TigerGraph Accelerates Enterprise AI Infrastructure Innovation with Strategic Investment from Cuadrilla Capital
TigerGraph Accelerates Enterprise AI Infrastructure Innovation with Strategic Investment from Cuadrilla Capital
Read More
Contact Us
Contact Us
Go Back
Blog / Shape-shifting Fraud Flat Models Miss
September 8, 2025
6 min read

Shape-shifting Fraud Flat Models Miss

Paige Leidig
#Collusion detection
#Financial Crime Prevention
#Fraud Detection
#Fraud rings
#Graph Analytics
#Real-time fraud detection
Diagram comparing flat and graph models for fraud detection. Left: isolated flat icons (money, warning, mask). Right: interconnected graph network with similar icons, highlighting complex relationships. TigerGraph logo in top left.

Share:

Why Detecting Fraud Rings and Collusion Requires a Graph-First Approach

Fraud today isn’t a single stolen card or a suspicious wire. It’s organized, adaptive, sprawling, and hard to spot. Networks of mule accounts, synthetic identities, complicit merchants, and cross-border facilitators work together in carefully orchestrated rings. By the time a traditional detection system flags a suspicious transaction, the money has already crossed jurisdictions and vanished.

For top banks, this represents a financial loss as well as reputational damage, regulatory exposure, and a drain on analysts. 

These professionals spend too much time chasing false positives while the real fraudsters slip through. And it’s all because flat models can’t keep up.

Flat Models Can’t Keep Up

Most banks still rely on flat, tabular models for fraud detection. These models treat each transaction, account, or merchant as an isolated row in a database, disconnected from the broader web of activity around it. This row-by-row logic is efficient for simple anomaly detection—catching a sudden spike in transaction size, an unexpected geolocation, or a login from a flagged IP.

But fraud has outgrown these models. 

Organized rings thrive in the hidden patterns across individual data points. Flat models can’t easily connect the dots across multiple accounts, channels, or time periods. They struggle when fraud is collective, coordinated, and designed to look normal in isolation.

That’s why today’s most damaging schemes slip past detection until it’s too late. Consider:

  • Dozens of mule accounts funneling money to a central hub. Flat models see a set of small, ordinary accounts. A graph model instantly reveals the hub-and-spoke structure connecting them, as this is the hallmark of a mule network.
  • Merchants quietly cooperating with buyers. One-off transactions look normal in isolation. A graph view shows the unusually dense connections between certain merchants and a cluster of suspicious buyers, surfacing collusion.
  • Synthetic identities built from stolen data. Flat models let fake identities pass KFC screening because each identity checks out on its own. Graph exposes the overlap: multiple “unique” customers tied to the same phone number, device, or address.
  • Funds layered through ten intermediaries. Tabular systems log ten ordinary transfers. A graph traversal uncovers the entire chain, showing how money was laundered across accounts and jurisdictions.

Flat models reduce fraud to scattered anomalies. Graph connects the dots, exposing the network

Fraud Rings in Motion

The most dangerous thing about modern fraud is its ability to mutate. Shut down one set of accounts, and new ones appear within hours. Flag one pattern, and fraudsters rapidly switch tactics, moving money through new intermediaries, testing different transaction types, or shifting to another merchant channel.

This isn’t random improvisation. It’s coordinated adaptation. 

Fraud rings operate more like living systems than isolated events. They monitor banks’ defenses, adjust in real time, and use redundancy so that no single takedown cripples the network. The result is fraud that doesn’t just scale, but actively learns how to survive.

Static detection methods leave banks permanently one step behind because they:

  • Treat each incident as a reset. Once a flagged account is closed, flat systems don’t preserve the history of relationships or tactics used.
  • Miss the ripple effects. When fraudsters pivot, related accounts, merchants, or synthetic IDs often resurface elsewhere, but without network visibility, those links remain hidden.
  • Overwhelm analysts. Each mutation generates new alerts that look different on the surface but are variations of the same underlying scheme. Analysts are left chasing symptoms instead of addressing the system.

To stop fraud that moves and adapts like this, banks need detection models that recognize patterns as they shift, not just when they first appear. That means understanding how people, accounts, merchants, and devices are connected, and how those connections evolve over time.

