In this final blog in our series, we look at how graph data visualizations help uncover money laundering and dig into Neo4j performance under heavy AML workloads with tens of millions of transactions per day.
Graph Data Visualizations
Neo4j allows for money queries to be viewed in various ways. Output can feed downstream applications or be displayed directly to users:
- Executives often want interactive dashboards with graphic visualizations and green, yellow and red scoring of key performance indicators
- Analysts prefer to explore context behind dashboard results without writing code and using IT-developed queries in playbooks
- Data Scientists & Power Users may write their own ad hoc queries or graph algorithms or to use the results of graph algorithms to segment data and identify central entities
Dashboards and APIs
Neo4j has a Business Intelligence (BI) Connector that connects to Neo4j Graph Database from business intelligence tools such as Tableau.
Developers build dashboards using the GRANDstack (GraphQL, React, Apollo, Neo4j Database). The React dashboard pictured below is built atop the GraphQL API.
Shared attributes can indicate that entities are the same. These kinds of patterns are useful in both ER and flagging processes. The Neo4j Bloom visualizations below show account holders who share attributes – such as a tax number, address and phone number – with other account holders. The intensity of the shade of red increases as suspiciousness increases.
Circular Payments: Placement, Layering, Integration
One common money laundering technique is to use circular payments to exchange dirty money for laundered assets. The Bloom graph visualizations below depict circular payments. This is a mono-partite graph of scored account holders. Red nodes are high-risk, tan nodes are medium-risk and yellow nodes are low-risk.
Once an entity reaches a threshold of risk that strongly indicates suspicious behavior, a subsequent set of templated queries look for high-risk entities associated with a party.
A common money laundering behavior is to transfer funds to cohort entities for pass-through transactions. These transactions are often layered several levels deep. A templated query result worth exploring could lead to discovery of a payment chain.
The Neo4j Bloom graph visualization below depicts a payment chain starting from a suspicious entity on the upper left. The ER scores for individuals, corporations or financial institutions who might be the same (based on ER process scores) are depicted in dark blue clusters. The process flagged multiple accounts in dark green for investigation of connections to the original, suspicious cluster that appears at the upper left.
Data Sources & Input API
A Neo4j anti-money laundering solution ingests data from multiple sources.
The ingestion pipeline is model-driven, automated and flexible enough to stay ahead of the fast-changing techniques used by money launderers. The Neo4j AML Framework processes billions of transactions per day in near real time and can be extended to address all GRC functions beyond AML.
Hop provides a flexible API to handle constantly-changing data sources and money queries. It has plugins to read SWIFT, ACH, wire transfers and other transaction formats, and it can also utilize Java libraries for that purpose.
Hop’s automated, model-driven approach makes it ideal for automating ingestion pipelines, processing more than a million rows per second. It consolidates from multiple data sources, parses and extracts entities, validates, enriches and normalizes data. Hop also connects to native sources directly and maps data formats to the Neo4j graph data model API.
Solution Framework Performance Testing
Neo4j is performant, trusted, available, secure, agile and extensible, and it scales linearly to hundreds of billions of ingested records while still returning complex pattern-match results in milliseconds. The Neo4j AML Framework easily meets service level agreements for tens of millions of inserts per day.
The Neo4j AML Framework is an extensible framework with customizable plug-and-play components. AML staff can customize and extend the base framework with:
- Money queries
- Custom graph data models
- Internal and third-party data sources and streams
- Ingestion APIs
- Output APIs
The largest AML workloads process tens of millions of transactions and party inserts per day. Meanwhile dozens – or hundreds – of analysts and other GRC staff analyze entities and transactions. They typically require sub-200 millisecond query response time on 99% of all queries by dozens or hundreds of active concurrent users while simultaneously processing thousands of write transactions per second.
The Next Stage of the AML Battle
Winning the battle against money laundering requires a technology that better harvests information from transactions – and other sources – and better detects suspicious activity in real time and at scale. This has been challenging because companies process billions of transactions per day involving tens of millions of parties.
The first step in improving detection is to harvest the information from transactions by connecting it to already-known information. The next step is applying algorithms that leverage relationships to pattern match and score relationships and behaviors that connect a network of people, places, corporations, financial institutions, merchants, transactions and events.
By leveraging Neo4j to connect data, compliance teams can:
- Better comply with AML requirements and make more accurate predictions, thereby saving money on fines and detecting real money laundering more accurately
- Reduce costs associated with fines and with investigating false positives and false negatives
- Increase sales by improving brand-value reputation
- Better comply with other global risk and compliance (GRC) requirements
- Meet the most stringent AML requirements for performance, availability, security and agility at extreme scale
Get My Solution Guide