CN117172789A - Risk assessment model construction method and device for suspicious transaction monitoring - Google Patents
Risk assessment model construction method and device for suspicious transaction monitoring Download PDFInfo
- Publication number
- CN117172789A CN117172789A CN202311238408.8A CN202311238408A CN117172789A CN 117172789 A CN117172789 A CN 117172789A CN 202311238408 A CN202311238408 A CN 202311238408A CN 117172789 A CN117172789 A CN 117172789A
- Authority
- CN
- China
- Prior art keywords
- risk assessment
- client
- risk
- assessment model
- sample data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012502 risk assessment Methods 0.000 title claims abstract description 218
- 238000012544 monitoring process Methods 0.000 title claims abstract description 39
- 238000010276 construction Methods 0.000 title claims abstract description 27
- 238000012546 transfer Methods 0.000 claims abstract description 68
- 238000012549 training Methods 0.000 claims abstract description 44
- 238000012216 screening Methods 0.000 claims abstract description 29
- 238000000034 method Methods 0.000 claims abstract description 22
- 238000002372 labelling Methods 0.000 claims abstract description 21
- 238000004590 computer program Methods 0.000 claims description 27
- 230000006399 behavior Effects 0.000 claims description 8
- 238000012550 audit Methods 0.000 claims description 3
- 238000004422 calculation algorithm Methods 0.000 abstract description 29
- 238000010801 machine learning Methods 0.000 abstract description 29
- 238000013473 artificial intelligence Methods 0.000 abstract description 4
- 230000000694 effects Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 10
- 230000001149 cognitive effect Effects 0.000 description 4
- 238000011156 evaluation Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000006872 improvement Effects 0.000 description 2
- 238000007635 classification algorithm Methods 0.000 description 1
- 238000013480 data collection Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000000513 principal component analysis Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The application discloses a risk assessment model construction method and device for suspicious transaction monitoring, which relate to the technical field of artificial intelligence, and the method comprises the following steps: constructing an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model; performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result; screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system; collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors; and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model. The model built by the application is high in accuracy and can be continuously evolved and upgraded based on a supervised machine learning algorithm.
Description
Technical Field
The application relates to the technical field of artificial intelligence, in particular to a risk assessment model construction method and device for suspicious transaction monitoring.
Background
This section is intended to provide a background or context to the embodiments of the application that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
Currently, in terms of illegal funds transfer, the risk assessment model employed by obligatory financial institutions for suspicious transaction monitoring is generally based on three types of machine learning algorithms: supervised machine learning algorithms, semi-supervised machine learning algorithms, and unsupervised machine learning algorithms.
The risk assessment model for suspicious transaction monitoring based on the unsupervised machine learning algorithm is generally low in accuracy due to the lack of guidance of a real data tag, and has stronger experience in terms of construction and selection of model input features compared with the supervised machine learning algorithm, and the unsupervised machine learning algorithm is seriously dependent on business understanding of related illegal funds transfer scenes; in addition, in the model construction stage, relevant technical indexes (such as AUC, KS, precision, recall, F1 Score and the like) of the model prediction performance cannot be calculated, and the model evaluation has great difficulty.
The semi-supervised machine learning algorithm model needs to perform representation learning on model input features, perform dimension reduction on the features (such as principal component analysis, autoEncoder and other Embedding algorithm technologies) and then perform model training based on the supervised machine learning algorithm by combining a small number of data labels, but the service interpretability of the dimension-reduced model input features is low, and the reliability of model evaluation is more problematic due to the lack of label data.
The supervision machine learning algorithm is adopted, the accuracy of a general model is higher, but because the obligation financial institution is not a supervision or a right department, the suspicious transaction reported by the obligation financial institution and the related information of whether the corresponding transaction main body is actually engaged in illegal funds transfer activities are not mastered, and a great challenge is caused to the construction of a risk assessment model based on the supervision machine learning algorithm.
