Node and Branch - Single Internal From Multiple External
Description
This test detects accounts aggregating funds from multiple unique external sources, potentially indicating fund aggregation or money laundering. This analysis highlights patterns of unusual consolidation of funds into a single internal account.
Use Cases
- Single Internal from Multiple External: A central account consolidates funds from multiple sources, possibly indicating money-laundering activity or preparation for a large-scale transaction.
Required Data
Deposits Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the deposit (YYYY-MM-DD hh:mm:ss). |
user_id | User ID of the depositor. |
currency_type | Type of currency deposited (fiat or crypto). |
symbol | Asset symbol (BTC, ETH, USD, EUR, etc.). |
price_usd | Price of the asset in USD. |
amount | Amount deposited. |
to | Internal user account receiving the deposit. |
from | External wallet address or bank account initiating the deposit. |
Withdrawals Data
| Variable | Description |
|---|---|
timestamp | Timestamp of the withdrawal (YYYY-MM-DD hh:mm:ss). |
user_id | User ID of the withdrawing user. |
currency_type | Type of currency withdrawn (fiat or crypto). |
symbol | Asset symbol (BTC, ETH, USD, EUR, etc.). |
price_usd | Price of the asset in USD. |
amount | Amount withdrawn. |
to | External wallet or bank account receiving the withdrawal. |
from | Internal user account initiating the withdrawal. |
Parameters
| Parameter | Description | Type | Default Value | Configurable |
|---|---|---|---|---|
analysis_minimum_branch_count_threshold | Minimum number of branch connections required between internal and external accounts. | Integer | 3 | Yes |
analysis_minimum_aggregate_dollar_threshold | Minimum total transaction amount to trigger an alert. | Float | 10000 | Yes |
whitelist_file | File path for the list of whitelisted wallets. | String | s3://BUCKET/whitelisted_wallets.csv | Yes |
analysis_window | Time window for analysis in hours. | Integer | 120 | Yes |
check_fiat | Whether to analyze fiat transactions. | Boolean | True | Yes |
check_crypto | Whether to analyze cryptocurrency transactions. | Boolean | True | Yes |
create_ticket | Flag to determine if tickets should be created for alerts. | Boolean | True | Yes |
Methodology
- Single Internal from Multiple External Identifies internal accounts aggregating funds from multiple unique external sources. Flags accounts receiving funds from a minimum number of sources and exceeding a predefined threshold.