Graph Based Structural Anomaly Scoring and Hybrid Ranking for Audit Oriented Screening of Accounting Transaction

Himadri Chowdhury, Georgia Southern University
Md Istiak Morsalin, Georgia Southern University
Rafe Sumnan Azade, Georgia Southern University
Vijayalakshmi Ramasamy, Georgia Southern University
Gokila Dorai, Augusta University

Abstract

Privacy policies play a crucial role in disclosing organizational data practices; however, their lengthy and complex nature hinders user understanding and regulatory auditing, particularly in e-commerce. To address these challenges, we introduce the Data Protection Regulation analysis (GraphDPR) framework, which leverages graph-based semantic analysis for auditing privacy policies. GraphDPR employs transformer-based text processing, knowledge graph creation, and unsupervised topic modeling to generate structured representations of policy content. It converts privacy policies into entity–category–data point triples, normalizes them with Sentence-BERT embeddings, and enhances them into company-specific knowledge graphs using Neo4j. These graphs are then analyzed with Latent Dirichlet Allocation (LDA) to identify thematic patterns in the data collection. GraphDPR facilitates both static and comparative audits by aligning policy content with regulatory standards, yielding interpretable insights into compliance. Experimental results indicate that it provides better regulatory coverage and topic clarity than existing systems, like PolicyGPT and Poligraph. By integrating graph mining and semantic modeling, GraphDPR enhances automated privacy policy auditing and supports scalable compliance monitoring.