This project demonstrates an end-to-end fraud analytics and risk scoring workflow, from raw transactional data through rule evaluation, account-level risk scoring, and an operational summary dashboard.
The goal of the project is to replicate how fraud and risk teams:
- Monitor suspicious activity using rules
- Classify severity (HIGH / MED)
- Aggregate risk at the account and customer level
- Surface actionable insights for fraud operations and investigations
The final output is a Fraud Operations Summary dashboard designed for analysts, risk managers, and decision-makers.
The project follows a star-schema-style layout with clear separation between dimensions, facts, and curated outputs.
dim_customers.csv– customer identifiers and attributesdim_accounts.csv– account-level identifiers and metadatadim_merchants.csv– merchant reference datadim_devices.csv– device identifiers and attributes
fact_transactions.csv– transaction-level data including international indicatorsfact_login_sessions.csv– authentication and login session activityfraud_rule_hits.csv– fraud rule triggers with severity and timestamps
account_risk_scores.csv– account-level risk scoring output derived from transactional and rule activity
Fraud rules are evaluated at the transaction level and recorded in fraud_rule_hits.
Each rule hit includes:
rule_coderule_severity(HIGH / MED)hit_ts(timestamp of rule trigger)- Associated
account_idandcustomer_id
Severity is used throughout the analysis to differentiate:
- High-confidence fraud signals
- Medium-risk or investigatory signals
Account-level risk is computed in the curated layer (Account_Risk_Scoring) using:
- Frequency of fraud rule hits
- Severity of triggered rules
- Transaction behavior patterns (e.g., international activity rate)
- Recency of suspicious activity
Key outputs include:
risk_score– composite numeric risk scorerisk_tier– HIGH / MED / LOW classificationlast_txn_ts– most recent transaction timestamplast_hit_ts– most recent fraud rule trigger
The Fraud Operations Summary dashboard provides a consolidated operational view of fraud activity.
-
Executive Fraud & Risk Overview
High-level KPIs summarizing transaction volume, declines, rule hits, and severity distribution. -
Fraud Rule Activity Over Time
Rule hit volume across recent monitoring windows (24 hours, 7 days, 30 days). -
Highest Risk Accounts (Model Output)
Accounts ranked by composite risk score and risk tier. -
Fraud Rule Effectiveness & Severity Breakdown
Rule-level performance showing total hits and severity mix. -
Account-Level Rule Activity
Accounts generating the highest volume of fraud alerts, including recency and rule diversity. -
Customer-Level Rule Activity
Aggregated fraud rule activity across customers for exposure analysis.
The following screenshots illustrate key dashboard views:
summary_kpis.pngtop_risk_accounts.pngrule_effectiveness.pngaccount_rule_activity.pngcustomer_rule_activity.pngfraud_rule_activity_over_time_.png
The SQL folder reflects a production-style analytics pipeline:
sql/ ├── 00_schema/ │ └── 001_create_tables.sql ├── 10_staging/ │ └── stg_transactions.sql ├── 20_rules/ │ └── rule_severity_logic.sql ├── 30_scoring/ │ └── account_risk_scoring.sql ├── 40_reporting/ │ └── fraud_summary.sql
This structure separates schema creation, staging logic, rule logic, scoring, and reporting.
- Fraud analytics & rule-based detection
- Risk scoring and tiering
- Data modeling (fact / dimension design)
- Google Sheets for analytical prototyping
- SQL for schema, scoring, and reporting logic
- Dashboard design for fraud operations
- Data export and project packaging for analytics portfolios
- Review raw and curated datasets in the
data/directory - Examine scoring and reporting logic in the
sql/directory - Open the dashboard file in
dashboards/to explore fraud insights - Reference screenshots for a quick visual overview
This project is designed as a portfolio demonstration of fraud analytics concepts and workflows.
All data is synthetic and intended for educational and professional showcase purposes only.