AI Financial Crime Typology:场景覆盖与 SAR 证据架构
重要说明: 本文是学习、架构训练和作品集材料, 不构成法律意见、合规结论、SAR filing decision、监管解释或模型验证报告。是否调查、升级、关闭 case 或提交 SAR, 必须由具备权限的人类 Compliance / BSA / AML owner 根据机构政策、司法辖区规则、事实证据和适用监管要求决定。AI 可以辅助识别、汇总、检索、解释和质检, 不能替代 SAR 决策责任。
AI Financial Crime Typology / Scenario Coverage / SAR Evidence Architecture 解读
面向对象: Advanced AI PM / Senior BA / Product Architect / AML Technology Architect / Financial Crime Product Owner / Compliance Transformation Lead。 核心问题: 金融犯罪 AI 如果只优化 alert precision 或 SAR narrative speed, 会忽略更关键的问题: typology 是否被完整表达, scenario coverage 是否有证据, SAR evidence chain 是否能支撑人类合规决策。 学习目标: 能把 typology library、scenario inventory、red flag mapping、coverage matrix、alert-to-case-to-SAR traceability、evidence bundle、human compliance ownership 和 AI eval architecture 连接成一套可运营的控制系统。
重要说明: 本文是学习、架构训练和作品集材料, 不构成法律意见、合规结论、SAR filing decision、监管解释或模型验证报告。是否调查、升级、关闭 case 或提交 SAR, 必须由具备权限的人类 Compliance / BSA / AML owner 根据机构政策、司法辖区规则、事实证据和适用监管要求决定。AI 可以辅助识别、汇总、检索、解释和质检, 不能替代 SAR 决策责任。
Source Anchors
| Source | Link | 用途 |
|---|---|---|
| FFIEC BSA/AML Suspicious Activity Reporting Overview | https://bsaaml.ffiec.gov/manual/SuspiciousActivityReporting/01;current manual path: https://bsaaml.ffiec.gov/manual/AssessingComplianceWithBSARegulatoryRequirements/04 | 用 suspicious activity identification、alert management、SAR decision、SAR completion、supporting documentation 和 confidentiality 语言组织证据链 |
| FFIEC BSA/AML Appendix F Red Flags | https://bsaaml.ffiec.gov/manual/Appendices/08;current Appendix F path: https://bsaaml.ffiec.gov/manual/Appendices/07 | 用 red flags、additional scrutiny、key terms 和 narrative focus 组织 scenario library;/Appendices/08 当前显示 Appendix G Structuring, 实务中应核对官方当前路径 |
| FinCEN Advisories / Bulletins / Fact Sheets | https://www.fincen.gov/resources/advisoriesbulletinsfact-sheets | 用 advisories、typologies、red flags、key terms 和 emerging threat anchors 更新 typology library |
| FinCEN BSA Filing Information | https://www.fincen.gov/resources/filing-information | 用 BSA E-Filing、SAR electronic filing resources 和 filing operations 约束 filing evidence handoff |
| FATF Recommendations | https://www.fatf-gafi.org/en/publications/Fatfrecommendations/Fatf-recommendations.html | 用 international AML/CFT/CPF risk-based framework、CDD、recordkeeping、suspicious transaction reporting 和 effectiveness 语言做跨辖区抽象 |
| NIST AI RMF | https://www.nist.gov/itl/ai-risk-management-framework | 用 Govern / Map / Measure / Manage 组织 AI 风险、eval、monitoring、control ownership 和改进闭环 |
一句话:
AI financial crime architecture 的核心不是“模型发现更多可疑交易”, 而是证明 typology、scenario、red flag、evidence、case decision 和 SAR narrative 之间的 traceability 足够完整, 且最终判断仍由人类合规 owner 承担。
1. Thesis
Financial crime AI 应该从单点模型升级为 typology-driven control architecture。
传统项目常问 model precision、false positive reduction 和 SAR draft speed。高级 PM / BA / Architect 必须追问: 哪些 typologies 在 scope, 哪些 scenarios 覆盖它们, red flags 映射到什么 evidence, 哪些产品/渠道/客户/地区有 blind spot, alert 如何进入 case 和 SAR consideration, 谁拥有最终决定, audit 能否不依赖 AI summary 也 replay 全链路。
成熟架构中心从 model score 转成 coverage and evidence:
typology -> scenario -> red flag -> data signal -> alert -> case
-> investigation evidence -> SAR consideration -> narrative bundle
-> human decision record -> audit replay
2. Why It Matters
金融犯罪风险不是统一标签。同样是“异常转账”, 在不同背景下可能属于 structuring、mule account、elder exploitation、romance scam、trade-based money laundering、sanctions evasion、terrorist financing、cyber-enabled fraud、check fraud 或 funnel account。
如果没有 typology/scenario architecture, AI 系统容易产生三类失败:
| Failure | 表现 | 风险 |
