Rules that know your rails
Velocity rules, ML scoring, structuring and smurfing detection, and geographic anomaly monitoring — pre-tuned for ACH, card-linked, and peer-to-peer digital bank transaction patterns.
What transaction monitoring covers
Velocity Rules
Configure transaction count, amount, and frequency thresholds per time window. Separate rules for ACH, wire, card, and P2P rails.
Structuring / Smurfing Detection
Automatic aggregation of transactions below CTR thresholds ($10K) across multiple accounts and time windows to identify structuring patterns.
Geographic Anomaly Detection
Flag transactions involving high-risk jurisdictions, rapid location changes, or counterparties in FATF grey/black-listed countries.
ML-Augmented Scoring
Each transaction receives an ML risk score alongside rule-triggered alerts. Scores include plain-language rationale for examiner documentation.
Network / Counterparty Graph
Visualize transaction networks to identify layering patterns — rapid fund movement through chains of intermediary accounts.
Time-of-Day Pattern Rules
Flag transactions at unusual hours relative to account history. Particularly effective for detecting compromised account takeover scenarios.
What each rule type catches
| Rule Type | What It Catches | Typical BSA Risk Pattern |
|---|---|---|
| Velocity — Amount | Aggregated transaction value above threshold in rolling window | Layering, placement detection |
| Velocity — Count | Number of transactions exceeds threshold in rolling window | Structuring, smurfing |
| Structuring Pattern | Multiple transactions deliberately just below $10K CTR threshold | CTR avoidance (federal crime) |
| Geographic Jump | Counterparty in high-risk jurisdiction or FATF grey list | Cross-border illicit fund movement |
| Dormant Account Spike | Account inactive for 90+ days suddenly has high-volume activity | Account compromise / mule account |
| Round Amount Pattern | Disproportionate volume of exactly round-dollar transactions | Bulk cash structuring |
| Time-of-Day Anomaly | Transactions at unusual hours versus account's established pattern | Account takeover, unauthorized access |
Why ML-augmented beats ML-only
Rigid but explainable
- Easy to explain to examiners
- Predictable false-positive rate
- Misses novel patterns and behavioral drift
- Legacy vendors still run 95%+ FP rates
- Alert fatigue for compliance teams
Adaptive and explainable
- ML scores surface patterns rules miss
- Every ML alert includes plain-language rationale
- Rules provide examiner-defensible decision basis
- Combination reduces false positives by ~62%
- BSA officer can explain each decision
See transaction monitoring on your data
We'll run Riftbeacon's engine against a sample of your transaction history and show you your actual false-positive rate.