How Neural Networks Find True Positive Alerts in Transaction Monitoring Systems

Subin Alex
4 min readAug 24, 2024

--

In today’s financial institutions, transaction monitoring systems play a vital role in detecting suspicious activities. One of the biggest challenges these systems face is distinguishing between true positive (TP) alerts (legitimate suspicious activities) and false positives (FP) (normal activities wrongly flagged as suspicious). In this post, I’ll walk you through how neural networks help improve this classification process, making it easier to detect real threats while reducing unnecessary alerts.

Step 1: The Challenge of Classifying Transaction Alerts

Imagine you have a transaction flagged as potentially suspicious. The transaction monitoring system needs to classify this alert into one of three categories:

  • True Positive (TP) — A legitimate suspicious activity.
  • False Positive (FP) — A normal activity that was wrongly flagged.
  • False Negative (FN) — A suspicious activity that was missed.

In a nutshell, the system’s job is to analyze a transaction’s details and decide whether it’s a true positive or just a false alarm.

Step 2: How Neural Networks Process Transactions

To tackle this problem, the transaction’s details (like amount, location, time, etc.) are fed into a neural network. But what exactly happens inside the neural network? Let’s break it down:

  • Input Layer: This layer takes the transaction data and prepares it for analysis. Think of it as the starting point where the transaction is broken down into various features.
  • Hidden Layers: These layers are where the magic happens. The hidden layers contain small units called neurons, which process different parts of the input. Some neurons might look at patterns in the transaction amount, while others might focus on unusual locations or times.
  • Final Layer (Output Layer): After processing the transaction, the network gives three raw scores: one for each class (TP, FP, FN). These raw scores are just numbers and aren’t probabilities yet, but we’ll get there.

For example, the raw outputs might look like this:

  • True Positive (TP): 1.5
  • False Positive (FP): -0.5
  • False Negative (FN): 2.5

At this point, the network has analyzed the transaction but hasn’t yet decided which class (TP, FP, or FN) the transaction belongs to. To make that decision, we need to convert these raw numbers into probabilities.

Step 3: Softmax — Turning Raw Scores into Probabilities

Raw scores don’t help much on their own because:

  • They aren’t between 0 and 1 (which probabilities need to be).
  • They don’t add up to 1 (which probabilities must).

This is where the softmax function comes in. It takes the raw scores and converts them into probabilities. After applying softmax, the raw scores (1.5, -0.5, 2.5) might look like this:

  • Probability of TP = 0.3 (30% chance the alert is a true positive).
  • Probability of FP = 0.1 (10% chance the alert is a false positive).
  • Probability of FN = 0.6 (60% chance the alert is a false negative).

Now we have probabilities, and the class with the highest probability will be the prediction.

Step 4: Making the Prediction

In this case, False Negative (FN) has the highest probability (0.6), meaning the system predicts that the transaction is likely to be a false negative — a suspicious activity that might have been missed. But how does the network learn to make better predictions over time?

Step 5: Training the Neural Network

The network doesn’t start off perfect. It needs to learn from its mistakes, and this happens during the training phase. Here’s how it works:

a.Weights and Biases:

Every neuron has weights and biases that help it process data, but at the start, these are random. As a result, the network’s predictions are random too at first.

b.Forward Pass:

The transaction goes through the network, and the raw scores for TP, FP, and FN are generated. Softmax converts these scores into probabilities, and the network makes a prediction.

c.Loss Calculation (How Wrong Was the Prediction?):

The system compares its predicted probabilities with the true label. For example, if the true label is “True Positive” but the network predicted “False Negative” with high confidence, the system calculates how far off the prediction was. This is called the loss.

d.Backpropagation (Fixing Mistakes):

The network adjusts its internal weights and biases using an algorithm called backpropagation. The goal is to reduce the loss so that next time, the system makes a better prediction.

e.Updating the Network:

The network slowly learns by adjusting its weights over time, improving its ability to classify future transaction alerts correctly.

Step 6: Iterative Improvement

This process — where the network makes predictions, calculates its loss, and updates itself — happens repeatedly across many examples. Over time, the network becomes better at recognizing true positives while reducing false positives and false negatives.

Recap: How the Process Works

Here’s a quick recap of how the neural network classifies transaction alerts:

  • Input: The transaction’s details are fed into the network.
  • Hidden Layers: The network processes the transaction features, looking for patterns that indicate suspicious activity.
  • Raw Scores: The network produces raw scores for True Positive, False Positive, and False Negative.
  • Softmax: These raw scores are converted into probabilities.
  • Prediction: The class with the highest probability is the predicted outcome.
  • Training: The network learns from its mistakes and gradually improves by adjusting its internal parameters (weights and biases).

Final Thoughts

Neural networks are powerful tools for improving transaction monitoring systems. They help financial institutions reduce false positives, which is crucial for avoiding unnecessary manual investigations. At the same time, they enhance the system’s ability to detect true suspicious activities, making the process more efficient and accurate.

By understanding how these networks work behind the scenes, we can appreciate the complexity of identifying real threats in financial transactions, ensuring the system gets smarter and more effective over time.

Have any questions or thoughts? Feel free to comment below or reach out! I’d love to hear your feedback on how neural networks are shaping the future of transaction monitoring systems.

--

--

No responses yet