Extracting Money Laundering Transactions from Quasi-Temporal Graph Representation

Abstract: Money laundering presents a persistent challenge for financial institutions worldwide, while criminal organizations constantly evolve their tactics to bypass detection systems. Traditional anti-money laundering approaches mainly rely on predefined risk-based rules, leading to resource-intensive investigations and high numbers of false positive alerts. In order to restrict operational costs from exploding, while billions of transactions are being processed every day, financial institutions are investing in more sophisticated mechanisms to improve existing systems. In this paper, we present ExSTraQt (EXtract Suspicious TRAnsactions from Quasi-Temporal graph representation), an advanced supervised learning approach to detect money laundering (or suspicious) transactions in financial datasets. Our proposed framework excels in performance, when compared to the state-of-the-art AML (Anti Money Laundering) detection models. The key strengths of our framework are sheer simplicity, in terms of design and number of parameters; and scalability, in terms of the computing and memory requirements. We evaluated our framework on transaction-level detection accuracy using a real dataset; and a set of synthetic financial transaction datasets. We consistently achieve an uplift in the F1 score for most datasets, up to 1% for the real dataset; and more than 8% for one of the synthetic datasets. We also claim that our framework could seamlessly complement existing AML detection systems in banks. Our code and datasets are available at https://github.com/mhaseebtariq/exstraqt.

• The paper’s main contribution is the development of ExStraQt, a supervised pipeline using community and temporal flow features for AML detection.
• It demonstrates linear scalability in feature extraction and robust performance, outperforming advanced GNN and transformer-based baselines on both synthetic and real datasets.
• The framework’s simplicity and interpretability support practical deployment in resource-constrained, high-volume financial environments.

Extracting Money Laundering Transactions from Quasi-Temporal Graphs: A Technical Assessment

Problem Scope and Motivation

The identification of illicit financial transactions, particularly those involved in money laundering activities, remains a critical issue for financial institutions due to the adaptive tactics of criminal actors and the immense scale of global transaction data. Traditional anti-money laundering (AML) systems are predominantly rule-based, leading to high rates of false positives and resource-intensive investigations. Given increasing regulatory demands and operational constraints, there is a pressing need for scalable, interpretable, and accurate detection frameworks tailored to the complex topologies and temporal characteristics of transactional networks.

Framework Architecture and Methodology

The proposed framework, ExStraQt (EXtract Suspicious TRAnsactions from Quasi-Temporal Graphs), is an advanced supervised learning pipeline designed to detect suspicious transactions through rich feature engineering on transactional graphs. ExStraQt's design philosophy prioritizes simplicity in architecture alongside scalability, enabling practical deployment in production-scale financial systems.

The pipeline sequentially processes data through nine loosely coupled modules, including directed graph construction, feature generation via distributed algorithms, and integration with gradient boosting classifiers.

Central within ExStraQt’s methodology are three core components:

• Community Detection: Global context is captured via modularity-based community partitioning (Leiden algorithm), while local, potentially overlapping communities are obtained through random-walk expansions anchored on PageRank. This dual approach ensures that both hierarchical and overlapping structures (reflective of real-world money laundering rings) are explicitly represented.
• Flow-Based and Temporal Feature Engineering: Directed graphs are augmented with flow-quantifying features, distinguishing between “dispenser,” “passthrough,” and “sink” account archetypes to model the abstraction of placement, layering, and integration phases in laundering. These features are efficiently computed using iterative joins and aggregation over both static and temporally sorted transaction graphs. Temporal features are derived by time-weighted aggregations, effectively encoding when, how frequently, and at what volumes entities interact, favoring higher-risk, high-volume, or suspicious-timespan transactions.
• Distributed, Parallel Feature Generation: To address scale, the graph feature extraction pipeline is implemented atop distributed computing platforms (Spark), parallelizing per-node and per-community feature computations and enabling linear or near-linear scaling with respect to network size or edge count.

Execution Efficiency and Scalability

The study provides a detailed evaluation of the runtime characteristics of various feature extraction modules as a function of data scale:

Figure 2: Execution times for distributed graph feature generation scale linearly with the number of nodes in the data.

