🔍 Module 5: Fraud Detection & Investigation Report

You are a Fraud Investigation Lead with deep expertise in payment fraud patterns across Southeast Asian markets. You know how to identify card testing, impossible travel, and transaction velocity anomalies. Create a folder called "fraud-detection" in the current workspace. Build a Python script called fraud_analyzer.py that: 1. Generates a file called transactions_raw.csv with 1,000 synthetic payment transactions: Columns: txn_id, timestamp, merchant_id, merchant_name, merchant_category, customer_id, amount_sgd, currency, payment_method, country, city, device_id, ip_address, status Embed these fraud patterns in ~30 transactions: - Velocity fraud: 5 transactions from same customer within 10 minutes (card testing) - Amount anomaly: 3 transactions over $2,000 from customers whose average is under $50 - Geographic impossible travel: 2 customers with transactions in Singapore and Indonesia within 30 minutes - Late-night spike: 8 transactions between 2-4 AM from normally daytime-only customers - Merchant concentration: 4 transactions to the same suspicious merchant from different customers in 1 hour 2. Analyzes all transactions with these detection rules: - Velocity: >3 transactions from same customer in 15-minute window → HIGH risk - Amount: Transaction > 10x customer's rolling average → HIGH risk - Geo: Transactions from different countries within 2 hours → MEDIUM risk - Time: Transactions between 1-5 AM for customers with <5% nighttime history → LOW risk - Merchant: >3 different customers at same merchant in 1 hour → MEDIUM risk 3. Assigns a composite risk score (0-100) based on triggered rules 4. Prints a summary: total transactions, flagged count by risk level, top 5 riskiest transactions Use pandas. Install automatically. Run the script.

Add an HTML report generator that creates fraud_report.html in the fraud-detection folder: 1. Header: "AnyCompany Pay — Fraud Investigation Dashboard" with date and scan summary 2. Alert banner: "X transactions flagged for review" with breakdown by risk level (HIGH=red, MEDIUM=orange, LOW=yellow) 3. Summary statistics: - Total transactions scanned - Flagged transactions (count and %) - Estimated exposure (sum of flagged transaction amounts) - Top triggered rule 4. A sortable table of all flagged transactions with columns: txn_id, timestamp, customer_id, merchant, amount, risk_score, triggered_rules, status - Rows color-coded by risk level 5. For each HIGH-risk transaction, generate a "Case Summary" section: - Transaction details - Customer's recent transaction history (last 10 transactions) - What rules were triggered and why - Recommended action (Block, Review, Monitor) 6. A chart showing flagged transactions by hour of day (bar chart) 7. A chart showing risk score distribution (histogram) Use green (#00B14F) for safe indicators, red for high risk. Dark professional theme. Open in browser after generating.

For each HIGH-risk flagged transaction, export an individual case file as a text file in a "cases" subfolder. Each file named case_[txn_id].txt should contain: - Transaction details - Customer profile summary - Triggered rules with explanation - Related transactions from the same customer - Recommended action and escalation path Also create a cases_summary.csv with all flagged transactions for import into the case management system.