WO2001048626A2 - Intelligent transaction monitor system and method - Google Patents
Intelligent transaction monitor system and method Download PDFInfo
- Publication number
- WO2001048626A2 WO2001048626A2 PCT/GB2000/004757 GB0004757W WO0148626A2 WO 2001048626 A2 WO2001048626 A2 WO 2001048626A2 GB 0004757 W GB0004757 W GB 0004757W WO 0148626 A2 WO0148626 A2 WO 0148626A2
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- profiles
- analysis
- business
- alert
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
Definitions
- This invention relates generally to the monitoring, recording and analysis of business activity.
- the invention relates to an automated business monitoring system and method that uses historical profiles of activity in order to assess the relevance associated with given business transactions or business events.
- the system compares unseen transactions with historical profiles of business activity and can alert operators to unusual patterns of activity or patterns of prescribed activity that are known to be of interest.
- bank transaction will be used for illustrative purposes; however, the techniques and principles discussed herein apply to other types of transactions, such as those of retail companies, finance institutions, securities exchanges, internet payments, telecommunication payments, and data transacted over computer networks.
- a transaction may be considered as the act of obtaining and paying for an item or service, a business deal or negotiation, the exchange of value, or the transmission and processing of an item of data.
- Transactions occur in retail industries, finance, banks, stock exchanges, Internet payments, computer networks as well as a plethora of other businesses and services.
- Transactions may also be used for identification purposes and may represent requests and responses for action.
- transactions have been recorded for accounting purposes, for stock control and for other business management purposes.
- a transaction would include details of parties involved, the volume, value and type of goods, services or value transacted and other fields that might have relevance to the transaction process. Such transactions can be described and stored in computer systems.
- Systems of this type record the transactions and associated reference data in databases that may be queried for business analysis purposes. These systems allow analysts to query and extract information that may have particular significance for the business concerned. For example, an analyst might extract accounting or payroll information or might use the system to identify other factors such as the most commonly traded product or service. Where such systems are used for regulatory purposes, an analyst might run a sequence of queries or fixed reports in order to monitor the activity of various business entities, including individuals or groupings of individuals, within an organisation. On the basis of the results of such reports, an analyst may then make decisions concerning aspects of a business including security, regulation, compliance and audit.
- an automated system and method for monitoring business activity which builds historical profiles of transactions and makes comparisons between these profiles and unseen business events in order to detect unusual patterns of behavior and alert system operators to them.
- the system may also be configured to alert operators to the occurrence of known, or predetermined, patterns of activity.
- the system provides storage for business transactions that may be grouped according to business entities and provides storage for the profiles associated with these transactions. In this way, the system provides a record of business activity across a predetermined timeframe. This data is updated in accordance with ongoing business activity and according to the entities being monitored. Updates are generally, but not exclusively, performed nightly and may also be performed as data becomes available for processing or during periods in which the system would otherwise be inactive.
- Historical profiles are re-generated on a regular basis, which may or may not be based on the frequency of data updates and additions.
- the historical profiles are based on aggregate statistics of the business data being stored and provide statistical distributions of business activity.
- the system uses the historical profiles as a reference of previous business activity in order to qualify unseen business transactions or business events. In this way the system can identify unusual patterns of activity and alert system operators to them.
- the system may also use the profiles in order to identify and alert operators to pre-determined patterns of activity. Alerts generated by the system are ranked according to their relative importance or likelihood of interest to the system operators.
- the system provides the means to manage the distribution of specific alerts to given operators, or groups of operators.
- the system also provides the means to manage the processing and lifecycle of these alerts allowing alert re-direction based on operator input, alert priority, or to guarantee processing within a given time period.
- the system retains logs of all alerts generated and operator actions and may use this information in order to improve system performance.
- the invention has application in numerous business areas including but not limited to the following: for the detection of patterns of payment fraud and money laundering in banking environments, for market surveillance in stock exchanges, and for risk analysis, regulatory control and compliance in other financial, business and insurance, for on-line fraud detection, customer profiling for marketing and cross-selling, and for product usage analysis.