Disclosure of Invention
The embodiment of the application provides a risk assessment model construction method for suspicious transaction monitoring, which is based on a supervised machine learning algorithm, and the constructed risk assessment model has high accuracy and can be continuously evolutionarily upgraded, and the method comprises the following steps:
constructing an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model;
performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result;
screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system;
collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors;
and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
The embodiment of the application also provides a risk assessment model construction device for suspicious transaction monitoring, which is based on a supervised machine learning algorithm, and the constructed risk assessment model has high accuracy and can be continuously evolutionarily upgraded, and the device comprises:
the initial construction module is used for constructing an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model;
the risk assessment module is used for carrying out risk assessment on the client sample data by adopting the current risk assessment model to obtain a risk assessment result;
the client sample data screening module is used for screening client sample data according to the risk assessment result and pushing the client sample data to the client minimum adjustment operation system;
the marking data acquisition module is used for acquiring client risk marking data generated by the client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors;
and the model training module is used for training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
The embodiment of the application also provides computer equipment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the risk assessment model construction method for suspicious transaction monitoring when executing the computer program.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the risk assessment model construction method for suspicious transaction monitoring when being executed by a processor.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program is executed by a processor to realize the risk assessment model construction method for suspicious transaction monitoring.
In the embodiment of the application, an initial risk assessment model for suspicious transaction monitoring is constructed and used as a current risk assessment model; performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result; screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system; collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors; and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model. Compared with the scheme that an unsupervised machine learning algorithm and a semi-supervised machine learning algorithm are adopted to construct a risk assessment model in the prior art, the method provided by the application has the advantages that the initial risk assessment model (namely non-manual selection) generates client sample data (namely a to-be-adjusted client list), and an illegal funds transfer adjustment auditor completes data annotation, so that the risk assessment model can be continuously evolved and upgraded through man-machine cooperation; through screening and pushing the customer sample data, the risk of illegal funds transfer compliance can be effectively reduced, the workload of an auditor for illegal funds transfer can be reduced, meanwhile, the novelty of the customer sample data trained by a subsequent model can be increased, the subsequent model can learn the relevant information of a customer risk screening case which is difficult to distinguish, and better training data can be provided for a risk assessment model; through the steps, the modeling target of the risk assessment model is converted from directly predicting whether a customer is suspected of illegal funds transfer activities to Learning the labeling behaviors of the illegal funds transfer adjustment auditors, so that the business experience and the working result of the illegal funds transfer adjustment auditors are digitalized and modeled, the model prediction target of the prior art scheme is approximately equivalent to the model prediction target of the application, thereby avoiding the troublesome PU Learning problem, and modeling can be performed by means of a conventional two-class supervised machine Learning algorithm; the training data samples of the risk assessment model come from a plurality of illegal funds transfer adjustment auditors, so that the risk assessment model can automatically correct the cognitive deviation of individual illegal funds transfer adjustment auditors on related illegal funds transfer scenes, and the business effect of group intelligence (Collective Intelligence) is achieved.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:
FIG. 1 is a flow chart of a method for constructing a risk assessment model for suspicious transaction monitoring in an embodiment of the present application;
FIG. 2 is a flow chart of screening customer sample data in an embodiment of the application;
FIG. 3 is a flow chart of training a current risk assessment model in an embodiment of the present application;
FIG. 4 is a further flowchart for training a current risk assessment model in accordance with an embodiment of the present application;
FIG. 5 is a schematic diagram of a risk assessment model building apparatus for suspicious transaction monitoring according to an embodiment of the present application;
fig. 6 is a schematic diagram of a computer device according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the embodiments of the present application will be described in further detail with reference to the accompanying drawings. The exemplary embodiments of the present application and their descriptions herein are for the purpose of explaining the present application, but are not to be construed as limiting the application.
The technical scheme of the application obtains, stores, uses, processes and the like the data, which all meet the relevant regulations of national laws and regulations.
