Knogin
[Developers]

Graph Analytics Insights

An anti-money laundering analyst reviews a corporate account that has been active for two years without triggering any alerts. The balances look normal, the counterparties look legitimate, and the activity is consistent.

Back to All Modules
Category: AnalyticsLast Updated: Feb 23, 2026
analyticsaireal-timecompliance

Overview#

An anti-money laundering analyst reviews a corporate account that has been active for two years without triggering any alerts. The balances look normal, the counterparties look legitimate, and the activity is consistent. Then Graph Analytics Insights runs its temporal anomaly detection. It spots that transaction velocity jumped 340% in a single week, that connection density between three previously unlinked entities spiked simultaneously, and that the account's influence score within its subgraph tripled. The pattern is invisible in tabular data. In graph analytics, it is unmistakable.

The Graph Analytics Insights module transforms raw graph data into actionable intelligence through 50+ metrics, real-time trend analysis, anomaly detection, and predictive modelling. It gives investigators, analysts, and security teams the tools to detect emerging threats, predict future connections, and quantify relationship strength across networks containing millions of nodes, drawing on data from 153 third-party integrations feeding entity information into the platform.

Key Features#

  • 50+ analytics metrics covering network structure, behaviour, risk, and temporal patterns
  • Real-time metric computation with streaming updates as graph data changes
  • AI-powered anomaly detection with high precision identifying outliers and unusual patterns
  • Link prediction and trend forecasting for proactive threat identification
  • Temporal intelligence revealing evolution patterns and emerging threats through historical analysis
  • Network structure metrics including density, diameter, and degree distribution
  • Behavioural analytics tracking activity patterns, communication frequency, and interaction strength
  • Risk scoring and classification with threat levels, exposure assessment, and compliance risk
  • Relationship strength quantification measuring connection quality, interaction depth, and influence
  • Influence and impact analysis tracking cascading effects, viral spread, and authority ranking

Use Cases#

  • Threat Intelligence: Security teams detect emerging threats through anomaly detection and temporal trend analysis across complex network data
  • Financial Crime Analytics: Investigators quantify risk exposure and relationship strength to identify suspicious patterns in transaction networks
  • Criminal Intelligence: Law enforcement agencies analyse criminal network evolution, predict future connections, and rank targets by influence
  • Insider Threat Detection: Enterprise security teams identify anomalous access patterns and behavioural deviations through continuous graph analytics

Integration#

  • Connects with the Neo4j graph analysis layer and time-series data stores; PostgreSQL remains the authoritative data source
  • Compatible with ML platforms for advanced predictive modelling
  • Supports real-time dashboard integration through typed APIs
  • Export capabilities for analytics results to reporting and visualisation tools
  • Multi-tenant data isolation with role-based access controls
  • Automatic scaling for high-volume analytics workloads

Open Standards#

  • GraphQL (June 2018 specification): all analytics queries, subscriptions, and mutations for graph metrics, structural scoring, link prediction, and anomaly results are served through a typed GraphQL API.
  • GEXF 1.3 (Graph Exchange XML Format): analytics results and graph data can be exported in GEXF 1.3, enabling direct import into tools such as Gephi and other open graph-analysis environments.
  • W3C PROV-DM (Provenance Data Model): entity merge and split operations produced by the analytics engine are recorded as PROV-DM entities, activities, and agents, preserving a full audit trail of graph mutations.
  • W3C PROV-O / JSON-LD: provenance records are serialised as PROV-O JSON-LD documents, allowing partner verifiers and downstream systems to consume provenance chains with any standard JSON-LD parser.
  • openCypher (Cypher query language): the Neo4j graph analysis layer is queried via the openCypher dialect over a Bolt connection, underpinning community detection, motif analysis, and top-entity ranking.
  • ISO 8601: all temporal data, including trend timestamps, anomaly detection windows, and provenance operation times, is serialised in ISO 8601 format throughout the platform.
  • RFC 4122 (UUID): every graph node, edge, provenance record, and analytics result is identified by an RFC 4122 UUID, ensuring globally unique, portable entity references.

Last Reviewed: 2026-02-23 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.