FundedTrading.com · In Conversation with QuantSentry
Seeing the whole book.
Coordinated trading abuse rarely lives in a single account. It lives in the relationships between them. QuantSentry is risk management software built for prop trading firms, designed to catch that abuse where account-level tools can’t. We sat down with them to talk about what that abuse looks like in the data, why account-level tools miss it, and what defensible risk operations look like for a prop firm in 2026.
The Problem
QWalk me through what coordinated trading abuse actually looks like at scale. Not the concept, but what it looks like in the data when a firm is being hit by it.
At the single-account level it often looks like nothing. Each account passes its own checks. The abuse only becomes visible in the relationships between accounts. What you see is clusters of accounts that should not know each other trading as if they share a brain: near-identical entries and exits inside tight time windows, mirrored or opposing positions on the same instruments, and profit and loss that moves together far more than chance allows. One account takes the loss, another books the win, and the group extracts a payout the firm never priced for. The tell is correlation, not any single trade. That is exactly why account-by-account tools miss it: they are reading one page at a time, and the abuse is written across the whole book. We build a live graph of how accounts relate, so the ring becomes a shape you can see rather than a hunch a risk analyst has at two in the morning.
The tell is correlation, not any single trade.
The tell is correlation, not any single trade — five accounts, each individually compliant, trading as one linked ring.
QA number of well-regarded prop firms have shut down over the past eighteen months. How much of that is directly linked to fraud that better detection could have caught?
I will not put a number on that, because anyone who gives you a clean percentage is guessing, and I would rather be useful than confident. What I can give you is the mechanism. Firms that go down rarely die from one dramatic fraud. They die from unpriced payout liability that built up quietly. Coordinated groups farm challenges and manufacture funded accounts faster than the firm’s margins can absorb, and because the abuse is spread across accounts that each look fine on their own, it does not surface until the payouts all land at once. By then the firm is paying out on positions that were never real risk taking. Better detection does not rescue a badly run firm. But a lot of the firms that failed were flying blind on precisely the coordinated activity that is catchable. They could not see the shape of what was hitting them until it had already hit.
QWhat is the most expensive mistake you have seen a prop firm make because they did not have proper behavioural risk detection in place?
Treating a payout dispute as a support problem rather than an evidence problem. A firm flags a trader, denies the payout, and then cannot produce a clear, defensible account of why. The trader takes it public, the firm looks like it is withholding money on a whim, and the reputational cost dwarfs the single payout. The expensive mistake is not missing the fraud. It is catching it and being unable to prove it.
Enforcement without evidence is just an argument you lose in public.
QThere is a view that organised abuse groups specifically target newer or smaller firms because their detection is weaker. Is that a pattern you see?
I would frame it as incentive rather than a claim about anyone’s specific book. Organised groups go where detection is weakest and payouts are fastest, and newer or smaller firms often tick both boxes: lighter risk tooling, hungrier for volume, quicker to fund. So yes, it is a rational pattern, and operators in that segment report being probed. What I would caution against is treating size as destiny. The variable that actually matters is not how big you are, it is whether you can see coordination across accounts. A small firm with real detection is a harder target than a large one running on account-level checks alone.
Two accounts, entries 24 seconds apart, exits 119 seconds apart — one wins, one loses, and the pair nets a loss no single-account check would flag.
The Detection Layer
QThere is a lot of KYC tooling in the prop space, Sumsub, Jumio, identity verification. Where does that stop and where does something like QuantSentry start?
KYC answers one question: is this person real, and are they who they say they are. It is identity at the door, it is necessary, and we sit alongside it rather than competing with it. What KYC cannot tell you is what happens after the door: whether ten verified, entirely legitimate identities are trading as a single coordinated unit. Every account can pass identity verification perfectly and still be a node in a ring, because the fraud is not in the identity, it is in the behaviour. KYC verifies who is trading. QuantSentry analyses how they trade, and whether they are trading together.
KYC verifies who is trading. We analyse how they trade, and whether they are trading together.
KYC confirms identity at the door. QuantSentry reads whether the accounts behind it are trading as one coordinated unit.
