PreprintPDF Available

Towards Federated Graph Learning for Collaborative Financial Crimes Detection

Preprints and early-stage research may not have been peer reviewed yet.

Abstract and Figures

Financial crime is a large and growing problem, in some way touching almost every financial institution. Financial institutions are the front line in the war against financial crime and accordingly, must devote substantial human and technology resources to this effort. Current processes to detect financial misconduct have limitations in their ability to effectively differentiate between malicious behavior and ordinary financial activity. These limitations tend to result in gross over-reporting of suspicious activity that necessitate time-intensive and costly manual review. Advances in technology used in this domain, including machine learning based approaches, can improve upon the effectiveness of financial institutions' existing processes, however, a key challenge that most financial institutions continue to face is that they address financial crimes in isolation without any insight from other firms. Where financial institutions address financial crimes through the lens of their own firm, perpetrators may devise sophisticated strategies that may span across institutions and geographies. Financial institutions continue to work relentlessly to advance their capabilities, forming partnerships across institutions to share insights, patterns and capabilities. These public-private partnerships are subject to stringent regulatory and data privacy requirements, thereby making it difficult to rely on traditional technology solutions. In this paper, we propose a methodology to share key information across institutions by using a federated graph learning platform that enables us to build more accurate machine learning models by leveraging federated learning and also graph learning approaches. We demonstrated that our federated model outperforms local model by 20% with the UK FCA TechSprint data set. This new platform opens up a door to efficiently detecting global money laundering activity.
Content may be subject to copyright.
Towards Federated Graph Learning for Collaborative
Financial Crimes Detection
Toyotaro Suzumura
, Yi Zhou
, Nathalie Baracaldo
, Guangann Ye
, Keith Houck
, Ryo Kawahara
Ali Anwar
, Lucia Larise Stavarache
, Yuji Watanabe
, Pablo Loyola
, Daniel Klyashtorny
, Heiko
Ludwig2, and Kumar Bhaskaran1
1IBM T.J. Watson Research Center
2IBM Research Almaden
3IBM Research Tokyo
4IBM Global Business Services
Financial crime (e.g., fraud, theft, money laundering) is a large and growing prob-
lem, in some way touching almost every financial institution, as well as many
individuals, and in some cases, entire societies. Financial institutions are the front
line in the war against financial crime and accordingly, must devote substantial
human and technology resources to this effort. Current processes to detect financial
misconduct (including the technologies used) have limitations in their ability to
effectively differentiate between malicious behavior and ordinary financial activ-
ity. These limitations tend to result in gross over-reporting of suspicious activity
(typically manifested as "alerts") that necessitate time-intensive and costly manual
review. Advances in technology used in this domain, including machine learning
based approaches, can improve upon the effectiveness of financial institutions’
existing processes, however, a key challenge that most financial institutions con-
tinue to face is that they address financial crimes in isolation without any insight
from other firms. Where financial institutions address financial crimes through the
lens of their own firm, perpetrators may devise sophisticated strategies that may
span across institutions and geographies. Financial institutions continue to work
relentlessly to advance their capabilities, forming partnerships across institutions
(including governmental bodies) to share insights, patterns and capabilities. These
public-private partnerships are subject to stringent regulatory and data privacy
requirements, thereby making it difficult to rely on traditional technology solutions.
In this paper, we propose a methodology to share key information across institu-
tions by using a federated graph learning platform that enables us to build more
accurate machine learning models by leveraging federated learning and also graph
learning approaches. We demonstrated that our federated model outperforms local
model by 20% with the UK FCA TechSprint data set. This new platform opens up
a door to efficiently detecting global money laundering activity.
1 Introduction
1.1 Financial Crimes
Financial crime [Chen et al., 2018] [Han et al., 2018] [Jamshidi et al., 2019] [Alexandre, 2018]
[Savage et al., 2016] [Colladon and Remondi, 2017]
NeurIPS 2019 Workshop on Robust AI in Financial Services: Data, Fairness, Explainability, Trustworthiness,
and Privacy (Robust AI in FS 2019), Vancouveréal, Canada. This is a non-archival publication - the authors may
submit revisions and extensions of this paper to other publication venues.