The inventor finds that the existing supervised machine learning algorithm takes whether a customer is suspected of illegal funds transfer activities as a model prediction target directly, takes suspicious customers reported by obligatory financial institutions as positive data samples, takes other unreported data samples (including client data samples which are not pushed to illegal funds transfer auditing departments and are pushed but not reported by illegal funds transfer auditing departments) as negative samples, and adopts a classification algorithm to carry out model training to obtain suspicious transaction risk assessment artificial intelligence models. Since the so-called "negative samples" that are not pushed to the illegal funds-transfer-complete audit department are actually unlabeled samples, in which an unknown number of positive samples are intermixed, the related modeling problem is not a conventional two-class supervised machine Learning problem, but is a PU Learning (positive sample-unlabeled sample Learning) problem, model construction cannot be performed by using a conventional two-class machine Learning algorithm, and model evaluation also presents a great challenge. In the aspect of model iterative upgrading, a set of system mechanism for providing high-quality data for continuous improvement of prediction performance of an illegal funds transfer suspicious transaction monitoring artificial intelligence model is lacking.
Therefore, the application provides a set of risk assessment model construction which can bypass the PU Learning problem and is suitable for suspicious transaction monitoring, and provides a set of generation method which can provide high-quality data for continuously improving the prediction performance of an artificial intelligent model for illegal funds transfer suspicious transaction monitoring.
The solution proposed by the present application is to construct a risk assessment model for assessing the risk of illegal funds transfer of a customer for suspicious transaction monitoring, and fig. 1 is a flowchart of a risk assessment model construction method for suspicious transaction monitoring in an embodiment of the present application, including:
step 101, constructing an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model;
102, performing risk assessment on customer sample data by adopting a current risk assessment model to obtain a risk assessment result;
step 103, screening customer sample data according to a risk assessment result, and pushing the customer sample data to a customer minimum adjustment operation system;
step 104, collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer-side adjusting auditors;
step 105, training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
According to the application, the initial risk assessment model (namely non-manual selection) generates customer sample data (namely a to-be-adjusted customer list), and the illegal funds transfer adjustment auditor completes data marking, so that the risk assessment model can continuously evolve and upgrade through man-machine cooperation; through screening and pushing the customer sample data, the risk of illegal funds transfer compliance can be effectively reduced, the workload of an auditor for illegal funds transfer can be reduced, meanwhile, the novelty of the customer sample data trained by a subsequent model can be increased, the subsequent model can learn the relevant information of a customer risk screening case which is difficult to distinguish, and better training data can be provided for a risk assessment model; through the steps, the modeling target of the risk assessment model is converted from directly predicting whether a customer is suspected of illegal funds transfer activities to Learning the labeling behaviors of the illegal funds transfer adjustment auditors, so that the business experience and the working result of the illegal funds transfer adjustment auditors are digitalized and modeled, the model prediction target of the prior art scheme is approximately equivalent to the model prediction target of the application, thereby avoiding the troublesome PU Learning problem, and modeling can be performed by means of a conventional two-class supervised machine Learning algorithm; the training data samples of the risk assessment model come from a plurality of illegal funds transfer adjustment auditors, so that the risk assessment model can automatically correct the cognitive deviation of individual illegal funds transfer adjustment auditors on related illegal funds transfer scenes, and the business effect of group intelligence (Collective Intelligence) is achieved. Each step is analyzed in detail below.
In step 101, an initial risk assessment model for suspicious transaction monitoring is constructed as a current risk assessment model;
according to the embodiment of the application, the modeling target of the risk assessment model is converted from directly predicting whether a customer is suspected of illegal funds transfer activity to Learning the labeling behavior of an illegal funds transfer full-adjustment auditor, so that the business experience and the working result of the illegal funds transfer full-adjustment auditor are digitalized and modeled, the model prediction target of the prior art scheme is approximately equivalent to the model prediction target of the application, so that the troublesome PU Learning problem is avoided, and modeling can be performed by means of a conventional two-class supervised machine Learning algorithm, therefore, when the initial risk assessment model for suspicious transaction monitoring is constructed, the two-class supervised machine Learning algorithm can be adopted.
In step 102, performing risk assessment on customer sample data by adopting a current risk assessment model to obtain a risk assessment result;
the customer sample data may be feature information extracted from customer related data, or may be feature information obtained further after illegal funds transfer scene screening based on the feature information, and of course, the more accurate the feature information, the higher the accuracy of subsequent modeling.