QWhat does behavioural risk analysis actually mean in practice? What signals are you looking at that a trading platform’s built-in risk module would miss entirely?
The simplest way I can put it is this. We turn every executed trade into a vector, much the way a language model turns words into vectors. Once a trade is a point in that space, coordination stops being an exact match whose parameters you have to guess, and becomes distance you can measure. Two trades that sit close together behave alike, even when the surface details, the timing, the lot size, the instrument, have been deliberately staggered to look independent.
From there the question changes. A platform’s built-in risk module looks at each account in isolation and asks: did this account breach a rule. Drawdown, lot size, news trading, a maximum loss limit. Useful, but blind to relationships. Behavioural risk analysis asks a different question: how does this account behave relative to every other account. The signals are things like timing correlation, how tightly entries and exits cluster across accounts, mirrored or opposing positions, hold-time distributions that look copied rather than independent, and profit and loss that moves in lockstep. Detection is driven by these behavioural signals, not by anyone’s identity. The point is that a single account can sit perfectly inside every platform limit and still be one node in a coordinated ring. The platform module sees a compliant account. We see the network it belongs to.
We turn every trade into a vector, the way a language model turns words into vectors.
Independent traders scatter. A coordinated ring lands in the same tight pocket of vector space, distance 0.04, far closer than chance allows.
QBehaviour is one layer. You also correlate identity signals, device and connection. How does that fit, and how do you keep it from becoming surveillance?
Behaviour is what proves coordination. Identity is what confirms the operator behind it, and the two are kept deliberately separate. Depending on what a venue exposes, that corroboration can be device-level, a fingerprint that stays recognisable even when someone changes network or hides behind a VPN, or connection-level, signals like separate accounts signing in together, a single identity appearing from far more connections than one person plausibly uses, or sign-ins from places too far apart to be the same person travelling between them. What matters is the ordering. The score is behavioural first. Identity is context that corroborates a behavioural finding, never the finding on its own. Behaviour tells you a ring exists. Identity tells you whose hand is on it.
QA lot of operators will say their platform already includes risk tools. What is your honest answer when a firm says they do not need a standalone detection layer?
My honest answer is that their platform’s risk tools and QuantSentry answer different questions, and mistaking one for the other is how firms get hurt. Platform tools are excellent at enforcing per-account rules in real time. That is their job. What they are not built to do is see coordination across accounts, because they were never designed to hold the whole book as a graph. So I would put a simple question back to them: if fifteen accounts across three of your servers were trading as one coordinated unit right now, would your current tools surface that as a single, ranked, evidenced case? If the answer is no, that is the gap. It is not that their tools are bad. It is that they are solving a different problem.
QAccount fleets, traders running dozens of accounts to exploit the same edge. How does that show up in the data, and what does detection actually look like?
An account fleet is one operator running many accounts to multiply a single edge, or to farm challenges at scale. In the data it shows up as a set of accounts that are suspiciously alike: same instruments, same timing rhythms, near-identical strategy signatures, positions that look coordinated rather than independently arrived at. Individually each account can pass as a normal trader. Together they form a cluster that is far too similar to be coincidence. Detection is about surfacing that cluster as one thing, scoring how tightly the accounts are linked, and handing the risk team a single case with the relationships mapped, rather than a dozen separate alerts they have to join up by hand. The nearest everyday analogy is the investigator’s board, the names connected by string, except here the connections are computed from how the accounts behave rather than drawn from a hunch. We surface and prove the link. The firm decides what to do about it.
Six accounts, one operator behind them — same instruments, same timing rhythms, similarity scores too tight to be coincidence.
QMartingale abuse is banned by most firms but notoriously hard to catch in real time. How do you approach that technically?
Martingale is hard because in isolation each trade looks like a legitimate decision. The abuse lives in the pattern over time: position sizes that scale up after losses in a way designed to force a recovery the firm ends up funding. So you do not catch it by staring at one trade, you catch it by modelling the sequence: how size responds to prior losses, the shape of the escalation, and whether it fits a martingale signature rather than genuine discretionary sizing. We score that pattern as it develops rather than after the account has already blown through the risk. The honest part: no detection is a perfect real-time tripwire, and I will not claim it is. What it does is surface the pattern early and give the risk team an evidenced case while there is still time to act, instead of a post-mortem.