arXiv:1909.12946v2 [cs.CY] 2 Oct 2019
is a broad and growing class of criminal activity involving the misuse, misappropriation, or misrep-
resentation of entities with monetary value. Common subclasses of financial crime include theft,
fraud, and money laundering (i.e., obscuring the true origin of monetary entities to evade regula-
tions or avoid taxes). The monetary value of such crimes can range from tens of dollars to tens of
billions of dollars, however, the overall negative consequences of such crimes extend far beyond
their monetary value. In fact, the consequences may even be societal in scope, such as in cases of
terrorist financing or large-scale frauds that topple major institutions and governments (e.g., mortgage
crisis, 1MDB scandal). In response, financial institutions spend substantial resources to develop
compliance programs and infrastructures in order to combat financial crime. Managing financial
crime risk presents challenges due to the scale of the effort (large banks may have upwards of 100M
customers or more, which together generate billions of transactions that must be screened) and
availability of data (when transactions cross bank or country boundaries, little may be known about
the remote counterparty). Current technology employed to assist with these processes focuses on the
identification of anomalies and/or known patterns malfeasance, but usually also generates a large
number of false positive alerts in the process. These alerts then require further (often manual) review
to parse out suspicious behavior from valid financial activity that is inadvertently picked up by the
models (referred to as "false positives").
1.2 Combating Financial Crimes with Machine Learning and Graph Learning
Recently, financial institutions have been exploring the use of machine learning techniques to augment
existing transaction monitoring capabilities. Machine learning techniques offer a promising capability
to identify suspicious activity from an incoming stream of transactions, as well as to filter the false
positives from the alerts generated by current technology, thereby making existing processes more
efficient and ultimately more effective. These machine learning techniques rely on a set of features
generated from knowledge about the transacting parties, from individual and aggregate transaction
metrics, and from the topology of party-to-party relationships derived from static knowledge and
transactional history. Topological features are computed from network embeddings or from the
results of traditional graph algorithms (e.g., PageRank, count of suspicious parties within an egonet
in the following figures ). Overall, this approach has been shown to have a positive effect when
evaluated against a ground truth determined by currently deployed methods. In one such evaluation,
false positives were reduced 20-30%.
1.3 Needs for Global Financial Crimes Detection and Contributions
Notwithstanding the value of leveraging machine learning in the context of transaction monitoring,
financial institutions are limited to identifying suspicious activity as it pertains to their organization.
This presents a conundrum since bad actors are increasingly sophisticated with their techniques
that often span across organizations and geographies (i.e., many use multiple banks to launder
money). Financial institutions are realizing that without looking at data across multiple organizations,
it would be impossible to detect a portion of suspicious activity. Regulatory requirements,
data privacy concerns, as well as commercial competitiveness, all pose challenges to explicit
sharing in information amongst financial institutions. Given the challenge at hand, a innovative so-
lution is needed to detect suspicious activity across organizations. Our contributions are the following:
Developed a federated graph learning platform that detects global financial crime activities
across multiple financial institutions
Demonstrated the effectiveness of federated graph learning as a tool to help identify financial
crime during the TechSprint hosted by the Financial Conduct Authority earlier this year,
using the data set and use cases provided by the FCA.
First to demonstrate the ability to combine federated learning with graph learning as a means
to detect potential financial crimes and share typologies across multiple financial institutions.
The rest of this paper is organized as follows. We outline our core technologies, together with related
work, followed by the overall architecture and our federated graph learning capabilities. We then
provide an overview of preliminary implementation and evaluation using the data set provided by UK
FCA TechSprint. Finally we describe concluding remarks and future directions.
2 Related Work
This section describes the underlying technologies, along with relevant prior art, that constitute our
platform - including graph-based machine learning and federated learning.
2.1 Graph-based Machine Learning
Graph learning is defined as a type of machine learning that utilizes graph-based features to add richer
context to data by first linking that data together as a graph structure, and then deriving features from
different metrics on the graph. Various graph features can be defined by exploiting a set of graph
analytics such as connectivity, centrality, community detection, pattern matching. Graph features
can also be combined with non-graph features (e.g., features on attributes for a specific data point).
Once a set of features including graph features and non-graph features are defined, a problem can
then be formulated as a supervised machine learning problem (assuming that label data is provided).
However, if label data is not provided, it would be an unsupervised machine learning problem so
that we can apply clustering (e.g. kmeans) or outlier detection (e.g. LoF or DBScan). Recently,
there have been many advances in scalable graph computation for billion-scale or even trillion-scale
graphs[Ueno et al., 2017, Hanai et al., 2019], so it is reasonable to expect that this approach would
remain practical, even for large graphs.
