Skip to content

Balance Operations: Detecting Financial Anomalies

Published: · Updated: (13 days ago)· IZI Team

Balance Operations: Detecting Financial Anomalies in a Gaming Club

Section titled “Balance Operations: Detecting Financial Anomalies in a Gaming Club”

The Balance Operations tab inside Suspicious Activity in IZI CRM is the club’s financial anomaly filter. It collects cash balance transactions (real customer funds) and bonus balance transactions (virtual credits from loyalty programs) that deviate from your club’s normal patterns: manual corrections without an apparent reason, top-ups at unusual hours, bonus credits without an incoming payment, zero-amount sessions. To open: Analytics → Suspicious Activity → Balance Operations. Select a period, and optionally filter by staff member or operation type. The system returns a list of events with full detail — date and time, operation type, amount, customer account, staff name. The tab’s job is to surface candidates for review, not render a verdict. An anomaly is a signal to look more carefully, not automatic proof of misconduct.


The tab does not show all club transactions — only those the system scores as atypical. The main categories:

An adjustment is a balance change a staff member enters manually, without an incoming payment from the customer. Legitimate scenarios include refunds for technical failures, compensation for a billing error, or correction of a double deduction.

The problem starts when adjustments lose their connection to a real reason: adding funds to “preferred” accounts, reducing a customer’s debt without documentation, or granting bonus credits outside the loyalty program rules.

A manual adjustment by itself is not a violation. Systematic manual adjustments by one staff member in favour of the same accounts is a pattern.

A transaction was recorded but carries a zero amount. Technically this occurs during: an incomplete session start, test operations after tariff reconfiguration, or payment processing failures. If there are only a few and they coincide with known technical events, nothing is critical. If they appear regularly from one admin, investigate further.

Loyalty bonuses are normally issued automatically — customer tops up above a threshold, the system applies the configured percentage. Suspicious credits are those not tied to an actual top-up, or disproportionately large relative to the top-up amount.

The typical abuse pattern: an admin manually credits bonus balance to several accounts (their own, friends’), those accounts use the bonus to pay for sessions — the club effectively provides the service for free.

Any balance operation performed when the club is scheduled to be closed or no shift is open. Executing it requires an active CRM session, meaning someone logged in outside business hours. Sometimes legitimate (a manager correcting a remote error), but the event always warrants verification.

Amounts Significantly Deviating from Typical Spend

Section titled “Amounts Significantly Deviating from Typical Spend”

If a top-up or deduction differs substantially from the customer’s historical pattern or the club’s AOV (average session revenue divided by completed sessions), the system may flag it as atypical. A top-up at 0.5× a customer’s usual amount, or an unusually large single transfer — both land on the radar.


Business Impact: What Systematic Anomalies Cost

Section titled “Business Impact: What Systematic Anomalies Cost”

You can estimate the potential revenue loss from systematic balance abuse with a simple formula:

Estimated loss = AOV × number of anomalous operations in the period

If a staff member runs two “zero” sessions per shift (each equivalent to 1× AOV or more) across 15 shifts a month, that is 30× AOV monthly. Bonus manipulation adds the cost of credits the club “funds” from its own margin.

Exact figures depend on your tariff structure. Take your own AOV from the shift report and multiply by the estimated anomaly frequency — that gives you a concrete justification for regular monitoring.

Key nuance: losses from balance abuse rarely appear directly in revenue figures. Money technically passes through the system, but part of the service is delivered for free or subsidised by unjustified bonuses. That is why the shift report alone may not surface the problem — you need dedicated anomaly analytics.


Start with the past 7 days for routine review. For a specific incident investigation, narrow it to the date when you noticed a discrepancy.

If the list is long, start with the highest-risk categories: manual adjustments and manually issued bonus credits. These are the areas where human intervention is most direct.

Every operation in IZI is linked to the authenticated account that executed it. Ask: do anomalies concentrate on one staff member or are they spread evenly? One or two events across different people is likely coincidence. A consistent source is a pattern.

Check what was actually happening on the floor at the time. Was the customer whose balance changed actually in the club? Is there a shift log entry for an unusual situation? If an operation looks suspicious but context explains it, note it for the record and move on.

A single event is not a conclusion. Three or more similar events within 2–4 weeks linked to the same staff member or the same accounts is grounds for a documented conversation.


PatternPossible CauseNext Step
Manual adjustments by one staff member 3+ times in a weekAbuse or systematic cash register errorReview each adjustment with the staff member
Bonus credits issued without a corresponding top-upManual crediting outside the loyalty programVerify loyalty program settings and check recipient accounts
Zero-amount operations at the same point in each shiftTechnical error on session startReview error logs and cross-check with technical maintenance dates
Operations between 02:00–06:00 when club closes at 01:00Unauthorised system accessCompare with maintenance log; check who was authenticated
Large top-ups to multiple accounts by one staff memberManual fund transfer or refund schemeReview full account history and matching cash register operations
Repeated adjustments to the same accountCustomer with “special treatment” or recurring technical errorReview the account’s full history

Cash Balance vs Bonus Balance: Different Risk Profiles

Section titled “Cash Balance vs Bonus Balance: Different Risk Profiles”

The two balance types carry different risk profiles and are both tracked in the tab.

