSa

les

Kit

ACI Confidential Not for Distribution to

Customers/Prospects Internal Use Only

The opportunity . . . . . . . . . . . . . . . . 1• Why should I care?• Why now?• What do I sell?

The customer . . . . . . . . . . . . . . . . . . 6• To whom do I sell to?• What impact can my customer expect?• Who is a successful customer?

The competition . . . . . . . . . . . . . . . 11• Who is the competition?• How do I show strength?

The first call . . . . . . . . . . . . . . . . . . 15• How do I start?• How do I assess the opportunity?• What are the potential objections?

The sales cycle . . . . . . . . . . . . . . . . 19• How do I execute?• What is a typical deal?• What resources are available?

ASK4105 07-08

Why shouldIcare?

ACI Proactive Risk Manager for Enterprise Risk Sales Kit 1

Why is this opportunity worth my time?

Why is it worth my customer’s time? ACI offers a rules-based, neural network enterprise-wide fraud detection solution that provides the following benefits:• Reduces fraud losses significantly and helps minimize overall

operating costs• Monitors all of a financial institution’s interaction with its customers,

enabling the institution to better profile each customer’s behavior to more accurately detect fraud and financial crime

• Enables users to prevent fraud losses by detecting fraud during authorization

• Consolidates risk management activities into a single system• Assists users in retaining customers by using a behavior-based fraud

detection model that allows institutions to protect all customers while minimizing customer impact

• Protects the user’s brand and reduces risk to reputation• Provides valuable management information by capturing and maintaining

statistical data on overall business performance• Ensures maximum accuracy of the custom model in detecting

new fraud schemes through customer-controlled model updates• Maximizes analyst productivity, efficiency and performance by way of

easy-to-use Java-based, graphical Microsoft® Windows® interface that automates risk operations and case management workflow

What advantage does ACI have in the marketplace?• With more than 30 years of experience in EFT processing and

transaction security, ACI is the recognized leader in processing electronic payment transactions.

• ACI’s global reach includes more than 800 customers in over 80 countries.• ACI’s comprehensive payments solutions portfolio includes

wholesale banking, retail banking, fraud management, e-infrastructure and e-commerce.

• ACI offers global support through more than 40 local offices around the world.

• ACI is the leading provider of enterprise risk solutions, with Proactive Risk Manager protecting over 2,500 institutions worldwide in more than 40 countries.

Opportunity at a glance

Application area• Detects fraud across the entire enterprise• Protects against a variety of financial crime

techniques, including identity theft and fraud by check, telephone, POS, ATM, e-commerce and employees

• Conducts both near-real time and in-flight fraud checking

• Provides comprehensive workflow functionality to manage alerts

• Analyzes all transaction and customer information for comprehensive fraud analysis

• Detects counterfeit activity with a point-of-compromise manager

• Provides single- and multi-institution capabilities

• Offers EMV and multicurrency capabilities

Partner• IBM• Eunexus• SIDE International

Platform• IBM® System z• IBM® System p• Sun™ Solaris™• Microsoft® Windows®• SUSE Linux®

Target market• Financial institutions, including retail and

wholesale banking institutions• Third-party processors• Retailers

Average size deal

• Tier 1 financial institution: US$3.5 million (software only)• Tier 2 financial institution: US$2.5 million (software only)• Tier 3 financial institution: US$1 million (software only)• Tier 4 financial institution: US$500,000 (software only)• Tier 5 financial institution: US$500,000 (software only)• Nonfinancial institution (processor): US$2 million (software

only)

Average sales cycle

6–18 months

Will also help

• ACI Automated Case Management System™• ACI Dispute Management System™• ACI Smart Chip Manager™

� ACI Confidential

Why now?

Breaking down payments barriersCross-border initiatives, such as SEPA, and faster payments initiatives have opened new opportunities for fraud. The U.K. Faster Payments initiative is a good example of this because many payments will be made in near-real time instead of requiring the current three-day delay. This poses a problem because in the U.K., banks have had a significant amount of time to subject transactions to risk analysis before payment was made on a transaction. This will no longer be the case in the real time Faster Payments environment.

In a faster payments environment, it is vital that financial institutions have the technological intelligence to make informed decisions against fraudulent payment attempts. If a payment is fraudulent, then the bank must be able to stop the attempt in its tracks.

SEPA has opened new opportunities for fraud, as the barriers to inter-country transactions throughout European Union (EU) states will become easier. New products, such as direct debit and credit, will enable fraudsters to move money between accounts quickly and easily just like with U.K. faster payments.

The ability to monitor payments in-flight is crucial.

Increased concern about complex fraud schemes and identity theftCriminals have become cleverer and their fraud schemes more complex. For example, in early January 2008, a Colombian man pleaded guilty in federal court to 16 counts of involvement in a complex computer fraud scheme, which victimized more than 600 people.

According to the indictment, the man and a co-conspirator engaged in a complex series of computer intrusions, aggravated identity thefts and credit card fraud schemes designed to steal money from payroll, bank and other accounts of their victims. The men used the money to buy expensive electronics and luxury travel and accommodations in various countries, including Hong Kong, France, Jamaica, Italy, Chile and the United States.

Identity theft has become a serious and pervasive threat to consumers and financial institutions. Estimates vary on the true impact of the problem; however, the U.S. Federal Bureau of Investigation (FBI) reports that “law enforcement and consumer advocacy groups agree that financial institutions lose billions of dollars each year to identity theft, and consumers face additional hardships, ranging from financial loss to time spent trying to undo the harm caused to their credit records and other aspects of their lives.”