Runtime assessment for flow-based feature extraction with increasing aggregated edge count reveals similarly linear trends:

Figure 4: Flow-based features generation scales with the number of aggregated edges, evidencing efficient join implementations.

Temporal-flow feature extraction maintains linear scalability in the number of transactions:

Figure 6: Temporal flow-based feature generation exhibits execution times roughly proportional to transaction count.

Parallelization further reduces wall-clock times for core modules, with significant improvements up to the memory or core limits of the execution environment:

Figure 8: Step-wise execution times with more parallel distribution, highlighting dramatic speed-ups in community feature generation.

These empirical results validate strong scalability claims and facilitate realistic deployment across institution-scale datasets.

Empirical Performance and Comparative Analysis

ExStraQt is benchmarked against the leading academic and industry AML models including advanced GNNs (MultiGNN), graph transformers (FraudGT), and established supervised pipelines leveraging extensive subgraph features (GFP). Evaluations are conducted on both large-scale synthetic datasets and real blockchain-based (Ethereum) phishing datasets, each exhibiting class imbalance and topological diversity characteristic of AML challenges.

The framework demonstrates robust performance, with the following highlights:

• F1 Score Uplifts: On real-world datasets (Ethereum), ExStraQt achieves up to a 1% F1 score gain, outperforming both graph neural and transformer-based baselines. Synthetic benchmarks report even stronger uplifts (exceeding 8% on minority class F1 for certain settings).
• Model Stability: Where transformer-based models show greater output variance, ExStraQt yields consistently lower standard deviation across repeated trials, signaling reliability and robustness.
• Resource Efficiency: All experiments are conducted on commodity hardware, in contrast to the significant memory and compute requirements of competing methods (notably, FraudGT and MultiGNN).

Notably, the study claims that ExStraQt uniformly surpasses the GNN/transformer pipelines in nearly all evaluation scenarios, with one exception where FraudGT narrowly outperforms but with far greater variance.

Interpretability, Production Compatibility, and Deployment Considerations

A critical requirement for AML modeling in financial institutions is interpretability and alignability with regulatory scrutiny. ExStraQt leverages tree-based models (XGBoost), enhancing both transparency and practical auditability relative to neural architectures. Furthermore, the design eschews real-time detection in favor of batch-oriented, secondary systems that augment legacy rule-based pipelines—consistent with industry compliance workflows and reporting cadences.

The distributed nature of feature engineering and batch supervision also supports seamless operationalization within high-throughput, resource-constrained environments.

Research Implications, Limitations, and Future Directions

The ExStraQt framework challenges the dominant trend toward increasingly complex graph-based neural architectures in AML, empirically demonstrating that sophisticated feature engineering—combined with scalable implementation—can not only match but frequently exceed the predictive power of (multi)graph neural networks and graph transformers in the transaction monitoring setting.

Key implications include:

• Model Simplicity vs. Performance: The findings showcase that substantial model complexity is not strictly necessary for state-of-the-art AML detection, enabling practical deployments with minimal resource and interpretability trade-offs.
• Scalability as a Constraint: The results support a shift in research focus from merely maximizing F1 or recall toward ensuring scalability and efficient parallelization, which are essential for operational AML systems working over billion-edge graphs.
• Feature-Driven Model Innovation: The ablation study demonstrates the additive value of various community, flow, and anomaly-derived features, motivating further investigation into adaptive feature-group selection, temporal motif encoding, and ownership obfuscation detection.

Future research directions highlighted include systematic hyperparameter and feature selection, modeling longer-range temporal patterns, and deeper investigation of inadequacies relative to neural methods in highly intricate network topologies.

Conclusion

ExStraQt represents a well-architected, scalable, and interpretable framework for transaction-level AML detection. Its performance, simplicity, and operational alignment challenge prevailing assumptions about the necessity of deep graph models for financial crime, underscoring the enduring relevance of engineered features, distributed computation, and domain-aware algorithmic design. The research provides a robust empirical and methodological foundation for both industry adoption and future academic inquiry into scalable, practical graph-based AML solutions (2604.02899).