The Splunk app for Fraud Analytics (SFA) is a comprehensive fraud detection solution built on the existing development frameworks of Splunk Enterprise Security. SFA offers your fraud team a standardized workflow, extensive interactive visual investigation capabilities, and a robust risk-based alerting framework, which is completely customizable and extensible. 

Using the risk-based alerting framework, SFA uniquely provides fraud prevention teams the ability to improve alert fidelity and reduce false positives, ensuring that financial, legal, compliance, and reputational losses are minimized.

Splunk App for Fraud Analytics supports use cases and detections within Financial Services, Unemployment Insurance and Healthcare verticals.

Detections of fraud in Financial Services includes account takeovers, new accounts fraud, anti-money laundering and number of other use caaes.

Unemployment insurance fraud includes correlation searches and detections of three major indicators of fraud: impersonation, location deception and shared accounts.

Healthcare vertical includes detections of drug diversion and opioid mishandling. Essential detections includes attempts to access opioids forcefully, excessive number of anomalous transactions and discovery of more complex behavior patterns related to witness collusion during disposal of unused opioids.

All new and existing fraud use cases are supported with relevant dashboards and customized interactive investigator panels.

Note: 
The SFA app requires technical expertise. If you need assistance to troubleshoot the app’s framework, contact Splunk Support. If you need assistance to customize the app, contact your account team. 
The app does not include test data, but you can download and install test data from here: https://drive.google.com/file/d/1aVos6D5pJvDikPByfIPqAgaBp_KDRKKe/view?usp=drive_link. 
Please consider that using test data can use up to 7 GB and will take 10-30 minutes for the test data to initialize correctly.


* Configure *
See the Details tab for dependencies and configuration instructions.

* Help *
User Guide: https://docs.splunk.com/Documentation/FraudAnalytics/latest/UserGuide/Overview