A 2006 Federal Trade Commission (FTC) survey estimated that 8.3 million American consumers, or 3.7 percent of the adult population, became victims of identity theft in 2005. Credit issuers and banks take the brunt of the losses because victims are rarely held responsible for fraudulent debts.

The ability to profile customer payments across channels or products is imperative.

The move to enterprise risk managementChange in fraud and financial crime occurs swiftly, with new approaches to Internet fraud and new attacks occurring all the time. For effective fraud detection and prevention, financial institutions must monitor Internet banking transactions in real time with a comprehensive system that monitors their full transaction activity.

The concept of enterprise risk management (ERM) emerged in the early 1990s and is based on the reasoning that to effectively prevent and detect fraud, a financial institution must develop a framework for managing risk across the organization. This includes understanding and maintaining internal controls; ensuring all risks are identified and mitigated in strategic planning initiatives; and underpinning all of this with sound, low-risk operational management at every level and unit and across every business line, account, process, function and role.

ERM also takes a holistic view of a financial institution’s relationship with a customer by collectively viewing every product or service the customer uses. This enterprise-wide approach protects financial institutions from fraud at every level, from money laundering activity to identity theft to deposit fraud — essentially any type of fraud that causes an institution or its customers monetary loss or potentially damages the institution’s reputation.

ACI Proactive Risk Manager for Enterprise Risk Sales Kit �

Worldwide adoption of EMVCountries around the world are gradually moving to chip and PIN as a strategic defense against card fraud. The United Kingdom has received much publicity about fraud levels since the rollout of chip and PIN in 2006. Key trends are the reduction in traditional forms of fraud (lost and stolen cards) and domestic ATM fraud.

Nevertheless, fraud losses have not declined dramatically because fraud has merely migrated to other areas. Fraudsters have modified their techniques to other forms of fraud, most notably cross-border ATMs in areas where ATMs are not EMV-compliant, CNP fraud and identity theft. Until all countries become EMV-compliant, traditional card-present fraud techniques ensure the least risk.

Even with worldwide EMV compliance, however, no one can guess what the fraudsters will do next. It is imperative that fraud managers maintain their defenses and invest in a comprehensive, flexible and adaptable fraud management system so they are ready for new fraud attacks.

Why now?

Did you know?

• The need to improve fraud detection effectiveness while reducing costs remains a consistent theme and will be pursued through improved customer due diligence and a risk-based approach. Institutions tell us that today, these two areas present them with the most potent opportunities for business benefit providing that data access and technology issues can be overcome. —Source:Datamonitorreport“SecuringtheFuture: Enterprise-widefinancialcrimemanagementandbeyond”

• In the United Kingdom, Internet fraud on cards is part of the card-not-present (CNP) fraud total of £212.6 million. In 2006 the amount of CNP fraud that took place over the Internet is estimated at £154.5 million — 73 percent of total CNP fraud losses. This figure rose by 32 percent from 2005, when Internet losses were £117.0 million and accounted for 65 percent of CNP fraud losses. —Source:APACS2007fraudreport

• According to a 2007 Datamonitor survey, senior heads of financial crime and compliance from tier one financial institutions said that their most widespread cause for concern is identity theft. Identity theft was named among the top three issues by 95 percent of survey respondents versus 87 percent in 2006.

• There can be no question that the move toward enterprise-wide financial crime management is technologically enabled. In recent years, technology proliferation has left most financial institutions with a plethora of siloed detection and investigation systems that support a single territories, channels or business lines in isolation. In an industry that lacks both the appetite and the budget for large-scale technology replacement, the emergence of agnostic technology platforms, able to consolidate and act upon information drawn from the numerous detection systems already in place, provides a means to leverage rather than abandon existing technology investments. —Source:Datamonitorreport“SecuringtheFuture: Enterprise-widefinancialcrimemanagementandbeyond”

• There can be no question that the desire to improve fraud detection accuracy is driven by a hunger for efficiency. The incidence of false positives is high and costs the industry dearly. Eliminating false positives is the key to investigative efficiency, driving down the amount of time spent by expensive investigators chasing wild geese down blind alleys. —Source:Datamonitorreport“SecuringtheFuture: Enterprise-widefinancialcrimemanagementandbeyond”

� ACI Confidential

What doIsell?

Brief description of the productACI Proactive Risk Manager™ for Enterprise Risk is a complete fraud detection solution to manage risk across a financial institution’s business lines and customer accounts. Proactive Risk Manager combines the power of expertly defined rules with a custom-trained neural network model for fast, accurate and flexible response to the evolving and growing nature of fraud.

Through its custom neural-network technology, Proactive Risk Manager compares the characteristics of each customer’s activity with the custom fraud model and recorded patterns of behavior for every account holder it sees. It then assesses and scores the risk in near-real or real time for each transaction using a variety of advanced algorithms, parameters and accumulated statistics. In addition, Proactive Risk Manager provides reviewers with precise reasons for the score, improving transaction analysis.

Proactive Risk Manager provides comprehensive Microsoft Windows-based workflow management capabilities to fraud management, with expert rules-based strategies at the core of this process. This component builds on the fraud expertise of the staff by allowing the creation of real time rules. Transaction activity matching a rule generates alerts, which are delivered to reviewers via a user-friendly Java client interface. A comprehensive set of tools enables supervisors to direct workflow and manage reviewers. Proactive Risk Manager captures and maintains statistics on fraud savings and losses and reviewer and model performance to provide valuable management information.

