Docs
Search…
⌃K

Risk & Fraud Monitoring

Risk Rules Engine
Fast growing fintech startups use LogicLoop to monitor abusive behavior on their platforms. LogicLoop empowers fraud & risk managers to quickly set up rules on top of company data to raise alerts for their team to review. Without LogicLoop, analysts are often stuck waiting for engineers to implement alerts directly in the codebase, inhibiting their ability to iterate quickly and experiment.
To get started with monitoring bad actors on your platform on LogicLoop, you'll first want to connect your company's data sources. This could be production databases like Postgres or MySQL, warehouses like Snowflake, Redshift or Big Query, or APIs like Socure or Sentilink. Once connected, you can use sample industry templates below as guidance to bootstrap your program. The following templates have been simplified and specific details have been omitted due to the sensitive nature of the content. Contact us at [email protected] to access our fully detailed suite of fraud & risk monitoring formulas.

Large transactions

Query your data to select transactions with large dollar amounts.
SELECT
*
FROM
transaction
WHERE
amount > 10000
For each transaction flagged, create a ticket for your analysts to review. You can automatically generate a ticket in LogicLoop's Case Management System.

Failed transfers

Query your database to flag users with excessive failed external fund transfers.
SELECT
company_name,
merchant_id,
transfers.status,
count(*) AS num_failed_transfers
FROM
transfers
JOIN merchant ON merchant.id = merchant_id
WHERE
created_on > current_date - interval '30 days'
AND transfers.status = 'FAILED'
GROUP BY
merchant_id,
company_name,
transfers.status
HAVING
count(*) >= 3
For each user flagged, generate a Slack alert for your team to review.

High velocity transactions for new users

Query your data to flag users who signed up recently with high total transaction volumes.
SELECT
sum(amount) AS total,
merchant_id
FROM
transaction
join merchant ON merchant_id = merchant.id
WHERE
transaction.created_at > current_date - interval '30 days'
AND merchant.created_at > current_date - interval '30 days'
GROUP BY
merchant_id
HAVING
sum(amount) > 200000
For each user flagged, trigger a webhook to create a ticket in your own internal system or another ticket management system like Zendesk, JIRA, or Asana for an analyst to review.

Missing address information

Select users who signed up recently without address information
SELECT
*
FROM
users
WHERE
address is NULL
AND created_at < current_date - interval '7 days'
Then, send each user an email reminding them to fill out their address.

Failed identity verification

Flag users who failed identity verification checks. You can pull in information from third party APIs using our API (JSON) data source and write a rule on top of Query Results to join data from multiple sources.
SELECT
*
FROM
socure_identity_verification_checks_api
WHERE
status = 'Failed'
For each user flagged, create a ticket for an analyst to review and follow up.

Transactions in high-risk geographies

Alert on transactions conducted from high-risk geographies. If you have a pre-defined list of countries that are deemed high-risk, you can pull in this list of values by parameterizing it and populating it with a list derived from another query.
SELECT
*
FROM
transaction
WHERE
country in {{ list_of_banned_countries }}
Then, call an internal webhook endpoint to automatically ban the transaction in your system.

Amount outstanding exceeds account balance

Alert if a user's outstanding balance exceeds the funds that are available in their account.
SELECT
*
FROM
users
WHERE
account_balance < outstanding_balance
Send an account manager a Slack notification to reach out to the user to fund their account.