In step 103, screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer-optimized operation system;
referring to fig. 2, screening customer sample data according to a risk assessment result, and pushing the customer sample data to a customer-optimized operation system, including:
step 201, pushing all the customer sample data with the risk assessment result of the first type of risk level to a customer-level-out operation system;
step 202, pushing the customer sample data with the preset proportion in the customer sample data with the risk assessment result of the second class of risk class to the customer best-fit operation system.
The pushing process can be configured into a pushing strategy, the pushing strategy is a configurable client illegal funds transfer risk information pushing strategy for generating a client data sample to be pushed by determining and randomizing according to the risk level, the pushing strategy can be adjusted, for example, the preset proportion can be adjusted, the illegal funds transfer compliance risk can be effectively reduced, the workload of an auditor can be reduced when illegal funds transfer is exhausted, meanwhile, the novelty of the client sample data can be improved, the follow-up model can learn client risk discrimination case related information which is difficult to distinguish, and better training data can be provided for a risk assessment model.
In step 104, collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by an illegal funds transfer adjusting auditor;
in one embodiment, the customer risk tagging data includes customer sample data tagged as a first risk level and customer sample data tagged as a second risk level, and the risk of illegal funds transfer at the first risk level is higher than the second risk level.
Specifically, the first risk level of the customer sample data is customer sample data that generates a supervisory report, and the second risk level of the customer sample data that does not generate a supervisory report.
In step 105, the current risk assessment model is trained based on the customer risk annotation data, and a trained risk assessment model is obtained.
Referring to fig. 3, in one embodiment, training a current risk assessment model based on customer risk annotation data, obtaining a trained risk assessment model, includes:
step 301, taking customer sample data marked as a first risk level as a positive sample;
step 302, taking customer sample data marked as a second risk level as a negative sample;
and step 303, training a current risk assessment model according to the positive sample and the negative sample to obtain a trained risk assessment model.
In the process, positive samples and negative samples are set, and according to the risk assessment result, the failed customer sample data are screened and no longer participate in model training, so that the accuracy of the customer sample data for training is improved.
Referring to fig. 4, in an embodiment, training a current risk assessment model according to the positive sample and the negative sample to obtain a trained risk assessment model includes:
step 401, obtaining client-related data corresponding to client sample data, wherein the client-related data comprises one or any combination of client information, account information and transaction information;
step 402, determining that a modeling target of a risk assessment model is to learn the labeling behavior of an illegal funds transfer full-adjustment auditor;
step 403, training the current risk assessment model based on the modeling target according to the positive sample, the negative sample and the client related data, and obtaining a trained risk assessment model.
During specific training, characteristic engineering, model training, model tuning and model evaluation are adopted for carrying out.
In an embodiment, after obtaining the trained risk assessment model, further comprising:
judging whether the trained risk assessment model meets the iteration termination condition, if not, taking the trained risk assessment model as a current risk assessment model, and re-executing the following steps until the trained risk assessment model meets the iteration termination condition:
performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result;
screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system;
collecting client risk marking data generated by a client-side minimum operation system;
and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
By the iteration, the accuracy of the risk assessment model can be gradually improved, wherein the iteration termination condition can be set according to requirements, such as accuracy requirements.