Position size doubling after every loss — the pattern scores as it develops, not after the account has already blown through the limit.
Network Mode
QYou have a concept called Network Mode, risk intelligence shared across firms rather than within one. Can you explain how it works and why it matters?
First the status, because I will not oversell it: Network Mode, which we call the Fraud Intelligence Network, is in design and scheduled to ship in Q3. Coordinated abuse rarely stays inside one firm. A group that farms one firm runs the same playbook at the next one. Today every firm fights that in isolation, which means each firm has to get burned before it learns the pattern. Network Mode is designed to let firms benefit from signals observed across participating firms, so a pattern that has already been seen elsewhere can raise a flag on your book before it costs you. Think of it as shared immunity against groups that treat the industry as a series of soft targets. And to be precise about how it is built: it is designed to share signals, not identities.
It is designed to share signals, not identities.
A ring hits Firm A. The anonymised signal layer raises the pattern for every participating firm — never the identity behind it.
QThe obvious concern operators will have: am I sharing my traders’ data with my competitors? How do you address that?
It is the right question, and the architecture is designed around exactly that concern. To restate the status: this is in design, shipping Q3, so I am describing the design commitment. Network Mode is opt-in and off by default. If you never switch it on, you are fully segregated, full stop. If you do opt in, what is designed to move across the boundary is anonymised behavioural fingerprints and match signals, not raw trade data, not names, not emails, and not the identity of the firm a match came from. So when a match surfaces, you learn that a behavioural pattern has been seen elsewhere, and you learn nothing about which firm, which trader, or their details. You contribute to and draw from a shared signal layer without ever exposing your book to a competitor.
“A group that farms one firm runs the same playbook at the next one.” Network Mode moves anonymised behavioural signals across the rails — opt-in, off by default. In design · ships Q3.
QWhat does cross-firm trader risk intelligence actually enable that a firm operating in isolation cannot do on its own?
In isolation, every firm is limited to its own history. You can only recognise a fraud pattern after it has already hit you at least once. That is a structural disadvantage, because organised groups are not loyal to one firm, they rotate. Cross-firm intelligence is designed to break that asymmetry: a pattern that burned another participant can pre-warn you before the group reaches your book, so you are no longer paying tuition on every new scheme individually. It turns a set of isolated firms, each with partial sight, into a network with shared sight, without any firm giving up control of its data. To be clear, this is in design and shipping Q3, but that is the value it is built to deliver.
Payout Disputes and Enforcement
QWhen a firm denies a payout and the trader disputes it publicly, on Reddit or X, the firm often cannot defend itself. What does a defensible disqualification case need to look like?
A defensible case has three properties: it is evidenced, it is consistent, and it is exportable. Evidenced means you can show the specific behaviour, the linked accounts, the timeline, and the correlation, not just a risk score and a request to trust you. Consistent means the same rule was applied the same way it would be to anyone else, so it cannot be dismissed as arbitrary or targeted. Exportable means you can hand a complete package to compliance, to legal, or into a public dispute, and it stands on its own. That is exactly what an evidence kit is for: a dossier that lays out why the decision was made, in a form that survives scrutiny. The principle underneath it: QuantSentry surfaces and proves the pattern, the firm investigates and makes the call.
The firm owns the decision. We make sure the decision is defensible.
A dossier assembled in under 90 seconds — evidenced, consistent, exportable — everything compliance and legal need, ready to survive a public dispute.
QThere is a gap between a risk team flagging a trader and a support team communicating that decision clearly. Where does that handoff break down?
