The idea was ingenious. When the Bureau of Internal Revenue of the Philippines wanted to book tax evaders, it decided to hold an e-raffle, offering fabulous prizes. Participants had to send SMSes with the names and locations of the stores where they had shopped and the amount they had spent. Using the data from the text messages, the tax department could arrive at an estimate of the monthly turnover of a store and compare it with the income it was reporting. Crunching data from millions of SMSes was a tall order, but thanks to the Cary, North Carolina-based analytics and visualisation solutions company SAS, the tax authorities zeroed in on the defaulters without breaking a sweat, and tax collection went up 36%.

Which explains why the Boston-based research and investing advisory Aite Group said last year that SAS is “one of the best-kept secrets” among enterprise fraud solution providers.

When I ask Sudipto Sen, SAS’s Southeast Asia director, what exactly his company does, he opens with a one-liner: “There are known unknowns, and there are unknown unknowns.” That’s way too cryptic, he realises, and proceeds to explain: “The first comprises data that either do not add up or are missing. The second consists of information that’s impossible to get manually... The idea is to find outliers, by looking for data that don’t follow a pattern.”

In simpler terms, SAS provides data analysis software tools that spot patterns and anomalies, and recommend action to be taken. These can be used for a range of functions—tackling fraud, monitoring employee efficiency or progress of projects, and sounding an alert when they sniff suspicious activity.

SAS has customers in 146 countries and over 14,000 employees across the globe. Ninety-one of the top 100 companies on the 2015 Fortune 500 are SAS customers. In India, SAS has offices in Mumbai, Delhi, and Bengaluru, and an R&D centre in Pune.

SAS’s solutions are aimed at detecting and dealing with three kinds of frauds—those committed wilfully, those arising from non-compliance, and those resulting from abuse of power. Its flagship product is Fraud Framework, a suite of software for data tracking, analysis, and visualisation (which locates the points where data show deviations from patterns), and predictive analytics (to prevent irregularities). A client can either go for the full suite or a specific component to achieve a particular objective.

Fraud Framework has a three-pronged approach to analysing data. The first is cleaning and standardising, when incorrect or incomplete data are rectified, and the data is formatted for consistency, say, in units. This stage is important because data is usually incorrect or incomplete when people misreport or under-report it, often with ulterior motives.

Next, the data is rendered in a visual form to get a snapshot of the movement of variables, say, goods or cash flow. At this stage, ‘rules’ in the software come into play. Rules are instructions to tell the program what data to look for, how to sort them, and along what parameters to analyse them so that patterns emerge. Using rules, the program can perform tasks such as shortlisting people who might be involved in suspicious activity, say tax evasion. In the last stage, progress on achievement of targets is monitored and potential threats are highlighted.

Fraud Framework is highly customisable, and SAS’s team of consultants figure out how to tweak it to meet a client’s needs. But customisation also increases the time needed to implement a project because building rules and dashboards to monitor data involves different processes depending on the client. Fraud Framework projects have taken eight to 14 months to implement from concept to finish. In sectoral terms, the software can broadly be customised for three categories—BFSI (banking, financial services, and insurance), health care, and government agencies.

Regulators and government institutions comprise a big chunk of SAS’s client list. They use its products to prevent fraud, monitor performance, and keep a close watch on cash flows. In monitoring ongoing projects, its solutions are one step ahead of plain project management software in that they can alert users when, say, the pace of work slows or spending is not in tune with the budget.

A 2013 Forrester Research report called enterprise fraud management “a true power tool” and ranked Fraud Framework the highest by market presence and strength of offerings in the U.S. Besides the Philippines’ sales tax office, SAS has a host of clients, ranging from Allstate Insurance and HSBC in the U.S., to Brazilian insurer Seguros Unimed and Dutch insurer CZ.

According to infotech and market research company IDC, the global advanced and predictive analytics software market is estimated to grow from $2.2 billion (Rs 13,897 crore) in 2013 to $3.4 billion in 2018 at a CAGR of 9.9%.

Of this, enterprise fraud management is a small niche. However, the trends are promising. According to a 2014 report by TechNavio, the market was predicted to grow at a CAGR of 7.9% during 2013 to 2018. The demand for fraud management solutions has been growing since the 2009 meltdown, with SMEs driving much of it. TechNavio has also predicted that the CAGR for 2015 to 2019 would be nearly 24%.

Although data on India’s share in this market is not freely available, in a July 2014 report, Nasscom and Blueocean Market Intelligence said India in FY14 accounted for $954 million analytics software market (of which advanced and predictive analytics is a part), and is expected to grow to $2.3 billion by 2016. The report estimated that India’s market would grow at nearly double the global pace.

