in Wire Transfers

Fraud Prevention in Wire Transfers

Global interconnection and an increase in the frequency and amounts of bank transactions have not gone unnoticed to cybercriminals. To make matters worse, we must also consider the threats and risk scenarios related directly to the Internet. Criminals are aware of the facility to obtain large sums of money and they target these services with techniques often difficult to prevent because of fast technology evolution.

The financial entities must have a preventive culture, complementary security mechanisms, specifically for monitoring, and multi-channel fraud prevention so that the customers are certain that their money is in good hands and have no reason for concern.



Sentinel has the ability to monitor and stop incoming and outgoing transfers between accounts of the institution, including events of local or international banks.

It is very important not only to prevent fraud in outgoing wire transfers, but also in the case of incoming wire transfers, like interbank transfers and SWIFT transfers. None financial institution wants to be used by organized crime to commit fraud to other institutions.

Fraud Prevention Solutions for Bank Wire Transfers


  • System is easy to manage, allowing the user to set it up without the need of significant technical knowledge
  • Transactional behavior profiles at customer level and transfer type, which can be internal in the accounts of the institution, interbank or SWIFT, based on the transactional history and supported by multiple statistical tools
  • Rule-based models that include different sources, operators, statistics, functions, lists, groups of conditions and formulas
  • Different model generation tools, such as rules, dynamic behavior profiles, link analysis, machine learning algorithms (neural networks, decision trees, deep learning, vector machines, among others)
  • Rule evaluator embedded in the main system environment, with impact analysis, efficiency, and false positives of the rules
  • Distribution of alerts and investigations to the analysts
  • Integrated control board for the analysis of attention to alerts and investigations
  • Generation of specialized reports and boards
  • Generation of automatic or manual blocking by customer and/or transfer type
  • Different monitoring approaches, participating or not in the transfer authorization process, in real time or near real time

Risk Analysis and Fraud Prevention Stages in Electronic Transfers

Real Time



Case Management

Reports and Control Boards

Real Time

The financial institution must have the ability to reject a transfer with sufficient characteristics to be classified as a fraudulent or high-risk transfer, precisely when it is executed. This is the first fraud prevention barrier.

Real time is defined as the ability to assess complex events through a transaction analysis that assesses the transfer and all its data, based on different conditions, such as rules, statistics, and lists. It provides an answer to the authorizer indicating whether to accept, reject, or review the transaction in just milliseconds.


With a “near real time” approach, it usually only takes some seconds or in many cases minutes to determine the transfer risk level, and based on this, take the following actions that usually translate into accepting, rejecting, or reviewing the transaction. However, it can be customized based on the processes of the financial institution.

Different modules are involved in this risk analysis that are part of or complement the solution:

Rule-Based Models: The system presents a modern and completely graphical rules editor, making it easy for the user to build models: it groups conditions, includes lists, multiple statistical conditions, complex analysis patterns, and data pre-processing, among others. The expert users can also employ formulas about conditions, facilitating the data manipulation and rule results.

Statistical Behavior: It allows the creation of individual profiles by customer or type of transfer (internal, interbank, or SWIFT). These profiles can be used as input in the configuration of the rule-based fraud detection models.

Dynamic Behavior Patterns: It is a new proprietary technology of Sentinel that allows the automatic definition of the usual profile of the client and of the population it belongs to. In this way, the system generates an alert in the event the behavior detected is “unusual” for the client or “atypical” for the population it belongs to.

Black Lists: This module enables the analysis to find out whether there are similarities in the names of the beneficiary or applicant of the transfer, as applicable, with people, companies, or entities registered in internal or external black lists. It is also possible to include “negative news”, that is, people or entities that appeared in news related to events or activities subject to screening, even if they are not subject to trial.

Sentinel has the largest risk database about individuals and organizations, which is continuously monitored and updated. Some of its main features are:

  • More than 450 lists.
  • More than 1 million PEP’S, 14 types, 4 levels in more than 240 countries.
  • More than 50 classified risk events: abuse, kidnapping, fugitive, fraud, murder, robbery, trafficking in people, etc.
  • Definition and classification of the risk stages: accused, suspect, arrested, in trial, sanction, etc.

Geolocation: It analyzes different aspects related to the usual location of the customers, their Internet service providers, connection types, zip code, country, region, and city, among others. The access data generated from the IP of the client and recorded in Sentinel can be used in forensic or criminal investigations, in audits and as evidence in criminal procedures.

Some of its main features are:

Static Risk Factors:

  • Location specific risks (countries, regions, cities, zip codes)
  • Risk connection types
  • Information of risk domains (suspicious Internet service providers, blocked domains)
  • Risky connection proxies (anonymous, hosting)

Risk Indicators in Real Time:

  • Speed infractions
  • Connection increases from an ISP/location or account
  • Suspicious connection time, along with IP locations that do not match

Anomalous Behavior Patterns:

  • Current location versus previous locations (frequency)
  • Changes of Internet service provider, together with other factors
  • Change of mobile telephony carrier

Creation of Device Digital Prints. Geolocation characteristics used to classifying a device:

  • Geography (country, city, state, zip code)
  • ISP
  • Connection type (DSL, mobile, cable, etc.)

Predictive Models Based on “Machine Learning”: The Sentinel Predictions module enables a visual design environment to build predictive analysis models for fraud prevention. It provides a complete library of supervised and non-supervised learning algorithms, data preparation and exploration, validation and model evaluation tools.

In addition, it provides a potent “Model Auto Generation” functionality that enables Sentinel to create and train multiple models automatically, compare their results, and allow the user to determine which it wishes to set up in a productive environment. Being a data scientist or an expert in mathematics or statistics is no longer required to use the most advanced “machine learning” techniques.


The analysts have queries or viewers that allow them to view unusual activity with multiple inputs useful in the decision-making process:

  • Filter by date range
  • Alert objective
  • Filter by alert status
  • Advanced filter
  • Transaction assessment scores
  • Behavior profile
  • Alert models in the transaction

The supervisors and analysts can have strategic control of the whole operation of the fraud prevention department by observing the following key indicators:

  • Pending alerts
  • Average attention time
  • Alerts marked as fraud
  • Alerts referred to investigation
  • Alert resolution times

Case Management

Once the analyst reviews the activity suggested as suspicious by the system, they can generate cases to follow-up on the suspicious transactions and record all the actions during the investigation process.

The investigation case is the digital file to track the entire process in the unusual activity management of the customer:

  • Change the investigation status, based on the work flow
  • Actions performed by the analyst
  • Detail of the transactions reviewed
  • Storage of relevant attachments related to the case

Reports and Control Boards

Sentinel has a powerful tool for data discovery and information analysis. Its main characteristic is that it is oriented to end users without a lot of technical knowledge, who can design their own control reports and panels, schedule their execution and automatic sending to different addresses, if desired.

Some of its main features are:

  • It has a series of predetermined reports
  • It allows the end user to create reports using the different data sources and fields of Sentinel
  • The reports can be private or public so that other users can access them
  • Enabling of creation of groups, filters, field order, and definition of date ranges to display the information
  • Ability to export the reports in multiple formats, including Excel, CSV, PDF


  • We will respond to your inquiries as quickly as possible. Write today.
  • This field is for validation purposes and should be left unchanged.
© 2020 SmartSoft. All rights reserved.