Romanian Customs AI

Our client was the Romanian Customs Authority, responsible for managing customs controls, ensuring compliance with EU regulations, and safeguarding the flow of goods across borders.

The Romanian Customs Authority needed to modernize its risk management system due to growing pressure from increasing trade volumes, more complex fraud schemes, and stricter EU requirements for digitalization and interoperability.

The existing system relied on fragmented data sources, lacked a centralized Data Warehouse, and depended heavily on manual analysis and rule-based logic. This limited the ability to detect complex patterns, respond quickly to emerging risks, and fully use available data.

The objective was to move toward a data-driven system that improves risk detection, supports faster decision-making, and increases overall efficiency.

Civitta designed a comprehensive transformation of the risk management system, covering data infrastructure, analytics, and operational processes.

• Phase I: End-to-end System Design and Data Platform

We developed an end-to-end risk management framework spanning the full lifecycle – from data ingestion and integration to risk identification, analysis, and continuous monitoring. The design addressed both operational and organizational dimensions, including the establishment of a dedicated Data Analytics Unit.

In parallel, we built a centralized data platform integrating multiple data sources into a unified architecture. This included automated data ingestion (including Change Data Capture mechanisms), scalable ETL pipelines, and a structured Data Warehouse supporting both real-time and batch processing.

The solution ensured full alignment with EU risk management frameworks and institutional requirements, guaranteeing interoperability and regulatory compliance. Business Intelligence dashboards were also developed to support monitoring and reporting across risk domains.

• Phase II: AI Capabilities

We embedded advanced AI capabilities across the risk management lifecycle to enhance detection, prioritization, and decision support.

This included:

– Risk scoring models: Machine learning models trained on historical declarations and inspection outcomes to assign risk scores with explainable outputs

– Anomaly detection: Algorithms such as Isolation Forest, Local Outlier Factor, and DBSCAN to identify unusual behavior patterns and deviations in transactional data

– Similarity and pattern detection: Embedding-based methods to identify relationships across entities, operators, routes, and transactions

– AI Assistant: A large language model enabling natural language queries translated into structured data requests via retrieval-augmented generation

– Alert processing: Automated processing of external alerts using similarity matching and network analysis to identify related entities and prioritize risks

– Risk profile automation (CRMS2 / RIF): Conversion of EU system inputs into draft national risk profiles for analyst validation

– Explainability and oversight: Transparent AI outputs with full human-in-the-loop control over final decision-making

For example, the system can detect coordinated undervaluation schemes by combining anomaly detection and similarity analysis, allowing analysts to identify clusters of related transactions rather than reviewing declarations individually.

• Phase III: Proof of Concept and Operational Validation

We developed a Proof of Concept demonstrating the full system in an operational-like environment.

The PoC covered end-to-end data flows – from ingestion and processing to risk scoring, anomaly detection, and decision-support outputs. It simulated real-world operational scenarios and validated both technical feasibility and functional effectiveness.

This was complemented by close collaboration with RCA and CNIF teams through workshops and technical sessions, ensuring alignment with existing processes and constraints.

The solution was further refined using European benchmarking and best practices in customs risk management and data-driven enforcement.

The project resulted in a fully defined and validated blueprint for a next-generation risk management system.

By combining a robust data infrastructure with advanced AI capabilities, the Romanian Customs Authority is now equipped to transition from manual and reactive processes to a proactive, intelligence-driven model.

In the long term, this is expected to lead to more accurate risk detection, faster decision-making, and more efficient use of resources, while ensuring alignment with EU standards and best practices.

This case demonstrates that successful adoption of AI in the public sector requires more than technology alone.

A strong data foundation, integration into operational workflows, and clear governance are essential to unlock value. Combining advanced analytics with human expertise ensures both effectiveness and trust.

By delivering a solution that is both technically robust and operationally feasible, Civitta enabled a sustainable path toward modern, AI-driven risk management.