The paper in [Akoglu et al., 2015] provides a good review of prior art about graph-based approaches
for general anomaly detection problems. [Molloy et al., 2016] uses PageRank-based features for fraud
detection. We are also exploring graph embedding methods for financial crime detection applications
such as anti-money laundering (AML) in [Liu et al., 2019] and [Weber et al., 2018], but we are still
in the process of applying those methods to real world financial data sets. Recently communities
are also exploring the use of neural networks to compute graph embeddings without determining
pre-defined graph topologies as graph features. However, the lack of explainability of the black-box
model of neural network presents adoption challenges for financial institutions that have stringent
model validation processes that hinge on explainability of the decisions made and outputs that result.
Notably these prior works focus more on local graph features, while our current work is focused on
global graph features spanning multiple financial institutions.
2.2 Federated Learning
Traditional machine learning requires all the training data to be collected and accessible to a trusted
third party. However, privacy concerns and legislation such as General Data Protection Regulation
(GDPR) and Health Insurance Portability and Accountability Act (HIPAA) has presented many
challenges to being able to transmit data to a centralized location for training.
As a result, "federated learning" [McMahan and Ramage, 2017, Bonawitz et al., 2019, Koneˇ
cný et al.,
2016, Bonawitz et al., 2016] has emerged as an alternative way to do collaborative model training
without sharing the training data. In Federated Learning, each data owner maintains its own data
locally and engage in a collaborative learning where only model updates, such as model parameters,
are shared.
Examples of federated learning scenarios include a large number of individual parties providing
personal data to smart phone apps and a relatively small number of competing companies within the
same domain training a single model [McMahan and Ramage, 2017]. As of this writing, no one has
pursued leveraging federated learning in the context of mitigation of financial crimes risk.
3 Federated Graph Learning for AML
We propose a new platform that enables us to capture complex global money laundering activities
spanning multiple financial institutions as opposed to current AML systems that only look at trans-
actions at single bank. The proposed federated graph learning system is comprised of 3 steps, we
compute local features, compute global graph features, and then perform federated learning over
computed features. Subsequent sections describe each step.
3.1 Local Feature Computation
We firstly compute local features for each financial institution. As local features, we can firstly
compute demographic features of customers such as account types (individual or business), business
types, countries, account opening date, and some risk flags based on "know your customer" (KYC)
attributes. We then compute various statistical features on transaction behaviors such as min, max,
average, mean, standard deviation for transaction of various types such as international wire, domestic
wire, credit, cash, check, and so forth. We can also compute graph features such as egonet, pagerank,
degree distribution as what have done for a single bank case.
3.2 Global Feature Computation
As a next step, we compute global features that provide global context related to suspicious activities
among multiple financial institutions. Global graph features are mainly computed using graph
analytics over the entire graph of transaction and party relationship graph. These include 1 hop / 2
hop egonets, cycle and temporal cycle, betweeness centrality, community detection, and so forth. The
advantage of using global features over local graph features is if we can create richer and denser graph
by assembling sub-graphs from multiple graphs, then the graph features should be more effective
since you can also acquire contexts from other financial institutions as to which bank accounts may
be associated with bad actors.
In computing global graph features, we need to take privacy into account, so as not to disclose any
sensitive information from each financial institution. For instance, if there is a cycle of transactions
consisting of 3 accounts in two different financial institutions - starting from an account A in Financial
Institution X to an account B in Financial Institution Y, and to an account C in Financial Institution
Y. A challenge is that a transaction from B to C in Financial Institution Y cannot be revealed to
Financial Institution X. Thus, one of the requirements is to design and implement a secure protocol
that allows Financial Institution X to send a inquiry to Financial Institution Y to ask whether there is
a transaction between B and C - without letting Financial Institution Y to reveal sensitive information.
GraphSC [Nayak et al., 2015] is one of such secure graph computation frameworks, and we have
started to implement some graph features such as temporal cycle features.
3.3 Federated Learning
Next, we build a federated machine learning model using local features and global features that
we describe in the previous sections using our federated learning framework [Truex et al., 2018].
For this work, we use our centralized federated learning in which data owners share model updates
with a central server, aka an aggregator
. This central server is hosted by a third-party such as
Financial Intelligence Unit (FIU). To further protect the privacy, even the model updates shared with
the aggregator are strictly secured via privacy preserving techniques such as differential privacy,
multi-party computation, and / or an array of encryption techniques.
