Overview

The Fraud Transaction Monitoring Portal is the web interface for the Fraud Transaction Monitoring System. It provides a means of monitoring, reviewing, and adjusting how the system reacts to events. A single system can support multiple solutions. Each solution provides a combination of portal configurations and analytics for detecting a specific type of financial risk, such as transaction fraud, AML, and merchant monitoring.

Using the Portal

For details of signing in to the portal and navigating, see Getting Started.

Accessing Screens

The sections in the portal that are available to you depends on your user role.

This means when you sign in to the portal, you may not see all the functionality described in this guide. For more information, please contact your system administrator or

refer to the Thredd Fraud Transaction Monitoring System Access Configuration Guide.

Managing Incidents

Reviewing Incidents

When you first go to the Incidents page, it shows a list of all incidents visible to you that haven’t yet been reviewed (see Managing Incidents). You can also choose to view only certain incidents, using filters (see Filtering Incidents).

If you manage multiple Solutions, you can use the Solutions Home page to open the relevant Solution first. The Incidents page of the Solution page only shows incidents associated with that Solution.

Viewing Incident and Alert Details

The Incident Review page (see Managing Incidents) contains detailed information on:

The event that triggered an alert
The entity that event happened to
Related user activity, including how previous alerts for the same entity were reviewed
Notes and comments from analysts who reviewed previous alerts

Searching for an Entity or Event

The search box in the portal header allows you to search for entities or events by ID or by fields within the event data (see Searching for Events and Entities), and then you can view and filter those results in the Events section of the portal (see Viewing Events).

Deciding on Incidents and Alerts

The Incidents page (described in Incidents) allows analysts to review information on an incident, and review alerts as 'risk' or 'no-risk', discount alerts or add them to a case (if case management is enabled), or put the incident aside to work on later (see Managing Incidents).

Referring an Incident

You can escalate or refer an incident from the Incident Review page.

Managing Rules and Models

Accessing Rules and Models

Analytics, such as rules, models and aggregators, are created at one of three levels:

Analytics level	Description
Your solution/Thredd	Analytics created at the Solution level can only process events associated with that Solution. Solution-level analytics are created and managed via the relevant Solution's user interface (UI).
Analytics Configuration Group (ACG)	An Analytics Configuration Group (ACG) is a set of analytics assigned to a one or more Solutions. Analytics within a particular ACG only process the events associated with the tenants or Solutions in that ACG. If you havepermission to do so, you can access ACG-level analytics from the Analytics Overview page. This is the first page you see when you go to the Analytics section of the portal. ACG-level analytics are not available if you have opened a Solution from the Solutions Home page (see Solutions Home Page ). Analytics for different Solutions are typically specific to each Solution, and are therefore defined at the Solution level.
Universal	Process events associated with all users and Solutions in the system.

Analytics level

Description

Your solution/Thredd

Analytics created at the Solution level can only process events associated with that Solution. Solution-level analytics are created and managed via the relevant Solution's user interface (UI).

Analytics Configuration Group (ACG)

An Analytics Configuration Group (ACG) is a set of analytics assigned to a one or more Solutions. Analytics within a particular ACG only process the events associated with the tenants or Solutions in that ACG. If you havepermission to do so, you can access ACG-level analytics from the Analytics Overview page. This is the first page you see when you go to the Analytics section of the portal.

ACG-level analytics are not available if you have opened a Solution from the Solutions Home page (see Solutions Home Page ). Analytics for different Solutions are typically specific to each Solution, and are therefore defined at the Solution level.

Universal

Process events associated with all users and Solutions in the system.

Updating Rules and Models

The Fraud Transaction Monitoring System enforces an authorization process for changes to the configuration of analytics (rules, models, etc.). There are two ways this can be implemented. In both cases, some user roles have permission to make changes to analytics configuration – these changes are made in a staging environment. Users with these permissions can also submit changes for approval. With the default configuration, these users cannot approve or reject changes – only a user with the supervisor role can approve the changes and implement them. However, your system can be configured so that users who can make changes to analytics can also approve or reject changes, but not changes they have made. See Selecting an Analytics Config Group for more information about this workflow, and see the rest of Overview Panels for more details on making changes to analytics. For more information about permissions, see the Fraud Transaction Monitoring System Access Configuration Guide.

Undoing Changes to Rules and Models

A user with the correct permissions can revert to a previous version of analytics configuration, reversing any changes made since that version was approved.