- Figure 1 is a block diagram of an implementation of the present invention.
- Figure 2 is a block diagram showing detail of an implementation of the present invention.
- Figure 3 is a block diagram showing detail of a typical transaction record.
- Figure 4 shows a schematic presentation of profiles constructed across different time periods.
- Figure 5 shows an example profile record for a business entity.
- Figure 6 shows an example alert record raised by an investigation unit.
- Figure 7 is a sample graphical user interface which forms part of the typical output interface for the present invention showing alerts raised by the system.
- Figure 8 is a sample graphical user interface which forms part of the typical output interface for the present invention showing justification for an alert raised by the system.
- Figure 9 is a sample graphical user interface which forms part of the typical output interface for the present invention showing justification in a graphical form for an alert raised by the system.
- Figure 10 shows a flow diagram of the transaction data input and validation process.
- Figure 11 shows a flow diagram detailing the construction of profile records for business entities based on the transaction data.
- Figure 12 shows a flow diagram detailing the alert generation process where multiple investigation units are being used. Description of the Preferred Embodiment
- the present invention is described in terms of an example banking environment. Those skilled in the art will understand that the invention may be applied in a wide range of business monitoring systems and a multitude of environments. Given the description herein, it would be obvious to one skilled in the art to implement the present invention in any general computer or computing environment and in a multitude of business types and areas.
- FIG. 1 shows a block diagram of a typical implementation of the system 100 in accordance with the present invention.
- Transaction data 140 enters the system from one or more transaction data sources 141 , 142, 143, 144.
- This data originates from sources including but not limited to existing database systems, automated teller machine (ATM) systems, and bank branch level systems or banking transactions systems such as CHIPS and SWIFT.
- ATM automated teller machine
- CHIPS bank branch level systems
- the data may be transported across computer networks using standard transaction and messaging systems that perform data delivery and distribution tasks. It may also enter the system in the form of flat files, database format files or database archives.
- Transaction data can be extracted from systems or be delivered directly for processing.
- the invention comprises a monitor 110, a data storage facility 130 and a multitude of output devices 120 to convey system findings to operators.
- the monitor 110 operates on a variety of conventional computer hardware platforms and operating systems
- the data storage 130 is performed using one or more database systems
- the output devices 120 are standard computers, workstations or other computer enabled devices.
- the output devices 120 may also be used for system maintenance and administration tasks.
- the monitor 110 processes all transactions as they enter the system. Processed transactions are stored in the data storage 130 unit and are used during further analysis stages. On the basis of the transactions entered into the system, the system identifies patterns of known interest for the business and may also present information based on changes in known transactional characteristics. The system generates alerts that identify each such occurrence. These alerts are ranked according to the significance or the business interest of the occurrence. Alerts generated by the system are distributed to system operators and displayed on output devices 120.
- FIG. 2 shows a more detailed view of the system.
- the monitor 110 comprises a number of functional units.
- a data manager 200 controls the processes of access and storage of data to and from all other system units. Data is maintained and stored within the system over a predetermined timeframe appropriate to the business; this might typically be between 1 and 5 years.
- the data manager 200 validates transaction data as it arrives into the system and is responsible for the archiving and deletion of data from the system.
- Data storage comprises three logical units: storage of transaction data 220; storage of reference data 210 which contains system specific data, system audit information and logs, and may contain additional supporting information relating to the transaction data; and profile storage 230 which contains aggregate and statistical information derived from the transaction data and holds in addition transaction data that may be in normalized forms.
- the profile data is used to identify known characteristics and the changes in these characteristics, and to provide summary analysis of the transaction data.
- a data modeler 240 is responsible for construction of the transaction profiles stored in the profile storage 230.
- the data modeler 240 may construct multiple profiles for each business entity, the exact form of which are dependent on the business monitoring and analysis task.
- An event manager 250 controls process sequences in the system and is responsible for alert routing, alert processing and alert distribution.
- the system may operate with one or more investigation units 261 , 262.
- the investigation units use the profile data 230 as a source for analysis, which allows analysis tasks to be performed quickly and efficiently.