Proactive Risk Manager has built-in interfaces to a number of ACI products, including the ACI Automated Case Management System, BASE24-eps™ and the ACI Money Transfer System™. Proactive Risk Manager also interfaces with third-party products from SIDE International for list checking, Adeptra for automatic contact resolution, and Eunexus for Internet security and online fraud.

Solution PlatformACI Proactive Risk Manager for Enterprise Risk

In-house solution requires the following:• IBM® System z• IBM® System p• Sun™ Solaris™• Microsoft Windows• SUSE Linux®

Services OtherACI offers a full suite of services that include but are not limited to the following:• Installation• On-site technical services• Project management• System design and

development• Product implementation

support• Training and education• Business consulting• Performance review• System configuration

recommendations• Security Optimization

Services (SOS) consulting• HELP24• ROI consulting

• ACI Automated Case Management System™

• ACI Dispute Management System™

• ACI Smart Chip Manager™

Want more information? www.aciworldwide.com


What doIsell?

Features at a glance

• Offers rules-based strategies that match activity against a set of user-defined conditions to identify suspicious behavior,

allowing organizations to react quickly to emerging fraud

• Provides early warning of suspect activity with powerful neural network models, reducing fraud and limiting the impact on

account holders

• Utilizes an easy-to-use Java-based client interface to automate workflow management, increasing reviewer performance

• Captures and maintains statistical data on queue status, reviewer and model performance to provide valuable processes

• Interoperates with an existing authorization and end-of-day batch processing system

• Operates on a wide range of platforms

• Integrates with BASE24-eps, the ACI Money Transfer System and the ACI Automated Case Management System

Host

CustomerDemographics

Data Sourcese.g.: POS, ATM, Check, Electronic Banking

Case Creation Investigations

AlertQueues

Fraud Analysisand Review

Input Process

RulesEngine

ScoringEngine

RealTime

RulesEngine

ScoringEngine

NearRealTime

Automated Case Management

NonFinancialFinancial

Target MarketPrimary target markets• Financial institutions, including retail and wholesale

banking institutions• Third-party processors• Retailers

The above could include the following:• Existing Proactive Risk Manager customers looking to expand their

fraud management capabilities• Existing ACI customers looking for an enterprise-wide fraud

detection solution• Organizations running non-ACI product solutions and looking for a

product solution• Organizations using in-house legacy fraud detection solutions

looking for a vendor solution• Institutions with a fragmented fraud detection solution looking for

a single enterprise solution• Institutions such as processors looking to run a fraud system on

behalf of their customers

Prequalification • Which three financial crimes are your highest priority?• Can you describe your current fraud system’s infrastructure?• How consolidated are your fraud systems today?

Head of group risk• Needs to direct and manage fraud, risk and compliance• Wants a single view of the customer to identify suspicious activity• Wants to consolidate silos of business intelligence• Wants to monitor transactions in real time• Wants to prevent fraud as a result of identity theft or

account takeover• Needs to reduce fraud losses• Wants a system that can be reconfigured quickly to address new

fraud trends as they arise

Head of risk or fraud• Needs to direct and manage fraud, risk and compliance• Needs to prevent fraud as a result of identity theft or

account takeover• Needs a single view of the customer to identify suspicious activity• Needs to monitor transactions in real time• Wants to quickly identify potential fraud on other products to take

precautionary measures• Wants to reduce false positives• Needs to access information and report on both system and

operational performance

Head of issuer fraud• Needs strategic and operational solutions for merchant fraud• Wants to reduce ATM and CNP fraud losses• Wants to reduce false positives• Needs to be able to review and act on all alerts• Wants to reduce customer contact and improve customer service• Needs to monitor transactions in real time• Wants to access information and report on both system and

operational performance

Head of acquirer risk• Needs strategic and operational solutions for merchant fraud• Wants to reduce false positives• Wants to reduce customer contact and improve customer service• Wants to access information and report on both system and

operational performance• Wants to reduce losses from merchant bust-out schemes• Needs to know how well merchants are following procedures

Who do I talk to in the account and what are their needs?

Towhom doIsell?

6 ACI Confidential

Benefits Measurable results the customer can expect We deliver these results by …

Significantly reduces fraud losses and helps minimize overall operating costs

• Allows users to quickly reconfigure the system to address new fraud trends as they arise

• Enables users to track non-monetary transactions and events in conjunction with monetary transactions

• Allows users to extend their detection capabilities through the addition of neural network technology

• Allows users to move from near-real time detection to real time prevention

• Providing a system that is easy for users to configure and reconfigure without technical help

• Providing a solution that operates in real time to prevent fraud as it is attempted

Monitors all of a financial institution’s interaction with its customers

• The ability to better profile each customer’s behavior to more accurately detect fraud

• Monitor all channels, products and services that a customer uses

• Cross-reference customer activity while monitoring transactions

• Providing a solution that enables users to detect fraud earlier and pick up more subtle fraud

• Enabling users to detect suspicious activity so they reduce their exposure to fines and risk to reputation

Enables users to prevent fraud losses by detecting fraud during authorization

• Monitors all of a customer’s transactions in real time

• Helps combat fraud in SEPA and faster payments environments

• Providing a solution that has been designed from the ground up to operate in real time so users can incorporate fraud risk management in to the authorization process

