Structuring, also known as smurfing, is the criminal practice of manipulating cash deposits or withdrawals to fall below a regulatory reporting threshold, typically $10,000 in the United States. The core mechanism involves a single actor or a network of individuals executing multiple transactions of $9,900 or similar amounts over consecutive days, specifically to avoid triggering an automatic Currency Transaction Report (CTR) filing by the financial institution.
Glossary
Structuring

What is Structuring?
Structuring is an illegal financial technique where large cash transactions are deliberately broken into smaller, sub-threshold amounts to evade mandatory currency transaction reporting requirements.
Machine learning systems detect structuring by analyzing temporal proximity and aggregate volume across accounts, rather than viewing transactions in isolation. Advanced behavioral profiling algorithms identify the signature pattern of repeated, just-below-threshold cash activity, flagging the velocity and frequency of deposits that, when summed, reveal a deliberate intent to circumvent anti-money laundering (AML) controls.
Key Characteristics of Structuring
Structuring is a deliberate financial crime technique that exploits mandatory reporting thresholds. Understanding its key characteristics is essential for designing effective detection models.
Threshold Evasion
The core mechanism of structuring involves breaking a large cash sum into multiple transactions, each falling below the $10,000 Currency Transaction Report (CTR) threshold. Criminals manipulate deposit amounts to stay just under the limit—often using amounts like $9,900—to avoid triggering automated regulatory filings. This is distinct from legitimate business practices where transaction sizes naturally vary.
Temporal Patterning
Structuring is not random; it follows detectable temporal sequences. Key patterns include:
- Rapid-fire deposits: Multiple transactions at the same branch within minutes
- Multi-branch routing: Visiting different branches on the same day to avoid teller recognition
- Calendar cycling: Structuring activity clustered around specific days to exploit perceived gaps in monitoring
- Velocity spikes: Sudden bursts of sub-threshold activity after a period of dormancy
Smurfing vs. Solo Structuring
Structuring manifests in two primary operational modes:
Solo Structuring: A single individual personally conducts all sub-threshold transactions, often using multiple accounts at the same institution.
Smurfing: A coordinated network of individuals—smurfs—each conducting small transactions to distribute the structuring activity across many people and geographies, making detection significantly harder. Smurfing is a subset of structuring that introduces collusive network topology into the pattern.
Layering Intersection
Structuring is often the entry point to the layering phase of money laundering. Once cash is successfully deposited without triggering a CTR, criminals initiate complex transfers between accounts, institutions, and jurisdictions to obscure the audit trail. Detection systems must correlate structuring indicators at deposit with subsequent wire transfer velocity and inter-account topology to reconstruct the full laundering sequence.
Detection Feature Engineering
Machine learning models identify structuring through engineered features:
- Proximity-to-threshold ratio: How close transaction amounts cluster to the $10,000 boundary
- Aggregate daily velocity: Sum of all sub-threshold cash activity within a 24-hour window
- Branch dispersion index: Number of distinct physical locations visited within a short timeframe
- Beneficiary convergence: Multiple structured deposits flowing to a single destination account
- Temporal entropy: Deviation from normal transaction timing distributions
Frequently Asked Questions
Clear, technical answers to the most common questions about structuring, smurfing, and the machine learning systems designed to detect these deliberate cash transaction manipulations.
Structuring is the illegal practice of deliberately splitting a large cash transaction into multiple smaller transactions, each falling below the mandatory Currency Transaction Report (CTR) reporting threshold, to evade regulatory detection. The mechanism exploits the fact that financial institutions are only required to file a CTR for cash transactions exceeding $10,000 in a single business day. A criminal with $50,000 in illicit cash, for example, might make five separate deposits of $9,900 at different branches or on consecutive days. This technique is a core component of the placement stage of money laundering, where illicit funds first enter the financial system. Structuring is distinct from smurfing, which specifically involves using multiple individuals to conduct these sub-threshold transactions, whereas structuring can be performed by a single actor.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Understanding structuring requires familiarity with the broader anti-money laundering ecosystem. These interconnected concepts form the operational and regulatory context in which structuring detection models operate.
Smurfing
A specialized variant of structuring that distributes cash deposits across multiple individuals (smurfs) rather than a single actor. Each smurf executes transactions just below the $10,000 CTR threshold, often at different branches or institutions within a short time window. Machine learning detection relies on spatial-temporal clustering and relational network analysis to link seemingly independent smurfs to a common controller.
Currency Transaction Report (CTR)
A mandatory filing triggered when a financial institution processes a cash transaction exceeding $10,000 in a single business day. Structuring is explicitly designed to evade CTR generation. Modern AML systems use aggregation logic to detect when multiple sub-threshold transactions from a single entity would have triggered a CTR if consolidated, flagging the pattern as potential structuring.
Layering
The second stage of money laundering that often follows structuring. Once cash is deposited in small increments, layering separates the funds from their criminal origin through complex sequences of wire transfers, shell company accounts, and financial instrument purchases. Sequence-to-sequence models and temporal graph traversal are employed to trace funds through these deliberately convoluted paths.
Suspicious Activity Report (SAR)
The confidential filing submitted to FinCEN when a financial institution detects potential structuring or other illicit activity. Unlike CTRs, SARs are judgment-based rather than threshold-based. Machine learning models assist by generating risk-ranked alerts with supporting evidence packages, enabling investigators to efficiently determine whether detected structuring patterns warrant a SAR filing.
Integration
The final laundering stage where structured and layered funds re-enter the legitimate economy. Integration methods include purchasing real estate, luxury assets, or investing in cash-intensive businesses. Detection at this stage requires cross-domain analytics linking transactional data with public records, property registries, and corporate ownership databases to identify anomalous wealth accumulation inconsistent with declared income.
Risk-Based Approach
The foundational AML principle requiring institutions to allocate monitoring resources proportionally to identified risk. Structuring detection models operationalize this by applying dynamic risk scoring that adjusts monitoring intensity based on customer profiles, geographic exposure, and product usage patterns. High-risk segments receive more sensitive anomaly thresholds, reducing false positives in low-risk populations.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us