Creating & managing alert triggers

Alerts are the cornerstone of SEON’s risk management system, serving as early warnings for fraud and AML risks. Before you set up an alert, you need to determine the risk you are looking to mitigate. Here are two examples of alert trigger use cases:

Fraud use case

Trigger: Flag transactions where the IP location or device fingerprint mismatches previous customer activity.

Purpose: This use case identifies potential account takeovers or fraudulent transactions by detecting inconsistencies in a customer's usual behavior. By flagging mismatches in IP location or device fingerprint, your team can proactively investigate and mitigate risks before they escalate.

Money laundering use case

Trigger: Flag multiple rapid transfers involving high-risk jurisdictions, where user and merchant activity align with potential money laundering patterns.

Purpose: This use case helps identify potential money laundering activities by flagging patterns of rapid, high-risk transfers involving known high-risk jurisdictions. By monitoring repeated behavior and linking transactions across users and merchants, the trigger highlights structured activities that may be indicative of laundering schemes.

Now that you have your use case, you’re ready to set up the alert trigger. 

1. Navigate to Alerts: Go to Alerts - Alert triggers - New trigger

2. Define criteria: Add a descriptive name for the trigger.
Example: Flag multiple rapid transfers involving high-risk jurisdictions, where user and merchant activity align with potential money laundering patterns.

3. Assign analysts: You can assign specific alert triggers to analysts where they will be automatically routed to team members with the fewest assigned tasks.

4. Add a checklist: Select the checklist that is relevant to your alert and mark it as mandatory or optional. See below for how to create a checklist.

5. Configure rule conditions: Select the condition type, such as: 

• Custom parameters: Define criteria specific to your organization, like customer segments or geographic regions.
• Transaction state: Base alerts on the current status of a transaction.
• Transaction score: Trigger alerts when a fraud score crosses a predefined threshold.
• Applied rules: Generate alerts based on previously applied AML or fraud prevention rules.

6. Combine multiple conditions to refine your alert logic: Use AND/OR groups to create precise alert logic tailored to specific scenarios. Combine conditions to capture nuanced behaviors while minimizing noise.

Example:

AND: Flag transfers when the merchant country is in a high-risk jurisdiction AND the user and merchant IDs match prior activity AND there are 5 or more similar transactions in the last hour.

7. Sign up for notifications: Navigate tot the top right of the screen and click on the notification bell icon and select your notification preferences

8. Save your alert: Click Save trigger to activate your alert, ensuring it’s ready to notify assigned analysts and integrate seamlessly into your workflow.

Once you’ve defined an alert trigger, create a checklist to standardize the investigation process:

Navigate to Settings - Systems - Case Management - Checklist.

Setting up checklists for alerts

1. Click Create new to set up a new alert checklist.
2. Add the checklist name for the alert.
3. Add steps tailored to the alert use case.
4. Save the checklist by clicking Save changes at the top right of the screen.

Tip: Create as many alert checklists as needed to align with your specific alert triggers. This ensures each type of alert follows a tailored and consistent procedure, improving efficiency and accuracy.

Setting up checklists for cases

1. In the Case checklist section, select Create new.
2. Add the steps to investigate cases.
3. Save the checklist by clicking Save changes at the top right of the screen.

Tip: While you can create multiple checklists for alerts to suit various triggers, cases are streamlined with a single checklist. This keeps investigations focused and consistent across your team.

Attaching the checklist to an alert trigger

After creating the checklist, link it to the relevant alert trigger:

1. Return to the alert trigger in Alerts - Alert triggers.
2. Select the relevant alert trigger and then attach the checklist to be used with the alert and mark it as mandatory or optional.
3. Save changes by selecting Save trigger.

This ensures investigators follow a consistent process for each alert type.
 

Stay informed about critical alerts by subscribing to notifications:

1. After setting up an alert trigger, click the notification button in the top-right corner.
2. Choose your preferred notification method (e.g., email, in-app notifications).
3. Set email frequency for updates.
4. Click Save.

Alternatively, manage notifications in Settings - Personal - Notifications - Alerts to customize delivery preferences.