Consolidates risk management activities into a single system

• Data is held in a central repository• Reporting is easy and fast

• Providing a solution that requires fewer reporting resources, is more timely and is less prone to errors

Assists users in retaining customers

• Allows institutions to protect all customers while minimizing customer impact

• Providing a behavior-based fraud detection model

Protects the user’s brand and reduces risk to reputation

• Enables users to track non-monetary transactions and events in conjunction with monetary transactions

• Providing a solution that increases the user’s ability to detect identity theft fraud and account takeover fraud

Provides valuable management information

• Stores every action undertaken by the system and each user, and this information can be used for measuring operational and system performance

• Provides a complete audit trail• Stores data about a merchant’s education

an training, so users can write rules on merchant transactions

• Providing a solution that captures and maintains statistical data on overall business performance

• Enabling users to identify areas to focus on to improve operational performance

• Providing a solution that enables users to monitor merchant activity

Ensures maximum accuracy of the custom model in detecting new fraud schemes

• ACI can modify the custom model as needed, and changes can be implemented quickly

• Reduces false positives• Allows users to control how rules are

configured and how alerts are generated by using scoring thresholds

• Providing a solution that enables regular model updates• Providing a solution that focuses resources on the highest

risk cases, thus reducing losses• Offering a highly accurate solution that reduces customer

contact and improves the customer experience

Proactive Risk Manager for Enterprise Risk Sales Kit 7

Whatimpactcan mycustomerexpect?

8 ACI Confidential

Whatimpactcan mycustomerexpect?

Maximizes analyst productivity, efficiency and performance

• Automates risk operations and case management workflow

• Stores every action undertaken by the system and each user

• Providing a solution that requires fewer resources and is more timely and accurate

• Providing an easy-to-use Java-based, graphical Microsoft Windows interface

• Providing information that helps users identify the right areas to focus on to improve operational performance

Multi-institution • Provides a worldwide or distributed approach to managing fraud across multiple banks or branches

• Providing a solution that allows institutions to implement local instances of the product or regional hubs for subsidiaries

• Providing a browser-based, configurable user interface• Providing a multicurrency solution

Whoisa successfulcustomer?

Proactive Risk Manager for Enterprise Risk Sales Kit 9

Customer scenarios

Implement a highly effective enterprise fraud risk solution

Situation A tier 1 institution wanted to consolidate disparate fraud systems into a single fraud system.

Challenge The customer wanted to bring together information from multiple complex legacy systems into one environment.

What we did After reviewing the bank’s existing fraud problems, ACI quickly determined that Proactive Risk Manager for Enterprise Risk met the bank’s needs, not only for helping to detect fraud sooner, but also to manage the workflow associated with monitoring, detecting and eliminating fraud losses.

Impact The bank can now view all transaction types across the customer account. This significantly reduces fraud losses across the institution and dramatically improves customer satisfaction, thus improving customer retention.

Multichannel fraud detection with a third-party product

Situation The National Australia Bank (NAB) needed to improve its fraud detection system when fraud gangs, primarily from Eastern Europe, cast their eyes on Australian banking institutions.

Challenge With the attacks in Australia, NAB experienced an increase in attempted fraud activity, via phishing e-mails. NAB understood that a number of approaches were required if it was going to offer its customers the best possible security and minimize losses.

What we did NAB discovered strong trends around IP addresses and its Internet banking accounts that had been compromised. The bank decided to enhance its counterattack by looking at IP addresses using Eunexus IP Intelligence. NAB also conducted analyses within ACI Proactive Risk Manager that accessed data about fraudulent IP addresses within the Proactive Risk Manager database. The team developed several techniques to increase detection. These techniques provided a strong behavior and IP profile for each customer.

Impact NAB can now identify a significant portion of compromised accounts before funds have been withdrawn, which has helped protect customers. Using Proactive Risk Manager, NAB can establish an expected footprint for a customer and therefore identify which Internet banking logins and transactions don’t fit a customer’s normal usage profile, helping operators make intelligent decisions when they’re working through alerts. Using these two simple techniques, Proactive Risk Manager now has to monitor only 2 percent of Internet transactions before the rules are applied. From that point forward, the bank’s customized Proactive Risk Manager rules scrutinize every transaction that doesn’t meet those criteria. This allows NAB to detect virtually all Internet banking fraud.

Whoisa successfulcustomer?

10 ACI Confidential

A top-tier bank reduces fraud and operational costs

Situation A tier 1 financial institution wanted to bring together credit and debit card fraud detection.

Challenge The institution didn’t have the ability to simultaneously monitor credit and debit accounts. Also, the growing cost of fraud increased operational costs, and the institution needed reduce both.

What we did After reviewing the bank’s situation, ACI provided the bank with a combination of ACI Proactive Risk Manager for Enterprise risk and consultancy services to optimize the use of Proactive Risk Manager in the environment.

Impact The bank not only experienced a reduction in credit and debit card fraud with the consolidation of the two systems, but also significantly reduced operational costs through a decrease in labor costs and IT infrastructure overhead.

Reduce fraud losses

Situation Alliance & Leicester (A&L) is one of the United Kingdom’s major financial services groups, offering a broad range of financial services to personal, commercial and small business customers.

Challenge A&L sought a solution to protect both the company and its customers from debit and credit card fraud losses.

What we did After analyzing A&L’s current system, ACI determined that ACI Proactive Risk Manager would not only help the bank prevent fraud, but it would also detect suspicious, potentially fraudulent behavior.