The break usually happens because the risk team works in evidence and the support team works in messaging, and there is no shared artefact between them. Risk flags a trader with a score and a graph the support agent cannot interpret or safely paraphrase, so support either over-explains and leaks detection logic, or under-explains and sounds evasive. Either way the trader smells weakness. The fix is a single defensible case object that both teams work from: risk generates the evidence, and support communicates from the same source of truth rather than translating on the fly. Firms should treat enforcement communication as the last mile of risk, not a separate support function bolted on afterwards. The decision and the way it is communicated have to come from the same evidence, or the whole thing unravels the moment it is questioned.
The engine surfaces and proves the case. The firm always makes the final call — QuantSentry never moves money or issues a decision on its own.
The Bigger Picture
QQuantSentry is part of Quant Technology Group, which also operates YourPropFirm. Some operators will ask whether their trading data is completely walled off from firms on that platform. How do you answer that?
Let me answer in data terms rather than reassurance. Every firm on QuantSentry runs as an isolated tenant in internal-only mode by default, which means all detection and alerts are generated solely from that firm’s own data, within the scope that firm defines. No firm’s data leaves its instance. YourPropFirm is a consumer of the platform on exactly the same terms as any other firm, and common ownership at group level does not create data access at platform level. There is no path by which one firm’s trade data reaches another. On top of that, QuantSentry connects through read-only access, so it cannot write to or alter your book at all, and data is encrypted in transit and at rest. The only mechanism that ever crosses a firm boundary is the Fraud Intelligence Network, which is opt-in and off by default, and even then it shares anonymised signals, never raw data and never the identity of the firm behind a match. Your data is walled off by architecture, not by promise, and that applies to YourPropFirm exactly as it applies to anyone else.
Your data is walled off by architecture, not by promise.
QQuantSentry started as a risk detection layer, but you seem to be building toward something bigger. What does that vision look like?
Today QuantSentry is a detection layer: we surface and prove coordinated abuse so firms can enforce their rules with confidence. The bigger direction, and I will flag clearly that this is where we are heading rather than everything we ship today, is risk intelligence as shared infrastructure for the industry. Network Mode, shipping Q3, is the first step: firms stop fighting coordinated fraud in isolation and start benefiting from collective sight. Further out, the vision is that trust becomes portable, that a firm can make faster, better decisions because it is plugged into an intelligence layer rather than relying only on what it can see alone. Why it matters for how firms operate: risk stops being a defensive cost centre that reacts after the damage, and becomes infrastructure that lets a firm scale without scaling its losses.
There is a second half to that vision, and it matters just as much. The same behavioural read that isolates a coordinated ring also recognises genuine skill. A trader who is consistently and independently good looks nothing like a farm, and the engine can tell the difference. So the direction is not only to protect firms from the accounts that drain them, but to help them find the traders worth backing, and to give real, demonstrable talent a faster route to more capital and further opportunity. The best outcome for the industry is not just fewer bad actors. It is a clearer path for genuine alpha traders to progress, secure larger allocations, and earn the opportunities their track record deserves.
Risk intelligence that only ever says no is half a system. The other half is helping the right traders progress, so a firm grows on the strength of the people it should be keeping.
Risk intelligence that only ever says no is half a system.
QWhat does risk management infrastructure actually look like at a well-run prop firm in 2026, versus one that is winging it?
A well-run firm in 2026 treats risk as instrumentation. It has continuous, network-level visibility across its whole book, cases that are ranked so the team works the highest-exposure ones first, and every enforcement decision backed by an evidence trail it could defend publicly or to a regulator tomorrow. Risk is a function with process, not a person with a hunch. A firm that is winging it does risk reactively and manually: someone eyeballs accounts when something feels off, decisions live in one analyst’s head, payouts get denied without a clean paper trail, and the same coordinated group can hit them twice because nothing was learned the first time. The gap between the two is not spend, it is whether risk is a system or an improvisation. In this market, improvisation is how you become one of the firms that quietly disappears.
Manual review scales linearly with headcount. Coordinated abuse doesn’t wait for a risk analyst to notice.
QWhere is AI genuinely useful in this space right now, and where is it being oversold?
