SCAFDS: Edge-Feature Graph Attention for Interbank Fraud Detection with Attribution-Grounded SAR Generation

Mohammad Nasir Uddin

arxiv: 2605.18913 · v1 · pith:4HOIML3Nnew · submitted 2026-05-17 · 💻 cs.CR · cs.AI· cs.LG

SCAFDS: Edge-Feature Graph Attention for Interbank Fraud Detection with Attribution-Grounded SAR Generation

Mohammad Nasir Uddin This is my paper

Pith reviewed 2026-05-20 12:07 UTC · model grok-4.3

classification 💻 cs.CR cs.AIcs.LG

keywords interbank fraud detectiongraph attentionedge featuresSAR generationfraud contagionfinancial networksregulatory reporting

0 comments

The pith

A graph attention model using fraud co-occurrence edge features from regulatory records detects interbank fraud more accurately and produces traceable SAR reports.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces SCAFDS as an integrated pipeline that constructs an interbank graph with edges weighted by fraud co-occurrence frequencies drawn from past regulatory filings. It applies graph attention that factors in both node features and these edge weights to score transaction risk, then combines scores bilinearly into institution-level systemic risk measures. The system further generates SAR narratives in which every assertion ties directly to a specific numerical output from the detection pipeline. On a dataset of over half a million transactions the approach raises AUPRC by nearly 16 points and AUROC by nearly 14 points relative to a strong graph baseline, with ranking preserved on a set of enforcement actions. A sympathetic reader would care because current interbank systems ignore network propagation signals and leave regulators unable to audit the basis of submitted reports.

Core claim

SCAFDS encodes interbank topology using fraud co-occurrence frequency metrics f(u,v,t) extracted from SAR registry records, computes attention coefficients from both node representations and these edge features, performs bilinear fusion to produce systemic fraud risk scores, and generates attribution-conditioned SAR narratives with per-assertion significance thresholds that link each regulatory claim to a concrete pipeline output.

What carries the argument

Edge-feature-informed graph attention whose coefficients are derived from both node representations and fraud co-occurrence edge features f(u,v,t).

Load-bearing premise

Fraud co-occurrence frequency metrics derived from SAR registry records provide a reliable signal that encodes interbank topology and generalizes to actual fraud propagation.

What would settle it

Running the model on an interbank transaction dataset that supplies no SAR-derived co-occurrence edge features and observing no gain or a performance drop relative to the GraphSAGE-AML baseline would falsify the claim.

Figures

Figures reproduced from arXiv: 2605.18913 by Mohammad Nasir Uddin.

**Figure 1.** Figure 1: SCAFDS seven-stage surveillance pipeline. Data flows from Stage 1 (data ingestion) through Stage 3 (edgefeature ST-GAT), Stage 4 (BiLSTM), Stage 5 (bilinear fusion), and Stage 6 (attribution-conditioned SAR generation) to regulatory output. The Stage 7 feedback pathway updates Stage 3 graph attention weights from confirmed regulatory dispositions over time (prospective deployment capability). Architecture… view at source ↗

**Figure 2.** Figure 2: Stage 2 dynamic interbank fraud contagion graph G(t). Institution nodes carry node feature vectors; directed [PITH_FULL_IMAGE:figures/full_fig_p011_2.png] view at source ↗

**Figure 3.** Figure 3: Stage 3 edge-feature-informed ST-GAT forensic architecture. The novel attention formulation [W*h_v || W*h_u || e_{vu}] incorporates the fraud co-occurrence edge feature vector directly, absent from the interbank GNN architectures reviewed here architectures reviewed in this paper that compute attention exclusively from node representations. D. Stage 4: Hybrid Bidirectional LSTM-Attention Transaction Sequen… view at source ↗

**Figure 4.** Figure 4: Stage 4 bidirectional LSTM-attention forensic module. Temporal attention weights alpha_t flow to Stage 6 as the temporal forensic attribution layer, providing a time-ordered evidence trail for SAR narrative grounding. E. Stage 5: Bilinear Fraud Co-occurrence Risk Fusion and Systemic Fraud Risk Scoring Stage 5 integrates institution-level fraud contagion embeddings c_v from Stage 3 with transaction-level fr… view at source ↗