In summary, in the method provided by the embodiment of the present application, an initial risk assessment model for suspicious transaction monitoring is constructed as a current risk assessment model; performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result; screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system; collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors; and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model. Compared with the scheme that an unsupervised machine learning algorithm and a semi-supervised machine learning algorithm are adopted to construct a risk assessment model in the prior art, the method provided by the application has the advantages that the initial risk assessment model (namely non-manual selection) generates client sample data (namely a to-be-adjusted client list), and an illegal funds transfer adjustment auditor completes data annotation, so that the risk assessment model can be continuously evolved and upgraded through man-machine cooperation; through screening and pushing the customer sample data, the risk of illegal funds transfer compliance can be effectively reduced, the workload of an auditor for illegal funds transfer can be reduced, meanwhile, the novelty of the customer sample data trained by a subsequent model can be increased, the subsequent model can learn the relevant information of a customer risk screening case which is difficult to distinguish, and better training data can be provided for a risk assessment model; through the steps, the modeling target of the risk assessment model is converted from directly predicting whether a customer is suspected of illegal funds transfer activities to Learning the labeling behaviors of the illegal funds transfer adjustment auditors, so that the business experience and the working result of the illegal funds transfer adjustment auditors are digitalized and modeled, the model prediction target of the prior art scheme is approximately equivalent to the model prediction target of the application, thereby avoiding the troublesome PU Learning problem, and modeling can be performed by means of a conventional two-class supervised machine Learning algorithm; the training data samples of the risk assessment model come from a plurality of illegal funds transfer adjustment auditors, so that the risk assessment model can automatically correct the cognitive deviation of individual illegal funds transfer adjustment auditors on related illegal funds transfer scenes, and the business effect of group intelligence (Collective Intelligence) is achieved.
The embodiment of the application also provides a risk assessment model construction device for suspicious transaction monitoring, which is described in the following embodiment. Because the principle of the device for solving the problem is similar to that of the risk assessment model construction method for suspicious transaction monitoring, the implementation of the device can refer to the implementation of the risk assessment model construction method for suspicious transaction monitoring, and the repetition is omitted.
FIG. 5 is a schematic diagram of a risk assessment model construction device for suspicious transaction monitoring according to an embodiment of the present application, including:
an initial construction module 501, configured to construct an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model;
the risk assessment module 502 is configured to perform risk assessment on the client sample data by using a current risk assessment model, so as to obtain a risk assessment result;
the client sample data screening module 503 is configured to screen client sample data according to the risk assessment result, and push the client sample data to the client minimum adjustment operating system;
the marking data collection module 504 is configured to collect customer risk marking data generated by the customer-level adjustment operating system, where the customer risk marking data is obtained by performing risk marking on customer sample data in the customer-level adjustment operating system by an illegal funds transfer-level-adjustment auditor;
the model training module 505 is configured to train the current risk assessment model based on the client risk labeling data, and obtain a trained risk assessment model.
In one embodiment, the customer sample data screening module is specifically configured to:
pushing all the client sample data with the risk assessment result being the first type risk level to a client minimum-adjustment operation system;
and pushing the client sample data with the preset proportion in the client sample data with the risk assessment result of the second class of risk class to the client minimum-adjustment operation system.
In one embodiment, the customer risk tagging data includes customer sample data tagged as a first risk level and customer sample data tagged as a second risk level, and the risk of illegal funds transfer at the first risk level is higher than the second risk level.
In one embodiment, the model training module is specifically configured to:
taking the customer sample data marked as a first risk level as a positive sample;
taking the customer sample data marked as the second risk level as a negative sample;
and training a current risk assessment model according to the positive sample and the negative sample to obtain a trained risk assessment model.
In one embodiment, the model training module is specifically configured to:
acquiring client-related data corresponding to client sample data, wherein the client-related data comprises one or any combination of client information, account information and transaction information;
determining a modeling target of the risk assessment model as a labeling behavior of an audit staff for learning illegal funds transfer;
and training a current risk assessment model based on a modeling target according to the positive sample, the negative sample and the client related data to obtain a trained risk assessment model.