Impact ACI Proactive Risk Manager allows A&L to prevent and detect potential fraud, in many cases well before customers become suspicious of a problem. With Proactive Risk Manager, A&L also detects a significant proportion of all card skimming fraud. Furthermore, Proactive Risk Manager has allowed A&L to save millions of pounds in potential fraud and benefit from improved efficiency and information management.

Reduce debit card fraud

Situation Canadian Imperial Bank of Commerce (CIBC) is the second largest Canadian financial institution when measured by assets. CIBC provides products and services to more than 8 million retail banking customers and 8,000 corporate and investment banking customers. CIBC currently has approximately 4 million cardholders and 4,600 ATM devices.

Challenge With debit card payments having recently topped cash as Canadians’ favorite way to pay for purchases, CIBC wanted to upgrade its existing level of debit card fraud detection to better protect customers and mitigate risk for the bank.

What we did CIBC’s implementation required the creation of online links between BASE24 and ACI Proactive Risk Manager in order to provide the most effective response to suspicious transaction alerts. CIBC’s sophisticated shared workload environment processes in excess of 100 transactions per second (tps) in issuer transactions alone and requires the highest possible availability.

Impact CIBC has made consistent progress in enhancing its transaction monitoring capability culminating with the installation of ACI Proactive Risk Manager. Over time CIBC chose to migrate toward increasingly sophisticated tools as the operating environment changed. ACI Proactive Risk Manager is exceeding the bank’s expectations for fraud savings and accuracy.

The competitive landscape

Capabilities Importance to customer

ACI Fair Isaac SAS Actimize Norkom Unique silver bullets

Flexible rules engine H 5 3 1 3 3 SB

Custom model H 5 5 5 0 0

Industry expertise H 3 5 4 5 5

System performance H 5 5 2 3 3

Scalability H 5 5 4 4 4

Implementation H 4 5 1 2 4

Regular updates to the product M 4 2 1 5 4

Integration with existing environment H 4 3 5 3 4

Global services and support H 5 4 5 2 1

Financial strength of company M 5 5 5 4 1

Low cost of ownership M 5 3 3 4 3 S

Enterprise risk capability H 4 2 3 3 3 S

Product flexibility M 5 1 4 3 3 S

Usability M 5 2 4 4 3 S

Integration with other ACI products L 5 1 1 1 1 SB

Off-the-shelf integration with third-party products

L 4 3 4 3 2

Silver bullets and key strengths Flexible rules engine, low cost of ownership, enterprise risk capability, product flexibility, usability, integration with other ACI products

Ground rules where we winWhen they …

• Are a current ACI customer, especially if they are a Proactive Risk Manager customer• Want to meet regulatory demands• Are experiencing high fraud losses or a current fraud attack• Have outgrown an existing in-house solution• Want to improve operational risk• Like ACI’s risk management product vision• Are interested in neural network technology• Want to improve operational efficiency• Need a phased implementation approach• Require a rapid implementation• Want an affordable system

Ground rules where we loseWhen they …

• Won’t entertain using a product solution provided by an outside vendor• Have a better relationship with a competitor in areas of risk• Want a consortium model• Require a quick model implementation• Can’t show their return on investment (ROI)• Want an enterprise risk solution that provides anti-money laundering protection

Legend: H=high; M=medium; L=low, Silver bullet (SB): two-point advantage; Strength (S): one-point advantage 0 1 2 3 4 5

As compared to the competition

Nocapability

Veryweak

Weak Moderate Strong Exceptionallystrong

Whoisthe competition?


Capabilities Capability explained Supporting facts and proof points Where to look for details

Flexible rules engine • Users can write rules to match existing and emerging fraud trends without the need for technical resources.

• Users can segment and filter rules to match operational strategies.

• Users can easily modify existing rules in the system.

• Rules can be changed and deployed instantly to combat new fraud trends.

• Rules can be simple or complex

• Rules are written in SQL against open database architecture.

• The user interface is simplified to assign rules to users.

• The complexity of rules is based on the capabilities of the SQL statements.

• A U.S. customer identified a fraud trend at Japanese taxis and wrote a rule that was immediately launched to alert the bank of all transactions at the taxis.

• Product summary• Case studies• Customer briefs• Fact sheet• Three Pillars webinar

Custom model • By analyzing customers’ existing fraud, transactional and demographic data, ACI can develop a customized scoring model specifically built to reflect the individual risk profile of each of the bank’s customers.

• ACI can update a custom model on a periodic basis to account for the dynamic nature of fraud trends.

• The model is built using six or more months of customer data.

• Model output scores indicate the probability of fraud.

• Each score is supported by three reason codes accessible to the end-user that highlight the relevant fraudulent activity for the transaction.

• Custom modeling flyer• Custom model white paper• Fact sheet• Product summary

Industry expertise • ACI has industry experts in enterprise fraud.

• ACI offers fraud consultancy services worldwide.

• ACI industry experts speak at fraud forums worldwide.

• ACI is an industry leader in enterprise-wide payments technology.

• Facts and stats• Customer service guide• Product summary• Sales price book• Consultancy flyer

System performance • Proactive Risk Manager has proven capability to process high volumes of transactions.

• One customer processes 15 million transactions per day.

• Proactive Risk Manager is currently installed at customer sites ranging in size from tier 1 to tier 5.

• Proactive Risk Manager customer list

• Facts and stats

Scalability • The flexible nature of Proactive Risk Manager allows users from different sizes of institutions to gain maximum benefit for their institutions.


