Fault Signal

AI agent that detects financial fraud using multi-signal correlation, impossible travel, structuring, and pattern matching, with explainable risk scores and automated SAR generation.

Comment

Inspiration
Every year, financial fraud drains over $5 trillion from the global economy. Behind the numbers are overwhelmed compliance teams buried under alerts — up to 95% of them false positives — spending hours piecing together disconnected signals before they can act. A single missed case can cost millions; a single false block can damage customer trust. We built FraudSignal to end that cycle.

What it does
FraudSignal is an autonomous, multi-agent AML intelligence system that doesn’t just detect fraud — it thinks like an investigator. It proactively plans its approach, reasons across six powerful signals (transaction anomalies, impossible travel, device spoofing, behavioral drift, pattern matching, account history), calculates an explainable risk score, and takes decisive action: freezing accounts, logging alerts, auto-drafting regulatory-ready SARs, and routing high-stakes cases to a dedicated ComplianceReviewer agent for independent validation. Every conclusion is transparent, auditable, and defensible.

How we built it
Powered entirely by Elastic Agent Builder on Elastic Cloud Serverless, FraudSignal orchestrates two specialized agents through three automated workflows (manual, daily, and real-time 1-minute monitoring). Nine custom tools (5 ES|QL, 3 Index Search, 1 Workflow) drive the reasoning. All capabilities are exposed via MCP and A2A servers. The system runs on ~126,000 synthetic transactions across 400 accounts, with pre-computed geospatial fields for speed and reliability.

Challenges we ran into
Serverless documentation lagged behind the live environment, requiring experimentation on workflow triggers and API behavior. Workflow creation is not yet fully API-accessible, so manual setup was necessary.

Accomplishments that we're proud of
A true investigation-to-review pipeline with narrated chain-of-thought reasoning. Catching impossible travel at 16,680 km/h. Full reproducibility — deployable from zero in minutes.

What we learned
Pre-computing derived fields at ingest time dramatically improves accuracy and performance. Elastic’s combination of ES|QL, semantic search, and workflows is exceptionally powerful for agentic systems.

What's next for FraudSignal
Graph-based money laundering network detection, integrated ML signals, analyst feedback loops, and multi-jurisdiction compliance support (AMLD, UK MLR).

Built With

  • anthropic
  • claudesonnet4.5
  • elastic-agent-builder
  • elastic-workflows
  • elasticsearch-serverless
  • es|ql
  • kibana
  • python
Share this project:

Updates