Abnormal Activity Monitoring Enhancements

Have comments about these projects?

We’d love to hear your feedback, use the Comments Section below

Enhance Abnormal Activity Monitoring Tools to Add Cross Channel Patterns

Building on the project below where we added velocity, out-of the-ordinary and idle activity transaction patterns to help detect fraud, PS#61981 adds cross channel patterns to the Abnormal Activity Monitoring toolkit.  This new type of monitoring looks at transactions from multiple activity channels occurring in sequence.  These new patterns will be able to be viewed along with other transaction patterns via Tool #537 “Monitor Abnormal Activity Transaction Patterns”.   The following cross channel patterns are added:

  • KITING – ATM deposits followed by teller withdrawal or check clearing
  • MONEY MULE – ACH deposits followed by teller or wire transfer withdrawal
  • CHECK WASHING – Large dollar check clearings close in sequence
  • CARD TAKEOVER – Credit or debit card withdrawal with card not present indicator

Status as of March 2024: PS#61981 is currently waiting for an available QC tester. No target date at this time.

Enhance Abnormal Activity Monitoring Tools to Detect Fraud Patterns

Look for specific patterns that signal fraud.  We added a new configuration to the existing Abnormal Activity Monitoring toolkit, allowing CUs to configure settings that watch transactions for certain patterns, such as:

  • Velocity – More than xx transactions, or a xxx% increase in transaction volume, over a specified # of days
  • Out-of-the-ordinary – Transactions of more than $xx.xx, or a xx% increase in total transaction amounts, over a specified # of days
  • Idle activity – Watch for a volume of transactions that occur after a period of xxx days of inactivity

The Abnormal Activity Monitoring Dashboard will analyze activity and provide a list of accounts that fit the pattern, allowing the CU to either add the member to one of the new Block Lists or take other appropriate action.  This dashboard approach will also allow CUs and our AuditLink experts to fine-tune the pattern configurations, in anticipation of future automated, interactive denial-of-service blocks.

Status: Implemented in the 21.05 release.

What’s Next?

Test against fraud patterns and stop incoming transactions before they post.  Build new routines to test activity against fraud pattern tests you’ve activated and automatically put accounts onto your block lists.

Status as of March 2024: Still in the early design phase but our focus for the prototype will likely be ACH transactions.

AuditLink Fraud Monitoring and Consulting Services

AuditLink experts can configure your CU*BASE Abnormal Activity Monitoring tools for FREE, or provide free consulting to credit unions who want to go it alone but need help getting started.  AuditLink also offers daily monitoring services to actually work the daily alerts this tool generates.  Visit the Store or contact AuditLink today!

View an excerpt from the 2021 Leadership Conference about a new AuditLink monitoring service


Chefs for these recipes:  AJ Schalk

Have thoughts or ideas about these changes? We’d love to hear your feedback. Use the Comment Section below.

March 1, 2024

Leave a Comment

* denotes required fields
  • (will not be published)

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

Check Out the New Recipes We’re Cooking in the Kitchen!

Check Out the New Recipes We’re Cooking in the Kitchen!

Have you visited the Kitchen lately?  If not, we invite you to take a look at a few of our latest projects: Account Aggregation Features for Online Banking Artificial Intelligence Strategies Debit Card Round-up Enhancements Unique Account Identifiers Vendor Interfaces We’re Working On Additionally, there have been significant updates to the following recipes: ANR/NSF Fees… Read more »

Dec 19, 2023