kupinga Book a meeting
Reg Tech for financial crime · v1.0

Fraud Detection & AML.

Stop fraud and money laundering.

Detect fraud, money laundering, sanctions exposure and suspicious transaction activity before transactions are approved.

See the engine
Decision latency
p99 < 100ms
Realtime fan-out
< 1s
Channels
7
Scenarios
15+
Capabilities
6+
The platform

One platform.
Three jobs.
Same engine.

Fraud detection, AML screening and case management on a single operational workflow. One decision flow, one case queue, and one evidence trail across the investigation lifecycle. Fraud teams, compliance teams, and examiners work from the same operational view instead of disconnected systems and fragmented reviews.

01 · DETECT

Fraud detection

Real-time scoring across every transaction channel, from transfers and card activity to digital banking and payment rails. A configurable scenario library covers velocity patterns, behavioural anomalies, payment irregularities, identity risk and watchlist exposure, with tunable thresholds, scoring weights and detection windows controlled directly by operations and risk teams.

  • Deterministic + ML + cumulative pattern rules
  • Per-channel and per-segment thresholds
  • Shadow → production rollout with maker-checker
02 · SCREEN

AML & screening

Sanctions, PEP and adverse-media screening at onboarding and across every transaction lifecycle. Customers and counterparties are automatically re-screened whenever underlying watchlists or intelligence sources are updated, so new exposure is identified immediately instead of waiting for another transaction to trigger review.

  • UN · OFAC · EU · UK HMT · NFIU domestic
  • Exact, alias and fuzzy match with BVN / DOB tie-breakers
  • Adverse-media as a separate evidence tab
03 · WORK THE CASE

Cases & filing

Alert triage, joint fraud and AML investigations, SAR and STR drafting with assisted intelligence workflows and submission to the NFIU from a single operational workspace. One evidence chain, one audit trail and one investigation lifecycle across fraud and compliance teams, without switching between disconnected systems or duplicated case reviews.

  • SLA timers per queue, bulk assign and escalation
  • Customer 360, devices, network graph in one pane
  • Four-eyes review on every SAR submission
Inside the engine

Every transaction.
Five stages.
One budget.

Under-100ms decisioning is not a marketing line. It is an execution budget enforced across the entire pipeline. Every stage operates within its own timeout window. If one layer slows down or becomes unavailable, the engine degrades gracefully and the remaining controls still produce a decision. Transactions do not fail because an internal dependency had an issue.

Decisioning pipeline · time budget per stage
01 · INGEST

Channel adapter

Normalises NIP, RTGS, USSD, POS, mobile banking, internet banking and agent banking payloads into a single evaluation event before scoring and decisioning occur.

8ms · target
02 · ENRICH

Profile + reference

Per-customer, per-device and per-beneficiary aggregates are refreshed before evaluation begins, ensuring every decision is based on the latest behavioural and transactional state.

14ms · target
03 · EVALUATE

Parallel scenarios

More than 15 detection scenarios execute concurrently, with each scenario producing its own weighted signal and supporting audit reasons for downstream review and investigation.

30ms · target
04 · SCORE

Aggregate & threshold

Signals are combined into a weighted aggregate score, with decision thresholds configurable by channel, customer segment, risk profile and operational policy.

8ms · target
05 · DECIDE

Decision & fan-out

The decision is returned to the originating channel immediately, alerts reach the analyst floor in under a second and a case is opened automatically whenever a transaction is blocked or escalated for review.

10ms · target
APPROVE
CHALLENGE
ALERT
BLOCK
Coverage

Every channel.
One engine.

Every transaction channel operates with its own controls and step-up rules while still evaluating against the same customer risk profile. Cross-channel fraud patterns become visible because transaction activity and risk signals are evaluated together instead of in separate systems.

01 NIP Real-time monitoring of outbound transfer velocity, beneficiary fan-out patterns, rapid-risk escalation and mule-account coordination across instant payment rails.
02 RTGS High-value transaction controls with stricter screening thresholds, counterparty validation, approval enforcement and anomaly detection around corporate payment behaviour.
03 USSD Detection of SIM swap indicators, abnormal PIN behaviour, profile manipulation attempts and linked outbound transaction escalation patterns.
04 POS Monitoring of card-present anomalies, merchant clustering behaviour, terminal-level cash-out activity and coordinated withdrawal patterns.
05 Mobile Device trust evaluation, session inheritance risk scoring, behavioural anomalies and adaptive authentication controls tied to mobile activity patterns.
06 Internet Session-risk evaluation across geography, beneficiary behaviour, transaction sequencing and unusual high-value transaction initiation patterns.
07 Agent Monitoring of agent cash-out concentration, ATM-linked anomalies, identity inconsistencies across BVN and NIN data and override activity across branch operations.
Cross-channel detection

Fraud rarely happens inside a single channel anymore. A SIM swap on USSD, followed by a profile change and then a burst of outbound NIP transfers, is now a common mule collection pattern. Detecting that sequence requires shared state across channels, identities, sessions and transaction activity. Kupinga evaluates those events together instead of treating each channel as an isolated system.