In an embodiment, the apparatus further comprises a repeat execution module for:
after the trained risk assessment model is obtained, judging whether the trained risk assessment model meets the iteration termination condition, if not, taking the trained risk assessment model as a current risk assessment model, and re-executing the following steps until the trained risk assessment model meets the iteration termination condition:
performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result;
screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system;
collecting client risk marking data generated by a client-side minimum operation system;
and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
In summary, in the device provided by the embodiment of the present application, an initial risk assessment model for suspicious transaction monitoring is constructed as a current risk assessment model; performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result; screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system; collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors; and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model. Compared with the scheme that an unsupervised machine learning algorithm and a semi-supervised machine learning algorithm are adopted to construct a risk assessment model in the prior art, the method provided by the application has the advantages that the initial risk assessment model (namely non-manual selection) generates client sample data (namely a to-be-adjusted client list), and an illegal funds transfer adjustment auditor completes data annotation, so that the risk assessment model can be continuously evolved and upgraded through man-machine cooperation; through screening and pushing the customer sample data, the risk of illegal funds transfer compliance can be effectively reduced, the workload of an auditor for illegal funds transfer can be reduced, meanwhile, the novelty of the customer sample data trained by a subsequent model can be increased, the subsequent model can learn the relevant information of a customer risk screening case which is difficult to distinguish, and better training data can be provided for a risk assessment model; through the steps, the modeling target of the risk assessment model is converted from directly predicting whether a customer is suspected of illegal funds transfer activities to Learning the labeling behaviors of the illegal funds transfer adjustment auditors, so that the business experience and the working result of the illegal funds transfer adjustment auditors are digitalized and modeled, the model prediction target of the prior art scheme is approximately equivalent to the model prediction target of the application, thereby avoiding the troublesome PU Learning problem, and modeling can be performed by means of a conventional two-class supervised machine Learning algorithm; the training data samples of the risk assessment model come from a plurality of illegal funds transfer adjustment auditors, so that the risk assessment model can automatically correct the cognitive deviation of individual illegal funds transfer adjustment auditors on related illegal funds transfer scenes, and the business effect of group intelligence (Collective Intelligence) is achieved.
An embodiment of the present application further provides a computer device, and fig. 6 is a schematic diagram of a computer device in the embodiment of the present application, where the computer device 600 includes a memory 610, a processor 620, and a computer program 630 stored in the memory 610 and capable of running on the processor 620, and the processor 620 implements the risk assessment model construction method for suspicious transaction monitoring described above when executing the computer program 630.
The embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores a computer program, and the computer program realizes the risk assessment model construction method for suspicious transaction monitoring when being executed by a processor.
The embodiment of the application also provides a computer program product, which comprises a computer program, wherein the computer program is executed by a processor to realize the risk assessment model construction method for suspicious transaction monitoring.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the application, and is not meant to limit the scope of the application, but to limit the application to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the application are intended to be included within the scope of the application.
Claims (10)
1. A risk assessment model construction method for suspicious transaction monitoring, comprising:
constructing an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model;
performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result;
screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system;
collecting client risk marking data generated by a client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors;
and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
2. The method of claim 1, wherein screening customer sample data based on the risk assessment results and pushing to a customer-optimized operating system comprises:
pushing all the client sample data with the risk assessment result being the first type risk level to a client minimum-adjustment operation system;
and pushing the client sample data with the preset proportion in the client sample data with the risk assessment result of the second class of risk class to the client minimum-adjustment operation system.
3. The method of claim 1, wherein the customer risk annotation data comprises customer sample data annotated at a first risk level and customer sample data annotated at a second risk level, and wherein the risk of illegal funds transfer at the first risk level is higher than the second risk level.
4. The method of claim 3, wherein training the current risk assessment model based on the customer risk annotation data to obtain a trained risk assessment model comprises:
taking the customer sample data marked as a first risk level as a positive sample;
taking the customer sample data marked as the second risk level as a negative sample;
and training a current risk assessment model according to the positive sample and the negative sample to obtain a trained risk assessment model.
5. The method of claim 4, wherein training a current risk assessment model based on the positive sample and the negative sample to obtain a trained risk assessment model comprises:
acquiring client-related data corresponding to client sample data, wherein the client-related data comprises one or any combination of client information, account information and transaction information;
determining a modeling target of the risk assessment model as a labeling behavior of an audit staff for learning illegal funds transfer;
and training a current risk assessment model based on a modeling target according to the positive sample, the negative sample and the client related data to obtain a trained risk assessment model.
