Outlier Detection - Withdrawals - Own - Dollar Value
Description
This test identifies anomalous transactions by comparing recent withdrawal values against a user's own historical patterns. It calculates user-specific statistics, including mean and standard deviation of transaction dollar values, and flags outliers that significantly exceed certain thresholds. Transactions are analyzed in the context of a user's own historical behavior for a given symbol.
Use Cases
-
Fraud Detection: Identify users engaging in potentially fraudulent activities, such as sudden and uncharacteristically large withdrawals, which deviate significantly from their historical transaction behavior or the average activity for a specific symbol.
-
Risk Management: Flag anomalous transactions that may indicate operational risks, such as incorrect transaction processing, system errors, or misuse of accounts, enabling financial institutions to mitigate risks proactively.
-
Anti-Money Laundering (AML) Monitoring: Detect unusually large transactions that could indicate money laundering activities.
Required Data
Withdrawals Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the withdrawal made (YYYY-MM-DD hh:mm:ss). |
user_id | User ID to identify the individual user. |
currency_type | The currency type of withdrawal being made; fiat or crypto. |
symbol | The asset symbol; e.g., BTC, ETH, USD, EUR. |
price_usd | The price of the symbol in USD. |
amount | The amount of the symbol being withdrawn. |
Parameters
| Parameter | Description | Type | Default Value | Configurable |
|---|---|---|---|---|
analysis_window | Overall duration (days) for analysis. | Integer | 1 (days) | Yes |
historical_window | Number of days to consider for historical data. | Integer | 90 (days) | Yes |
historical_minimum_number_transactions | Minimum number of historical transactions per user required. | Integer | 5 | Yes |
analysis_minimum_aggregate_dollar_threshold | Minimum aggregate dollar value of transactions per user in analysis period. | Float | 500 | Yes |
historical_minimum_number_days | Minimum number of unique active days required. | Integer | 2 | Yes |
create_ticket | Flag to determine if tickets should be created. | Boolean | True | Yes |
compare_own_history | Test for outlier activity by comparing user’s own historical behavior. | Boolean | True | Yes |
compare_others_history | Test for outlier activity by comparing transactions to other users. | Boolean | True | Yes |
Methodology
-
Compute Historical Statistics For each user and symbol, calculate the historical mean and standard deviation of transaction dollar values. Additionally, compute aggregate symbol-wide statistics, including the mean of historical averages and the median of standard deviations for each symbol.
-
User-Specific Outlier Detection Compare a user’s transactions during the analysis window against their historical behavior. Transactions are flagged as outliers if their aggregate dollar value exceeds the user’s average by a defined threshold (e.g., mean + 4 standard deviations).
-
Categorization and Reporting Flagged transactions are classified as user-specific anomalies. These are then prepared for reporting, either as CSV exports or tickets for further investigation.