Monitoring Policies
Demo DataActive Policies
13
Pending / Draft
2
Regulatory-Linked
14
Domains Covered
8
| Policy | Domain | Type | Status | Version | Regulatory Ref | Approved By |
|---|---|---|---|---|---|---|
Wire Transfer Override Monitoring POL-001 Monitor all wire transfer overrides >$10K. Escalate when 3+ overrides occur within a 7-day window or during supervisor absence. | finance | threshold | active | v3 | BSA/AML — 31 CFR 1020 | David Chen |
After-Hours System Access POL-002 Flag access to production systems outside business hours (6PM-7AM) when not associated with approved maintenance tickets. | security | behavioral | active | v2 | GLBA — Reg P | Raj Patel |
CTR Structuring Detection POL-003 Detect transaction patterns that cluster within 5% of CTR reporting threshold ($10,000). Alert on 3+ sub-threshold transactions from same member within 48h. | finance | pattern | active | v5 | BSA/AML — 31 CFR 1010.311 | David Chen |
Employee Attrition Risk Signals POL-004 Monitor for combinations of: resume update signals, increased PTO requests, Glassdoor review sentiment, and declining engagement scores. | hr | behavioral | active | v1 | - | Maria Gonzalez |
Privileged Account Monitoring POL-005 Monitor all privileged service accounts for concurrent sessions, geographic anomalies, and access outside approved IP ranges. | security | threshold | active | v4 | NCUA — Part 748 | Raj Patel |
Vendor Payment Anomaly Detection POL-006 Use Benford analysis on vendor payment first digits. Flag when distribution deviates >2 standard deviations from expected frequency. | finance | anomaly | pending approval | v1 | SOX 404 | - |
Member Complaint Sentiment Analysis POL-007 NLP analysis of member complaints across channels. Escalate when negative sentiment increases >200% over rolling 7-day average. | communications | trend | active | v2 | CFPB — UDAAP | Maria Gonzalez |
Loan Approval Authority Monitoring POL-008 Monitor loan approvals against officer authority limits. Flag any approval within 10% of limit or approvals for related members. | finance | threshold | draft | v1 | NCUA — Part 723 | - |
BEC Email Behavior Analytics POL-009 ML-based email communication pattern analysis. Flag deviations in writing style, sender behavior, and request types. Trigger MFA verification on urgent wire transfer requests from anomalous patterns. | bec | behavioral | active | v1 | FBI IC3 — BEC Advisory 2025 | David Chen |
Vendor Payment Impersonation Detection POL-010 Cross-reference incoming invoices and payment instructions against vendor baseline profiles. Flag any changes to banking details, invoice format deviations, or new payment routing. | bec | pattern | active | v1 | SOX 404 / FBI IC3 | David Chen |
Cryptocurrency Transaction Monitoring POL-011 Monitor crypto wallet transactions for patterns matching pig butchering, mixer usage, or sanctioned entity transfers. Real-time risk scoring via Chainalysis integration. | crypto | anomaly | active | v1 | FinCEN — Travel Rule / BSA | David Chen |
Crypto Wallet Risk Scoring POL-012 Continuous risk scoring of crypto wallet addresses. Flag wallets associated with known fraud rings, mixer services, or OFAC-sanctioned entities. Block transactions scoring above 85. | crypto | threshold | active | v1 | FinCEN 2025-G001 / OFAC SDN | David Chen |
Ransomware Exposure Assessment POL-013 Continuous attack surface monitoring mapped to ransomware group TTPs (MITRE ATT&CK). Score based on exposed services, unpatched CVEs, dark web intelligence, and credential leak exposure. | security | anomaly | active | v2 | NIST CSF 2.0 / CISA KEV | Raj Patel |
AI-Generated Phishing Detection POL-014 Detect AI-generated phishing emails using linguistic analysis, metadata anomalies, and known AI-crafted template fingerprints. Correlate with OSINT feeds on emerging AI attack tools. | ai_threat | behavioral | active | v1 | FBI IC3 — AI Threat Advisory 2025 | Raj Patel |
Supply Chain Vendor Risk Monitoring POL-015 Continuous monitoring of third-party vendor security posture. Score and alert on changes in vendor risk profiles, breach disclosures, CVE exposure, and compliance certification lapses. | vendor_risk | trend | active | v1 | NIST SP 800-161r1 | Raj Patel |