**Figure 5.** Figure 5: Stage 5 bilinear fraud co-occurrence risk fusion. Bilinear matrix M encodes confirmed fraud co-occurrence dynamics; institution-level systemic fraud risk score S_v incorporates network centrality in the fraud co-occurrenceweighted graph. F. Stage 6: Hierarchical Forensic Attribution and Attribution-Conditioned SAR Output Stage 6 constitutes the core output mechanism of SCAFDS. It generates a three-layer h… view at source ↗

**Figure 6.** Figure 6: Stage 6 three-layer hierarchical forensic attribution record and attribution-conditioned SAR generation. Per-assertion significance thresholds tau_1, tau_2, tau_3 ensure each SAR narrative assertion is traceable to a specific numerical pipeline output, a forensic auditability standard not present in prior LLM-SAR systems reviewed here. G. Stage 7: Topology-Aware Adaptive Forensic Feedback [PITH_FULL_IMAGE… view at source ↗

read the original abstract

The U.S. financial system processes approximately 1.3 million interbank transactions daily, yet no system in the reviewed literature models fraud propagation across the interbank network using fraud co-occurrence edge features. Prior interbank GNN architectures model credit contagion using credit distress supervision signals, producing systems misaligned for fraud forensics. No existing system generates SAR narratives with per-assertion forensic traceability to specific numerical detection outputs, creating regulatory auditability gaps in FinCEN-submitted reports. This paper introduces SCAFDS (Systemic Contagion-Aware Fraud Detection System), a seven-stage integrated surveillance pipeline addressing five structural limitations of prior art: (1) fraud-specific interbank topology encoding using fraud co-occurrence frequency metrics f(u,v,t) derived from FinCEN SAR registry records; (2) edge-feature-informed graph attention where coefficients are computed from both node representations and fraud co-occurrence edge features; (3) bilinear fraud co-occurrence risk fusion producing institution-level systemic fraud risk scores; (4) attribution-conditioned SAR narrative generation with per-assertion significance thresholds ensuring each FinCEN SAR assertion is traceable to a specific numerical pipeline output; and (5) topology-aware adaptive forensic feedback updating graph attention weights from regulatory dispositions. Experiments on the IEEE-CIS Fraud Detection Dataset (590,540 transactions) and a synthetic FDIC-aligned interbank network (8,103 institutions, 169,800 edges) show SCAFDS achieves AUPRC=0.515+/-0.032 and AUROC=0.802+/-0.018, representing +15.9pp and +13.7pp improvements over GraphSAGE-AML. Partial validation on FDIC enforcement action records (n=4,279) confirms consistent model ranking. USPTO Provisional Patent Application No. 64/061,083, filed May 8, 2026.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript introduces SCAFDS, a seven-stage pipeline for interbank fraud detection using edge-feature graph attention where coefficients incorporate fraud co-occurrence frequency metrics f(u,v,t) derived from FinCEN SAR registry records, bilinear risk fusion for institution-level scores, and attribution-conditioned SAR narrative generation with per-assertion traceability. Experiments on the IEEE-CIS Fraud Detection Dataset (590,540 transactions) and a synthetic FDIC-aligned network report AUPRC=0.515+/-0.032 and AUROC=0.802+/-0.018, with +15.9pp and +13.7pp gains over GraphSAGE-AML, plus partial validation on FDIC enforcement records (n=4,279).

