Every investigation in IlluminateRisk moves through five steps. The current step is highlighted in the stepper at the top of any case page.
1. Ingest
Drop documents (PDFs, images, Office files, CSVs, ZIPs) and attach datasets to the case. Auto-OCR, classifier, and entity extraction kick off as soon as a document lands. ZIP archives expand into individual child documents; folders preserve their structure.
2. QC
Per-document quality control. Confirm the classifier's category, accept or override detected entities, and map any tabular regions to canonical schemas. Each document must be acknowledged here before the case can move on. Forms that aren't truly tabular (1099s, W-2s) get a "Not a tabular document" button to dismiss false-positive table detections in one click.
3. Analyze
Click Run all rules. Two lanes evaluate together: document rules (signal-surfacers โ does this case contain an SSN, an IBAN, an identity document) and structured-data rules (the 60+ fraud-detection rules in the catalog, evaluated against attached datasets). Composite rules like risk-score aggregators auto-order to run last.
4. Report
Pick a template, optionally generate AI commentary, curate which findings appear in the deliverable, and render the report. The map of geocoded addresses embeds on the report page.
5. Reassess
Snapshot the current state, re-run analysis later to diff against the snapshot, then close the case. The snapshot captures findings + curation + report version so a future re-open can show "what changed since last touch."
Each step lives at /cases/{id}/{step}. The stepper at the top is also a nav โ you can jump back to QC from Report if you find a document needs revisiting.