























Sunny Banerjee leads enterprise fraud monitoring implementations at First Citizens Bank as Business Implementation Manager.

getty
Fraud is evolving faster than ever, and so must the systems designed to stop it. As digital marketplaces scale globally and financial institutions support increasingly complex payment ecosystems, traditional rule‑based fraud controls are hitting their limits.
With more than two decades of experience in financial fraud prevention, risk strategy and enterprise‑level controls, I've built my career around understanding how fraud evolves and how organizations can stay ahead of it. My work spans hands‑on fraud operations, strategic program design and leadership roles guiding institutions through emerging threats. I also advise on and share insights that help elevate fraud‑fighting practices across the profession in multiple organizations and groups. This combination of practical expertise, strategic oversight and community engagement has positioned me as a trusted voice in the fraud prevention discipline.
In this article, I break down one of the most pressing challenges facing today’s fraud and risk teams: the rise of invisible transactional signals and how to identify the patterns and detect true fraud while minimizing false positives. Whether you’re a fraud investigator, risk manager, compliance leader or simply someone looking to deepen your understanding of modern fraud dynamics, this article will equip you with actionable insights.
Fraudsters no longer rely on simple patterns. They use automation, bots, synthetic identities and micro‑transaction testing to probe systems at scale. Static rules can’t keep up with this level of speed and creativity.
AI, however, thrives in this environment. Machine learning models can analyze millions of signals in milliseconds, identify subtle anomalies and adapt as fraud patterns evolve. Instead of reacting to known threats, AI enables platforms to predict and prevent emerging ones.
In early 2025, Federal authorities recovered more than $6.7 million linked to a financial fraud scheme that had targeted the city of Portland, Oregon. It was reported that "a scammer posed as an employee of a city contractor and changed payment information to redirect funds to an unauthorized account." This incident was reported by the city after a month, and fortunately, the fraudulently diverted amount was still in the unauthorized account and was recovered successfully. This was a classic case of business email compromise, one of the most common types of financial fraud schemes.
When investigating financial fraud or during payment screening, look for patterns of changes in payment instructions that often occur in transactions sent to a vendor with a preexisting relationship. After obtaining the online credentials of a legitimate business or a contractual company, fraudsters try to keep changes to ongoing payment processes minimal to avoid detection. This is done mainly by keeping the invoice unchanged except for the payee account number.
Transaction screening platforms that utilize machine learning and AI to look for deviations from known patterns, as well as new payees, are good solutions in these cases. They can identify when a new payee has been added to payment instructions or an invoice, and when these deviations are coupled with very small amounts, called penny transactions.
This digital age, while increasing convenience, also makes us vulnerable. Some of the most common digital vulnerabilities, such as data breaches and phishing, not only have an immediate impact but also trickle down to other parts of our digital presence, such as exposing our credentials to fraudsters. Fraudsters use this valuable data to create synthetic identities in digital marketplaces and use these platforms as the testing ground for stolen credentials (and credit card details) to commit fraud, such as the penny transaction fraud previously mentioned.
Digital marketplaces have become a prime target for micro‑transaction fraud because of "carding," in which fraud rings exploit low‑value orders and payments. In these attacks, criminals place a series of very small test orders, which are often under a dollar, to validate stolen cards and identify which accounts remain active. Many rings automate the process using bots, allowing them to cycle through thousands of stolen credentials in minutes.
These real‑world incidents highlight how marketplaces with high‑volume, low‑value transactions can unintentionally become ideal testing grounds for card‑testing schemes, underscoring the need for AI‑driven behavioral analytics and real‑time detection models. In cases like these, fraudsters hope the platform’s legacy rules will ignore anything below a dollar. By layering device intelligence, behavioral analytics and velocity modeling, digital marketplaces can quickly identify these patterns and shut down the testing network before it can escalate into large‑scale fraud.
Conclusion
In my experience working with fraud prevention platform vendors for banking and financial institutions, I stress that fraud prevention should always be prioritized, whereas detection should be a close parallel process. Fraudsters are tech-savvy and here to challenge us every step of the way—we need to always be a few steps, if not a few miles, ahead of them. This is a never-ending battle in which we need to protect our clients from financial fraud by collaborating with fraud prevention platform vendors who use the latest advanced technology and are open to feedback based on real-life fraud experience to enhance and update their offerings.
If fraudsters believe that they've recognized the fraud control patterns of a financial institution or digital marketplace—two of the most common targets for them—we need to ensure those patterns are rewritten. For example, micro-transaction fraud should be countered by replacing static threshold-based controls with interday accumulation logic, where instead of an alert for every penny transaction, only their cumulative effect should trigger alerts.
The incorporation of genuine consortium data in AI-driven rule engines would help ensure that the data available beyond each institution’s own repository are building blocks for global collaboration against fraudsters while enriching our fraud prevention controls for the future.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。