Transaction Monitoring clients will now be able to designate two tiers of case management permissions: Agents, which have the first tier of case permissions, and Managers, which have the same first tier permission along with additional permissions with more flexibility.

Both Agents and Managers will be able to view cases of any case type.

Agents will only be able to update cases if they are assigned to it. If a case does not have anyone assigned yet, then an Agent can assign themselves to the case. However, an Agent cannot unassign another Agent from a case, assign themselves to a case if it is already assigned to another Agent or assign another Agent to a case.

Managers will be able to update the status, assign or unassign, and make changes to all case types.

Users can view their permissions in the Settings menu of the Alloy dashboard, under “Agents”:

Please note: only admins can make changes to add/remove permissions. To set this permission, go to Settings > Roles > Permissions.

All case assignment events, as well as case status changes, will be auditable within Alloy.

Transaction Monitoring clients can now aggregate additional transactional and account-level attributes to configure custom rules in order to better detect suspicious activity patterns including:

• Irregularities in counterparties,
• Changes in user behavior compared to historical transactional activity,
• Additional filters for MCC codes, reason codes, return codes,
• Successful and attempted linking of external funding accounts,
• Attempted PII changes such as address and phone numbers changes.

Alloy’s Identity Element Velocity feature offers clients the ability to decision off of identity elements when they are seen across multiple entities; for example, detecting identities that share a SSN or phone number, then taking subsequent actions—such as tagging it informationally, running additional services or determining an outcome.

New updates to Identity Element Velocity include:

• The option to decision off of more identity elements, including email domain, mother’s maiden name and IP address.
• The ability to add more than one PII element to an IEV rule for the same evaluation (while keeping entities, timeframe and velocity count the same). For example, detecting other entities that have used both the same SSN and device alias in an evaluation within a timeframe.

For full details on how to use this feature, see our support article.

Credit Underwriting clients can now use JQ expressions with output attributes. This is similar to the existing functionality currently available for input attributes.

An example of using JQ expressions with output attributes is enabling rounding capabilities with credit policies, such as rounding a credit line assignment to the nearest $100 or rounding a number to the nearest hundredth decimal point.

If you’d like to incorporate JQ into your output attributes, reach out to your CSM or [email protected] to learn more.

Business attributes are now available for Allow/Deny Lists to be imported and decisioned on. This allows Alloy users to apply decisions based on business data received and reviewed. For more information, please see our documentation.

Alloy now provides a better CSV import experience for all users. This update makes it easier to validate the quality and format of the data being imported. Read our full documentation for how to use this new CSV import functionality.

Alloy has introduced the ability to use text strings as the Axis Headers within Matrix Models for Credit Underwriting.

If your credit policy includes calculating a credit line assignment or APR using a two dimensional grid or matrix, Alloy’s Matrix Model feature is a great way to easily handle this logic.

We have expanded our existing Axis Header configurability options to now support the following:

Ranges (FICO Score): 300-500, 500-700, 700-850

Strings (Tier): Low, Medium, High

Alloy added a designated “Authentication” section to the webhooks modal and added support for a new authentication type - OAuth 2.0 client credential flow. With this addition, we now support No Auth, Basic Auth, and OAuth 2.0.

When you create a webhook (or edit an existing webhook), there is now a section to select “authentication type”. You can select None, Basic or OAuth 2.0.