One account looks clean. The network reveals it.
Device fingerprint, repeated address, and shared behavior expose mule accounts, money mules, and fraud rings. Identity cross-matching surfaces the network before losses occur.
Account-by-account analysis hides the ring.
Three limits of isolated analysis that only network visibility solves.
Each account passes because no one looks at the whole.
The mule account is designed to look normal in isolation. Without cross-referencing device, address, and beneficiary across accounts, each one is approved and the ring operates in plain sight, split into pieces that seem harmless.
By the time the case closes, the money is gone.
Reconstructing the network manually after the chargeback is archaeology. The cash-out already happened, accounts were already emptied, and the ring already moved to a new device. Network visibility only matters at decision time.
Testing rules in production is too risky.
The ring shifts patterns with every block. Prevention teams need to test new rules fast, but going straight to production blocks legitimate customers. Without shadow mode, the defense runs slow or imprecise.
Everything in a single call.
Public and private sources queried in parallel, normalized and weighted by the use-case matrix.
One account flagged. Nine in the network.
The engine starts from a signal, expands through device and address links, confirms the shared beneficiary, and returns the full cluster to the analyst, not a single account.
Recommendation: Send to review queue and block the core. 9 accounts linked by the same device, 4 with shared address and beneficiary, synchronized cash-out, average age 6 days. 4 accounts confirmed as mule accounts. Network expanded and ready for review.
Device, address, and beneficiary cross-matching runs at analysis time, not post-mortem. The ring surfaces before cash-out, not after the chargeback.
One flag on one account expands through links to the rest. The analyst receives the group with evidence for each link and decides on the whole network at once.
Prevention teams test new rules in parallel, without blocking, measure impact on legitimate customers and fraud, then flip the switch. Fast iteration, no risk.
The mule network the regulation requires monitoring.
Mule accounts and financial mules are classic money laundering typologies. Three instruments make detection and reporting a duty.
Suspicious transaction reporting
Transactions with signs of using an intermediary person must be reported to COAF, under art. 11 of Law 9.613/1998. Network visibility supports the suspicion rationale with objective evidence.
AML/CFT and monitoring
Requires transaction monitoring and identification of accounts used for incompatible activity. Mule clusters are a central typology.
Money laundering law
Criminalizes concealment through an intermediary. The link trail between accounts backs identification of the mule structure.
Processing for fraud prevention
Identity cross-matching has a legal basis in fraud prevention, with defined purpose and proportionality in the use of device and address signals.
From kickoff to go-live in 4 weeks.
Multi-tenant architecture. What changes per client: enabled link signals, cluster thresholds, and core block policy.
Discovery & scope
Map available link signals (device, address, beneficiary) and priority network typologies.
Calibration
Tune cluster density thresholds, link strength, and confirmation rules. Validate against historical cases.
Shadow mode
Network detection running in parallel, no blocking. Review clusters with prevention team and fine-tune.
Go-live
Network detection in production. Active cluster expansion. Rule sandbox open for continuous iteration.
Five modules, one decision engine.
One flow from data intake to continuous monitoring. Explore the other platform modules.
Workflows
Orchestrate data, rules, AI agents and the desk in auditable flows. No deploy for every new rule.
ExploreArtificial Intelligence
Agents read the dossier, vote alongside the analyst and justify every decision.
ExploreDecision Desk
Queue, authority, dossier and committee in one screen. Human and AI decide together.
ExploreRisk Hub
Continuous monitoring of people and companies. Automatic re-analysis when something changes.
ExploreDatahub
+40 integrated bureaus, normalized into typed and auditable variables.
ExploreDecide in seconds.
Start with a meeting.
In 15 minutes we show how VAAS works in your scenario, with your rules, your data, your volume.