We target a scenario where different Financial Institutions collaborate together to train a model
that can more accurately predict suspicious money laundering efforts. In our setup, each Financial
Institution trains on its local data and shares the model parameters of the trained model with the
central aggregator. The aggregator then fuses all of the model parameters and generates a global
model whose weights will be sent back to all the collaborating banks to reinitialize their local model
for another round of local training. This process is repeated for a set number of rounds or until desired
model accuracy is achieved.
Our framework for federated learning (FFL)[Truex et al., 2018] is a framework designed for federated
learning in an enterprise environment. It provides a basic fabric for federated learning on which
advanced features, such as, differential privacy and secure multiparty computation, can be added. It
is agnostic to the specific machine learning platform used and supports different learning topologies,
e.g., a shared aggregator, and protocols. Different from Google TensorFlow Federated (TFF) and
Openminded PySyft, FFL not only supports simulated federated learning environments but also real
distributed learning environments with different connection configurations. Moreover, FFL enables
training a variety of machine learning models, e.g., decision tree, neural networks on keras, linear
models on scikit-learn, in a federated learning fashion.
1Note that the aggregator does not have access to the data of any of the parties.
4 Preliminary Implementation and Evaluation
In this section we describe a work-in-progress prototype implementation for our federated graph
learning framework described in the previous section. For the evaluation described in this paper,
we did not use a secure graph computation framework such as [Nayak et al., 2015] to compute
global graph features. Secure graph computation is still work in progress, to be described in a future
4.1 Data Set and Graph Modelling
For the evaluation described in this paper, we used the data set provided by the FCA during the
2019 TechSprint [ukf, 2019]. The data set is a simulated data set comprised of data from 6 financial
institutions in the UK and reflects real-world statistical distributions and well-known suspicious
The data set spanned 2 years of activity and includes customer profile, transactions, customer
relationship data, an indicator of suspicious activity alerts, and an indication of whether the customer
relationship was terminated over suspicion of misconduct. We used the last item as a form of ground
truth for suspicious activity.
On the basis of this data set, we built two types of graphs, one called a transaction graph where
a vertex represents a bank account and an edge represents a money transfer. Another graph is
called party relationship graph where a vertex represents a customer and an edge represents a social
relationship between customers such as family.
4.2 Graph Features for Party Relationship Graph
Due to space limitations, we focus here exclusively on the party relationship graph which consists of
social relationships between bank accounts. For example, a person who owns a company can use
both his or her personal account and the company’s business account. In this case, those two bank
accounts can be related through the owner. This kind of relations could be an important indicator of
a financial crime because a criminal might use an account indirectly through the relationship (e.g.,
ownership of a company) to send his or her private money to obscure the true source or beneficiary
(i.e., the layering).
Here, we assume that a bank has the following information for each customer:
customer profile (e.g., account ID, name, date of birth, nationality, etc.),
related party profiles (e.g., name, date of birth, etc.),
relations between the customer and the related parties (e.g., director, owner, family, etc.),
customer risk intelligence (e.g., past Suspicious Activity Report (SAR) flags, financial crime
exit markers).
Such information is obtained during the KYC processes (when onboarding new customers or in
performing periodic reviews of existing customers) or when performing detailed investigations of
AML alerts. The related parties may or may not be a customer of a financial institution, and could
include the customer itself. If multiple customers have relationships with a common related party,
this indicates that the accounts of the customers might be affected by a single party and thus could
work in a coordinated manner.
Since there are many financial institutions in the market, one needs to consider the case of an
individual having accounts in multiple financial institutions. Similarly, the same related party could
appear in the data of multiple financial institution. To reveal the connection between accounts across
the financial institution boundaries, one needs to go through the process of "entity resolution" to
draw the connections between the customer profiles and related party profiles. That is, one needs to
identify the profiles which correspond to a same entity by comparing the attributes such as the names,
addresses, or identification numbers.
Here, we applied the following simple rule for the entity resolution.
Figure 1: Relation between customers and related parties.
Individual customer or party: (full name, date of birth, and nationality are equal) OR (ID
document type, ID document number, and nationality are equal)
Business customer or party: (full name, date of incorporation, and country of incorporation
are equal) OR (company registration type, company registration number, and country of
incorporation are equal)
However, in practice, entity resolution presents many challenges due to the existence of typos,
document quality issues, OCR errors, or fluctuations in conversions of non-Latin characters. There
are a number of commercial products that address this challenge in contexts where raw data can be
shared, however, performing entity resolution under privacy preserving constraints remains an area of
future work.