See the scenarios

Detection scenarios

15+ scenarios.
6+ capabilities.
All configurable.

Every scenario runs through three detection models in parallel: fixed rules, machine-learning uplift against normal customer behaviour and pattern matching across historical activity. The scoring layer treats them all the same way. What matters is the risk weight produced and the audit reasons attached to the decision.

01 / 06

Velocity monitoringHigh-volume outbound transfers, repeated step-up activity and elevated risk around first-time transaction behaviour.

  • Concentrated outbound transfers within defined evaluation windows
  • Low-value probes followed by rapid high-value transaction escalation
  • High-value first transactions on newly activated or recently modified profiles
  • Transaction spikes shortly after onboarding or profile activation
02 / 06

Behavioural detectionUnexpected changes in customer behaviour, device activity, or channel usage patterns.

  • Profile changes followed by high-value transactions during the cooling-off period
  • Transfer velocity deviations against normal customer behaviour
  • New-device activity linked to sensitive actions
  • Agent cash-out patterns associated with mule collection activity
03 / 06

Watchlist screeningInternal watchlists, sanctions screening, PEP exposure and NFIU checks.

  • Bank-managed blacklist matches against known actors
  • Sanctions, PEP and NFIU matches during transaction evaluation
04 / 06

Payment anomalyUnusual transaction concentration and abnormal channel behaviour.

  • Beneficiary concentration patterns linked to mule activity
  • Unexpected channel shifts combined with abnormal transaction values
05 / 06

Identity verificationBVN and NIN validation at high-risk decision points.

  • New high-value beneficiaries with KYC reconciliation checks
  • ATM and cash activity linked to BVN or NIN inconsistencies
06 / 06

Financial anomalyDormancy activity and impersonation-linked transaction patterns.

  • SIM swap indicators and dormant-account reactivation patterns commonly associated with mule activity
Shadow mode

Every new rule runs in shadow mode against live traffic before it can influence a customer decision. Hits are generated for analyst review, but decisions remain unchanged until the rule has soaked on production data and passed maker-checker approval. No rule reaches live enforcement without operational validation.

The analyst floor

One workspace.
Every signal.

The “one workspace” model brings fraud and AML teams into the same operational view: transactions, customer activity, devices, screening hits, adverse-media evidence, blocks, and SAR drafts in a single investigation flow. No switching between disconnected fraud and compliance systems.

Why Kupinga

Five things.
Maybe six.

Most fraud platforms in the market were built for a different banking environment and a different fraud landscape. Kupinga was built around how fraud operations work in banking today.

01

Real-time by design.

Decisions in under 100ms are treated as an operational requirement, not a marketing line. If one part of the system slows down, the remaining controls still complete the decision so transactions continue without disruption.

02

One engine across every channel.

NIP, RTGS, USSD, POS, ATM, mobile banking, internet banking and agent banking all run through the same fraud engine and the same customer risk profile. Cross-channel fraud patterns become visible because transaction history, behaviour and risk signals are shared across the platform instead of isolated by channel.

03

Fraud, AML and investigations in one workspace.

Most institutions still run fraud, AML and investigations across separate systems and teams. Kupinga brings them into a single operational workflow with one evidence chain and one audit trail. Transactions, screening hits, customer history, analyst actions, SAR drafts and investigation outcomes stay connected from the first alert to final resolution.

04

Configurable controls with controlled rollouts.

Thresholds, watchlists, escalation rules and decision controls can be configured by channel, segment and risk profile.

New rules do not go live immediately. They run against real traffic first, generate analyst-visible alerts and move into enforcement only after maker-checker approval. Customer decisions do not change until the rollout has been reviewed and approved by operations teams.

05

Built for the Nigerian banking environment.

BVN, NIN, NIP, RTGS, USSD, agent banking and NFIU workflows are built into the platform from the start, not adapted from another market. Screening coverage includes UN, OFAC, EU, UK HMT and domestic watchlists out of the box. Local transaction patterns, naira workflows and Nigerian banking operations are part of the system design from day one.

