bottom

Transaction Screening Testing

As part of their Anti Money Laundering policies, financial organizations have to check  their transactions  are not related to blacklisted parties. Watch lists are published by national regulatory organizations such as the OFAC for the US, but it can be also some internal lists.

Transaction Screening is achieved by comparing the content of transactions with the various applicable watch lists. Each time a match is found between one or more parties in a transaction and the content of a watch list that transaction should be remove from the automated processing stream.

Our solution : a financial transactions generator

GEDIS Studio generates financial transactions for testing your screening / filtering solutions. The generators produce financial transactions for various types of message (SWIFT, SEPA,...) with either regular identities or black listed identities, the later with some customizable mutations. Relying on this, you can build your test campaigns like a complete coverage of your watch list against various type of mutations or performance testing with various ratio of fraudulent messages.

The transactions generator is self-contained and available on line. You don't need any personal or sensitive data from your information system to generate millions of transactions. It is multi formats, multi languages, with actual bank codes, branch codes etc.

This e-mail address is being protected from spambots. You need JavaScript enabled to view it for a free access or demo of this solution.

Addressed issues

A major difficulty in the design of screening solutions is to detect more or less mutations in the labels of the blacklisted party. For example, it can be some typo (adjacent characters swap, case change, insertion or removal of title such as Dr. etc.). Then a bad guy listed as "Mr. Bad Guy" may appear in a transaction as "bad Guy" or "Guy Bad" or even "Bad buddy Guy" etc.

Like for any other fraud prevention solution, another issue is the ability of the detection system not to produce false positive match. That is not to flag a legitimate parties and their transactions as fraudsters.

Another issue we address in our solution is the ability to produce large amount of messages in a very short period of time. This is because screening system have to process transactions in real time and testing their ablity to do so requires performance.

Transactions Generator for Screening / Filtering Systems

This data generation project aims at producing transactions to help editors to design the best screening detection algorithms and to allow clients of those systems to benchmark their own configuration.

The overall generation process is explained in the figure below. User input files of the generation process are the watch list and mutation type. There are also other parameters application for each new run that are :

  • The ISO country code of the identities to be included in authorized transaction
  • The ratio of authorized message vs to be filtered messages
  • The ratio of mutated vs not mutated black listed party

Screening Process

To achieve this goals we have designed a financial transactions generator based on :

  • various types of input data including fake but realistic identity from various countries, blacklist such as OFAC and even your own private database of customer

  • a configurable mutation engine performing a dozen of mutation over identities

  • a transaction formatter for SWIFT and SEPA messages that can be adapted to your own custom formats

Mutations

Our generator provides multiple types of string mutation that can be applied to values selected from the watch list the user has choose. In the table below we present some of those mutations and possible combinations of mutation over a sample string.

Screening Mutations

WordJumbler

For example, when we configure "Swap/1 & Change/[a-z],012345" we mean to apply two mutations, first one is to swap a randomly selected consecutive characters (/1 means distance of 1 for the swap) and then change any letter matching regular expression  [a-z] with a character randomly selected into the list 12345. To implement that, we relied on the dedicated transformation rule of GEDIS Studio : the word jumbler.

Report Generator

To ease the testing and decision making, the generator also provides reports with detail descriptions of each message with :

  • Unique ID of the message
  • Should the message be detected as a positive match ?
  • Should the ordered be detected as a blacklisted ?
  • If ordered is black listed, what are the mutations applied (first name and last name)?
  • Should the beneficiary be detected as a blacklisted ?
  • If beneficiary is black listed, what are the mutations applied (first name and last name)?

Sample report :

Report