Anomaly Detection

Dormant Activity

Generate an alert if a user or institution suddenly revitalizes an account after a long period of dormancy.

Best for:

• Profile deviation
• Activity after a period of inactivity

General Example:

For example, an entity might be suspicious if it transacts $100,000 after being inactive for 60 days.

How It Works:

Complete the logic by selecting from the available dropdown items.

Historical Deviations A

Generate an alert if the transaction amount falls outside of the expected distribution (based on average transaction amounts).

Best for:

• Behavior deviation
• Transaction volume / amount significantly deviates from their past average transactions

General Example:

For example, an entity might be suspicious if it transacts 25% more in the last 30 days compared to its yearly average.

How It Works:

Complete the logic by selecting from the available dropdown items.

Historical Deviations B

Generate an alert if a user or business's transaction total amount differs by a specific amount.

Best for:

• Behavior deviation
• Delta from a specific period

General Example:

For example, an entity might be suspicious if it transacts $100,000 in the last 7 days whereas it transacted only $10,000 in the last 14 days.

How It Works:

Complete the logic by selecting from the available dropdown items.

Newly Seen

Generate an alert if a user or business's has a suspicious number of new actions or transactional information compared to the usual.

Best for:

• New behavior
• New actions and transactions never before seen

General Example:

For example, an entity might be suspicious if it typically transacts in 5 countries (France, Spain, Portugal, Greece and Italy) and suddenly transacts with 4 new (and never before seen) countries (Iran, Iraq, Lebanon and Jordan).

How It Works:

Complete the logic by selecting from the available dropdown items.