Detection automation is table stakes now
Vendors and analysts are framing detection automation — AI baselining, automated rule updates, and ML-driven enrichment — as essential to keep pace with identity threats and reduce false positives. The message: manual rule churn won’t scale; teams should use ML toolkits to baseline user behavior and auto‑enrich detections with TI. (punchng.com)
Central Bank of Nigeria issued a circular on March 10, 2026 requiring banks, mobile‑money operators and other regulated institutions to deploy automated AML solutions within 18–24 months and to submit implementation plans within 3 months. (businessday.ng - ) Smartcomply’s Adhere platform asserts compliance with the CBN baseline and advertises AI‑driven transaction monitoring, dynamic customer profiling, behavioral‑pattern detection, enterprise case management and automated STR/SAR/CTR/FTR reporting. (punchng.com - ) Adhere is already running with banking clients across multiple African markets and lists a commercial partnership with Mastercard as part of its transaction‑level protection and merchant coverage. (techcabal.com - africa.businessinsider.com - ) Adhere publishes developer docs describing a Web SDK for liveness/ID verification, REST APIs authenticated by secret keys, and webhook notifications for events — all outputs that can be pushed into SIEMs in real time. (docs.smartcomply.com - docs.smartcomply.com - ) Splunk ingestion patterns for those outputs: REST/Webhook events from Adhere can be routed into Splunk via HTTP Event Collector or a custom add‑on and then normalized to the Common Information Model for Enterprise Security dashboards, following Splunk’s Enterprise Security integration guidance. (adhere.smartcomply.com - dev.splunk.com - ) For managed multi‑client environments, Splunk guidance and community practice recommend separate indexes per tenant, strict RBAC on indexes/dashboards, and treating the Enterprise Security app as per‑customer when strict separation is required (Splunk notes ES is not supported across a single multi‑tenant ES instance), while Splunk SOAR supports configurable multi‑tenancy for case management. (splunk.com - splunk.com - docs.splunk.com - ) Global context for identity‑centric attacks: a recent industry report cited by American Banker estimates organized financial crime at roughly $4.4 trillion and documents criminal use of AI to scale fraud and identity abuse, strengthening the case for ML baselining and automated enrichment in transaction and identity monitoring. (americanbanker.com - ) DoD Zero Trust guidance structures capabilities into seven pillars including the User/Identity pillar; Adhere’s identity assertions (BVN/NIN lookups, liveness, risk scores and behavioral baselines) can be mapped to DoD target activities for identity binding and continuous authentication described in the DoD Zero Trust Reference Architecture. (dodcio.defense.gov - punchng.com - )