Genuinely useful: pattern surfacing across large, messy, relational datasets, which is exactly the correlation-across-thousands-of-accounts problem a human cannot hold in their head, and synthesis, turning a tangle of trades into a readable evidence dossier in a fraction of the time. That is real leverage. Where it is oversold: anything that claims to replace the human decision. I am wary of tools that market the idea that AI decides who to ban. In risk, the machine should surface and prove, and a human should investigate and decide, because the accountability for cutting someone off from their money has to sit with a person, not a model. The other oversell is fully autonomous real-time prevention. Detection buys you time and evidence, it is not a magic tripwire.
It is also why the system is built to argue against itself. When it assembles a case it deliberately down-weights the pairs that sit within plausible coincidence, and it will tell you when the honest call is to monitor rather than act. A tool that only ever escalates is a tool your team learns to ignore. The value is in the cases it tells you are strong, and the ones it tells you are not.
Anyone promising certainty is selling you the demo, not the reality.
QWhat does the prop trading industry look like in three years if firms take risk operations seriously, and what does it look like if they do not?
If firms take risk operations seriously, the industry consolidates around credibility. Coordinated abuse gets materially harder because detection is shared rather than siloed, payouts become defensible, disputes stop being public knife fights, and the firms that survive are the ones traders and partners actually trust. Risk becomes a competitive advantage, not just a cost. If they do not, the pattern of the last eighteen months continues: firms keep going down, not always from one big fraud but from accumulated unpriced losses they never saw coming, trust in the whole model erodes, and regulators and payment providers start treating the entire sector as high risk, which raises the cost of operating for everyone, including the good actors. The sector’s reputation is a shared resource, and right now the firms winging it are spending everyone’s credibility, not just their own.
Common Questions
QWhat is QuantSentry?
QuantSentry is risk management software built for prop trading firms. It detects coordinated trading abuse, organised group trading, copy trading rings, hedge rings, account fleets, and martingale escalation, by analysing how accounts behave relative to each other rather than checking each account against its own rules in isolation.
QWhy do prop firms deny payouts?
Firms deny payouts when detection surfaces coordinated abuse, an account or group of accounts trading in a pattern that doesn’t reflect independent, legitimate risk-taking. The real problem most firms run into isn’t spotting the fraud, it’s proving it: catching abuse and being unable to defend the decision is what turns a payout denial into a public dispute the firm loses.
QWhat are prop firm payout rules for a defensible disqualification?
A defensible disqualification case needs three properties: it’s evidenced (specific behaviour, linked accounts, timeline, correlation, not just a risk score), consistent (the same rule applied the same way to everyone), and exportable (a package that holds up with compliance, legal, or in a public dispute).
QWhat is the difference between KYC and behavioural risk detection at a prop firm?
KYC verifies identity, confirming a trader is a real person who is who they claim to be. It can’t tell a firm whether ten separate, fully verified identities are trading as one coordinated unit. Behavioural detection analyses how accounts actually trade, and whether that behaviour correlates in ways that indicate coordination rather than independent decision-making.
QDo prop firms allow martingale trading strategies?
Most prop firms ban martingale strategies, but the abuse is notoriously hard to catch in real time because each individual trade can look like a legitimate decision. What actually flags it is the escalation pattern: position size scaling up after losses in a way designed to force a recovery the firm ends up funding.
QWhy are prop firms shutting down?
Firms rarely collapse from one dramatic fraud event. They collapse from unpriced payout liability that builds up quietly, as coordinated groups farm challenges and manufacture funded accounts faster than the firm’s margins can absorb, until the payouts land all at once.
QWhat does prop firm risk management software actually do?
It sits underneath account-level platform tools, which only check rules like drawdown, lot size, or news trading per account, and asks a different question: how does this account behave relative to every other account on the book. That surfaces coordination between accounts that single-account checks are structurally unable to see.
See your trading book through our lens.
Standard risk tools look at each account in isolation. QuantSentry builds the graph of how they relate, and surfaces the coordination that is invisible otherwise.
QuantSentry surfaces and proves. Your firm investigates and decides.
Book a demo → quantsentry.com
Further reading: Case studies · Documentation (access on request)