FraudShield AI Engine
FraudShield AI Engine is an enterprise-grade, real-time fraud detection platform for financial institutions. It combines behavioral analytics, machine learning scoring models, and configurable rule-based decisioning to protect against payment fraud, account takeover, first-party fraud, and money mule activity across all transaction channels.
This documentation covers the platform's risk scoring model, model input features, system configuration, operational tuning, and integration points. It's written for fraud operations analysts, data scientists, compliance officers, and IT teams responsible for deploying and maintaining FraudShield AI.
Document scope
This guide covers FraudShield AI Engine version 4.2, including the redesigned ML Model Configuration Platform (MCP), Real-Time Scoring API v3, Explainability Report enhancements released in February 2026, and the Case Management and Customer Risk modules.
Component overview
Risk Scoring Model
ML-driven composite risk score built from Risk Indicators (RIs), behavioral profiles, and channel-specific detection models.
Model Input Features
Transaction attributes, account history, behavioral biometrics, enrichment data, and aggregated profile variables.
Model Configuration
Configuration files, channel mappings, Base Transaction Activity (BTA) definitions, and multi-tenant setup.
Threshold Tuning
RI score scale configuration, weight assignment, population-based tuning, and the quarterly tuning cycle.
False Positive Handling
Alert suppression rules, whitelisting, challenge/step-up authentication, and analyst feedback loop.
Model Retraining Cycle
Champion/challenger framework, training data requirements, validation gates, and deployment procedures.
API Integration Guide
Real-time scoring API (REST), authentication, request/response schema, webhooks, and rate limits.
Audit Logs & Explainability
Audit log schema, model explainability output, regulatory compliance, and governance reporting.
Alert Investigation & Case Management
Alert lifecycle, Advanced Work Allocation (AWA), investigation workspace, SAR filing, and analyst feedback.
Customer Risk & AML Integration
CDD risk scoring (PEP, beneficial ownership, geography), watchlist screening, periodic review, and SAR/CTR integration.
Fraud Typology Reference
ATO, APP fraud, card CNP, check/deposit fraud, ACH BEC, mule networks, synthetic identity, and cross-border wire fraud โ detection logic and key RIs for each.
System architecture
FraudShield AI Engine operates as a real-time decisioning layer between your core banking or payment system and the customer-facing channel. Each transaction passes through a pipeline of enrichment, feature extraction, model scoring, and rule evaluation before a decision is returned.
FraudShield AI Engine โ High-Level Data Flow
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ CHANNEL INPUTS โ
โ Web Banking โ Mobile App โ ACH/Wire โ Card โ ATM/Branch โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Transaction event (JSON/ISO 20022)
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ENRICHMENT LAYER โ
โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ IP / Device โ โ Identity โ โ Behavioral Biometrics โ โ
โ โ Fingerprint โ โ Verification โ โ (keystroke, navigation) โ โ
โ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Enriched transaction object
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ ANALYTICS ENGINE โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Behavioral Profile Store (account / entity / network) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Historical aggregates โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ Risk Indicator (RI) Calculation โ โ
โ โ โ 200+ RIs across transaction, account, and network layers โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ RI values โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โ โ ML Scoring Model (channel-specific detection models) โ โ
โ โ โ Composite Risk Score (0โ1000) โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Risk score + RI contributors
โผ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ DECISIONING ENGINE โ
โ Policy Manager rules โ Decision: APPROVE / REVIEW / BLOCK โ
โ Alert generation โ Case Manager / SIEM / Webhook โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฌโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Decision + explainability payload
โผ
Core banking / Payment system
Who this guide is for
| Role | Relevant sections | Typical tasks |
|---|---|---|
| Fraud Operations Analyst | Risk Scoring Model, Threshold Tuning, False Positive Handling | Review alerts, tune score thresholds, manage suppression rules |
| Data Scientist / Model Owner | Model Input Features, Model Retraining Cycle | Monitor model drift, run champion/challenger tests, retrain models |
| Compliance Officer | Audit Logs & Explainability, Risk Scoring Model | Respond to regulatory requests, validate model governance |
| IT / Integration Engineer | Model Configuration, API Integration Guide | Deploy configuration, integrate core banking via REST API |
Quick-start paths
- New deployment: Start with Model Configuration, then API Integration Guide.
- Tuning an existing deployment: See Threshold Tuning and False Positive Handling.
- Model performance review: Go to Model Retraining Cycle.
- Regulatory audit: Start with Audit Logs & Explainability.
Configuration changes require change control
All changes to model configuration files, score thresholds, and suppression rules must follow your institution's change management process. Unauthorized changes may affect fraud detection performance and could trigger model risk management reviews.