How graphs and AI are shaping the future of financial crime prevention

Graph technology and AI help banks uncover hidden networks, reduce false alerts and strengthen financial crime prevention.

In brief:

• Graphs and AI reveal hidden relationships across corporate networks, enabling dynamic, context-aware risk assessment beyond traditional customer-centric models.
• Network-level monitoring detects multi-entity layering, circular flows and anomalies, improving alert quality and accuracy of models.
• Graph-powered investigations and AI-generated narratives accelerate casework, unify insights and raise the efficiency and consistency.

The use of companies as tools to commit crimes such as fraud, tax evasion, money laundering or otherwise, as highlighted in reports from Europol as well as The Swedish National Council for Crime Prevention, is not a new phenomenon. To some extent, this has always been the case and likely it will not change anytime soon. What is troubling, however, is the increased sophistication, the scale of the issue and the ongoing shift from committing crime within otherwise legitimate businesses to setting up companies, or even groups of companies, with the sole purpose of committing crime. 

Traditional transaction monitoring and KYC approaches do not reflect how criminal networks operate. Criminals behave as systems, not as isolated individuals. Financial institutions today face significant challenges in identifying suspicious activities among corporate customers. The Swedish Financial Police reported in 2024 that only 5% of submitted Suspicious Transaction Reports (STRs) concerned transactions between companies, despite there being substantial money laundering risks in corporate structures.

At the same time, regulatory expectations are rising. Supervisors increasingly expect banks to identify complex ownership structures, understand and act on real risks, and detect multi‑entity typologies. To further complicate things, operational models are already under strain; alert volumes continue to rise, investigative costs grow, and legacy IT architectures limit the ability to detect behaviors across networks of customers.

What if monitoring solutions could act more like experienced investigators, connecting the dots between transactions, accounts and relationships?

In this article, we explore how graph databases and AI represent the next step in anti‑financial crime; enabling banks and investigators to uncover hidden relationships, interpret behavior in context and detect suspicious activity across entire customer networks.

Limits of customercentric approaches

The blind spots of customerlevel risk models

Traditionally, risk rating models and KYC approaches focus on the individual customer and its beneficial owners. For this, institutions rely on two main inputs:

1. Information provided by the customer
2. Information gathered from trusted third parties, such as official registers

While useful and good practice, these methods are not perfect. Criminals increasingly exploit the very corporate registries meant to provide transparency, establishing layered or synthetic structures that appear legitimate on paper but do not reflect reality. 

Also, because traditional models struggle to accommodate network analysis, they cannot accurately detect how risk propagates across related entities. 

Legacy relational systems further constrain this by making multi‑hop relationship analysis technically difficult or impossible. As a result, institutions may rate a customer as low‑risk while missing high-risk indicators that become visible only when viewed through a network‑aware lens.

The limits of isolated transaction analysis

Many transaction monitoring setups evaluate activity only through the customer’s own behavior, such as their historical pattern, expected activity and deviations from statistical norms. Even advanced models that employ behavioral profiling still operate within this narrow scope. But financial crime patterns do not occur in isolation. Transactions are performed across webs of connected companies, crossing several layers to disguise origin and purpose. Without network context, institutions are effectively unable to see the full scope.

This limited window might tempt organizations to err on the side of caution, generating large volumes of alerts to compensate for missing context. Analysts then further compensate by chasing and connecting clues manually. Despite appearing thorough on paper, this method still produces unknown false negatives while inflating investigative workload and operational cost.

Operational bottlenecks in AML casework

Investigation teams put great effort into assembling the basic facts needed to understand a case. Information is dispersed across systems, and analysts must jump between them to reconstruct even simple relationships. This “swivel‑chair” process introduces risks of oversight and inconsistency, and slows down case resolution significantly.

Because investigators lack a unified view of entity relationships, tracing links between companies or following multi‑entity transaction flows becomes labor-intensive and error‑prone. Critical insights may only surface late in the investigation, if at all, reducing both investigative efficiency and the quality of STRs.

Connecting entities, context and outcomes

Relationship‑driven risk assessment

Graph databases and AI can uncover direct and indirect relationships between customers that would otherwise go undetected. They help institutions identify clusters of connected companies based on relationships such as shared addresses, common directors, shared transaction counterparties, or common devices or networks.

The graph database provides the context and the means to uncover these relationships; AI helps interpret the data, quantify risk propagation across clusters and generate narrative summaries for analysts. This supports a shift from static point‑in‑time risk ratings to dynamic, relationship‑aware scoring, leading to fewer false negatives, more focused EDD and earlier detection of synthetic corporate structures.

Network‑level transaction monitoring

Graph databases enable banks to shift from analyzing single‑customer behavior to monitoring patterns across networks of customers by, for example:

• Multi‑entity layering detection: Identify funds that pass through multiple connected entities in structured sequences.
• Circular fund flows: Reveal closed‑loop movement of money.
• Network‑level anomaly detection: Spot unexpected interactions between dormant or previously low‑risk nodes.
• Context‑aware alert prioritization: Elevate alerts where multiple connected customers exhibit correlated behaviors.

This holistic approach improves alert quality, potentially reducing both false positives and false negatives.

Technology foundations: how banks can adopt graph and AI

To fully realize the value of graph‑enhanced anti-financial crime, banks need to adopt a fit-for-purpose setup:

1. Unified graph data model
   • Integrate customer data, beneficial ownership, registry filings, transaction flows, accounts, etc.
   • Represent people, companies, accounts, etc., as nodes, and real‑world relationships as edges.
   • Enable multi‑hop analysis across complex structures.
2. AI and machine learning (ML) on top of graphs
   • ML models quantify risk propagation and detect anomalous clusters.
   • Graph algorithms highlight patterns impossible to detect with relational data.
   • LLMs assist by generating narratives and contextualizing network behavior.
3. Operational integration
   • Embed graph insights into case‑management workflows.
   • Surface link analysis visually to analysts for faster understanding.
4. Explainability and governance
   • Ensure transparent model logic to satisfy regulatory expectations.
   • Maintain human‑in‑the‑loop controls and robust model risk management.