State governments comprise a prominent client base for SAS in India. The governments of Maharashtra, Tamil Nadu, and Chhattisgarh are using SAS solutions not only to detect irregularities, but also to fix loopholes in operations and identify those flouting rules.

The Chhattisgarh Infotech Promotion Society (CHiPS), the state’s nodal agency for IT implementation and e-governance projects, hired SAS to set up a dashboard that would use Fraud Framework to crunch data based on performance indicators drawn from various departments.

CHiPS CEO Saurabh Kumar says the Rs 3.5 crore project started off after a request from the chief minister’s office to find ways to monitor 54 departments from an iPad. Initially, the aim was to provide the chief minister with one-stop access to the latest data and corresponding information from previous months, along with comparable data from neighbouring states and at the national level. “We’ve stopped manual data entry. With a [digital] database and SAS [solutions] running on it, it’s easy to monitor data,” says Kumar.

The project, launched as part of the Modi government’s Digital India Week in July, covers the 10 biggest departments, which account for 90% of the state’s revenue. Citing the example of the Public Works Department, Kumar says, “We can now monitor key performance indicators of those working there, such as attendance, number of projects sanctioned, or the number of roads repaired.”

Kumar declines to share numbers to back the claim of increasing efficiency, but says the project is helping the government make departments aware of their deficiencies and find solutions. “When we were monitoring how the PWD was faring on its budget, we found that a lot of money was being spent on road repair. So, we sat down with the department to look into the issue,” he says.

The project can also help capture how the state will be placed in a few years. “For example, from the data on maternal mortality, we know by what percentage it has been falling in the past few years. By correlating it with other data points, we can predict how the state will fare in maternal health in a few years.”

In 2013, Maharashtra’s Directorate of Information Technology (DIT) set up a system based on the visual analytics component of Fraud Framework to weed out duplicate names from its list of families and individuals entitled to subsidies and social security claims. However, DIT principal secretary V.K. Gautam did not respond to e-mails requesting to participate in this story.

Sundar Iyer, SAS India’s director of sales for public, oil, and gas, lists all major taxation and regulatory authorities in India as its clients. “Our government clients use Fraud Framework to find out what is normal and what doesn’t fit a pattern,” he says. “The Central Board of Excise and Customs has been using our solutions for the past five years or so, primarily for policy analysis—to know how changes in policy will affect tax revenue.” Other clients include the Reserve Bank of India, the Securities and Exchange Board of India (SEBI), and the National Stock Exchange.

During an interaction with SAS, SEBI general manager Avneesh Pandey said the regulator chose SAS’s Business Analytics Platform (different from Fraud Framework) to “increase conviction” in fraud cases. “With SAS, we are able to mitigate market risk by preventing unscrupulous players who try to dupe investors by unfair trading.” SEBI did not respond to our e-mails.

Several Indian private sector organisations, across industries, also use SAS products. These include ICICI Bank, HDFC Bank, Axis Bank, Reliance Commercial Finance, Reliance Energy, Idea Cellular, and Maruti Suzuki. The application areas vary from building interactive reports and dashboards, cross-selling, managing credit risk, market risk, and operational risk), marketing automation, campaign management, and demand forecasting.

SAS also offers training courses on analytics at leading educations institutions such as IIM Bangalore, IIM Lucknow, Indian School of Business, and Narsee Monjee Institute of Management Studies.

A July 2015 report by IDC identified SAS and IBM, with 33.3% and 15.8% share, respectively, as the leaders in the advanced and predictive analytics software market. However, they didn’t grow as fast as their smaller rivals such as Dell-Statistica, Alteryx, and RapidMiner. SAS does not publish revenue data by geographies and declined to share revenue from Fraud Framework.

Sen identifies IBM’s i2 Threat and Counter Fraud as SAS’s competition in India. Saranga Rajan, country head of IBM’s i2 Threat and Counter Fraud, claims the software is the “only enterprise solution available that addresses various frauds in the financial space”.

India’s largest private sector bank ICICI is among IBM’s clients in India, besides government clients such as SEBI and the Financial Intelligence Unit-India, which collects and reports information on suspicious transactions to foreign financial intelligence units and law enforcement agencies. “IBM’s i2 Analyst Notebook and iBase are the most popular products in the government vertical and are widely used to solve crime,” Rajan said. Among those solving crime with IBM are the Bengaluru city police.

SAS may have homed in on a terrific opportunity to cash in on the expected growth of analytics in India. With the government encouraging efficient and transparent digital governance, there is a need for reliable data tools to pinpoint leaks, find their size, and ways to plug them. As a result, governments and public agencies could be lining up for more help on the “unknown unknowns”.

Follow us on Facebook, X, YouTube, Instagram and WhatsApp to never miss an update from Fortune India. To buy a copy, visit Amazon.