How fraud & transaction monitoring works

Learn more about fraud & transaction monitoring within FrankieOne

FrankieOne Fraud & Transaction Monitoring evaluates financial transaction and non-financial activities against rulesets that determine fraud and/or money laundering risk. With the growth of digital channels for consumers, your ability to assess risk on digital elements is critical.

FrankieOne allows you to enrich your decisioning with risk data points such as:

  • the email or phone number used, including identification of risky domains, risky syntax, whether it is disposable, and multiple names linked to the email or number
  • behavioral fingerprint, such as anomalous copy-paste behavior, toggling between windows (distraction events), and mouse movement.
  • device intelligence, such as detecting whether emulators, proxy and VPN detection, or remote desktop control software is being used
  • time and location

By monitoring activity for suspicious trends alongside other information you are gathering from FrankieOne we help provide you with a complete picture of an individual when investigating fraud cases.

Activity types

FrankieOne can monitor risk for different types of activities. An activity may represent a financial transaction or an action the user took in your application.

Non-financial activities include:

  • Registration: A user has created an account in your application.
  • Login: A user has logged in to your application.

Financial transaction activities include (as Payments/Transfers):

  • Fiat deposits
  • Fiat withdrawals
  • Crypto deposits
  • Crypto withdrawals

FrankieOne will build up a picture of a user's patterns of behavior over time, which will inform risk evaluations for future activity.

Risk categories

Customer activity is evaluated for fraud risk and/or money laundering risk. Fraud risk may be associated with the customer or their device as well as the transactions that they performed. Money laundering risk is associated with financial transactions.

The following table displays the categories of risk that are evaluated for each type of activity:

ActivityDevice and/or customer fraud riskTransaction fraud riskMoney laundering risk
Fiat depositEvaluatedEvaluatedEvaluated
Fiat withdrawalEvaluatedEvaluatedEvaluated
Crypto depositEvaluatedEvaluatedEvaluated
Crypto withdrawalEvaluatedEvaluatedEvaluated


An individual being checked for fraudulent activity is represented by the Entity object. All checks that FrankieOne performs for an individual are associated with an Entity object. This includes checks performed during onboarding such as KYC checks and device or customer fraud checks. These checks also include ongoing checks such as transaction monitoring fraud checks. This allows FrankieOne to provide a complete picture of the individual by collating all relevant data for an individual from multiple data sources in one system. Through this checks, FrankieOne provides a complete picture by collating all relevant data for an individual from multiple data sources into one system.

When you check an activity for fraud, you can supply an existing Entity ID or your own Customer Reference Number. FrankieOne will associate the activity with the entity if one exists with the supplied identifiers, otherwise the system will create a new entity in order to perform the check.


When you check an activity for risk, FrankieOne will generate a pending case for each category of risk that is found. By default a case will start as PENDING if the risk level is medium or higher. This threshold can be configured by your account manager.

If multiple categories of risk are found for an activity then multiple cases will be generated for that activity. For example, if a deposit was found to have a high risk of money laundering and the device the deposit was performed on is known to be stolen, then that single deposit transaction would have a Device/Customer Characteristics case and AML Transaction case associated with it.

Fraud and compliance officers can see pending cases in the FrankieOne portal. Details about the transaction and why it was flagged can be accessed from the portal.

Overall risk for an individual

A given entity will have an overall fraud risk score and an overall AML risk score. These can be found on the entity's overview page in the FrankieOne portal.

The overall fraud risk score is calculated as the average of the rolled up transaction fraud risk score, and the rolled up device/customer characteristics risk score.

The rolled up transaction fraud risk score is the average of the transaction fraud risk levels associated with all historical financial transactions.

The rolled up device/customer characteristics risk score is the average of the device/customer risk levels associated with all historical activities.

The overall AML risk score is calculated as the average of the transaction AML risk levels associated with all historical financial transactions.