Build fincrime scenarios
and assess the impact before you ship.
Visual builder, AI-suggested scenarios, full impact assessment, and false-positive tuning. Your risk and compliance teams control every scenario without engineering.
Author scenarios four ways.
Compose scenarios on a condition-tree canvas without code.
Drag in field matches, thresholds, AND/OR logic, rolling lookback windows, peer-group baselines, and entity-graph traversal across sender, beneficiary, and counterparty network. Every primitive your analysts already understand.
Scenarios are version-controlled and deploy under maker-checker approval. No engineering ticket required to author, modify, or retire a scenario.
Required to author, modify, or retire a scenario once the engine is configured.
Compose scenarios on a condition-tree canvas without code.
Drag in field matches, thresholds, AND/OR logic, rolling lookback windows, peer-group baselines, and entity-graph traversal across sender, beneficiary, and counterparty network. Every primitive your analysts already understand.
Scenarios are version-controlled and deploy under maker-checker approval. No engineering ticket required to author, modify, or retire a scenario.
Required to author, modify, or retire a scenario once the engine is configured.
Pre-built scenarios and detectors out of the box
Median time from draft to live production scenario
Lower false-positive rate with backtesting
Sandbox every scenario before it ships, then govern it after.
Run the scenario against a defined historical window.
The analyst sets the date range, entity population, and transaction volume. The system executes the scenario logic against every transaction or event in the window as if it were live.
Results land within minutes. The backtest runs on the same engine as production, so what you see in the sandbox is what you get when you promote.
See a sample backtest
Read the impact report before deciding.
The report surfaces alert volume, true positives, false positives, false negatives, coverage rate, and false-positive rate. Each metric links back to the specific events that triggered it.
The analyst uses these numbers to decide whether to tighten, widen, or hold the rule before deployment. No guesswork, no post-hoc surprises.
Explore the validation report
Tune thresholds without engineering, then re-test in the same surface.
Adjust per-scenario thresholds, set per-population tolerance bands for different risk tiers, calibrate scoring weights, and suppress alerts for defined populations. Every change is logged with the parameter diff and result delta.
The scenario only exits the sandbox into production when the analyst explicitly promotes it. Nothing goes live by accident.
See threshold tuning
Version every change, roll back in one action.
Every scenario change is versioned with author, timestamp, rationale, and a diff of the logic change. The audit trail is examiner-ready without reconstruction.
Roll back to any prior version in one action. The version history shows the full lineage of a scenario from creation through every modification to current state.
WHY THE SCENARIOS ENGINE
What makes this detection layer operationally different.
Four design decisions that separate a configurable rule engine from spreadsheet-managed thresholds and engineering-gated rule changes.
No-code authoring
Compliance teams write and modify scenarios without an engineering ticket. The scenario builder is their surface, with no configuration file to hand off.
Backtesting before production
No scenario goes live without passing the analyst's own validation. The backtest report is the deployment gate that runs before promotion.
Version control on every change
Every scenario modification is attributable, reversible, and auditable. The examiner can see what changed, when, and why.
Per-population threshold control
Thresholds are not global. Different entity types and risk tiers carry different alert sensitivity without duplicating scenario logic.
Power these solutions with the scenarios engine.
Every solution below runs detection scenarios built, sandboxed, and governed on the OneLattice stack.
Transaction Monitoring
Author AML detection scenarios, sandbox them on historical data, and ship under maker-checker approval.
Learn more →Payment Fraud Prevention
Compose authorization-time scenarios that combine velocity, device, and behavioral signals.
Learn more →Mule Detection
Build graph and network scenarios that surface mule rings and layering chains.
Learn more →Account Takeover Prevention
Author behavioral-sequence scenarios that catch ATO from session and device patterns.
Learn more →New Account Fraud Prevention
Compose signup-time scenarios that combine identity, device, and anomaly signals to stop synthetics.
Learn more →Identity Fraud Prevention
Author identity-risk scenarios that score every application against supervised and anomaly signals.
Learn more →Customer Risk Assessment
Build CRA scoring scenarios that calibrate every customer risk score on your data.
Learn more →Perpetual KYC
Trigger periodic and event-driven review scenarios from behavioral and anomaly drift.
Learn more →Agents powered by Scenarios Engine.
Configurable detection logic without code. The agents below author, simulate, and tune scenarios with regulator-grounded typologies and your own data patterns.
Rule Building Assistant
Natural language to production rule logic.
Rule Simulator
Predicts alert volume and FP rate before you deploy.
Typology Researcher
Tracks FinCEN, FATF, Europol typologies and applies them as a current risk lens.
Pattern Analyst
Surfaces emerging fraud patterns from your own data.