Significance. If the central claims can be verified, the work would offer a fraud-specific extension of GNNs to interbank networks with regulatory auditability via traceable SAR outputs, addressing gaps in prior credit-contagion models. The combination of topology encoding and attribution grounding could support more defensible forensic applications.

major comments (2)

[Abstract, Experiments] Abstract and Experiments: The reported AUPRC/AUROC gains and the claim of improved detection via interbank topology rest on f(u,v,t) edge features extracted from confidential, non-public FinCEN SAR registry records. No computation procedure, synthetic proxy validation, or sensitivity analysis is provided to show how these frequencies are derived or whether the attention coefficients remain stable under altered co-occurrence distributions. This data-construction step is load-bearing for the central claim that the architecture (rather than uninspectable topology) drives the +15.9pp improvement.
[Experiments] Experiments: No ablation studies, component-wise contribution analysis, or error analysis are reported to isolate the effects of edge-feature-informed attention, bilinear fusion, or adaptive feedback from hyperparameter choices or dataset specifics. The performance numbers are therefore presented without evidence that the gains derive from the claimed architectural components.

minor comments (2)

[Experiments] The synthetic network description (8,103 institutions, 169,800 edges) would benefit from explicit details on construction and alignment with real FDIC topology to support the partial validation claim.
[Abstract] A high-level pipeline diagram would improve clarity for the seven-stage integrated surveillance system described in the abstract.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their constructive and detailed comments, which help clarify key aspects of our work. We address each major comment point by point below, committing to revisions where they strengthen the manuscript without misrepresenting our contributions.

read point-by-point responses

Referee: [Abstract, Experiments] Abstract and Experiments: The reported AUPRC/AUROC gains and the claim of improved detection via interbank topology rest on f(u,v,t) edge features extracted from confidential, non-public FinCEN SAR registry records. No computation procedure, synthetic proxy validation, or sensitivity analysis is provided to show how these frequencies are derived or whether the attention coefficients remain stable under altered co-occurrence distributions. This data-construction step is load-bearing for the central claim that the architecture (rather than uninspectable topology) drives the +15.9pp improvement.

Authors: We acknowledge that the derivation of f(u,v,t) relies on confidential FinCEN SAR records, limiting full public disclosure of the exact computation procedure. To address this, we will revise the manuscript by adding a dedicated subsection on a synthetic proxy construction method for co-occurrence frequencies, calibrated to match observed statistical properties from public enforcement data. We will also include sensitivity analysis varying the co-occurrence distributions and demonstrating stability of the resulting attention coefficients and performance metrics. These additions will support the claim that gains arise from the edge-feature attention architecture. revision: yes
Referee: [Experiments] Experiments: No ablation studies, component-wise contribution analysis, or error analysis are reported to isolate the effects of edge-feature-informed attention, bilinear fusion, or adaptive feedback from hyperparameter choices or dataset specifics. The performance numbers are therefore presented without evidence that the gains derive from the claimed architectural components.

Authors: We agree that the absence of ablations and error analysis leaves the source of gains under-specified. In the revised version, we will add a full set of ablation experiments removing or replacing each component (edge-feature attention, bilinear fusion, and adaptive feedback) while controlling for hyperparameters and dataset variations. We will also include component-wise contribution metrics and error analysis (e.g., false positive breakdowns by transaction type) to isolate architectural effects from dataset or tuning artifacts. revision: yes

Circularity Check

0 steps flagged

No significant circularity; performance claims are empirical outcomes on external datasets

full rationale

The paper describes a seven-stage pipeline for fraud detection using edge-feature graph attention informed by fraud co-occurrence metrics f(u,v,t). Reported AUPRC=0.515 and AUROC=0.802 are presented as experimental results on the public IEEE-CIS Fraud Detection Dataset (590,540 transactions) plus a synthetic interbank network, with explicit comparisons to GraphSAGE-AML. No equations, self-citations, or derivation steps in the abstract or described structure reduce a prediction to an input by construction, fit a parameter then rename it as a forecast, or rely on load-bearing self-citation for uniqueness. The central claims rest on measured performance against baselines rather than definitional equivalence, making the chain self-contained against the stated benchmarks.

