Typologies play a vital role in any advanced analytics-based detection system. The term typology has been used in criminology for over a century and is commonly used in financial crime, but typologies are becoming increasingly important with the convergence of financial crime, cyber security, and physical threat detection (including insider threat detection). Typologies are not the same as modus operandi or Tactics, Techniques and Procedures (TTPs). As the first in a series, this article explores the origins and applications of typologies, where they fit in relation to modus operandi and TTPs, as well as how typologies need to map to detailed risks faced by the organisation to inform the ‘analytical model lifecycle’. Continue reading →