Cookbook: Detecting Financial Fraud Rings
A complete walkthrough from raw transactions to fraud ring detection.
This cookbook demonstrates how to detect coordinated fraud - accounts created together that immediately transact with each other - using temporal graph analysis. We'll use synthetic transaction data that mirrors real-world financial crime patterns.
The Challenge
Financial fraud often involves coordinated account creation: bad actors create multiple accounts within a short time window, then use them to move money in layered transactions. Traditional rule-based systems struggle because:
- Individual transactions look legitimate
- Static graph analysis misses the temporal coordination
- The patterns only emerge when you consider time + structure together
What we'll detect:
- Accounts created within the same hour
- That immediately transact with each other
- With suspicious flow patterns (rapid layering, circular flows)
The Data Model
Step 1: Load the Dataset
We'll use a synthetic dataset representing 30 days of banking transactions. In production, this would come from your data warehouse.
Output:
Step 2: Build the Temporal Graph
Convert the DataFrame into a Raphtory temporal graph. Each edge carries the transaction timestamp - this is what enables temporal analysis.
Output:
Step 3: Identify Coordinated Account Creation
Fraud rings often involve accounts created within a tight time window. We look for nodes that "appear" in the graph at similar times.
Output:
Why time windows matter: Legitimate accounts are created throughout the day. Fraud rings create accounts in bursts - often within the same session or scripted process.
Step 4: Analyze Internal Connectivity
Coordination alone isn't fraud. We need to check if these accounts immediately transact with each other - a key indicator of layering.
Output:
Step 5: Trace Money Flow with Temporal Reachability
Once we identify a suspicious source, we trace where the money goes - respecting time order. Money can't flow backward.
Step 6: Generate Investigation Report
Compile findings into an actionable format for investigators.
Output:
Summary
This cookbook demonstrated a complete fraud ring detection pipeline:
| Step | What We Did |
|---|---|
| 1. Load Data | Ingested transactions from pandas DataFrame |
| 2. Build Graph | Created temporal graph preserving transaction times |
| 3. Find Coordination | Identified accounts created in tight time windows |
| 4. Analyze Connectivity | Measured internal transaction density and speed |
| 5. Trace Flow | Followed money movement respecting temporal order |
| 6. Generate Report | Compiled findings into investigation-ready format |
Key temporal insights that static analysis misses:
- Time-ordered flow: Money can't move backward in time
- Creation coordination: Fraud rings create accounts in bursts
- Rapid activation: Legitimate accounts don't transact immediately at high volume
Next Steps
- Temporal Algorithms Reference – More temporal analysis tools
- AI/ML Engineer Tutorial – Add LLM-powered narrative generation
- Production Deployment – Run this at scale