Axiom & Free-Parameter Ledger

1 free parameters · 2 axioms · 0 invented entities

The central claims rest on the assumption that historical SAR records yield usable co-occurrence features and that the synthetic FDIC-aligned network captures relevant topology; no free parameters are numerically specified in the abstract but significance thresholds are mentioned as part of the SAR stage.

free parameters (1)

per-assertion significance thresholds
Used to decide which numerical outputs become assertions in generated SAR narratives; value not stated in abstract.

axioms (2)

domain assumption Fraud co-occurrence frequency metrics f(u,v,t) derived from FinCEN SAR registry records are available and suitable for topology encoding
Invoked in limitation (1) and stage (1) of the pipeline description.
domain assumption The synthetic interbank network of 8103 institutions and 169800 edges is aligned with real FDIC structures for fraud propagation
Stated in the experiments paragraph.

pith-pipeline@v0.9.0 · 5874 in / 1520 out tokens · 55062 ms · 2026-05-20T12:07:00.280170+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith/Cost/FunctionalEquation.lean washburn_uniqueness_aczel unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

edge-feature-informed graph attention: alpha_vu = softmax_u(LeakyReLU(a^T [W*h_v || W*h_u || e_vu])) ... f(u,v,t) = P(fraud_v within W | fraud_u at t)
IndisputableMonolith/Foundation/BranchSelection.lean branch_selection unclear

?

unclear
Relation between the paper passage and the cited Recognition theorem.

bilinear fraud co-occurrence risk fusion ... L_align = E[(1 - c_u^T M c_v) * f(u,v,t)]

What do these tags mean?

matches: The paper's claim is directly supported by a theorem in the formal canon.
supports: The theorem supports part of the paper's argument, but the paper may add assumptions or extra steps.
extends: The paper goes beyond the formal theorem; the theorem is a base layer rather than the whole result.
uses: The paper appears to rely on the theorem as machinery.
contradicts: The paper's claim conflicts with a theorem or certificate in the canon.
unclear: Pith found a possible connection, but the passage is too broad, indirect, or ambiguous to say the theorem truly supports the claim.

Reference graph

Works this paper leans on

2 extracted references · 2 canonical work pages · 1 internal anchor

[1]

Shapley Value-Guided Adaptive Ensemble Learning for Explainable Financial Fraud Detection with U.S. Regulatory Compliance Validation

Network-level forensic attribution layer: SHAP values decomposing the bilinear contagion amplification component w_3 * g(c_v, c_{counterparty}) into contributions from specific directed interbank edges, identifying which counterparty relationships most amplified the institution-level fraud risk score. 3) Temporal forensic attribution layer: temporal atten...

work page internal anchor Pith review Pith/arXiv arXiv doi:10.1145/3533271.3561727 2011
[2]

IEEE-CIS Fraud Detection,

Federal Deposit Insurance Corporation, 2023 Annual Report, Washington D.C.: FDIC, 2024. Available: https://www.fdic.gov/about/annual-reports/2023/index.html [15] M. Fey and J. E. Lenssen, Fast graph representation learning with PyTorch Geometric, ICLR Workshop on Repr. Learning on Graphs and Manifolds, 2019. [16] A. Paszke et al., PyTorch: An imperative s...

work page 2023

[1] [1]

Shapley Value-Guided Adaptive Ensemble Learning for Explainable Financial Fraud Detection with U.S. Regulatory Compliance Validation

Network-level forensic attribution layer: SHAP values decomposing the bilinear contagion amplification component w_3 * g(c_v, c_{counterparty}) into contributions from specific directed interbank edges, identifying which counterparty relationships most amplified the institution-level fraud risk score. 3) Temporal forensic attribution layer: temporal atten...

work page internal anchor Pith review Pith/arXiv arXiv doi:10.1145/3533271.3561727 2011

[2] [2]

IEEE-CIS Fraud Detection,

Federal Deposit Insurance Corporation, 2023 Annual Report, Washington D.C.: FDIC, 2024. Available: https://www.fdic.gov/about/annual-reports/2023/index.html [15] M. Fey and J. E. Lenssen, Fast graph representation learning with PyTorch Geometric, ICLR Workshop on Repr. Learning on Graphs and Manifolds, 2019. [16] A. Paszke et al., PyTorch: An imperative s...

work page 2023