Node and Branch - Single External To Multiple Internal
Description
This test identifies accounts distributing funds to multiple unique internal accounts, potentially to bypass capital control thresholds or coordinate manipulation. This analysis detects patterns of fund dispersion that could indicate suspicious activity.
Use Cases
- Single External to Multiple Internal: A single external account disperses funds to multiple internal accounts to bypass capital control thresholds.
Required Data
Deposits Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the deposit (YYYY-MM-DD hh:mm:ss). |
user_id | User ID of the depositor. |
currency_type | Type of currency deposited (fiat or crypto). |
symbol | Asset symbol (BTC, ETH, USD, EUR, etc.). |
price_usd | Price of the asset in USD. |
amount | Amount deposited. |
to | Internal user account receiving the deposit. |
from | External wallet address or bank account initiating the deposit. |
Withdrawals Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the withdrawal (YYYY-MM-DD hh:mm:ss). |
user_id | User ID of the withdrawing user. |
currency_type | Type of currency withdrawn (fiat or crypto). |
symbol | Asset symbol (BTC, ETH, USD, EUR, etc.). |
price_usd | Price of the asset in USD. |
amount | Amount withdrawn. |
to | External wallet or bank account receiving the withdrawal. |
from | Internal user account initiating the withdrawal. |
Parameters
| Parameter | Description | Type | Default Value | Configurable |
|---|---|---|---|---|
analysis_minimum_branch_count_threshold | Minimum number of branch connections required between internal and external accounts. | Integer | 3 | Yes |
analysis_minimum_aggregate_dollar_threshold | Minimum total transaction amount to trigger an alert. | Float | 10000 | Yes |
whitelist_file | File path for the list of whitelisted wallets. | String | s3://BUCKET/whitelisted_wallets.csv | Yes |
analysis_window | Time window for analysis in hours. | Integer | 120 | Yes |
check_fiat | Whether to analyze fiat transactions. | Boolean | True | Yes |
check_crypto | Whether to analyze cryptocurrency transactions. | Boolean | True | Yes |
create_ticket | Flag to determine if tickets should be created for alerts. | Boolean | True | Yes |
Methodology
- Single External to Multiple Internal Monitors external accounts distributing funds to multiple internal accounts. Flags accounts meeting the minimum unique recipient count and exceeding the threshold.