Once the entity resolution for the customers and their related parties has been performed, one will get
a graph of those entities, as shown in Fig. 1. In the figure, CP1, CP2,
· · ·
are the customers, each of
which has an account, RP1, RP2,
· · ·
are their related parties, GRP1, GRP2,
· · ·
and GCP1, GCP2,
· · ·
are the grouping IDs issued during the entity resolution. Edges between the customers and the
related parties are the social relations, and edges between the grouping IDs and the customers or
related parties are created if those parties are identified as belonging to the same entity by the entity
Since the connected accounts (customers) in the graph are possible collaborators, we think that the
risk of being involved in money laundering is shared among the accounts. From this hypothesis, we
compute each customer’s features based on the statistics in each (weakly) connected component in
the graph. In the current implementation, the following features are used:
number of customers who have alerted by a transaction monitoring system in the past within
the connected component.
number of customers who have SAR flags in the past within the connected component,
number of customers who have financial crime exit markers in the past within the connected
number of the nodes within the connected component.
The status of the risk flags (SAR, financial crime exit marker, etc.) can be obtained from the customer
risk intelligence data as mentioned in a previous paragraph in this section. Please note that the risk
flag status of a customer is often used as a target variable in a machine learning-based prediction /
classification task of financial crimes. In such cases, those features must not include the status of the
risk flag of the customer in question and must contain the information from only other customers
when those are used as a training or a testing data set.
Our preliminary analysis on the synthetic data set used during the TechSprint is shown in Fig. 2. Here,
we assume that the financial crime exit marker of a customer is the target variable to be predicted
for supervised machine learning setting. It shows a positive correlation between the probability of
a customer being flagged with fincrime exit marker and the number of customers who have SAR
flags (left) within the same connected component and the number of nodes (including the customers,
Figure 2: Conditional probability of a customer’s fincrime exit marker being flagged as a function of a
feature. Left: the feature is the number of SAR-flagged customers in the same connected component.
Right: the feature is the number of nodes in the connected component.
related parties and the grouping IDs) within the same connected component. This result indicates
that these values can be used as features for detecting money laundering with other features.
4.3 Evaluation of Federated Graph Learning
Here we show the evaluation result of our federated graph learning using the TechSprint data. We
compute local features including transaction-based features, and compute global graph features in
party relationship graph defined in the previous section, and global graph features in transaction
graph, and local transaction features.
With regards to the platform setting, in an ideal federated learning environment, each financial
institution will perform its local training on its own server or virtual machine and communicate
with the aggregator, which can be hosted by a third party (e.g., government agency) or by one of
the banks, after each local training period is performed. However, due to the limited resources
provided by during the TechSprint, we only had one host, and hence needed to simulated 6 processes
representing 6 UK banks’ local training processes and one process was used as a proxy for the
role of the aggregator using our federated learning framework [Truex et al., 2018] We have tried to
train several types of machine learning models, for example,
-1 regularized logistic regression,
regularized linear support vector machine (SVM), decision tree and a simple neural network.
We found similar performance results (with less than 10% difference in testing accuracy and F1
scores) for these machine learning models. Therefore, we only report the results for neural network,
which composed of two dense layers of sigmoid units and a sigmoid layer with binary cross-entropy
loss. As previously noted, explainability for neural networks is still an ongoing research area, so we
could leverage existing work or use other machine learning models for the current financial regulation
policy that requires transparency and explainability in the machine learning models that are used.
Since the dataset that was provided obtained is highly imbalanced with only around 5% bank accounts
containing labels on whether they were filed as Suspicious Activity Reports (SAR) and around 0.4%
are labeled as financial criminals, we exploited the under-sampling strategy in the majority label class,
(i.e., the clean bank accounts, to create balance training datasets for all financial institutions). We
then trained local models and the aggregated model all based on the balanced training datasets.
In Table 1, we provide the results of local models trained on each financial institution’s transaction
records. We observed that since the local test sets are balanced, the test accuracy and F1 score are the
same, which seems to demonstrate good performance of the local models. However, if we test the
local trained model against account records from all financial institutions, we can see that F1 scores
drop significantly due to the imbalanced nature of the test set and the test accuracy also drops a bit.
Moreover, if we add graph features that we described in the previous section into our training features,
we see improvements in both test accuracy and F1 scores as shown in Table 2. From Table 3, we can
conclude from the results that by training an aggregated model collaboratively via federated learning,
all financial institutions can benefit from the aggregated model without sacrificing their data privacy.
