Skip to main content
All Systems Operational
Contact Support

Pingwire User Handbook

This section provide details of the Pingwire system's functionalities. It focuses on the key components that Users encounter in daily operations to maintain the necessary AML/CTF standards.

Introduction to Pings

Peter Lange
  • Updated
  • min read

Abstract

 

1. Background

A Ping is a system-generated unit that represents suspicious activity detected by the platform's rule engine. A ping is created when a rule with createPing=True is triggered, indicating that a predefined threshold or condition has been met.

Each ping is linked to one or more involved entities and records the controlDate of the triggering request. Pings are fundamental in tracking and addressing potential risks within the system.

2. Ping Attributes

  • ID: A unique identifier assigned to each ping.

  • Entities: The subjects (individuals, businesses, or accounts) involved in the detected activity.

  • Description: A summary of the detected suspicious activity.

  • Comments: Notes added by team members regarding the ping.

  • Rule ID: The rule that triggered the creation of the ping.

  • Score: A numerical value between 0-100 reflecting the risk level.

  • Status: The current state of the ping (Pending, Confirmed, Resolved, Ignored).

  • Created At: The timestamp of when the ping was generated.

  • Expiry Date: The date until which the rule will not generate a new ping for similar activity.

3. Ping Statuses and Actions

Upon creation, each ping is assigned an initial status and a PingScore based on the rule's ruleScore.

Status Categories:

  • Pending: Default status upon ping creation.

  • Confirmed: Indicates genuine suspicion; score remains and decreases over time based on riskDecreaseTimeline.

  • Resolved: No applicable risk despite rule validity; sets pingScore to 0.

  • Ignored: The rule is deemed irrelevant or incorrect; sets pingScore to 0.

User Actions:

  • Update Status: Change the status to Pending, Confirmed, Resolved, or Ignored.

  • Add Comments: Provide context or reasoning for changes.

  • Override Recommendations: Specify Block, Review, or Proceed for future evaluations.

  • Mute Pings: Prevent new pings from being generated for a specified period.

  • Escalate a Case: Assign a ping-related case to a team member for further review.

  • Set Priority: Define urgency levels (Low, Normal, High, Urgent).

  • Apply Tags: Categorize pings for easy filtering.

  • Merge Cases: Combine multiple related pings into a single case.

4. Managing Pings via API

The API provides several endpoints for handling pings programmatically:

List Pings

Retrieve a list of all saved pings with filtering and sorting options. Query Parameters:

  • _sort: Sort by id, createdAt, description, or entities.

  • _order: Define sorting order (ASC or DESC).

  • status: Filter by status (Pending, Resolved, Confirmed, Ignored).

  • _start & _end: Define pagination limits.

5. Create a Ping

Create a new ping by sending the required attributes:

  • Entities (list of involved entities)

  • Description (explanation of detected activity)

  • Score (risk level contribution)

  • Risk Timeline (schedule for decreasing risk impact)

  • Case ID (the associated case)

Additionally, pings can also be created manually through the Pingwire interface. To do this, navigate to the relevant case and click the “Create Ping” button in the section regarding Pings. This could be useful if you want to register an event or activity that wasn't detected automatically but still requires tracking within the case.

Update Ping Status

Modify the status and provide necessary updates:

  • Status: Pending, Resolved, Confirmed, Ignored.

  • Comment: Justification for the status change.

  • Score (if Confirmed, must be set between 0-100).

  • Ignore Rule Duration: Define how long the system should suppress similar pings.

  • Override Recommendation: Specify Proceed, Review, or Block.

Retrieve a Specific Ping

Obtain detailed information about a particular ping using its unique id.

Add Comments to a Ping

Attach comments to a ping for internal tracking and discussion.

6. Example Scenario

Scenario:

  • A rule monitoring incoming volume over 10 days has a threshold of 1,000 SEK.

  • An entity exceeds 1,000 SEK within 3 days → a ping is created.

  • No new ping is generated as long as the current ping remains Pending.

  • If the entity crosses 1,000 SEK again within the remaining 7 days, a new ping is created.

  • Once the ping is Confirmed, Resolved, or Ignored, a new ping is triggered upon the next threshold breach.

  • If the rule is muted, no pings will be created during the mute period.

This documentation ensures clarity on ping creation, management, and API integration, helping users track and resolve potential risks effectively.

Was this article helpful?
like-icon
dislike-icon