MaiGuard

Operator Guide

Fraud & AML Guide for African Fintech Operators

Practical patterns for building fraud and AML workflows on MaiGuard — velocity rules, screening, analyst review, and data governance.

Note

This guide describes product capability and common implementation patterns. It is not legal advice and does not constitute regulatory certification. Work with your compliance team and applicable regulators before relying on any control described here.

Overview

African fintech operators typically need three capabilities running in parallel: stop fraud losses in real time, surface suspicious activity for AML review, and produce audit trails for regulators and banking partners. MaiGuard combines synchronous scoring, rule configuration, list screening, and case manager workflows in one API surface.

This guide is written for engineering and compliance leads integrating MaiGuard — not as a substitute for your internal policies or license obligations.

Transaction monitoring

Start with velocity rules that match your product's risk profile. Common starting points for wallet and remittance platforms:

  • Outbound transfer count per customer per hour/day
  • Cumulative amount thresholds by corridor or currency
  • Failed login attempts before a successful session
  • New beneficiary added followed by high-value transfer within 24 hours
  • Device or IP reuse across multiple customer accounts (entity graph signal)

Use shadow mode to validate new rules before promoting them to live BLOCK/REVIEW decisions. See the shadow mode blog post for a rollout workflow.

List screening

PEP and sanctions screening requires structured counterparty metadata in your score payload. Minimum fields for Tier 3+ screening:

  • metadata.counterparty.fullName
  • metadata.counterparty.countryCode
  • metadata.counterparty.type

Combine global list matches with tenant-managed lists for internal blocklists and partner-supplied watchlists. Align customer IDs with the Customer Onboarding guide.

Case workflows

REVIEW decisions enter the case manager queue with transaction context, matched rules, and entity graph links. Define SLAs for analyst resolution and escalation paths for high-severity matches.

  • Assign cases by severity, corridor, or analyst specialization
  • Require resolution notes before closing cases (audit trail)
  • Export case history for periodic compliance reporting
  • Feed analyst outcomes back via the feedback API to improve rule tuning

NDPR alignment

Nigeria's NDPR applies to personal data processed in fraud and AML workflows — customer names, device identifiers, transaction histories, and analyst notes. Practical steps operators take alongside MaiGuard integration:

  • Document lawful basis and purpose in your privacy policy
  • Configure retention windows aligned with your data retention policy
  • Restrict analyst access via role-based controls in your organization
  • Include MaiGuard in vendor due diligence and data processing agreements

Tip

See Data Retention Policy and Privacy Policy for MaiGuard's platform defaults. Your operator policies may require stricter limits.

Operator checklist

  1. Integrate synchronous scoring on all payment initiation paths
  2. Pass deviceSessionId from the Browser SDK where applicable
  3. Onboard customers with stable userId values before high-value flows
  4. Configure velocity rules; validate in shadow mode before promotion
  5. Enable counterparty metadata for outbound transfers requiring screening
  6. Define analyst SLAs and audit export cadence for REVIEW cases
  7. Review compliance claims register before publishing customer-facing materials

Related: AML Rules, Market Coverage, MaiGuard vs Generic Fraud APIs.

Previous

Feedback Intelligence

Next

Overview

Was this page helpful?