• Proactive Risk Manager customer list

• Facts and stats

Implementation • Implementation times can be adjusted to meet customers’ needs.

• A simple implementation can take as few as three months.

• Customer support guide

Regular updates to the product • ACI delivers scheduled service packs to customers.

• ACI user groups can submit requests for enhancements and influence future product direction.

• Proactive Risk Manager version 8.0 will have 50 customer-driven functionality requests built in.

• Service packs regularly include feature and function enhancements.

• Product documentation• Customer service guide

HowdoI showstrength?

1� ACI Confidential


Integration with existing environment

• The flexible nature of Proactive Risk Manager allows users to use industry-standard hardware and software platforms.

• Customers can leverage existing architecture and applications.

• Proactive Risk Manager operates on multiple platforms and supports the latest third-party industry software.

• Product documentation• Hardware Software

Requirements• Product summary• Fact sheet

Global services and support • ACI provides installation support and services in conjunction with standard ACI support.

• ACI has offices in more than 40 countries around the globe.

• HELP24 offers around-the-clock support via telephone, Internet and Web site.

• Internal support• Integrated online help• HELP24 support• Product consultancy services

• Customer service guide• Facts and stats

Financial strength of company • ACI has been in business for more than 30 years.

• ACI has more than 800 customers in over 80 countries.

• Proactive Risk Manager is used by more than 125 customers in over 40 countries.

• Annual report• Facts and stats

Low cost of ownership • ACI uses a licensed product model that allows institutions to leverage existing hardware and software architecture.

• Customers can make changes to the system (rules, add-ins, etc.) at no additional cost.

• Proactive Risk Manager operates on industry-standard platforms.

• Flexible architecture, interface and documentation enable customers to make changes rapidly.

• Product documentation• Product summary

Enterprise risk capability • Proactive Risk Manager provides an end-to-end, enterprise-wide fraud detection and risk management solution.

• Proactive Risk Manager accepts transactions from any channel within a retail or wholesale bank.

• More than 20 percent of Proactive Risk Manager customers use the enterprise risk solution.

• Customers today are using Proactive Risk Manager for the following channels: credit, debit, check, Internet banking, telephone banking, mobile banking, wire, brokerage and ACH.

• Proactive Risk Manager customers range from large to small, from retailers to retail and wholesale banks.

• Product documentation• Case studies• Customer briefs• Product summary• Fact sheet• Enterprise risk management

(ERM) flyer• ERM webinar


ACI Proactive Risk Manager for Enterprise Risk Sales Kit 1�


Product flexibility • Proactive Risk Manager allows institutions to leverage existing hardware and software architecture.

• Customers can make changes to the system (rules, add-ins, etc.).

• The flexible nature of Proactive Risk Manager allows users from different sizes of institutions to gain maximum benefit for their institutions.

• Proactive Risk Manager operates on industry-standard platforms.

• Flexible architecture, interface and documentation enable customers to make changes rapidly.


• Product documentation• Product summary

Usability • Users can write rules to match existing and emerging fraud trends without the need for technical resources.

• Users can segment and filter rules to match operational strategies.

• Users can easily modify existing rules in the system.

• Rules can be changed and deployed instantly to combat new fraud trends.

• Rules can be simple or complex.

• Users can easily navigate through alerted activity and customer information.

• Rules are written in SQL against open database architecture.

• The user interface is simplified to assign rules to users.

• The complexity of rules is based on the capabilities of the SQL statements.

• A U.S. customer identified a fraud trend at Japanese taxis and wrote a rule that was immediately launched to alert the bank of all transactions at the taxis.

• Intuitive graphical user interface (GUI) is easy to use.

• Product summary• Case studies• Customer briefs• Fact sheet• Three Pillars webinar

Integration with other ACI products

• Through the use of standard interfaces, Proactive Risk Manager provides a major benefit to customers using multiple ACI products.

• Proactive Risk Manager currently interfaces with BASE24-eps, the ACI Money Transfer System and the ACI Automated Case Management System.

• Product documentation• Product presentations• ACI Payments Framework

Off-the-shelf integration with third-party products

• Through the use of standard interfaces, Proactive Risk Manager provides a major benefit to customers using third-party products from ACI partners.

• Proactive Risk Manger currently interfaces with products from SIDE International, Adeptra and Eunexus.

• Product documentation• Product presentations• SIDEWatch flyer• IP Profiling flyer


1� ACI Confidential

In preparing for our meeting today, I tried to think of the questions I would have if I were sitting on your side of the desk. I thought you might want to know …

• What is ACI Proactive Risk Manager for Enterprise Risk and how can it help you?

• What makes ACI unique in the market?• How have we helped other customers?

Arethesesomeofyourquestions?

Doyouhaveanyotherquestions?Doesitmakesensetobeginourmeetingbyansweringthesequestions?DoIhaveyourpermissiontodoanassessment?

Iwouldliketospendaboutfiveminutesansweringthesequestions,then,withyourpermission,IwouldliketoaskyousomequestionstoseeifACImighthelpyou.