|---|---|---|
| Coverage illusion | dashboard 显示 alert volume 很高, 但关键 typology 没有 scenario | 高风险活动漏检 |
| Narrative illusion | LLM 写出流畅 SAR draft, 但证据链弱或缺反事实 | reviewer 被 automation bias 影响 |
| Precision tunnel | 只追求 false positive 降低, 关闭低频高风险场景 | control effectiveness 下降 |
SAR 质量也不是文学质量。好的 SAR evidence architecture 要支持 who、what、when、where、why、how、which red flags、which evidence、which uncertainty 和 who decided。
3. Architecture Model
参考架构:
source systems -> feature/event layer -> typology and scenario library
-> detection and triage -> alert-to-case workflow
-> SAR consideration -> evidence ledger and coverage dashboard
关键组件: core/card/ACH/wire/RTP/branch/digital/CRM/KYC/sanctions data, customer profile, counterparty graph, transaction sequence, red flag object, scenario rule, ML detector, LLM triage prompt, analyst workbench, supporting documentation index, trace id, model/rule/prompt version, human action and audit replay。
核心原则:
- Typology library 是控制资产, 不是培训材料。
- Scenario coverage 要可度量, 不是“我们有 AML 监控”。
- LLM 不做 SAR decision; LLM 做 evidence organization、gap detection、narrative quality assist 和 reviewer support。
- Supporting documentation 必须独立于 AI narrative 保存。
- 每次 rule/model/prompt change 都要评估 coverage impact。
4. Typology / Scenario Library
Typology object:
| Field | 示例 |
|---|---|
typology_id | typ_structuring_cash_deposit |
risk_family | money_laundering / fraud / TF / sanctions / elder_exploitation |
source_anchor | FFIEC Appendix F, FinCEN advisory, internal risk assessment |
customer_segments | consumer, SMB, MSB, nonprofit, private banking |
products_channels | branch cash, ACH, wire, debit card, digital onboarding |
red_flags | threshold avoidance, rapid movement, inconsistent profile |
scenarios | scenario ids and control strength |
evidence_requirements | transactions, KYC profile, counterparties, history, analyst notes |
SAR_relevance | possible SAR category / key terms / narrative prompts |
owner | AML typology owner |
Scenario object:
| Field | 示例 |
|---|---|
scenario_id | scn_cash_structuring_multi_branch_001 |
detection_method | rule, ML, graph, LLM triage, hybrid |
trigger_logic | cash deposits below threshold across branches over rolling window |
data_dependencies | teller, branch, cash amount, customer, account, geography |
expected_evidence | transaction list, account history, customer profile contrast |
false_positive_drivers | cash-intensive business, seasonal pattern |
human_review_questions | legitimate purpose? source of funds? pattern change? |
coverage_status | active, partial, manual-only, gap, retired |
5. Coverage Matrix
Coverage matrix 把“我们监控金融犯罪”拆成可测试资产。
| Typology | Customer | Product / channel | Scenario | Evidence | Control strength |
|---|---|---|---|---|---|
| Structuring | consumer / SMB | cash branch / ATM | below-threshold deposits across time and branch | transaction sequence, profile contrast | rule + analyst review |
| Mule account | consumer | digital onboarding / ACH / debit | new account rapid inbound/outbound | device, counterparty, velocity, account age | graph + ML + case review |
| Elder exploitation | senior consumer | wire / branch / digital | sudden beneficiary / high-pressure transfer | customer history, channel notes, beneficiary | red flag + frontline referral |
| TBML | SMB | wire / trade finance | invoice mismatch and high-risk corridor | invoice, shipping, counterparty, value | specialist review |
| Sanctions evasion | business | wire / digital assets | intermediary / front company pattern | sanctions screen, network, geography | sanctions + AML escalation |