Cash balance — real customer money. Abuse here directly means lost revenue: a customer pays but the funds disappear before being registered at the register, or a staff member adds money back to a balance for no reason.

Bonus balance — virtual credits. The loss is less visible: bonuses let a customer pay for part of a session at no real cost, so the club incurs a hidden margin reduction. Bonus manipulation is harder to spot visually because it creates no cash register discrepancy, yet it erodes real revenue.

IZI tracks both in the same tab, so do not limit your review to cash transactions only.


The Balance Operations tab works as part of a broader system, not as a standalone instrument:

SignalWhere to Look Next
Cash register discrepancy in the shift reportOpen Balance Operations filtered to that shift date
Anomaly linked to a specific staff memberGo to Employees — aggregated profile of all their actions
Suspicious operation executed during maintenance modeCheck the Maintenance Log for the same period
Need to understand overall anomaly volume in the clubStart with the Suspicious Activity overview — it shows the full picture across all four tabs

Preventive Effect: Visibility Reduces Abuse

Section titled “Preventive Effect: Visibility Reduces Abuse”

When staff members know that every manual adjustment, every non-standard bonus credit, and every out-of-hours operation is automatically captured in a dedicated analytics section, the frequency of abuse drops — without requiring explicit surveillance. System transparency is itself a deterrent.

IZI records all operations with a staff name and timestamp. The history cannot be deleted or edited — data is always available for review. Regular weekly checks of the tab, even when nothing is found, build a culture of transparency: the team sees that management actively uses the system rather than simply having access to it.


How do you determine whether a manual adjustment is a violation?

Section titled “How do you determine whether a manual adjustment is a violation?”

Ask three questions: 1) Is there a documented reason (technical failure, refund, customer complaint)? 2) Does the amount match the real situation? 3) Is this a one-off or does it repeat? If the answers are yes/yes/one-off — no violation. If any answer is uncertain — have a conversation with the staff member backed by the system data.

Can you view the details of a specific operation?

Section titled “Can you view the details of a specific operation?”

Yes. Depending on your IZI CRM version, each row in the list is clickable and expands to show full details: exact timestamp, original and modified balance values, customer account identifier, and staff member name. This is sufficient to document an incident.

What if there are many suspicious operations but they all look like technical errors?

Section titled “What if there are many suspicious operations but they all look like technical errors?”

This may point to a tariff configuration issue or a workflow gap in the shift process. Check whether tariff settings changed during that period, and ask staff what unusual situations occurred. If the pattern continues, contact IZI support — it may be a system-level configuration issue rather than human misconduct.

Do you need to keep a separate anomaly log outside the CRM?

Section titled “Do you need to keep a separate anomaly log outside the CRM?”

IZI stores data automatically and it cannot be deleted. But for easier incident review, it is useful to record decisions externally: the date, a description of the situation, and how it was resolved. This helps when similar episodes recur — you can see whether the situation was analogous and how you interpreted it last time.

Frequently asked questions

What does the Balance Operations tab in IZI CRM show?

It collects cash and bonus balance transactions that the system considers atypical: manual adjustments, credits without a corresponding payment, zero-amount transactions, operations outside working hours, and any event that deviates from your club's normal pattern.

How is a manual adjustment different from a regular top-up?

A regular top-up is initiated by the customer — they pay, the system credits the amount. A manual adjustment is a balance change entered by a staff member without an incoming payment. Adjustments are legitimate in some cases (refunds, technical errors), but unjustified adjustments are the primary vector for abuse.

How do you tell an honest mistake from intentional abuse?

Look at context: who ran the operation, at what time, was the relevant customer actually in the club, does the amount match that customer's usual pattern? A single adjustment with a clear reason is likely a mistake. Recurring adjustments by the same admin benefiting the same accounts is a pattern that requires a conversation.

What does a zero-amount operation mean in this tab?

A transaction was recorded but the amount is zero. Technically this happens during failed session starts, test operations after tariff changes, or payment processing errors. A handful of these tied to known technical events is not critical. Regular zero-amount events linked to one staff member is worth investigating.

How often should you check this tab?

Ideally once a week with a 7-day filter for routine review. Additionally, after any shift report discrepancy. If the weekly event count exceeds your club's normal baseline, that is a signal for a more detailed investigation.

Can bonus credits be suspicious?

Yes. Red flags in the bonus block include: credits issued without a corresponding top-up, a bonus disproportionately large relative to the top-up amount, and bulk credits to multiple accounts by a single admin within a short window.

What is an out-of-hours operation in the context of balances?

Any balance operation performed when the club is scheduled to be closed or no shift is open. These are especially suspicious because executing them requires an active CRM session — meaning someone logged in at an unusual time.

How do you use tab data when speaking with a staff member?

IZI stores a full operation history: timestamp, amount, operation type, staff name, and customer account. Before the conversation, export or note the event list with specific timestamps. This turns a suspicion into a documented fact — without it the conversation becomes one person's word against another's.

Can you see which specific staff member performed a balance operation?

Yes. Every operation in IZI is linked to the staff account that was authenticated at the moment it was executed. Even if two admins share a shift, the system records exactly who pressed 'confirm'.