What is ACI Proactive Risk Manager for Enterprise Risk and how can it help you?ACI offers rules-based, neural network enterprise-wide fraud detection solution that …• Reduces fraud losses significantly and helps minimize overall

operating costs• Monitors all of a financial institution’s interaction with its

customers, enabling the institution to better profile each customer’s behavior to more accurately detect fraud

• Enables users to prevent fraud losses by detecting fraud during authorization

• Consolidates risk management activities into a single system• Assists users in retaining customers by using a behavior-based

fraud detection model that allows institutions to protect all customers while minimizing customer impact

• Protects the user’s brand and reduces risk to reputation• Provides valuable management information by capturing and

maintaining statistical data on overall business performance• Ensures maximum accuracy of the custom model in detecting new

fraud schemes through customer-controlled model updates• Maximizes analyst productivity, efficiency and performance by way

of easy-to-use Java-based, graphical Microsoft Windows interface that automates risk operations and case management workflow

What makes ACI stand out in the market place?• With more than 30 years of experience in EFT processing and

transaction security, ACI is the recognized leader in processing electronic payment transactions.

• ACI’s global reach includes more than 800 customers in over 80 countries.

• ACI’s comprehensive payments solutions portfolio includes wholesale banking, retail banking, fraud management, e-infrastructure and e-commerce.

• ACI offers global support through more than 40 local offices around the world.

How have we helped other customers?The National Australia Bank (NAB) needed to improve its fraud detection system when fraud gangs, primarily from Eastern Europe, cast their eyes on Australian banking institutions. With the attacks in Australia, NAB experienced an increase in attempted fraud activity, via phishing e-mails. NAB understood that a number of approaches were required if it was going to offer its customers the best possible security and minimize losses.

NAB discovered strong trends around IP addresses and its Internet banking accounts that had been compromised. The bank decided to enhance its counterattack by looking at IP addresses using Eunexus IP Intelligence. NAB also conducted analyses within ACI Proactive Risk Manager that accessed data about fraudulent IP addresses within the Proactive Risk Manager database. The team developed several techniques to increase detection. These techniques provided a strong behavior and IP profile for each customer.

NAB can now identify a significant portion of compromised accounts before funds have been withdrawn, which has helped protect customers. Using Proactive Risk Manager, NAB can establish an expected footprint for a customer and therefore identify which Internet banking logins and transactions don’t fit a customer’s normal usage profile, helping operators make intelligent decisions when they’re working through alerts. Using these two simple techniques, Proactive Risk Manager now has to monitor only 2 percent of Internet transactions before the rules are applied. From that point forward, the bank’s customized Proactive Risk Manager rules scrutinize every transaction that doesn’t meet those criteria. This allows NAB to detect virtually all Internet banking fraud.

Now,unlessyouhaveanyquestions,Iwouldliketoaskyousomequestionstoseehowwemighthelpyou.Ifweagreethereisaneedforourservices,thenIwillproposeanumberofoptions.Ifwediscoverthatwecannothelpyouatthistime,thenatleastyouwillknowalittlebitmoreaboutusand,wehope,keepusinmindshouldyourneedschangeinthefuture.

HowshouldI start?


Key idea Opening question Measuring today Measuring the future Impact

Examples (Manycustomerswetalktobelieve)

(Whatdoyoubelieve) (Inthefuture) Whatwouldtheimpactbeifyoucould…

Moving from a silo to an enterprise-wide approach

We are working with other banks on enterprise risk management, breaking down product silos to give them a single view over total customer activity. Yet the Economist Intelligence Unit found that 78% of banks worldwide are still operating silos. Where are you?

Is your current fraud detection and risk management solution a silo or enterprise-wide system? What are your thoughts about enterprise risk management?

Do you have plans to replace your system in the future? If so, what are your objectives for the new system?

Implement a comprehensive solution that helps meet the increasing need to detect new fraud schemes and patterns across the organization through an expert rules-based technology?

Issuer in a new or emerging market

Fraud is becoming more complex — for example, with the emergence phishing we’re finding that banks are responding by taking an enterprise approach to risk management. We are working with other banks in your region to combat issuer fraud, particularly where cards are a new concept to users. Where are you?

What challenges are you facing in this area?

What are your plans to combat issuer fraud?

Implement an enterprise-wide fraud detection solution that works in issuer environments?

Acquirer needs a fraud solution

You may know ACI from our BASE24 solution. Did you know that we also provide a solution for acquiring fraud? We’re also working with a number of banks to address ATM skimming. How are you approaching this type of fraud?

Are you experiencing fragmented workflow management? Do you have the ability to track production efficiency

What are your plans to combat acquirer fraud?

Implement a fraud detection solution that improves analyst efficiency and performance with easy-to-use Java-based interfaces?

Financial institution in a faster payments area

The industry is moving toward faster payments, and some banks see real time fraud detection as a way to mitigate the associated risk without impacting the customer. What’s your thinking on this?

Does your current system offer real time fraud detection and prevention?

Are you planning to implement a real time fraud detection and risk management solution?

Implement an enterprise-wide, real time fraud detection and risk management solution?

HowdoI assesstheopportunity?

16 ACI Confidential

Anticipated objection #1 The real customer question Answer and explanation

My in-house solution is satisfactory.

Why do I need enterprise risk? Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• ACI Proactive Risk Manager provides a consolidated risk management

solution across the enterprise.• With Proactive Risk Manager, the speed with which alerts are received

for review is increased, reducing fraud losses.• Proactive Risk Manager reduces maintenance and staffing costs.• Proactive Risk Manager offers flexibility in managing rules

and workflows.• Regular Proactive Risk Manager updates enable users to maintain a

current, state-of-the-art system.• Consulting and support are available from ACI’s highly trained staff.• Proactive Risk Manager is a strategic solution, so when you have new

fraud types or products it is all you need. You do not need to buy another fraud system

Anticipated objection #� The real customer question Answer and explanation

We are going to become EMV-compliant, so we won’t need a fraud solution.

