Connected Financial Crimes - Neo4j White Paper

Introduction

Building financial crimes software for expert users requires an understanding of the specific needs as well as tasks & roles in a larger team of investigators. The goal is to create uniquely tailored solutions to those users' needs - not create a set of simple reports or a dashboard.

‍
Shrink wrapped software & standard BI tools typically are in the mix but will not suffice as a stand alone application. Custom built enterprise solutions using graph ‘plug in’s’ or other ‘solutions’ with a graph plug in will take 30-50% longer to develop and will require a high level of expertise in both graph technology and a programming language like REACT or Angular. How can you provide reusable software solutions that solves the primary problem patterns but also makes “finish-to-order” customizations possible?

‍
Enter Expero CoNNected for Financial Crimes (CoNNected FC) in combination with the market leader in graph technology, Neo4j. Neo4j provides an enterprise-strength graph database that combines native graph storage, advanced security and a scalable speed-optimized architecture.

Expero CoNNected FC, powered by Neo4j, allows customers to configure a full suite of anti-fraud modules to create a platform for combating financial crimes for all types of use cases including: AML, transaction fraud, compliance & sanctions, cybersecurity, embezzlement, internal bad actor, audit & compliance, and prosecution for global investigatory teams. The goal is to create a flexible solution utilizing the power of Neo4J with easy to use visualization for explainable ML.

Why a Neo4J CoNNected Solution?

No two financial crime use cases and customer requirements are exactly the same. And most expert business users expect or desire that their tools adhere to how they work. That leaves the software tool builders with a couple of options. Today’s fraud application reality is much more than just graph widgets - useful, yes but the goal is to have users interact with a vast amount of data, including graph data connections. Neo4J recognizes that most financial crime investigations have some common patterns and general approaches but the specifics of how each customer approaches the problem and perhaps the sequence of steps may vary. What customers are requesting is a full set of reusable graph components + UI templates + Neo4J built-in connectivity that can perform core investigation functions and features. In addition, they allow users the ability to compose the final solution by rearranging the components with little effort. This is the design motivation and paradigm for Neo4J Fraud Solution.

• Flexible & Configurable Role-based UI screens: Dashboards, investigations & teams
• Neo4J Specific: Performance-tuned, key ML functions in Neo4J: accumulators, algorithms, etc.
• Graph & Investigation Widgets: Combination of key fraud graph visualizations & core data views
• Neo4J Data Models: Extendable starting data models : AML, Credit Card, Cyber, Audit, etc
• Extensible | On Prem or Cloud: Build your own widgets with the tool for custom development
• Integration with ML Tools: Configuration to integrate with Python and Jupyter notebook

‍

Who are your Users?

^The financial crimes space has an incredibly diverse set of use cases and types of users. The features are directly focused on these investigation teams' set of incredibly diverse sets of investigation and notification tasks. Each group of users has a very different potential role in the process: the data and interactions may be similar, yet the UI may be very different on how to access and interact with the data. The solution allows for this diverse set of users to have different views and interactions and their different types of roles via the UI

• Use Case Differentiation: AML, Credit Card, Transaction Fraud, Cyber, Audit & Prosecution
• Security: Data provenance, RBAC & access for teams, individuals and audit & compliance
• Roles: Management, line of business, KYC teams, Investigators & prosecutors
• Teams: The ability to share findings, collaborate with core members or external teams

‍

What Modules Are Part of The Fraud Solution?

The Expero Neo4J Fraud Solution modules for anti-fraud help customers design and develop graph based custom data visualization tools quickly and easily. Neo4J Fraud Solution consists of a series of connector /helper widgets and graph visualizations, design patterns and examples used to aid in creating cohesive, data-driven apps. Data synchronization and complex visualization synchronization is at the heart of Neo4J Fraud Solution, both with Neo4J Fraud Solution-based widgets as well as 3rd party widgets. Simply register each visualization to sync up with filters driven by Neo4J Fraud Solution to allow your UI to work seamlessly and each visualization in concert with others on the page. Here are just a few of the visualizations that are available.

Alert Details

Alert Details that allow for simple easy to understand alert logic and how the logic and potential fraud are connected. Assisting investigators in identifying multiple alerts and how they interact in order to create more accurate alerts

Graph & Network Node Visualization

Graph & Network Node Visualization The ability to visualize connected data Neo4J algorithms and adjacency, similarity and community detection. The ability to manage non-obvious connection of elements in the data

Dashboard Visualization Composition

As previously discussed, the individual visualization components are necessary but not sufficient. The true value of Neo4J Fraud Solution lies in the composition of visualizations to address a complex business problem or flow.