Why Graph Fills the Gap

If fraud mutates like a living system, it’s not enough to have the most recent data. Many tabular systems can deliver real-time updates, but they still treat each transaction as an isolated event. What’s missing is the ability to see how patterns evolve.

That’s exactly what graph delivers. Unlike flat models, a graph-based model connects every account, transaction, merchant, or device into a living, queryable map. It captures what happened, and it shows how those relationships change over time and what that reveals about the fraudsters’ intent. By analyzing those evolving patterns, investigators gain foresight into coordinated activity that would stay hidden in tables.

With TigerGraph’s real-time scalable graph, fraud teams can:

  • Detect collusion and multi-hop patterns: Spot when hundreds of accounts share devices, IPs, or merchants, even as fraudsters switch identities.
  • Expose hidden facilitators: Surface the merchants or service providers that consistently reappear in different fraud schemes, even after old accounts are shut down.
  • Track mutations in real time: See how fraud rings adapt, with models that evolve along with the behavior, not weeks later, but as transactions stream in.
  • Operate at enterprise scale: TigerGraph supports 1B+ transactions per day and runs queries in 80 milliseconds, giving fraud teams actionable answers before losses escalate.

This gives banks a fraud model that evolves as quickly as the fraud itself—one that turns mutation from an advantage for criminals into an opportunity for earlier, more decisive intervention.

Real Results at Leading Banks

When top banks apply graph to fraud detection, the impact is tangible and measurable:

  • $100M+ in annual fraud losses prevented. By detecting mule networks earlier, banks have been able to stop money before it disappears across accounts and jurisdictions.
  • Operational efficiency gains. Fraud SVPs and operations teams report faster triage cycles, with analysts spending less time on false positives and more time pursuing confirmed threats.
  • Enterprise-grade compliance. Graph models built on TigerGraph support FinCEN, AML, and KYC requirements, giving risk leaders confidence that their detection systems align with regulatory expectations and auditability standards.
  • Proven scale and performance. TigerGraph powers fraud workloads handling 1B+ transactions per day, with queries returning in as little as 80 milliseconds, making real-time detection and intervention a reality for Tier-1 banks.

There are fewer misses, fewer wasted investigations, and more fraud stopped in motion.

With fraud evolving faster than flat models ever can, graph gives banks the structural visibility and real-time performance to keep pace. And TigerGraph transforms fraud prevention into a dynamic, network-first capability that sees fraud for what it is: a shape-shifting, relational problem.

Reach out for more info on how to use graph to outpace fraud rings, and you can experience graph analytics in minutes—launch your free TigerGraph instance at tgcloud.io.

About the Author

Paige Leidig
Bio

Suggested Articles

Andrew
April 1, 2024

Understanding Graph Embeddings

View
Andrew
September 15, 2021

Decision Trees in TigerGraph

View

Learn More About PartnerGraph

TigerGraph Partners with organizations that offer
complementary technology solutions and services.
START FOR FREE
START FOR FREE
Dr. Jay Yu

Dr. Jay Yu | VP of Product and Innovation

Dr. Jay Yu is the VP of Product and Innovation at TigerGraph, responsible for driving product strategy and roadmap, as well as fostering innovation in graph database engine and graph solutions. He is a proven hands-on full-stack innovator, strategic thinker, leader, and evangelist for new technology and product, with 25+ years of industry experience ranging from highly scalable distributed database engine company (Teradata), B2B e-commerce services startup, to consumer-facing financial applications company (Intuit). He received his PhD from the University of Wisconsin - Madison, where he specialized in large scale parallel database systems

Smiling man with short dark hair wearing a black collared shirt against a light gray background.

Todd Blaschka | COO

Todd Blaschka is a veteran in the enterprise software industry. He is passionate about creating entirely new segments in data, analytics and AI, with the distinction of establishing graph analytics as a Gartner Top 10 Data & Analytics trend two years in a row. By fervently focusing on critical industry and customer challenges, the companies under Todd's leadership have delivered significant quantifiable results to the largest brands in the world through channel and solution sales approach. Prior to TigerGraph, Todd led go to market and customer experience functions at Clustrix (acquired by MariaDB), Dataguise and IBM.