Why do I need a fraud solution with EMV?

Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• APACS statistics for the U.K. pre- and post-EMV reveal that the fraud

hasn’t disappeared; it has simply moved.


I need a consortium model. Why do I need a custom model? Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• ACI has performed extensive testing to measure the performance of

consortium models versus custom models and rules. We have found that the custom and rules approach outperforms the consortium model in real-world situations.


Writing rules in SQL is too complex and difficult.

Will I need to hire technical staff just to write rules?

Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• SQL offers the flexibility to write sophisticated rules that are not

bound by simple parameters.• ACI offers a rule library.• ACI has expert consultants to coach new users.• ACI provides training workshops for every customer project.

Whatarethe potentialobjections?


Whatarethe potentialobjections?


We’re a tier one bank and you don’t seem to have many tier one banks using Proactive Risk Manager.

Can you support me? Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• ACI has 18 processors around the world using Proactive Risk Manager.• One customer uses Proactive Risk Manager to process 90 million

credit cards


I don’t want to store transactions on my systems.

Why can’t I outsource it to a risk management system vendor?

Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• Although you need to purchase additional hardware, you will have

greater control over the system by storing transactions in-house.• You will also be able to integrate with other systems (e.g.,

nonfinancial transactions) and gain greater flexibility in how you run the system to respond to emerging and evolving fraud threats.


I can get the same functionality from an emerging competitor for a fraction of the cost.

What differentiates ACI from its competitors?

Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• ACI is committed to respond to changing fraud trends. More than 55

percent of our employees work in R&D.• ACI provides multichannel, global support 24x7.• Regional and global Proactive Risk Manager user groups provide

ongoing support and share best practices.


My current system already gives me a low number of false positives.

Why should I change? Would it be appropriate to spend just a couple minutes explaining what other customers have found?Points• False positives are just one key metric in measuring

fraud performance.• The point of detection is key in combating fraud.

18 ACI Confidential

HowdoI execute?


Steps of the sale ACI Sales ACI Sales Support ACI Services

Identify prospect and key playersX

Make level-one sales call to prequalify X

Needs analysis, sales discovery process, business exploration X

Identify solution X X

Identify customer requirements and build business case (if the prospect requires assistance)

X

Presentation of identified solution and verification that it fits the customer’s needs

X X

Proposal X X

Signed contract X

Optional services packages X X

Ongoing professional services (optional) X X X

Support – Customer Management and HELP24 X

ACI Worldwide Company OverviewEvery second of every day, more than 800 customers around the world rely on ACI solutions to process payments, manage risk, automate back-office systems and provide application infrastructure services. More customers use ACI software to manage higher payment volumes, of greater diversity, across more platforms and geographies than any other provider in our field. Since 1975, ACI has provided software solutions to the world’s innovators. We welcome the opportunity to do the same for you.

Whatisa typicaldeal

�0 ACI Confidential

Pricing ModelThe ACI Proactive Risk Manager pricing model is based on transaction volume. The following is a rough guideline for pricing:• Tier 1 financial institution: US$3.5 million (software only)• Tier 2 financial institution: US$2.5 million (software only)• Tier 3 financial institution: US$1 million (software only)• Tier 4 financial institution: US$500,000 (software only)• Tier 5 financial institution: US$500,000 (software only)• Nonfinancial institution (processor): US$2 million (software only)

Average sales cycle 6–18 months.ACI ServicesProject Management and Implementation Services• Global Delivery Process (GDP) and project methodology• Project management and product consulting• Project team (ACI and customer)• Project Scope Meeting (PSM)• Project Scope Document (PSD)• Installation• Training• Product implementation support• Go-live support

Product Support Services (included in maintenance)• Customer management• Product documentation• HELP24 (customer hotline)

Extended Services• Security Optimization Services (SOS)• Education and training• Business consulting services• Technical consulting services• Enhanced Support Program (ESP)• Performance services

Basic system configurationWorkstations: Microsoft WindowsServer: Microsoft WindowsDatabase: Oracle 10g or SQL Server 2005, DB2 9.1Scoring engine: IBM System z, IBM System p, Sun Solaris, Microsoft Windows, SUSE Linux

Average pricing

Entry Medium Large

Monthly transaction volume US$10,000 US$20,000 US$50,000

Average cost of hardware & system software

To be provided by vendor when needed

Average cost of application software

US$1 million US$2.5 million US$4.5 million

Average cost of services US$75,000 US$125,000 US$225,000

Yearly per seat minimums US$90,000 US$130,000 US160,000

Whatresources areavailable?

ACI Proactive Risk Manager for Enterprise Risk Sales Kit �1

Resources (WhodoIcall?) Location Name Phone Number E-Mail

General information Send e-mail Lori Morehead +1 402.390.7906 [email protected]

Channel support Americas Rob Haake +1 402.778.1915 [email protected]

EMEA Michelle Weatherhead +44 1923 812806 [email protected]

Asia/Pacific Chee-Keong Leo +65 67808387 [email protected]

Where do I find? Title/topic Location/URL

Specific product information • Product fact sheet• Product summary• Product solution sheets• Solution/industry flyers

• i4/Marketing

Other supporting information

• Channel sales presentations and other localized material

• PRM Overview • i4/Product

• Customer information • Customer list• Customer case studies/

testimonials

• i4/Marketing

Documents

Aci Prm Enterprise Risk