According to the Global Anti-Scam Alliance’s 2024 Global State of Scams Report (source: GASA), scams and fraud have caused over $1 trillion in global financial losses in the past year alone. Furthermore, the annual financial losses from these crimes have continued to rise year over year.
Businesses face significant challenges in combating this threat, as they often operate with limited financial resources and personnel dedicated to fraud prevention. Compounding the issue, regulators worldwide are imposing increasingly strict compliance requirements. Companies must implement these procedures to avoid fines, legal consequences, and reputational damage.
The rapid advancement of artificial intelligence (AI) adds complexity to this landscape. While AI equips fraudsters with sophisticated tools—such as bypassing voice recognition systems—it also empowers organizations to detect and mitigate fraudulent activity more effectively. Success in this evolving environment hinges on strategically combining AI-driven solutions with human expertise and adopting agile methodologies to adapt to emerging threats.
Many businesses still depend on traditional fraud detection systems, which include tools like rules engines, cluster detection, graph analysis, and client self-reporting. However, these methods face significant limitations:
Rules Engines:
They are inflexible and struggle to model complex, variable fraud patterns.
They also generate excessive alerts. This leads to so-called 'alert fatigue'. This means that analysts are overwhelmed by a large number of alerts and missing the most of potential fraud cases.
Cluster Detection Tools:
They are effective for identifying groups of similar fraud incidents during investigation.
They lack real-time capabilities and cannot detect evolving fraud patterns or account for time-based sequences.
Graph Analysis:
It requires graph database experts to interpret knowledge graph’s content.
It often relies on stale data in the KG and requires complex queries. This makes real-time alerts impractical.
It is valuable for investigating anomalies but it is resource-intensive and costly due to its dependence on specialized personnel.
Self-Reporting by Clients:
Is often delayed or incomplete. This reduces its reliability as a primary detection method.
Additionally, businesses struggle to fully leverage data resources for fraud detection due to:
Legacy systems that are difficult to integrate.
Also due to slow and expensive development cycles for fraud detection applications.
Another reason is poor data quality from upstream systems that limit actionable insights.
Effective fraud detection in cases like account takeover fraud or social engineering requires not just the latest data but a complete historical record and consistent timeline of changes. For example, CRM systems must track not only a client’s current phone number, address, and email but also the full history of these changes over time.
Key Upstream Data Sources Include:
CRM data
Client communication transcripts
Website/app clickstream data and mobile app logs
Network event records
Client device details
Behavioral patterns
| Data Source | Description |
| CRM | It includes changes of addresses, phone numbers and email addresses. Also communication of the clients via email and messaging. The other important source of information is transcription of phone calls. |
| ClickStream mobile and web | Is a detailed log of how clients navigate through the web site. It includes the pages they visited, time spent on each page and how they arrived on the page. |
| Network and client device events | include information about client’s devices such as hardware and software configuration, IP addresses and network configuration, time zones, network activity patterns of clients and device registration process. |
| Products & Services | For financial institutions it is selling and buying products and valuation of a client's portfolio. It also includes changes in any settings and preferences related to products or services. We also have here Bank mandate information - this is a client's bank account associated with his or her account. |
| Behavior Data | Behaviour data is collected from web and mobile applications. It includes mouse movements, touch information and keyboard events. |
Historical Data Integration:
The KG must ingest both historical data (e.g., a client’s entire change history) and real-time updates from upstream systems.
Every event must include a timestamp to enable replaying past events. This is vital for detecting suspicious patterns, such as a client suddenly changing their mobile device, postal address, and attempting to transfer funds to a newly registered bank account.
Data Consistency Management:
The KG must reconcile inconsistencies in upstream data (e.g., conflicting device IDs or timestamps), which are common in dynamic environments where legacy systems are updated or new systems are integrated.
Time discrepancies are resolved by "replaying" historical updates to reconstruct accurate timelines.
Real-Time Synchronization:
Continuous integration with upstream systems ensures the KG reflects the most current and contextually rich data for fraud analysis.
It enables subject-matter experts (potentially with no coding or graph DB expertise) to design and maintain graph queries using plain language.
It automatically translates requirements into precise queries, handling schema and relationship complexities.
It uses natural language to define reusable validation patterns such as “Find customer ID based on context in the security note”.
Human-AI Collaboration is achieved by generating explainable graph patterns from historical fraud cases and behavioral anomalies. It also streamlines investigations with compiled suspected fraud evidence.
It adapts to client-specific norms. This means it must distinguish anomalies from typical behavior.
Production system safety is assured by running and testing all queries on mirrored pre-production environment. Only tested and approved queries are deployed to production.
Deployed production queries can run periodically to detect suspicious activity in real time. They also generate prioritized alerts, gather evidence and support investigations.
Data quality control queries that monitor and correct upstream data issues. For example missing CRM entries or delayed upstream data. They create placeholder nodes such as customer or invoice and update them once data is received.
Canonicalization queries standardize naming and structure conventions across the KG.
Ad-Hoc investigations queries identify fraud patterns, inconsistencies or suspicious cases.
Data preprocessing queries convert raw data into fraud detection-ready formats.
Alert generating queries trigger alerts when predefined fraud conditions are met.
4.Technical and security advantages are achieved by using cost-effective self hosted LLM.
Update your browser to view this website correctly.