| Check fraud | consumer / SMB | branch / mobile deposit | altered item, stolen mail pattern | image, return code, payee, device | fraud + AML referral |
Coverage scoring:
coverage_score =
typology_scope * data_availability * scenario_active * evidence_quality
* review_capacity * QA_feedback * change_control
不要把 alert count 当 coverage。应该看 typology active coverage、scenario-to-risk assessment alignment、red flag evidence completeness、uncovered products/channels、scenario aging、QA defect by typology 和 SAR narrative evidence sufficiency。
6. SAR Evidence Chain
SAR evidence chain 不是“把 alert copy 到 SAR form”。
它应能重建: signal detected -> scenario triggered -> red flags observed -> analyst reviewed evidence -> additional research -> case disposition -> SAR filing considered -> authorized human decision -> narrative and supporting documentation assembled。
Evidence bundle:
| Evidence node | 内容 |
|---|---|
| Case facts | customer, account, counterparty, transaction timeline, channel |
| Typology mapping | typology id, scenario id, red flag ids, source anchor |
| Expected vs actual | customer risk profile, expected activity, observed deviation |
| Supporting documentation | transaction records, KYC/CDD, screenshots, case notes, referral |
| AI assistance trace | model/prompt version, summary, extracted facts, gap flags, output hash |
| Human review | analyst notes, escalation, reviewer decision, SAR committee outcome |
| Narrative support | key terms, concise chronology, why suspicious, known uncertainties |
| Confidentiality control | access, retention, disclosure boundary, supporting-doc handling |
架构判断:
- AI summary 是 derivative evidence, 不是 source evidence。
- SAR narrative draft 必须引用 supporting documentation index。
- Non-filing decision 也要有 rationale 和 evidence, 但不能变成模型自动豁免。
- SAR confidentiality 要进入 access control、logging、training 和 audit evidence。
7. Financial Retail Scenarios
| Scenario | Signals | AI assist | Control boundary |
|---|---|---|---|
| Retail checking mule | 新账户收到 unrelated inbound ACH, 快速 P2P/debit/crypto cash-out, shared device/IP/address | counterparty graph summary、similar case、gap check、chronology | AI 不可关闭 alert; high-risk cluster senior review |
| Elder exploitation wire | senior customer 向新 beneficiary 大额 wire, branch note 有 pressure/confusion | 汇总关系历史、交易变化、frontline notes | AI 不直接阻止合法交易; protection protocol 和 SAR consideration human-owned |
| Check fraud to AML | mobile image 异常、payee mismatch、returned item cluster | 聚合 image flags、return codes、account network | Fraud loss decision 和 AML SAR consideration 分开 |
| SMB structuring | 多日低于 CTR threshold 的现金存款, 多分支分散, 与行业不一致 | expected vs actual, false positive drivers | Red flag 不是犯罪结论; analyst review profile/source/history |
| Scam crypto exit | romance/investment scam 话术, test transfer 后大额 crypto on-ramp | 提取 scam indicators, 连接 advisory key terms | payment intervention、customer care、SAR review 是不同 workflow |
8. PM / BA / Architect Implications
| Role | Implication |
|---|---|
| PM | Roadmap 不只看 false positives, 还看 typology coverage、SAR quality、case throughput、analyst trust 和 evidence completeness |
| PM | AI allowed role 是 summarize、triage、gap-check、draft, 不是 final SAR decision |
| BA | 采集 typology、red flag、scenario、data field、threshold、review question、case disposition 和 SAR evidence 规则 |
| BA | 把 FFIEC / FinCEN / FATF 语言转成 decision tables、event schemas、evidence requirements 和 workflow states |
| Architect | 建立 typology registry、scenario registry、feature contracts、evidence ledger、case workflow、LLM gateway 和 audit replay |