6. The method of claim 1, further comprising, after obtaining the trained risk assessment model:
judging whether the trained risk assessment model meets the iteration termination condition, if not, taking the trained risk assessment model as a current risk assessment model, and re-executing the following steps until the trained risk assessment model meets the iteration termination condition:
performing risk assessment on the client sample data by adopting a current risk assessment model to obtain a risk assessment result;
screening customer sample data according to the risk assessment result, and pushing the customer sample data to a customer minimum adjustment operating system;
collecting client risk marking data generated by a client-side minimum operation system;
and training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
7. A risk assessment model construction apparatus for suspicious transaction monitoring, comprising:
the initial construction module is used for constructing an initial risk assessment model for suspicious transaction monitoring as a current risk assessment model;
the risk assessment module is used for carrying out risk assessment on the client sample data by adopting the current risk assessment model to obtain a risk assessment result;
the client sample data screening module is used for screening client sample data according to the risk assessment result and pushing the client sample data to the client minimum adjustment operation system;
the marking data acquisition module is used for acquiring client risk marking data generated by the client-side adjusting operation system, wherein the client risk marking data is obtained by performing risk marking on client sample data in the client-side adjusting operation system by illegal funds transfer adjusting auditors;
and the model training module is used for training the current risk assessment model based on the client risk labeling data to obtain a trained risk assessment model.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 6 when executing the computer program.
9. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program which, when executed by a processor, implements the method of any of claims 1 to 6.
10. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the method of any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311238408.8A CN117172789A (en) | 2023-09-22 | 2023-09-22 | Risk assessment model construction method and device for suspicious transaction monitoring |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311238408.8A CN117172789A (en) | 2023-09-22 | 2023-09-22 | Risk assessment model construction method and device for suspicious transaction monitoring |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117172789A true CN117172789A (en) | 2023-12-05 |
Family
ID=88929777
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311238408.8A Pending CN117172789A (en) | 2023-09-22 | 2023-09-22 | Risk assessment model construction method and device for suspicious transaction monitoring |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117172789A (en) |
-
2023
- 2023-09-22 CN CN202311238408.8A patent/CN117172789A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hoang et al. | Deepjit: an end-to-end deep learning framework for just-in-time defect prediction | |
| CN112348520A (en) | XGboost-based risk assessment method and device and electronic equipment | |
| CN110598620B (en) | Deep neural network model-based recommendation method and device | |
| US20210133752A1 (en) | Identification of behavioral pattern of simulated transaction data | |
| CN112883990A (en) | Data classification method and device, computer storage medium and electronic equipment | |
| CN112561320A (en) | Training method of mechanism risk prediction model, mechanism risk prediction method and device | |
| CN111160959A (en) | User click conversion estimation method and device | |
| CN111582315B (en) | Sample data processing method and device and electronic equipment | |
| CN109492859A (en) | Employees classification method and device based on neural network model, equipment, medium | |
| CN113159441A (en) | Prediction method and device for implementation condition of banking business project | |
| CN117172789A (en) | Risk assessment model construction method and device for suspicious transaction monitoring | |
| CN113918471A (en) | Test case processing method and device and computer readable storage medium | |
| CN104035866B (en) | The software action appraisal procedure and device of analysis are called based on system | |
| CN110852854B (en) | Method for generating quantitative gain model and method for evaluating risk control strategy | |
| CN111581640A (en) | Malicious software detection method, device and equipment and storage medium | |
| CN117035434B (en) | Suspicious transaction monitoring method and suspicious transaction monitoring device | |
| CN110716778A (en) | Application compatibility testing method, device and system | |
| TWI835478B (en) | An operation behavior recognition method, device, computer equipment and computer-readable storage medium | |
| CN118095850A (en) | Risk monitoring method and device | |
| CN116403074B (en) | Semi-automatic image labeling method and device based on active labeling | |
| CN114510431B (en) | Workload-aware intelligent contract defect prediction method, system and equipment | |
| CN112597994B (en) | Candidate frame processing method, device, equipment and medium | |
| CN116862659A (en) | Method, device, equipment and medium for generating face examination question group | |
| CN117009218A (en) | Multi-interface system testing method, device, system and storage medium | |
| CN116976408A (en) | Method and device for calibrating predictive scores of two classification machine learning models |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |