OperationsOperator Admin

Risk & Compliance

The Risk & Compliance module provides tools for fraud detection, risk monitoring, multi-account detection, and the dual-approval system for sensitive operations. Staying on top of risk alerts protects both your business and your players.

Overview

Access risk features through Risk and Approvals in the sidebar. The Risk section covers fraud detection and player risk scoring. The Approvals section manages the 4-eyes approval queue.

Risk Dashboard

The Risk Dashboard provides an at-a-glance overview of your platform's risk posture:

Column / FieldDescription
Active AlertsNumber of unresolved fraud alerts
High-Risk UsersPlayers flagged with elevated risk scores
Detected Multi-AccountsSuspected multi-account clusters found
Suspicious PatternsAutomated pattern detection hits

Below the stat cards, two tables show Recent Fraud Alerts and Recent High-Risk Users for quick triage.

Fraud Alerts

The Fraud Alerts page (Risk > Alerts) shows all system-generated and manually-created alerts:

Column / FieldDescription
Alert IDUnique alert identifier
UserPlayer associated with the alert
Alert TypeCategory of the alert (see below)
Severitylow, medium, high, critical — color-coded badges
Statusopen, investigating, resolved, dismissed, false_positive
CreatedWhen the alert was generated
Assigned ToAdmin analyst handling the alert

Alert Investigation Workflow

  1. 1

    Review new alerts

    Start with 'open' status alerts, prioritizing 'critical' and 'high' severity first.

  2. 2

    Assign to analyst

    Assign the alert to yourself or a team member. This changes status to 'investigating'.

  3. 3

    Investigate the player

    Click through to the player's 360° profile. Review their betting patterns, transaction history, device fingerprints, and IP logs.

  4. 4

    Take action

    Based on your investigation, resolve the alert with an action: suspend account, require KYC verification, block account, or dismiss as false positive.

  5. 5

    Document your findings

    Add a resolution note explaining your decision. This is stored in the audit trail for compliance.

Common Alert Types

  • Velocity Alert — Unusually rapid deposits or withdrawals
  • Large Transaction — Single transaction exceeding the configured threshold
  • Pattern Match — Betting patterns consistent with arbitrage, bonus abuse, or match fixing
  • Device Anomaly — Multiple accounts from the same device
  • Geo Anomaly — Login from an unusual location or VPN detected
  • KYC Mismatch— Submitted documents don't match registration data

Multi-Account Detection

The system automatically detects potential multi-account abuse by analyzing:

  • Shared device fingerprints across different accounts
  • Common IP addresses
  • Similar registration data (name, address, phone patterns)
  • Shared payment methods

Detected clusters are displayed in the Risk Dashboard. Click a cluster to see all linked accounts and the evidence linking them.

Warning

Multi-account detection can produce false positives (e.g., family members sharing a household IP). Always investigate before taking action. Use device fingerprints and payment methods as stronger signals than IP alone.

Approval Queue

The Approval Queue (Approvals in the sidebar) handles operations that require dual authorization:

Column / FieldDescription
Requested DateWhen the approval request was created
Action TypeWhat operation needs approval (e.g., wallet_adjustment, large_withdrawal)
ResourceWhat entity is affected (user, bet, transaction)
AmountMonetary value involved (if applicable)
Expires InCountdown timer — requests auto-expire if not acted on

Approval Workflow

  1. 1

    Review the request

    Click a pending approval to see full details: who requested it, why, and the impact.

  2. 2

    Approve or reject

    Click 'Approve' (with a confirmation reason) or 'Reject' (with a rejection reason).

  3. 3

    Auto-expiry

    Requests that are not acted on within the configured time window automatically expire and must be re-submitted.

Info

You cannot approve your own requests. The system enforces separation of duties — a different admin must approve.

Player Risk Scoring

Each player receives an automated risk score based on multiple factors:

  • Betting patterns (frequency, stake amounts, timing)
  • Deposit/withdrawal behavior
  • Device and IP history
  • KYC verification status
  • Alert history

Risk scores are visible in the player's 360° profile and can be used as a filter in the player list. Categories range from low risk (recreational players) to critical risk (suspected fraud).