Financial institutions have a regulatory requirement to monitor account activity for anti-money laundering (AML). Regulators take the monitoring and reporting requirements very seriously as evidenced by a recent set of FinCEN fines.
One challenge with AML is that it rarely manifests as the activity of a single person, business, account, or a transaction. Therefore detection requires behavioral pattern analysis of transactions occurring over time and involving a set of (not obviously) related real-world entities.
For large transactions, banks file Currency Transaction Reports (CTR) that are used by FinCEN for processing and analysis. However financial institutions have to also monitor for “structuring” or “smurfing” which are multiple (usually smaller) related deposits designed to avoid the currency reporting requirements.
Network modeling is a powerful approach to AML analysis (Möser). Each account and real-world entity is set up as a node of a graph and transactions constitute the edges. Edges can have weights. Edge weights typically reflect the volume or the monetary value of transactions flowing between nodes.
Once a graph structure has been created, analysis can reveal the relationships between the nodes including:
- closeness / betweenness centrality – identify how important nodes are within a graph
- connected components – indication of subgraph relationships
- community detection – detection of subgraphs where a set of nodes is densely connected internally and sparsely connected externally.
- pagerank – a measure of a node is estimated through transference of that measure from other connected nodes.