Technology-driven financial fraud is escalating rapidly, keeping FIs on their toes.
(Courtesy/Canva Dream Lab)
Bank Automation News, an Equipment Finance News sister publication, surveyed six risk leaders at financial institutions of various asset sizes about what aspect of technology-driven financial fraud scares them the most. This is what they said:
1.“Self-learning fraud systems and social engineering at scale are top of mind at our shop,”
Ron Winter, chief technology officer, InRoads Credit Union
2. “The ability to keep up with the advancement of AI functionality that fraudsters use to evade current KYC and authentication processes used today. Advancing technologies can make it more difficult to not only verify an existing customer but also any potential new customer as well. “
Steven Brunner, chief risk officer, Bankwell Bank
3. “What concerns me the most about financial fraud is fraudsters using AI to mask their activities, making traditional signs like typos or unusual patterns harder to detect.”
Joel Castenada, CRO, Vantage Bank
4. “The rise of AI-powered identity theft is what keeps me up at night. While I wouldn’t say this threat is being underestimated in our industry, its rapidly evolving nature and increasing sophistication are why we, as fraud professionals, must ‘stay on our toes.’ We’re dealing with fraudsters who aren’t just keeping pace with our security measures — they’re actively trying to stay one step ahead.”
Amanda Balmer, financial crimes risk officer, Pennsylvania State Employees Credit Union
5. “From my perspective, it’s always the ever-changing nature of the fraud. It’s easy to be reactive to what is out there but that is an approach that will burn you because the fraud will have already happened to some level before you can respond to it. Being proactive and putting in solutions and providing education to members and employees that help combat the fraud known and unknown to us yet is crucial.”
(Ai-generated)
Benjamin Maxim, CTO, Michigan State University Federal Credit Union
6. “The main threat I see on the horizon is this increase in velocity of attacks and types of attacks happening all at once being supported by some of the new technologies out there, like generative AI, that bad actors can use to send high velocities of threats from various groups that is global.”
Jen Martin, head of fraud and disputes, Citizens Financial Group
“In prior times, the fight was more domestic, Martin continued. “It wasn’t as large in size, and now we’re just seeing a lot of participation in fraudulent behavior and just that velocity — knowing that you’re not just focused on any one attack vector anymore, but multiple at any given time — has just really changed the landscape.”
Catching up with fraud
Richard Hills, senior managing director at financial crimes risk advisory firm K2 Integrity, which works with the American Bankers Association to prevent financial crime, echoed Martin’s view.
“What worries risk officers most is the sheer pace and complexity of fraud,” he told BAN. The sophistication of AI-powered fraud tactics such as audio and video deepfakes is only half the battle, he said.
“These tools aren’t just being used, they’re being optimized in real time. That level of adaptability is difficult to counter with traditional systems,” Hills said.
Fraud is no longer a slow trickle but a sudden onslaught, Jeff Scott, vice president of fraudtech at digital banking service provider Q2, told BAN. “It feels like a big event,” he said, noting that organized rings can trigger mass account takeovers within minutes, leaving banks scrambling with little warning. Unlike legacy fraud methods like check fraud, which allowed time for manual reviews, real-time payment systems like Zelle and upcoming commercial real-time payments platforms offer fraudsters windows of just 30 seconds to steal funds, he said.
“Fraud is no longer siloed — it’s networked,” added Alex Hall, trust and safety architect at fraud detection and management platform Sift.
While fraud can happen quickly, detection can be slow, PSECU’s Balmer said. The longer this lag, the greater the impact, she said. Fraudsters can create “sleeper” accounts, then strike when they can access larger amounts, such as through loans or deposit accounts, she said. Fraudulent accounts might only be discovered later when loans default, giving fraudsters more time to repeat their tactics and increase losses.
(Ai-generated)
AI is also helping scammers scale their operations from small-time setups to full-blown scam factories powered by bots, added Roy Zur, co-founder and chief executive at AI-powered security platform Charm Security and a former intelligence officer for the Israeli Army.
“You may think of scammers as a bored person sitting in their basement doing scams,” Zur said. “No, this is organized crime. Sometimes government led.”
Fraud management too fragmented
The challenge, Zur said, is this: While scammers are agile and quick to adopt new tools, banks are heavily regulated and slower to respond. If they don’t adapt quickly, they risk falling behind.
Fraud management also tends to be fragmented, with responsibilities spread across fraud teams, IT, compliance, cyber and customer service, Hills said. “Without a coordinated strategy, it becomes difficult to act decisively, especially in fast-moving attacks.”
The lack of structured information sharing among institutions, regulators and law enforcement can exacerbate the problem, Hills said.
“Fraud, especially scams, often targets multiple banks simultaneously, but because detection and response remain siloed, opportunities to prevent further loss or recover funds are missed,” he said.
FIs can benefit from national fraud portals supported by technologies such as federated machine learning, Hills told BAN.
“These platforms allow institutions to share actionable data while maintaining privacy, enabling faster responses and a more collective approach to stopping fraud at scale,” he said.
Editor’s note: This is the first installment of a three-part series and originally appeared in Bank Automation News, an Equipment Finance News sister publication.Click here to view Part 1.
