Fraud Finder | Devpost

Inspiration

What it does

How we built it

Challenges we ran into

Accomplishments that we're proud of

What we learnedHow We Built It

RingAlert is a 7-agent pipeline where every agent communicates exclusively through Cognee named datasets — no agent calls another directly. Agent 1 (DataIngestor) reads 5,000 transactions, computes per-account statistics, and detects a coordinated account-opening window: all 6 ring accounts opened within 8 days of each other in February 2026. That window is the primary detection signal. Agent 2 (GraphMapper) builds the transfer graph, identifies 4 pure sink accounts that only receive money and never send, and builds a merchant co-occurrence graph that catches AC-0012 through its shared merchants. Agent 3 (PatternDetector) scores 5 weighted threat signals — category capture, structuring, mule coordination, burst velocity, and sleeper activation — producing a raw severity score out of 10. Agent 6 (EntityEnricher) queries Geodo and matches three FinCEN typologies: ML-027 layering, ML-008 structuring, and ML-041 mule network, each carrying a severity multiplier. Agent 4 (RiskScorer) runs Bayesian inference using a Beta prior to produce a fraud probability with a confidence interval. Agent 5 (CaseBriefWriter) generates a SAR narrative in FinCEN format via the Claude API. Agent 7 (FraudNotifier) fires a Slack alert to the compliance team the moment severity crosses 7.0. The frontend is a React dashboard with a live agent log, network graph, risk table, and a severity gauge showing 9.4/10. Challenges The sleeper problem. AC-0012 has no timing signals, no amount signals, no frequency signals. Our first three detection approaches missed it entirely. The breakthrough was realizing it wasn't detectable in isolation — only through its relationship to other accounts in the graph. Reframing the detection from "find suspicious accounts" to "find suspicious clusters" is what made it work. The sink detection. The dataset uses a fan-to-sink pattern, not circular flows. Our initial graph algorithm looked for cycles and found nothing. We had to completely rewrite Agent 2 to detect directional imbalance — accounts with in-degree greater than zero and out-degree of exactly zero — which revealed the 4 mule accounts cleanly. Running without API access. The sandbox environment we developed in had no outbound network access for package installs. We rewrote the entire pipeline to run on only pandas and numpy — replacing Cognee with in-memory dicts, PyMC with numpy Bayesian sampling, and networkx with pure Python graph traversal. The pipeline ran end-to-end and still delivered 100% precision and 100% recall.