Purpose-built compliance agents that read the transaction stream, recognise the typology, pull the evidence and draft the SAR narrative — under the same audit trail and human-in-the-loop controls as your analysts. Below is a real worked case.
Real reasoning trace from the SNAP-AI Investigator agent on a typical structuring case (CTR threshold = USD 10,000). Customer made repeated deposits just under the threshold across four days. Watch the agent connect the dots, gather the evidence, and write the analyst-ready narrative.
A rule engine flags activity that crosses a threshold. The agent recognises a pattern — the typology behind a series of activities, even when no single transaction is suspicious on its own. Each card below describes a real money-laundering pattern and the signals the agent triangulates to detect it.
Splitting a single large amount into several smaller deposits, each deliberately below the regulatory threshold (e.g. USD 10,000), to avoid mandatory currency-transaction reporting.
Multiple individuals ("smurfs") or multiple channels (branches, ATMs, agents) used in coordination to break one large deposit into many small ones — geographically dispersed but temporally tight.
Funds moved through multiple accounts, jurisdictions or instruments in rapid succession to break the audit trail between the source and the eventual beneficiary.
Many small deposits into one account from geographically diverse sources, immediately withdrawn or wired out in one or two large amounts — classic mule consolidation pattern.
A graph of customers performing coordinated activity that none would do individually — same beneficiary, same recruiter, shared device IDs, shared IPs, shared geographies.
Funds leave the system and return through a different route, often via shell entities offshore, to launder origin — sometimes called "ricochet" transactions.
Over- or under-invoicing on legitimate trade flows to move value across borders without triggering AML controls — phantom shipments, multiple invoices, mis-described goods.
Innocent customers receive deposits that pay for a remittance ordered by someone else, allowing the criminal to move funds without ever depositing them — victim shoulders the audit trail.
Funds move between fiat and digital assets repeatedly to break the chain of custody — on-ramp / off-ramp churn through mixers, bridges or unhosted wallets.
Compliance teams drown in alerts. The agent does the rote work — profile assembly, evidence harvest, narrative drafting — and surfaces only cases that warrant a human decision, with the case already prepared.
Every agent runs under a named policy: which data it can read, which actions it can take, which decisions require human approval. Policies are version-controlled, change-managed, and inspected on every regulator review.
The agent never closes a SAR. The agent never approves a high-risk customer. Every consequential decision routes to a named analyst — the agent prepares, the human decides.
Every agent action lands in the same audit log as analyst actions — same schema, same retention, same evidentiary weight. Regulators read one ledger, not two.
Every agent action is undoable. If the policy changes, the analyst disagrees, or a regulator objects, you roll back the action and the ledger records the rollback.