Local test set
(Accuracy/F1) 0.971/0.971 0.976/0.976 0.984/0.984 0.982/0.982 0.967/0.966 0.988/0.988
All record test set
(Accuracy/F1) 0.956/0.550 0.956/0.550 0.953/0.546 0.957/0.551 0.960/0.550 0.962/0.552
Table 1: Centralized local models trained on transaction features
Local test set
(Acc/F1) 0.996/0.996 0.997/0.997 0.997/0.997 0.996/0.996 0.990/0.990 1/1
All record test set
(Acc/F1) 0.994/0.761 0.994/0.769 0.990/0.692 0.995/0.766 0.995/0.764 0.995/0.765
Table 2: Local models trained on transaction and graph features
Aggregated model
Accuracy 0.995
F1 0.769
Table 3: Federated model trained on transaction and graph features
5 Concluding Remarks and Future Directions
In this paper we proposed a novel framework that enables us to better identify patterns of suspicious
activity by sharing insights across multiple financial institutions without sharing any raw data from
each financial institution. This was made possible by combining graph-based machine learning
techniques with federated learning (referred to as, federated graph learning). We described the overall
architecture, work-in-progress implementation, demonstrated that the federated graph learning model
using multiple financial institutions outperforms local model by 20% based on a data set from the
2019 FCA TechSprint. We believe that this capability lays the foundation for us to be able to pilot
these techniques on real world data and scenarios. In order to do so, we are actively working on a pilot
where multiple financial institutions participate in utilizing federated graph learning to supplement
their existing financial crime mitigation framework. In designing the pilot, we are exploring the roles
that can be played by financial institutions, regulators, FIUs, technology firms and consultancies to
achieve maximum results.
The use cases and computing environment were provided by UK FCA (Financial Conduct Authority)
TechSprint in August 2019. The data was also provided by Harbr during TechSprint.
2019 global aml and financial crime techsprint. In
global-aml-and-financial-crime-techsprint, 2019.
Leman Akoglu, Hanghang Tong, and Danai Koutra. Graph based anomaly detection and description:
A survey. Data Min. Knowl. Discov., 29(3):626–688, May 2015. ISSN 1384-5810. doi: 10.1007/
s10618-014-0365-y. URL
Claudio Alexandre. A multi-agent system based approach to fight financial fraud: An application to
money laundering. 01 2018. doi: 10.20944/preprints201801.0193.v1.
Keith Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar
Patel, Daniel Ramage, Aaron Segal, and Karn Seth. Practical secure aggregation for federated
learning on user-held data. In NIPS Workshop on Private Multi-Party Machine Learning, 2016.
Keith Bonawitz, Hubert Eichner, Wolfgang Grieskamp, Dzmitry Huba, Alex Ingerman, Vladimir
Ivanov, Chloé M Kiddon, Jakub Koneˇ
cný, Stefano Mazzocchi, Brendan McMahan, Timon Van
Overveldt, David Petrou, Daniel Ramage, and Jason Roselander. Towards federated learning at
scale: System design. In SysML 2019, 2019. URL
. To
Zhiyuan Chen, Le Dinh Van Khoa, Ee Na Teoh, Amril Nazir, Ettikan Karuppiah, and Kim Sim Lam.
Machine learning techniques for anti-money laundering (aml) solutions in suspicious transaction de-
tection: a review. Knowledge and Information Systems, 02 2018. doi: 10.1007/s10115-017-1144- z.
Andrea Fronzetti Colladon and Elisa Remondi. Using social network analysis to prevent
money laundering. Expert Systems with Applications, 67:49 – 58, 2017. ISSN 0957-4174.
doi: URL
Jingguang Han, Utsab Barman, Jeremiah Hayes, Jinhua Du, Edward Burgin, and Dadong Wan.
Nextgen aml: Distributed deep learning based language technologies to augment anti money
laundering investigation. In Proceedings of ACL 2018, System Demonstrations, pages 37–42.
Association for Computational Linguistics, 2018.
Masatoshi Hanai, Toyotaro Suzumura, Wen Jun Tan, Elvis S. Liu, Georgios Theodoropoulos, and
Wentong Cai. Distributed edge partitioning for trillion-edge graphs. CoRR, abs/1908.05855, 2019.