- the results of the investigation units may be cascaded such that the investigations performed by one unit triggers further investigations by other units.
- Certain investigations may require supplementary data representations which are provided on request by the data modeler 240.
- the output of multiple investigation units may be combined to generate system alerts.
- the output of single investigation units may also create alerts directly.
- a reporting unit 270 is responsible for the generation of reports which present details of the transaction information extracted from the transaction storage 220 or information extracted from the reference storage 210 or the profile storage 230. Reports may be generated at immediate operator request, when the system has available resource to perform the request, or on a batch basis at defined times or at given intervals. Reports generated may be viewed by the operators using the output devices 120, although these may also be presented in other forms and also stored and printed.
- An access manager 280 is responsible for operator authorization, operator authentication and system access control.
- the access manager uses password authentication methods to verify operator identity, but may also use alternative forms of identification and access control. Encryption and other methods may be used to ensure that all information passed to and from the output devices is secure, and this may also be used for non-repudiation purposes. All system access is audited in the reference storage 210.
- the access manager provides methods for the control and change of user passwords. It applies methods to prevent the selection by users of passwords that would be considered to compromise the security of the system.
- the access manager 280 controls the frequency at which users are required to change passwords.
- the access manager 280 provides operator groupings in order to provide different levels of access to system functionality for different groups of operators.
- Operators are limited in the extent to which they may access the functionality of the system. Operators may be members of multiple operational groups and therefore have access to the functionality associated with each group. Typically these groupings allow access to different sets of profiles and access to the transaction data in differing degrees. Some operator groups are allowed to add, update or change profile or transaction records or data controlling system operation. Other operator groups are restricted to views of specific system results, profiles or transaction records.
- Figure 3 shows an example transaction record 300 for a bank payment.
- the record 300 contains a number of data fields including the time and date of payment 310, the payer customer account 320, the payee account 330, the currency 340 associated with the transaction, the value of the transaction 350 and numerous other fields for other bank purposes 360, 370.
- Such transactions may appear in a multitude of other forms, which may include single entry systems where only the payer or payee account details are present.
- the profiling of transaction data is performed by the data modeler 240.
- Profiles are generated automatically by the data modeler 240 and aim to capture and quantify the salient characteristics of the transaction data being profiled. The actual selection of profile types used in the system is dependent on the business characteristics being monitored.
- the data modeler 240 builds numerous profiles for each business entity. For example, profiles generated for a banking environment would typically include, but not be limited to, regional entities, bank branches, customers and account types. Other profiles will be generated that provide aggregates across complete business entities, such as aggregate details according to customer account type at branch and regional levels, and counterparty profiles.
- a customer's transactions would contribute to profiles built to represent the account associated with the transactions, the profiles for the customer involved, the profiles of the bank branch to which the customer belongs and profiles of account types associated with this branch.
- profiles built to represent the account associated with the transactions the profiles for the customer involved, the profiles of the bank branch to which the customer belongs and profiles of account types associated with this branch.
- Profiles may encompass temporal characteristics that are built across given timespans.
- Figure 4 shows the relationship of profile views that may be constructed over time. 410 represents numerous transactions associated with a bank entity over a period of time, these are aggregated by day 420, further aggregated by week 430, by month 440, and by year 450. Other aggregate forms are possible across quarterly periods, 4 weekly periods or at greater granularity such as hourly or by the second where there is a requirement for this to be performed or the transaction volumes present a requirement for such aggregations. Other aggregations based around notional concepts such as a business day or working periods are possible, or those related to transaction arrival rates. Such profiling allows seasonal and other characteristics to be considered during further analysis.
- Figure 5 presents an example profile record 500 for a business entity.
- the profile record 500 consists of an identifier 510, profile statistics 520 and a profile distribution or histogram 530.
- the identifier 510 consists of a time period field 511 which identifies the timespan of transaction data over which the profile was generated and an entity field 520 identifying the business entity being profiled.
- the profile statistics 520 consists of but is not limited to a number field 521 giving the number of transaction samples associated with this profile, a maximum value field 522 giving the maximum value found in the transactions, a minimum value field 523 giving the minimum value found in the transactions, an average field 524 giving the average value of all transactions in the profile sample, a sum field 525 giving the sum of all transactions, and a standard deviation field 526 giving the standard deviation of the transactions in this profile sample.
- the profile statistics 520 may contain any required combination of statistical aggregations or numeric functions.
- the profile histogram 530 consists of numerous bins 531-537 each giving aggregates of values of transaction variables, or functions of transaction variables, in discrete ranges.
- Profiles can be generated for numeric data fields, such as payment size or value, and also for enumerated fields such as currency code or other payment flags.
- numeric data types a profile record 500 containing identity 510, statistics 520 and histogram 530 parts would be common.
- Profile records 500 for enumerated data types would generally only require identity 510 and histogram 530 parts. In some scenarios, the histogram 530 may be replaced with other forms of empirical or standard distribution representations.
- Information relating to other characteristics may be contained in other profile forms.
- the address details of customers may be retained, which would include zip codes or co-ordinate forms.
- Transactions between accounts are profiled to identify the relationships between entities.
- profiles provide significant benefit as a management information tool for business understanding.
- Profiles automatically capture and quantify the usual activity of entities in a business and the relationship between the entities.
- Profiles provide understanding of the transaction environment and provide the basis for monitoring and reporting tasks. Since profiles provide a historical record of typical behaviors of entities, they can be used to identify changes in behaviors and unusual patterns of activity.
- the investigation units 260 use the profile information for two purposes, to identify patterns of defined activity and to identify patterns of unusual activity.
- the profiles provide the basis on which statistical measures and probabilities can be used by the investigation units 260 to identify patterns of unusual activity.
- Unusual activity can be considered as activity that is statistically unlikely or has a low probability of occurrence.
- Consideration of multiple profile characteristics may be necessary in order to make decisions concerning the likelihood of events. For example, dormant bank accounts becoming active after long periods of inactivity may be too numerous to provide a sufficient indicator for suspicious account activity. If, however, the value transacted through the account is statistically very high compared with other peer accounts, then this provides additional evidence for investigation. Such evidence may be further compounded where the net balance associated with an account is low and the value passing through the account is transient.
- Investigation units 260 may apply particular business rules against the profile data in order to identify behaviors that conform to pre-defined activity. Such comparison may be based on precise measures or relative measures based on profile characteristics. Comparisons may be based on known profiles of activity or a historical store of profiles known to be of interest to the business. Other more complex forms of analysis are possible including, but not limited to, statistical analysis, clustering methods, machine learning and intelligent systems based methods.
- investigation units can be initiated by the arrival of transaction data and the completion of transaction profiling. Investigation units operate in an iterative fashion processing transaction profiles that have been updated and changed. In this way the system performs systematic analysis of all transaction entities. Investigation units may also perform speculative analysis when system processing is available to do so. This allows lengthy analysis to be performed without negatively impacting other system performance requirements. However, in this mode of operation coverage of all transaction data is not guaranteed.
- the output of investigation units is a normalized numeric value in the range of zero to 1 , where zero denotes that the analysis performed presents no data of interest to the business and a value of 1 indicates that the investigation unit has identified an absolute pattern of interest to the business. In this way, the investigation units produce results that define degrees of business interest associated with the profiles analysed. This may also be considered as the probability associated with the occurrence of the event or process under investigation.
- the outputs are then thresholded according to the following expression in order to formulate a decision as whether to raise a system alert:
- the output of one or more investigation units may be aggregated according to the following expression:
- y,- is the output of the rth investigation unit
- w,- is a weight associated with the rth unit
- N is the number of investigation units being considered
- T is a threshold function for the combination of these investigation units.
- Figure 6 presents a typical alert record 600 as raised by the results of an investigation unit or units.
- the record comprises a date and time field 601 , a unique identifier 602, a rank field 603 equivalent to the probability associated with the event, an alert type field 604 defining the reason for the alert, an entity field 605 defining the entity involved in the alert, an alert priority 606, as well as numerous other fields 607, 608 that may be included based on the wishes of the business or be associated with results of the analysis produced by the investigation units.
- the alert priority 606 is used by operators to identify the relative importance of alerts. The priority of the alert is initially set automatically by the system.
- Figure 7 through Figure 9 show sample screens from a window-based interface which forms part of the output device 120 used by operators.
- Figure 7 shows a sample alert view screen.
- the screen comprises a window 700, with a menu bar 730 and toolbar 740 to access system functionality and a status bar 750 for information purposes.
- the window is divided with a tree view pane 710 on the left and an alert list pane 720 on the right.
- the alert list pane 720 makes up one view of many possible combinations.
- the tree view pane 710 provides access to different combinations of alert view dependent on alert type and operator role. It also provides access to functionality controlling aspects relating to alert workflow and administration tasks.
- the alert list pane 720 provides a view of alert records 600 accessible by the current operator. Activating one of the alert record views 600 allows more detail relating to the alert to be viewed.
- Figure 8 shows additional information that is reported following activation of an alert record, this process is termed "drilldown".
- the screen provides details of the entity involved in the alert 810, details about the alert and workflow aspects of the alert processing 820 and a number of different drilldown views 830 presenting different aspects associated with the alert.
- the investigation units consider numerous profile characteristics.
- the profiles used during this analysis are known and are conveyed to the operator in the form of supporting evidence with the alert.
- This evidence is presented in the multiple drilldown views 830 and may be used by operators to consider the alert findings and allow them to perform additional analysis.
- Such views may comprise text box 840 and tabular views 850 of the profile data.
- Figure 9 shows an alternate drilldown view containing textual 910, tabular 930 and graphical 920 views of the profile data.
- the user interface provides functionality for the operator to change the status of an alert 860, in order to sign-off the alert to mark processing of it as complete, to escalate the importance associated with an alert, to re-direct the alert to another operator for further analysis or simply to close the alert with no action taken on it.
- Alerts can be re-directed from one operator to another operator for further investigation.
- the rules associated with this re-direction process are controlled by the system and may be parameterised by administrative users.
- the life-cycle of alerts is recorded at all times and details of operators that have processed each alert are maintained along with other information such as operator comments 870 concerning an alert in order to build case histories. Alerts that are not processed within a given timeframe may be automatically escalated by the system for attention by other groups of operators.
- the system can improve its performance.
- the system can increase the likelihood of generating alerts with characteristics recognized to be of interest to operators and reduce the occurrence of alerts with characteristics known to be of no interest.
- the characteristic profiles of alerts generated by the system of specific known interest to system operators may be recorded and used for comparison against unseen data to identify entities with similar behaviors or characteristics.
- Operator actions relating to the processing of alerts, the redirection of alerts between operators and the escalation of alerts by operators may also be characterized by the system and used to improve system performance.
- Figure 10 provides a flow diagram showing the transaction data input process.
- Transaction data is either loaded into the system or collected by the system for processing 1002.
- Reference data required for the loading and validation process is then loaded 1003.
- the transaction data is then validated 1004 in order to prevent erroneous data from being considered by the system. If the validation is successful 1005, the data is stored in the system for further processing 1007. If the data is not validated as being correct, a system alert is raised 1006 and the data is stored 1008 in accessible form to be manually validated or changed by system operators.
- Figure 11 provides a flow diagram showing the transaction profiling.
- Transaction data 1102, reference data 1103 and existing profile data 1104 are all loaded by the data modeler 240.
- Profiles are updated 1105 for each associated change in the transaction data.
- the profile changes are then stored 1106 for further processing in the profile storage 230. Every time period associated with the transaction data is updated 1107.
- daily, weekly, monthly, and yearly profiles are all updated to reflect the changes in the underlying transaction data. This is performed for every different profile type associated with a business entity 1108.
- the profiles are generated for each business entity 1109. It will be understood that different business entities will have different profile forms according to their characteristics and the requirements of the system.
- Figure 12 provides a flow diagram of the investigation and alerting process where multiple investigation units are being used.
- Transaction data 1202, reference data 1203, and profile data 1204 are all loaded according to the needs of the investigation units being operated. If there have been no changes in the profiles associated with the investigations being performed 1205, the profiles associated with other business entities can be considered for processing. If the profiles have changed, an investigation is performed 1206. If the output of the investigation unit is greater than a predetermined threshold 1207, a weighted sum according to the aforementioned formula (Equation 1) is performed 1208. If for this analysis more investigation units are required 1209, these further calculations are performed. Once this has been done then if the weighted sum of the output of the numerous investigation units is greater than a predetermined threshold 1210, a system alert is generated 1211. If the value is less than this threshold, no alert is generated. The process is then repeated for each business entity 1212 being considered for analysis within the system.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU21957/01A AU2195701A (en) | 1999-12-23 | 2000-12-12 | Intelligent transaction monitor system and method |
EP00985545A EP1244976A2 (en) | 1999-12-23 | 2000-12-12 | Intelligent transaction monitor system and method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB9930565A GB2357603B (en) | 1999-12-23 | 1999-12-23 | Intelligent transaction monitor system and method |
GB9930565.8 | 1999-12-23 |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2001048626A2 true WO2001048626A2 (en) | 2001-07-05 |
WO2001048626A3 WO2001048626A3 (en) | 2002-07-11 |
Family
ID=10866983
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/GB2000/004757 WO2001048626A2 (en) | 1999-12-23 | 2000-12-12 | Intelligent transaction monitor system and method |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1244976A2 (en) |
AU (1) | AU2195701A (en) |
GB (1) | GB2357603B (en) |
WO (1) | WO2001048626A2 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7657474B1 (en) | 2003-03-04 | 2010-02-02 | Mantas, Inc. | Method and system for the detection of trading compliance violations for fixed income securities |
US20150095216A1 (en) * | 2013-09-30 | 2015-04-02 | The Toronto-Dominion Bank | Methods and systems for determining and providing negative event notifications |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10395309B2 (en) | 2007-03-30 | 2019-08-27 | Detica Patent Limited | Detection of activity patterns |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5649114A (en) * | 1989-05-01 | 1997-07-15 | Credit Verification Corporation | Method and system for selective incentive point-of-sale marketing in response to customer shopping histories |
US5712985A (en) * | 1989-09-12 | 1998-01-27 | Lee; Michael D. | System and method for estimating business demand based on business influences |
US5920848A (en) * | 1997-02-12 | 1999-07-06 | Citibank, N.A. | Method and system for using intelligent agents for financial transactions, services, accounting, and advice |
EP1035485A2 (en) * | 1999-03-10 | 2000-09-13 | Ncr International Inc. | System and method for analyzing customer transactions and interactions |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4215412A (en) * | 1978-07-13 | 1980-07-29 | The Boeing Company | Real time performance monitoring of gas turbine engines |
US5270922A (en) * | 1984-06-29 | 1993-12-14 | Merrill Lynch & Company, Inc. | System for distributing, processing and displaying financial information |
WO1987006371A1 (en) * | 1986-04-10 | 1987-10-22 | Hewlett Packard Limited | Expert system using pattern recognition techniques |
US5737593A (en) * | 1995-06-02 | 1998-04-07 | International Business Machines Corporation | System and method for defining shapes with which to mine time sequences in computerized databases |
US5668988A (en) * | 1995-09-08 | 1997-09-16 | International Business Machines Corporation | Method for mining path traversal patterns in a web environment by converting an original log sequence into a set of traversal sub-sequences |
US5845285A (en) * | 1997-01-07 | 1998-12-01 | Klein; Laurence C. | Computer system and method of data analysis |
US6275229B1 (en) * | 1999-05-11 | 2001-08-14 | Manning & Napier Information Services | Computer user interface for graphical analysis of information using multiple attributes |
WO2001013313A2 (en) * | 1999-08-16 | 2001-02-22 | Westport Financial Llc | Automated investment chart pattern search system for technical analysis |
-
1999
- 1999-12-23 GB GB9930565A patent/GB2357603B/en not_active Expired - Fee Related
-
2000