In the application above, a user may wish to see different component charts, over different time periods. By moving the time slider at the bottom of the page, each of the charts updates itself per the time period selected. This cross component communication means that any component may “publish” changes made to itself for consumption by any or all of the other controls on the page. Each component is responsible for keeping itself current. This includes many other components besides just Graph visualization

• Dashboard Configuration: Ability to have multiple widgets like reports, KPI’s, etc.
• Time: Timeline sliders, date panels, connected to graph & non-graph widgets
• Filters & Dynamic Graph Query: No code filters, panels, and selection panes for clickable data presentation
• Alerts & Search: Extendable alerts & search for Neo4J and other data including source systems

‍

Neo4J - Configuration Solution User Interface

The Neo4J Financial Crimes Solution comes with a ‘super user’ role based configuration tool to allow for custom configuration and extension. The example below is part of the online comprehensive configuration tool. These functions include data schema mapping, nodes, icons, layouts, hidden and shown attributes and many more items

How Expero Extends Application Functionality through a Single-Page App (SPA)

At its most basic, a single-page app consists of three files: an index.html file, a JavaScript file, and a stylesheet. However, in reality (unfortunately) there is more to it than that. Three major choices need to be made up front: the programming language, the Neo4J Fraud solution, and a build process.

Why Do You Need A Single-Page App (SPA)?

Single-page apps are a must when a responsive and interactive in-browser user experience is required. The heavy visualization and multiple simultaneous users in a graph analytics application make an SPA a great fit. The classic server-based approach to updating a page in response to a user interaction is painfully slow by today’s standards. Each change to the view requires a complete page reload, which incurs a lot of overhead. The single-page app only pays the page load penalty one time, and further changes are incremental modifications to the live document. The separation between front end and back end also tends to lead to a clean REST or Lightning API that can be reused for native mobile applications. In many cases, the single-page app itself can be repackaged as the mobile application.

Programming Language

The choice of REACT as a programming language may seem obvious when writing a client-side web application: It’s JavaScript, right? JavaScript is what will ultimately run in the browser, but many languages can be compiled to JavaScript. Today, even JavaScript is compiled to JavaScript, if you want to use the latest and greatest features of the language before they are supported in all browsers. Other popular choices are TypeScript, ClojureScript, CoffeeScript, and Elm. However, chances are that if you have a preferred programming language, then there will be a compiler for it that targets JavaScript.

On Premise or Cloud Architecture

The Neo4J solution can be configured as either a cloud delivered architecture on any of the cloud vendors or can easily be set up as on-premise.

Connecting to Neo4J

Similarly to how the front end application needs flexibility, the data sources also will vary. Neo4J Fraud Solution has hooks built in for data collection - these may be direct Lightning or REST calls from the browser or REST/GraphQL calls through a middle tier API depending on scaling and security requirements. The CoNNected workbench can simultaneously connect to multiple data sources for a ‘single pane’ of glass viewing for business users.

Flexible Deployment

SPAs are very flexible when it comes to deploying to a server. As long as the server can deliver a collection of static files, then it can host a single-page application. This is important because it means you can cleanly decouple your back end from the client’s view and architect the back end any way you choose. You may want to keep things simple and host the front end on the same server that handles requests for data or you might have a large ecosystem of load-balanced microservices and choose to serve the front end from a highly available CDN. It makes little difference to the overall architecture and design of the client-side application.

Cloud Systems Supported: Amazon, Google GCP & Microsoft Azure
EXAMPLE: Here’s an example deployment using Amazon’s S3 service

‍

In this model, the concerns of serving www.foo.com are completely separate from any requests for data through an API server. Both can be managed and optimized for their intended purpose. In the case of the file server, S3 buckets can be configured for website hosting and serve all the static files that make up the SPA. As mentioned earlier, aggressive caching headers can be set to further speed up client load times and reduce server load if unique hashes (or some other cache break technique) were implemented as part of the build process. This separation completely eliminates a chunk of work for the back end. Pure data services typically should not allow the client to perform any caching in order for client applications to always receive fresh data. Furthermore, the scaling and division of responsibilities among services is not mixed up with the concerns of serving the client-facing URL.

‍
This is all made possible thanks to Cross-Origin Resource Sharing (CORS) mechanisms, now commonly available in all browsers, which enable the browser to make requests to different domains from the one that originally served the web application files. Before CORS, the browser only allowed non-GET requests to the original domain that served the JavaScript file making the request. CORS is a mechanism to safely permit requests to trusted domains while still maintaining the same origin policy for all other domains.

Conclusion

The modern Financial Crimes investigation single-page application has evolved from a simple set of MS XLS sheets and has now become an intersection of Human-in-the-loop + Machine Learning + Neo4J + Visualization. The goal and purpose of the Neo4J Financial Crimes Fraud Solution is to accelerate the configuration and development of tools that can be supported and maintained by our end customers.