M. B. Jamshidi, M. Gorjiankhanzad, A. Lalbakhsh, and S. Roshani. A novel multiobjective approach
for detecting money laundering with a neuro-fuzzy technique. In 2019 IEEE 16th International
Conference on Networking, Sensing and Control (ICNSC), pages 454–458, May 2019. doi:
Jakub Koneˇ
cný, H. Brendan McMahan, Felix X. Yu, Peter Richtarik, Ananda Theertha Suresh, and
Dave Bacon. Federated learning: Strategies for improving communication efficiency. In NIPS
Workshop on Private Multi-Party Machine Learning, 2016. URL
Weiyi Liu, Zhining Liu, Fucai Yu, Pin-Yu Chen, Toyotaro Suzumura, and Guangmin Hu. A scalable
attribute-aware network embedding system. Neurocomputing, 339:279–291, 2019. doi: 10.1016/j.
neucom.2019.01.106. URL
Brendan McMahan and Daniel Ramage. Federated learning: Collaborative machine learning
without centralized training data. In
collaborative.html, 2017.
Ian Molloy, Suresh Chari, Ulrich Finkler, Mark Wiggerman, Coen Jonker, Ted Habeck, Youngja
Park, Frank Jordens, and Ron Schaik. Graph analytics for real-time scoring of cross-channel
transactional fraud. 02 2016.
K. Nayak, X. S. Wang, S. Ioannidis, U. Weinsberg, N. Taft, and E. Shi. Graphsc: Parallel secure
computation made easy. In 2015 IEEE Symposium on Security and Privacy, pages 377–394, May
2015. doi: 10.1109/SP.2015.30.
David Savage, Qingmai Wang, Pauline Lienhua Chou, Xiuzhen Zhang, and Xinghuo Yu. Detection
of money laundering groups using supervised learning in networks. ArXiv, abs/1608.00708, 2016.
Stacey Truex, Nathalie Baracaldo, Ali Anwar, Thomas Steinke, Heiko Ludwig, and Rui Zhang. A
hybrid approach to privacy-preserving federated learning, 12 2018.
Koji Ueno, Toyotaro Suzumura, Naoya Maruyama, Katsuki Fujisawa, and Satoshi Matsuoka. Efficient
breadth-first search on massively parallel and distributed-memory machines. Data Science and
Engineering, 2(1):22–35, 2017. doi: 10.1007/s41019-016-0024-y. URL
Mark Weber, Jie Chen, Toyotaro Suzumura, Aldo Pareja, Tengfei Ma, Hiroki Kanezashi, Tim Kaler,
Charles E. Leiserson, and Tao B. Schardl. Scalable graph learning for anti-money laundering: A
first look. CoRR, abs/1812.00076, 2018. URL
ResearchGate has not been able to resolve any citations for this publication.
Full-text available
Adding attributes for nodes to network embedding helps to improve the ability of the learned joint representation to depict features from topology and attributes simultaneously. Recent research on the joint embedding has exhibited a promising performance on a variety of tasks by jointly embedding the two spaces. However, due to the indispensable requirement of globality based information, present approaches contain a flaw of in-scalability. Here we propose \emph{SANE}, a scalable attribute-aware network embedding algorithm with locality, to learn the joint representation from topology and attributes. By enforcing the alignment of a local linear relationship between each node and its K-nearest neighbors in topology and attribute space, the joint embedding representations are more informative comparing with a single representation from topology or attributes alone. And we argue that the locality in \emph{SANE} is the key to learning the joint representation at scale. By using several real-world networks from diverse domains, We demonstrate the efficacy of \emph{SANE} in performance and scalability aspect. Overall, for performance on label classification, SANE successfully reaches up to the highest F1-score on most datasets, and even closer to the baseline method that needs label information as extra inputs, compared with other state-of-the-art joint representation algorithms. What's more, \emph{SANE} has an up to 71.4\% performance gain compared with the single topology-based algorithm. For scalability, we have demonstrated the linearly time complexity of \emph{SANE}. In addition, we intuitively observe that when the network size scales to 100,000 nodes, the "learning joint embedding" step of \emph{SANE} only takes $\approx10$ seconds.
Full-text available
Money laundering has been affecting the global economy for many years. Large sums of money are laundered every year, posing a threat to the global economy and its security. Money laundering encompasses illegal activities that are used to make illegally acquired funds appear legal and legitimate. This paper aims to provide a comprehensive survey of machine learning algorithms and methods applied to detect suspicious transactions. In particular, solutions of anti-money laundering typologies, link analysis, behavioural modelling, risk scoring, anomaly detection, and geographic capability have been identified and analysed. Key steps of data preparation, data transformation, and data analytics techniques have been discussed; existing machine learning algorithms and methods described in the literature have been categorised, summarised, and compared. Finally, what techniques were lacking or under-addressed in the existing research has been elaborated with the purpose of pinpointing future research directions.
