Outlier Detection - Withdrawals - Others - Transaction Frequency
Description
This test identifies anomalous transactions by comparing recent withdrawal transaction frequency against historical patterns. It calculates user-specific and symbol-specific statistics, including mean and standard deviation of transaction frequencies, and flags outliers that significantly exceed certain thresholds. Transactions are analyzed in the context of the aggregate behavior of others for a given symbol.
Use Cases
-
Fraud Prevention: Detect users with abnormally high frequency of withdrawal activity, which may signal account compromise, automated bots, or unauthorized use of accounts.
-
Operational Oversight: Identify anomalies in transaction frequency that could indicate potential system issues, such as duplicate processing or unusual patterns caused by technical errors.
-
Regulatory Compliance: Monitor transaction frequencies for activities that may violate anti-money laundering (AML) regulations or other financial guidelines.
Required Data
Withdrawals Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the withdrawal made (YYYY-MM-DD hh:mm:ss). |
user_id | User ID to identify the individual user. |
currency_type | The currency type of withdrawal being made; fiat or crypto. |
symbol | The asset symbol; e.g., BTC, ETH, USD, EUR. |
price_usd | The price of the symbol in USD. |
amount | The amount of the symbol being withdrawn. |
Parameters
| Parameter | Description | Type | Default Value | Configurable |
|---|---|---|---|---|
analysis_window | Overall duration (days) for analysis. | Integer | 1 (days) | Yes |
historical_window | Number of days to consider for historical data. | Integer | 90 (days) | Yes |
historical_minimum_number_transactions | Minimum number of historical transactions per user required. | Integer | 5 | Yes |
analysis_minimum_aggregate_dollar_threshold | Minimum aggregate dollar value of transactions per user in analysis period. | Float | 500 | Yes |
analysis_minimum_transaction_count_threshold | Minimum transaction count per user in analysis period to be considered. | Integer | 3 | Yes |
historical_minimum_number_days | Minimum number of unique active days required. | Integer | 2 | Yes |
create_ticket | Flag to determine if tickets should be created. | Boolean | True | Yes |
compare_own_history | Test for outlier activity by comparing user’s own historical behavior. | Boolean | True | Yes |
compare_others_history | Test for outlier activity by comparing transactions to other users. | Boolean | True | Yes |
Methodology
-
Compute Historical Statistics For each user and symbol, calculate the historical mean and standard deviation of transaction frequency. Additionally, compute aggregate symbol-wide statistics, including the mean of historical averages and the median of standard deviations for each symbol.
-
Symbol-Wide Outlier Detection Compare a user’s transactions against the historical behavior of others for the same symbol. Transactions are flagged if their value deviates significantly from the symbol-wide mean plus a defined threshold.
-
Categorization and Reporting Flagged transactions are classified as symbol-wide anomalies. These are then prepared for reporting, either as CSV exports or tickets for further investigation.