| Architect | 把 model/rule/prompt versions 绑定到 alert and case, 并设计 SAR-sensitive access、retention、logging、least privilege |
9. Artifacts
| Artifact | 用途 |
|---|---|
| Typology library | 记录风险家族、red flags、source anchors、owner、review cadence |
| Scenario inventory | 记录 rule/model/prompt scenarios, data dependencies and status |
| Coverage matrix | 证明 typology x product x customer x channel 覆盖 |
| Red flag evidence map | 把每个 red flag 映射到 observable data and analyst question |
| Alert-to-case trace | 连接 alert id、scenario、case、analyst action、disposition |
| SAR evidence bundle | 支撑 narrative、filing consideration 和 supporting documentation |
| AI assistance log | 记录 model/prompt、source、summary、gap flags、output hash |
| QA sampling plan | 按 typology 和 risk tier 抽样检查 |
| Management dashboard | coverage, evidence, backlog, defects, KRI |
10. Control / Evidence Design
| Control objective | Control activity | Evidence |
|---|---|---|
| Typology current | advisory review, risk assessment update, owner signoff | typology version log |
| Scenario active | scenario inventory and production monitor | scenario status dashboard |
| Data fit | feature contract and data quality checks | DQ report, lineage |
| Evidence complete | required evidence checklist by typology | case evidence completeness score |
| Human ownership | SAR decision owner and committee workflow | decision record, reviewer id |
| AI bounded | AI role policy and LLM gateway | prompt/model version, allowed action log |
| Narrative quality | SAR narrative rubric and QA sample | QA findings, defect taxonomy |
| Confidentiality | SAR-sensitive access control | access logs, training, retention policy |
| Change impact | rule/model/prompt release gate | coverage regression report |
11. Interview Questions
- 如何解释 typology、scenario、red flag、alert、case 和 SAR evidence 的区别?
- 为什么 false positive reduction 不是 AML AI 的唯一目标?
- 如何设计 typology/scenario coverage matrix?
- LLM 在 SAR workflow 中可以做什么, 不能做什么?
- 如何证明一个 SAR narrative 有足够 evidence?
- 如何避免 AI 生成流畅但证据薄弱的 SAR draft?
- 如何管理 FinCEN advisory 带来的新 typology / red flag 更新?
- 如何处理 synthetic eval 与真实 case confidentiality 的冲突?
- 如何设计 alert-to-case-to-SAR traceability?
- 如何向高管解释 coverage gap 比低 precision 更危险?
30 秒回答:
我会把 AML AI 设计成 typology-driven evidence architecture。先定义 typology 和 scenario coverage, 再把 red flags 映射到可观察数据和 investigation questions。AI 可以辅助汇总、找缺口、草拟 narrative, 但 SAR decision 必须由授权合规人员负责。关键证据是 alert-to-case-to-SAR traceability, 而不是模型分数或漂亮文本。
12. Pitfalls
| Pitfall | Why it fails | Better design |
|---|---|---|
| 把 typology 当培训课件 | 无法证明生产场景覆盖 | typology registry + scenario mapping |
| 只优化 false positive | 可能关闭低频高风险 typology | coverage-aware tuning |
| LLM 直接建议 file / no file | 替代人类 SAR judgment | LLM 提供 evidence gaps and draft only |
| SAR narrative 很流畅 | 流畅不等于证据充分 | source-linked evidence bundle |
| Red flag = guilt | red flag 只提示 additional scrutiny | analyst investigation workflow |
| Synthetic eval 太干净 | 覆盖不了真实噪声和缺失证据 | synthetic + sanitized real-case eval |
| 没有 non-filing rationale | 无法证明 decision process | documented human decision |
| SAR evidence access 太宽 | confidentiality and tipping risk | least privilege and SAR-sensitive vault |
| Advisory 更新不入库 | 新威胁不进 scenario coverage | advisory-to-typology change control |
| Dashboard 只有 alert volume | 看不到 coverage and quality | typology coverage + QA defect dashboard |
最终记忆句:
In financial crime AI, the mature architecture is not model-first. It is typology-first, coverage-aware, evidence-backed, human-owned, and audit-replayable.