Inspiration
The global economy loses more than $2 trillion each year to money laundering.
The dominant technique — smurfing — works by splitting large sums into small transactions that individually look clean. Traditional rule-based systems never see the full picture. We wanted to build something that does.
What We Built
Sentinel-AML is a serverless AML detection pipeline on AWS. Transactions flow in through API Gateway, get stored as a relationship graph in Amazon Neptune, and are analyzed by a Graph Neural Network that scores suspicious clusters based on network topology — not just transaction size. When a cluster crosses the risk threshold, Amazon Bedrock automatically drafts a FinCEN-compliant Suspicious Activity Report using Claude 3 Sonnet.
How We Built It
We used Kiro's spec-driven development workflow to move fast without losing structure — requirements, design, and tasks were defined upfront before writing a single line of code. The entire infrastructure is defined as code using AWS CDK, with Lambda handling compute, Step Functions orchestrating the pipeline, and Neptune storing the transaction graph.
Challenges
Getting the GNN to run meaningfully within hackathon time constraints was the core challenge. We solved this by scoping inference to local subgraphs — analyzing 2-3 hops around active accounts rather than the full graph — keeping inference time constant regardless of database size.
What We Learned
Graph databases fundamentally change what's detectable. The same data that looks innocent in a SQL table reveals clear fraud topology in Neptune. Pairing that with Bedrock for report generation showed us how much operational work GenAI can absorb in compliance-heavy domains.
Built With
- amazon-api-gateway
- amazon-bedrock
- amazon-neptune
- aws-cdk
- aws-lambda
- aws-step-functions
- kiro
- python
- react
- typescript
Log in or sign up for Devpost to join the conversation.