# Security, Risk, and Anti-Fraud

## Monitoring of organizations with a high-risk score and streaming them to CRM

Customers who use their own scoring algorithms or rely on 3rd-party scoring providers can use the following pipeline or a modification of it to automate the monitoring of organizations with high-risk scores and call CRM API or send it as a report to the responsible departments.

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2FYBfQk1dhXsNDhk45bVX7%2FScreenshot%202022-10-06%20at%2018.04.22.png?alt=media&#x26;token=8bbebf4d-fd62-4c34-836d-0c3e47157cd6" alt=""><figcaption><p>Possible pipeline</p></figcaption></figure>

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2Fiyc0z0F93IjbZeayd1w8%2FScreenshot%202022-10-06%20at%2018.04.41.png?alt=media&#x26;token=77fff50e-f3ef-40d5-bb42-07477f9081f1" alt=""><figcaption><p>Possible data retrieval query</p></figcaption></figure>

## Streaming failed KYC reporting

With this one, you can help your responsible department to automatically detect and take action for customers who failed the KYC procedure.

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2Fr1mf5IxPFH6IRJz1MUOg%2FScreenshot%202022-10-06%20at%2018.18.08.png?alt=media&#x26;token=3f2a4f04-12a2-4421-b26b-c79e9395a030" alt=""><figcaption><p>Potential pipeline</p></figcaption></figure>

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2FbKVRRlp3MuNpElQkS501%2FScreenshot%202022-10-06%20at%2018.18.33.png?alt=media&#x26;token=bfaff0a3-7495-40ad-9c09-7ec9144d2fdf" alt=""><figcaption></figcaption></figure>

## Observing and streaming how many users created from the same IP

Potential fraud.

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2FYYZ358h9RXVGluuqOBuD%2FScreenshot%202022-10-07%20at%2017.34.09.png?alt=media&#x26;token=00e86b57-b7d4-468d-8da9-70603d5a24d3" alt=""><figcaption><p>Potential pipeline</p></figcaption></figure>

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2FtTpWOlvlupuBlXiZ98Nr%2FScreenshot%202022-10-07%20at%2017.34.24.png?alt=media&#x26;token=5a3cdc55-241f-4633-82de-2bdff77c2dfe" alt=""><figcaption><p>Potential SQL query to retrieve data</p></figcaption></figure>

## Technical real-time detection of XSS attempts

Cross-site scripting (XSS) is a vulnerability that your application should prevent and be secured from. However, automatic XSS attempts can be monitored with Ylem by detecting the word "script" in the database items.

In case of detecting your data engineering teams need to block the attack and further improve the application and security to avoid such situations in the future.

Here is an example of a pipeline that will allow you to detect it:

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2FrlSuWjdI8ncz13zPrVez%2FScreenshot%202022-10-10%20at%2013.51.36.png?alt=media&#x26;token=91fc9c72-2343-44f5-85bd-6bd9e72e62d2" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2Fvd1vkz4h2BwDkV7HFtA9%2FScreenshot%202022-10-10%20at%2013.51.48.png?alt=media&#x26;token=f907f633-6a4b-4872-83fa-4addf086b787" alt=""><figcaption><p>SQL query example</p></figcaption></figure>

## Anti-Money Laundering (AML) transaction streaming

Anti-Money Laundering (AML) regulations require businesses to monitor transactions and report suspicious ones to authorities.

Ylem can help you with automating the following critical processes:

* Unusual transaction amounts;
* Unusual series of transactions (e.g., several cash credits);
* Unusual geographic destination or origin of a payment;
* Known threats or typologies.

Here is an example of the pipeline to monitor large transaction amounts

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2FMXREopcPQZqgq6I3ms3y%2FScreenshot%202022-10-10%20at%2015.40.05.png?alt=media&#x26;token=89bd87ec-cdb8-497a-a631-aeada03e3310" alt=""><figcaption></figcaption></figure>

<figure><img src="https://3180830455-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FD0FT8l3QzMrw546vOdHU%2Fuploads%2F69PqWAUsbsK2UX4WmuHv%2FScreenshot%202022-10-10%20at%2015.39.41.png?alt=media&#x26;token=320ae348-0acf-4878-b85d-2ddc9c3bfeb5" alt=""><figcaption><p>Query example to detect large transactions</p></figcaption></figure>

More examples of AML use cases are described on a [separate page](https://docs.ylem.co/use-cases/industry-specific-use-cases/anti-money-laundering-aml).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ylem.co/use-cases/industry-specific-use-cases/security-risk-aml-and-fraud.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.