- 2000-12-12 WO PCT/GB2000/004757 patent/WO2001048626A2/en active Application Filing
- 2000-12-12 AU AU21957/01A patent/AU2195701A/en not_active Abandoned
- 2000-12-12 EP EP00985545A patent/EP1244976A2/en not_active Ceased
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5649114A (en) * | 1989-05-01 | 1997-07-15 | Credit Verification Corporation | Method and system for selective incentive point-of-sale marketing in response to customer shopping histories |
US5712985A (en) * | 1989-09-12 | 1998-01-27 | Lee; Michael D. | System and method for estimating business demand based on business influences |
US5920848A (en) * | 1997-02-12 | 1999-07-06 | Citibank, N.A. | Method and system for using intelligent agents for financial transactions, services, accounting, and advice |
EP1035485A2 (en) * | 1999-03-10 | 2000-09-13 | Ncr International Inc. | System and method for analyzing customer transactions and interactions |
Non-Patent Citations (2)
Title |
---|
"DIALOG ABI/INFORM(R)" DIALOG ABI/INFORM(R), XP002939134 * |
See also references of EP1244976A2 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7657474B1 (en) | 2003-03-04 | 2010-02-02 | Mantas, Inc. | Method and system for the detection of trading compliance violations for fixed income securities |
US20150095216A1 (en) * | 2013-09-30 | 2015-04-02 | The Toronto-Dominion Bank | Methods and systems for determining and providing negative event notifications |
Also Published As
Publication number | Publication date |
---|---|
GB2357603A (en) | 2001-06-27 |
WO2001048626A3 (en) | 2002-07-11 |
EP1244976A2 (en) | 2002-10-02 |
AU2195701A (en) | 2001-07-09 |
GB2357603B (en) | 2003-09-17 |
GB9930565D0 (en) | 2000-02-16 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8543486B2 (en) | Method and system for the protection of broker and investor relationships, accounts and transactions | |
US7693810B2 (en) | Method and system for advanced scenario based alert generation and processing | |
Fahrenkrog-Petersen et al. | Fire now, fire later: alarm-based systems for prescriptive process monitoring | |
US7657474B1 (en) | Method and system for the detection of trading compliance violations for fixed income securities | |
US6631361B1 (en) | Method and apparatus for providing explanations of automated decisions applied to user data | |
US8306889B2 (en) | System and method for presenting fraud detection information | |
US9818118B2 (en) | Transaction aggregator | |
US20070174214A1 (en) | Integrated fraud management systems and methods | |
US20060294095A1 (en) | Runtime thresholds for behavior detection | |
Edge et al. | A survey of signature based methods for financial fraud detection | |
US8290845B2 (en) | System and method for presenting quasi-periodic activity | |
US20130325598A1 (en) | Financial account related trigger feature for triggering offers based on financial information | |
US20230351396A1 (en) | Systems and methods for outlier detection of transactions | |
CN112581283A (en) | Method and device for analyzing and alarming business bank employee transaction behaviors | |
Chopoorian et al. | Mind your business by mining your data | |
US8688572B2 (en) | Financial account related trigger feature for risk mitigation | |
US10332199B2 (en) | System and method for visualizing checking account information | |
US10460377B2 (en) | System and method for presenting suspect activity within a timeline | |
Madhuri et al. | Big-data driven approaches in materials science for real-time detection and prevention of fraud | |
US20130325707A1 (en) | Automated bill payment system | |
US20140289085A1 (en) | System and Method For Identifying Suspicious Financial Transactions | |
US10204376B2 (en) | System and method for presenting multivariate information | |
WO2001048626A2 (en) | Intelligent transaction monitor system and method | |
Waghela et al. | Utilizing Machine Learning and Big Data Analysis for Risk Mitigation and Fraud Detection in Finance | |
US20130325574A1 (en) | Financial account related trigger feature for offering service discounts |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A2 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A2 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2000985545 Country of ref document: EP |
|
AK | Designated states |
Kind code of ref document: A3 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A3 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
WWP | Wipo information: published in national office |
Ref document number: 2000985545 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
NENP | Non-entry into the national phase in: |
Ref country code: JP |