Full-text available
The anti-money laundering (AML) process has failed both in identifying suspicious cases in due time as in assisting the AML analysts in decision making. Starting from a new generic anti-fraud approach, this article presents the main aspects related to the development of a multi-agent system that goes beyond the capture of suspicious transactions, seeking to assist the human expert in the analysis of suspicious behaviour. First, a transactional behavioural profile of clients is obtained in a data mining process. A set of rules, obtained through data mining over a real database, in conjunction with specific rules based on legal aspects and in the expertise of the AML analysts make up the agents' knowledge base. The cases for which the system was unable to suggest a decision are flagged as requiring more detailed analysis. The system analysed 6 months of real transactions and indicated several suspicious profiles, a set of these suspects was investigated by the AML analysts who proved the suspicion of several cases, including some that had not been identified by the systems in execution.
Full-text available
There are many large-scale graphs in real world such as Web graphs and social graphs. The interest in large-scale graph analysis is growing in recent years. Breadth-First Search (BFS) is one of the most fundamental graph algorithms used as a component of many graph algorithms. Our new method for distributed parallel BFS can compute BFS for one trillion vertices graph within half a second, using large supercomputers such as the K-Computer. By the use of our proposed algorithm, the K-Computer was ranked 1st in Graph500 using all the 82,944 nodes available on June and November 2015 and June 2016 38,621.4 GTEPS. Based on the hybrid BFS algorithm by Beamer (Proceedings of the 2013 IEEE 27th International Symposium on Parallel and Distributed Processing Workshops and PhD Forum, IPDPSW ’13, IEEE Computer Society, Washington, 2013), we devise sets of optimizations for scaling to extreme number of nodes, including a new efficient graph data structure and several optimization techniques such as vertex reordering and load balancing. Our performance evaluation on K-Computer shows that our new BFS is 3.19 times faster on 30,720 nodes than the base version using the previously known best techniques.
Full-text available
Money laundering is a major global problem, enabling criminal organisations to hide their ill-gotten gains and to finance further operations. Prevention of money laundering is seen as a high priority by many governments, however detection of money laundering without prior knowledge of predicate crimes remains a significant challenge. Previous detection systems have tended to focus on individuals, considering transaction histories and applying anomaly detection to identify suspicious behaviour. However, money laundering involves groups of collaborating individuals, and evidence of money laundering may only be apparent when the collective behaviour of these groups is considered. In this paper we describe a detection system that is capable of analysing group behaviour, using a combination of network analysis and supervised learning. This system is designed for real-world application and operates on networks consisting of millions of interacting parties. Evaluation of the system using real-world data indicates that suspicious activity is successfully detected. Importantly, the system exhibits a low rate of false positives, and is therefore suitable for use in a live intelligence environment.
Conference Paper
Using the computational inelegant methods in processing financial data is a practicable action to reduce a wide variety of crime in this domain. In this paper, a new intelligent multiobjective to recognize money laundering in banks and currency exchanges is presented. The introduced approach is based on Adaptive Neuro-Fuzzy Inference System (ANFIS) which is set up by MATLAB software. The proposed method can replace conventional methods to detect the risk of money laundering in suspicious banking transaction. In addition, this approach can be used in banking systems as an online technique to analyze the data of customers’ accounts. Also, the probability of money laundering’s risk for each exchange is processed and monitored. One of the main advantages of the system is categorizing customers for different customers. The results illustrate the accuracy of this system in filtration of accounts infected by money laundering is acceptable.
Conference Paper
We present a new approach to cross channel fraud detection: build graphs representing transactions from all channels and use analytics on features extracted from these graphs. Our underlying hypothesis is community based fraud detection: an account (holder) performs normal or trusted transactions within a community that is “local” to the account. We explore several notions of community based on graph properties. Our results show that properties such as shortest distance between transaction endpoints, whether they are in the same strongly connected component, whether the destination has high page rank, etc., provide excellent discriminators of fraudulent and normal transactions whereas traditional social network analysis yields poor results. Evaluation on a large dataset from a European bank shows that such methods can substantially reduce false positives in traditional fraud scoring. We show that classifiers built purely out of graph properties are very promising, with high AUC, and can complement existing fraud detection approaches.