RingSight | Devpost

Inspiration

Fraud teams often miss coordinated behavior when every individual transaction looks normal. The hackathon prompt was about a fraud ring staying under alert thresholds through small transactions, circular-looking flows, and coordinated accounts. We wanted to build something that helps an analyst see the full network quickly instead of reviewing isolated transactions one by one.

What it does

RingSight is a fraud investigation tool for bank analysts. An analyst uploads a transaction CSV, and RingSight finds suspicious account networks, ranks the riskiest cases, explains the evidence, recommends next actions, and generates a downloadable investigation report.

The final output is not just an alert. It is a full case file with connected accounts, suspicious transaction patterns, risk scores, supporting evidence, recommended actions, and an analyst-ready report.

How we built it

We built RingSight with Next.js, TypeScript, Tailwind CSS, GPT-4o, Cognee, React Flow, Papa Parse, Graphology, and the Track 02 benchmark dataset.

First, we built a deterministic fraud-detection engine that parses transaction data and detects repeated transfers, overnight activity, structured small amounts, transfer chains, and suspicious account clusters.

Then we built four agents:

Agent 1 finds suspicious patterns.

Agent 2 groups those patterns into ranked fraud cases.

Agent 3 recommends actions for each case.

Agent 4 writes downloadable investigation reports.

Cognee connects the agents by storing each agent’s output and letting the next agent recall it. The frontend shows the full agent chain, network graph, evidence, action plan, and report download.

Challenges we ran into

The hardest part was making the agents real instead of just one LLM call pretending to be four agents. We had to separate deterministic fraud logic from agent reasoning so the system could stay accurate and explainable.

Another challenge was keeping the full pipeline usable. Four sequential agent calls can take several minutes, so we built a streaming UI that updates after each stage instead of making the user stare at a frozen loading screen.

We also had to make sure every score, account, transaction ID, and action stayed validated against the real data so the model could not invent evidence.

Accomplishments that we're proud of

We built a full multi-agent fraud investigation pipeline that works on real transaction data.

RingSight detected the benchmark’s suspicious exposure, grouped the activity into ranked cases, showed account networks visually, created evidence-backed recommendations, and generated downloadable reports.

We are especially proud that each agent has a clear role, uses Cognee memory, and produces outputs that a fraud analyst can actually understand and act on.

What we learned

We learned that agents are most useful when they have narrow jobs and strong structure. The fraud engine should calculate the facts, while the agents should explain, organize, rank, recommend, and report.

We also learned that explainability matters more than just having an impressive model. A fraud analyst needs to know why something was flagged, what evidence supports it, and what action to take next.

What's next for RingSight

Next, we would add support for larger transaction datasets, more fraud typologies, analyst feedback loops, and real-time monitoring.

We would also add team workflows so analysts can assign cases, leave notes, update investigation status, and export reports into existing fraud case-management systems.