Frequency-Disturbance AML: A Corridor-Aware Edge-AI Framework for Detecting Control-Logic Evasion in Transaction Streams

Anti-money-laundering (AML) monitoring still relies heavily on transaction-centric logic: amounts, counterparties, static thresholds, and post-hoc alert classification. This leaves a structural blind spot. Sophisticated actors do not merely hide suspicious transactions; they manipulate transaction rhythm so that control windows, threshold rules, and monitoring cadences degrade in sensitivity. This paper introduces a frequency-centered AML framework that models money-laundering detection as a control-system disturbance problem rather than a pure transaction classification problem.

The proposed method consists of three layers. First, a corridor-aware baseline models expected temporal cadence for transfer corridors and event streams. Second, a disturbance engine scores compression, fragmentation, inter-arrival deviation, burst formation, and online drift relative to corridor-local priors. Third, an edge-oriented runtime produces lightweight stream scores suitable for deployment alongside existing transaction-monitoring stacks. The framework is designed as a micro-algorithmic enhancement layer rather than a replacement core, allowing integration with incumbent AML, fraud, or sanctions systems.

Benchmarking was conducted on openly available AML-relevant datasets and published transaction materials, including public sanctions data, public investigative transaction releases, and synthetic AML benchmarking structures. In comparative analysis, the method is positioned against recent synthetic AML frameworks such as AMLNet, which combine transaction generation with ensemble detection. The core distinction is architectural: AMLNet primarily detects suspicious transactions using amount, temporal, and network features, while the present framework detects manipulations of monitoring conditions themselves through frequency disturbance, threshold interference, and rhythm disruption. This shifts AML detection from transaction-centric classification toward adversarial control-logic analysis.

The results support the practical and conceptual relevance of a frequency-disturbance view. Even under coarse or partially aggregated data, corridor baselining and stream disturbance scores provide a usable signal layer for ranking, filtering, and escalation. The contribution is therefore twofold: a new analytical framing for AML detection, and an implementable edge-AI-compatible benchmark/runtime package for future integration, testing, and licensing.