Machine learning method and system for predicting key agricultural field management practices
US-2024362570-A1 · Oct 31, 2024 · US
Advanced learning system for detection and prevention of money laundering
US11423414B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11423414-B2 |
| Application number | US-201615074977-A |
| Country | US |
| Kind code | B2 |
| Filing date | Mar 18, 2016 |
| Priority date | Mar 18, 2016 |
| Publication date | Aug 23, 2022 |
| Grant date | Aug 23, 2022 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An automated system for detecting risky entity behavior using an efficient frequent behavior-sorted list is disclosed. From these lists, fingerprints and distance measures can be constructed to enable comparison to known risky entities. The lists also facilitate efficient linking of entities to each other, such that risk information propagates through entity associations. These behavior sorted lists, in combination with other profiling techniques, which efficiently summarize information about the entity within a data store, can be used to create threat scores. These threat scores may be applied within the context of anti-money laundering (AML) and retail banking fraud detection systems. A particular instantiation of these scores elaborated here is the AML Threat Score, which is trained to identify behavior for a banking customer that is suspicious and indicates high likelihood of money laundering activity.
First claim
Opening claim text (preview).
What is claimed is: 1. A computer-implemented method comprising: creating one or more profiles for an entity of interest, at least one profile for the entity of interest comprising a data structure that captures exponentially decayed summary statistics of the entity's behavior, the profile further comprising a plurality of behavior sorted lists, a first behavior sorted list associated with the profile of the entity of interest, the first behavior sorted list being formed of an ordered list of entries, at least one entry having a key, a weight, and a payload that represents a frequently-observed behavior of the entity; generating a set of global profiles associated with one or more entities of interest; storing the one or more profiles and the set of global profiles in a data store; for an input data record associated with the entity of interest, retrieving one or more relevant profiles from the data store and updating the one or more relevant profiles to recursively compute summary statistics of behavior of the entity by adding or updating an observed behavior represented by the input data record to at least one of the plurality of behavior sorted lists with a full weight while decaying the weights of existing observed behaviors; comparing the entries in the first behavior sorted list and at least a second behavior sorted list from among the plurality of sorted lists to generate a numerical value representing a consistency between entries in the first behavior sorted list and behavior sorted lists for other entities, including risky entities; executing one or more distance models to the plurality of behavior sorted lists to determine a variation of the consistency between the entries in the at least two behavior sorted lists according to the numerical value; determining, based on the set of global profiles, that the input data record deviates from observed typical behavior within clusters found within a segment generated based on soft-clustering features that provide at least an estimate of typical distributions of normal behavior for segmentations of the entity of interest; generating an anti-money laundering threat score utilizing one or more trained self-calibrating outlier models based on entity recursively summarized profile behavior, the anti-money laundering threat score representing a threat risk that the entity of interest is engaged in money laundering, the generated threat score for the entity of interest being associated with a linked entity of interest to calculate a risk-linked score for the linked entity; retraining the one or more self-calibrating outlier models, in response to determining a degradation of a set of anti-money laundering threat scores, the retraining being based on the degradation and using one or more auto-retraining mechanisms executed by one or more processors; and generating a signal to issue an alert based on the anti-money laundering threat score. 2. The method in accordance with claim 1 , wherein the first behavior sorted list includes frequently seen favorite activities associated with the entity of interest, and the first behavior sorted list is updated to preserve frequently seen favorite activities based on recency and preserving long-term often-seen activities. 3. The method in accordance with claim 2 , wherein the recency is determined based on a date in the payload indicating when the respective entry was entered in the first behavior sorted list. 4. The method in accordance with claim 1 , wherein the input data record is a transaction performed by the entity of interest. 5. The method in accordance with claim 1 , wherein storing the one or more profiles in a data store further comprises storing the one or more profiles as an account on a server that is part of a cloud-based network of servers. 6. The method in accordance with claim 5 , wherein the method further comprises linking, by the one or more computer processors, two or more accounts from the cloud-based network of servers, wherein the risk level associated with the linkage of accounts is reflected using the threat scores across the linked list of accounts. 7. The method in accordance with claim 1 , wherein the risk-linked score in addition to a threat score generated for the linked entity of interest is utilized to determine risk of illicit activity for the linked entity of interest. 8. A non-transitory computer program product storing instructions that, when executed by at least one programmable processor, cause the at least one programmable processor to perform operations comprising: creating one or more profiles for an entity of interest, at least one profile for the entity of interest comprising a data structure that captures summary statistics of the entity's behavior, the profile further comprising a plurality of behavior sorted lists, a first behavior sorted list associated with the profile of the entity of interest, the first behavior sorted list being formed of an ordered list of entries, at least one entry having a key, a weight, and a payload that represents a frequently-observed behavior of the entity; generating a set of global profiles; storing the one or more profiles and the set of global profiles in a data store; retrieving one or more relevant profiles from the data store and updating the one or more relevant profiles to recursively compute summary statistics of behavior of the entity by adding or updating an observed behavior represented by the input data record to at least one of the plurality of behavior sorted lists with a weight; comparing the entries in the first behavior sorted list and at least a second behavior sorted list from among the plurality of sorted lists to generate a numerical value representing a consistency between entries in the first behavior sorted list and a second behavior sorted list for a second entity; executing one or more distance models to the plurality of behavior sorted lists to determine a variation of the consistency between the entries in the first and second behavior sorted lists according to the numerical value; determining, based on the set of global profiles, that the input data record deviates from observed typical behavior within clusters found within a segment generated based on soft-clustering features that provide at least an estimate of typical distributions of normal behavior for segmentations of the entity of interest; and generating a threat score utilizing one or more trained self-calibrating outlier models based on entity recursively summarized profile behavior, the generated threat score for the entity of interest being associated with a linked entity of interest to calculate a risk-linked score for the linked entity, the association between the entity of interest and the linked entity of interest being such that a high-scoring linked entity of interest influences the threat score generated for the entity of interest in real-time; retraining the one or more self-calibrating outlier models, in response to determining a degradation of a set of anti-money laundering threat scores, the retraining being based on the degradation and using one or more auto-retraining mechanisms executed by one or more processors. 9. The non-transitory computer program product in accordance with claim 8 , wherein the payload of at least one entry of the one or more profiles includes recursive features and at least a first behavior sorted list includes frequently seen favorite activities associated with the entity of interest, and the first behavior sorted list is updated to preserve frequently seen favorite activities based on recency. 10. The non-transitory computer program product in accordance with claim 8 , wherein a date is included in the payload indicatin
Assignees
Inventors
Classifications
Tracking the activity of the user (network monitoring arrangements H04L43/00; recording of computer activity G06F11/34) · CPC title
involving fraud or risk level assessment in transaction processing · CPC title
Search customisation based on user profiles and personalisation · CPC title
Government or public services (business processes related to the transportation industry G06Q50/40) · CPC title
using ranking · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11423414B2 cover?
- An automated system for detecting risky entity behavior using an efficient frequent behavior-sorted list is disclosed. From these lists, fingerprints and distance measures can be constructed to enable comparison to known risky entities. The lists also facilitate efficient linking of entities to each other, such that risk information propagates through entity associations. These behavior sorted …
- Who is the assignee on this patent?
- Fair Isaac Corp
- What technology area does this patent fall under?
- Primary CPC classification G06Q30/018. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Aug 23 2022 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).