Node and Branch - Single External From Multiple Internal
Description
This test identifies accounts consolidating funds from multiple unique internal sources, potentially indicating fund aggregation or illicit activity. This analysis highlights patterns of unusual consolidation of funds into a single external account.
Use Cases
- Single External from Multiple Internal: Funds from multiple internal accounts flow into a single external account, potentially indicating illicit fund collection or preparation for market manipulation.
Required Data
Deposits Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the deposit (YYYY-MM-DD hh:mm:ss). |
user_id | User ID of the depositor. |
currency_type | Type of currency deposited (fiat or crypto). |
symbol | Asset symbol (BTC, ETH, USD, EUR, etc.). |
price_usd | Price of the asset in USD. |
amount | Amount deposited. |
to | Internal user account receiving the deposit. |
from | External wallet address or bank account initiating the deposit. |
Withdrawals Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the withdrawal (YYYY-MM-DD hh:mm:ss). |
user_id | User ID of the withdrawing user. |
currency_type | Type of currency withdrawn (fiat or crypto). |
symbol | Asset symbol (BTC, ETH, USD, EUR, etc.). |
price_usd | Price of the asset in USD. |
amount | Amount withdrawn. |
to | External wallet or bank account receiving the withdrawal. |
from | Internal user account initiating the withdrawal. |
Parameters
| Parameter | Description | Type | Default Value | Configurable |
|---|---|---|---|---|
analysis_minimum_branch_count_threshold | Minimum number of branch connections required between internal and external accounts. | Integer | 3 | Yes |
analysis_minimum_aggregate_dollar_threshold | Minimum total transaction amount to trigger an alert. | Float | 10000 | Yes |
whitelist_file | File path for the list of whitelisted wallets. | String | s3://BUCKET/whitelisted_wallets.csv | Yes |
analysis_window | Time window for analysis in hours. | Integer | 120 | Yes |
check_fiat | Whether to analyze fiat transactions. | Boolean | True | Yes |
check_crypto | Whether to analyze cryptocurrency transactions. | Boolean | True | Yes |
create_ticket | Flag to determine if tickets should be created for alerts. | Boolean | True | Yes |
Methodology
- Single External from Multiple Internal Identifies external accounts consolidating funds from multiple internal sources. Flags accounts that meet the required number of senders and exceed the transaction value threshold.