Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Topology-Agnostic Detection of Temporal Money Laundering Flows in Billion-Scale Transactions

Haseeb Tariq, Marwan Hassani

TL;DR

This work tackles cross-bank money laundering detection by modeling transaction traces as a topology-agnostic, temporal graph and enriching it with higher-order relationships. The FaSTM∀N framework constructs a scalable temporal graph of sequential transactions, derives a 2nd-order representation to quantify dependencies, and applies weighted graph clustering (Leiden) to reveal significant anomalous communities. It demonstrates superior scalability and detection coverage against FlowScope and DBJ* on a dataset exceeding $1\times 10^9$ transactions, aided by a distributed Spark/GraphFrames implementation and a carefully chosen time window $\Delta w$ to bound search space. The approach enables efficient, multi-hop money-flow analytics across multiple banks, with practical AML implications for large-scale, real-world transaction networks.

Abstract

Money launderers exploit the weaknesses in detection systems by purposefully placing their ill-gotten money into multiple accounts, at different banks. That money is then layered and moved around among mule accounts to obscure the origin and the flow of transactions. Consequently, the money is integrated into the financial system without raising suspicion. Path finding algorithms that aim at tracking suspicious flows of money usually struggle with scale and complexity. Existing community detection techniques also fail to properly capture the time-dependent relationships. This is particularly evident when performing analytics over massive transaction graphs. We propose a framework (called FaSTMAN), adapted for domain-specific constraints, to efficiently construct a temporal graph of sequential transactions. The framework includes a weighting method, using 2nd order graph representation, to quantify the significance of the edges. This method enables us to distribute complex queries on smaller and densely connected networks of flows. Finally, based on those queries, we can effectively identify networks of suspicious flows. We extensively evaluate the scalability and the effectiveness of our framework against two state-of-the-art solutions for detecting suspicious flows of transactions. For a dataset of over 1 Billion transactions from multiple large European banks, the results show a clear superiority of our framework both in efficiency and usefulness.

Topology-Agnostic Detection of Temporal Money Laundering Flows in Billion-Scale Transactions

TL;DR

This work tackles cross-bank money laundering detection by modeling transaction traces as a topology-agnostic, temporal graph and enriching it with higher-order relationships. The FaSTM∀N framework constructs a scalable temporal graph of sequential transactions, derives a 2nd-order representation to quantify dependencies, and applies weighted graph clustering (Leiden) to reveal significant anomalous communities. It demonstrates superior scalability and detection coverage against FlowScope and DBJ* on a dataset exceeding transactions, aided by a distributed Spark/GraphFrames implementation and a carefully chosen time window to bound search space. The approach enables efficient, multi-hop money-flow analytics across multiple banks, with practical AML implications for large-scale, real-world transaction networks.

Abstract

Money launderers exploit the weaknesses in detection systems by purposefully placing their ill-gotten money into multiple accounts, at different banks. That money is then layered and moved around among mule accounts to obscure the origin and the flow of transactions. Consequently, the money is integrated into the financial system without raising suspicion. Path finding algorithms that aim at tracking suspicious flows of money usually struggle with scale and complexity. Existing community detection techniques also fail to properly capture the time-dependent relationships. This is particularly evident when performing analytics over massive transaction graphs. We propose a framework (called FaSTMAN), adapted for domain-specific constraints, to efficiently construct a temporal graph of sequential transactions. The framework includes a weighting method, using 2nd order graph representation, to quantify the significance of the edges. This method enables us to distribute complex queries on smaller and densely connected networks of flows. Finally, based on those queries, we can effectively identify networks of suspicious flows. We extensively evaluate the scalability and the effectiveness of our framework against two state-of-the-art solutions for detecting suspicious flows of transactions. For a dataset of over 1 Billion transactions from multiple large European banks, the results show a clear superiority of our framework both in efficiency and usefulness.
Paper Structure (21 sections, 4 equations, 12 figures, 2 tables)

This paper contains 21 sections, 4 equations, 12 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Related Work
  3. Preliminaries
  4. Temporal and Higher Order Graphs
  5. Dataset
  6. The Method
  7. Temporal Graph Creation
  8. $2^{nd}$ Order Graph Creation
  9. Weight Calculation
  10. Community Detection
  11. Anomalous Communities Detection
  12. Experimental Evaluation
  13. Experimental Setting
  14. Pre-processing
  15. Functional Evaluation
  16. ...and 6 more sections

Figures (12)

  • Figure 1: Examples of different levels of money trails. A circle represents a node or a bank account. The colors of the nodes represent the different banks the accounts are held in. The dotted orange outline on a node represents a dispense account; the dotted red outline a sink account. A directed arrow represents an edge or a transaction from a source to a destination node. The broken red arrow in (a) highlights that the trail is invisible to the green bank.
  • Figure 2: Temporal path traversal
  • Figure 3: From first to second order representation
  • Figure 4: End-to-end architecture diagram of the FaSTM$\forall$N framework. The grey dashed box is not an integral part of the framework.
  • Figure 5: Temporal graph for the example dataset
  • ...and 7 more figures

Theorems & Definitions (2)

  • definition 1: Temporal Graph of Sequential Transactions
  • definition 2: Co-occurrence Weight