06

Connects to existing bank infrastructure.

Kupinga sits between the bank’s existing systems and the operational controls fraud teams use every day. Core banking, payment switches, identity systems, screening providers and internal risk services remain in place.

The platform integrates into existing banking infrastructure without forcing a full replacement programme or a multi-year migration project. Connect the channels, ingest the intelligence sources and progressively move decision traffic into the engine.

Built for enterprise

The boring parts
are the point.

Examiners care about the audit trail, the controls, the operational runbook and how the platform behaves when dependencies fail. Kupinga is designed to be auditable from day one and resilient enough to continue operating when surrounding systems degrade or become unavailable.

LatencySLO

Decisions in under 100ms, end to end.

Latency is tracked from transaction ingest to final decision response, with operational limits enforced across the pipeline. Performance metrics feed directly into monitoring, alerting and operational reporting systems.

<100ms · p99
Fan-outSLO

Alerts reach the analyst floor in under a second.

New alerts, escalations, case activity and signal updates stream directly into the operational workspace in real time, without waiting for manual refresh cycles.

<1second
DegradationRUNBOOK

No single failure stops the platform from making decisions.

If one layer becomes unavailable, the remaining controls continue operating so transactions can still be evaluated and processed without interruption.

0single point of failure
AuditRETENTION

Every decision, signal and analyst action is recorded.

Every decision, signal and analyst action is recorded inside a structured audit trail. Retention controls support compliance reviews, investigations, governance requirements and evidentiary reporting.

100% retention
ControlsMAKER-CHECKER

Four-eyes control on operational changes that matter.

Maker-checker approval applies to rule promotions, watchlist updates, customer blocks and SAR filings. Access controls align with the operational and examination structures banks already work with.

4eyes · enforced
OperationsOBSERVABILITY

Built for teams running the platform around the clock.

Health monitoring, structured logging and PII protection are built into daily operations. Analyst handovers, queue timers, operational metrics and investigation visibility are designed for teams managing the platform around the clock.

24/ 7 · by design
Lists ingested · out of the box

Six jurisdictions.
One screen.

Sanctions and PEP feeds are ingested through the screening baseline export and refreshed in line with regulator update cycles. Adverse-media intelligence, curated news sources and regulator notices run through the same screening and decisioning engine, with results surfaced directly inside the investigation workspace.

UN United Nations Security Council Consolidated GLOBAL · MULTILATERAL
OFAC US Treasury SDN & sectoral programmes UNITED STATES
EU European Union consolidated sanctions list EUROPEAN UNION
UK HMT UK HM Treasury OFSI consolidated UNITED KINGDOM
NFIU Nigerian Financial Intelligence Unit domestic NIGERIA · DOMESTIC
PEP+ Politically Exposed Persons & adverse media CURATED · MULTI-SOURCE
Evaluate Kupinga

Three ways
to evaluate Kupinga.

Pick the level of engagement that matches where your team is today. From a 30-minute walkthrough to a 14-day shadow deployment on live traffic, every engagement ends with a concrete operational next step.

01

30-minute Technical Walkthrough

Duration 30 minutes Format Remote

Deep dive into the decisioning engine, detection scenarios and integration architecture, followed by live technical Q&A with the engineering team responsible for the platform.

  • Architecture + data flow walkthrough
  • Channel integration patterns
  • Engineering Q&A
/demo
02

14-day Shadow-Mode Evaluation

Duration 14 days Commitment None

Run Kupinga in shadow mode against live transaction traffic for two weeks. Every transaction is scored and evaluated in real time, while customer decisions continue flowing through the bank’s existing controls without disruption.

  • Side-by-side decisioning on real volume
  • Daily signal + scenario reports
  • Joint review on day 14
/eval
03

Half-day On-Site Workshop

Duration 4 hours Format On site

Bring your scenarios and operational questions. We bring a live platform walkthrough and a working session to map Kupinga into the bank’s existing infrastructure, controls and transaction flows. Travel within Nigeria is included.

  • Scenario walkthrough with your team
  • Live integration mapping to your stack
  • Working session output: a deployment shape
/workshop
Talk to us

Kupinga is built.
And running.

To evaluate the platform against your transaction volumes, walk through an integration and deployment plan, or discuss partnership and investment opportunities, get in touch. Our team responds within one business day.

Not ready for a full demo? Book a quick meeting