ARTICLE
30 October 2025

Anti-Fraud Redefined: Protecting Financial Services In A World Of Deception

AC
Ankura Consulting Group LLC

Contributor

Ankura Consulting Group LLC logo
Ankura Consulting Group, LLC is an independent global expert services and advisory firm that delivers end-to-end solutions to help clients at critical inflection points related to conflict, crisis, performance, risk, strategy, and transformation. Ankura consists of more than 1,800 professionals and has served 3,000+ clients across 55 countries. Collaborative lateral thinking, hard-earned experience, and multidisciplinary capabilities drive results and Ankura is unrivalled in its ability to assist clients to Protect, Create, and Recover Value. For more information, please visit, ankura.com.
Explore Firm Details
Fraud is no longer a peripheral threat; it is an endemic and rapidly evolving challenge for financial institutions.
United States Finance and Banking
Jordan Kuperschmid,Brad Schaltenbrand, and Perry Clark
Jordan Kuperschmid’s articles from Ankura Consulting Group LLC are most popular:
  • within Finance and Banking topic(s)
  • in United States
  • with readers working within the Healthcare and Media & Information industries
Ankura Consulting Group LLC are most popular:
  • within Insurance, Wealth Management and Tax topic(s)

Fraud is no longer a peripheral threat; it is an endemic and rapidly evolving challenge for financial institutions. As the digital landscape expands, so do the opportunities for sophisticated criminals, creating constant and escalating pressure on financial services companies. The sheer scale of staggering, global losses from payment fraud alone are projected to exceed $50 billion annually.1 This is not just a direct financial hit; for every $1 lost to fraud, financial institutions in North America spend an average of $4.41 in remediation costs, which includes legal fees, investigation, and recovery expenses.2 This is a fundamental risk to customer trust, brand reputation, and the financial stability of the entire sector.

Fraud has sharply increased over the past year due to economic uncertainty and advancements in artificial intelligence (AI) and machine learning (ML).

The Financial Services Fraud Landscape: A Multifaceted Threat

The financial services sector faces a diverse and interconnected array of threats. While traditional fraud schemes persist, new, technology-enabled risks are emerging at an alarming pace. The following table provides a detailed look at the modern fraud landscape, organized by the specific sector most impacted, beginning with threats that are agnostic (relevant across the entire financial services ecosystem) and then detailing risks specific to banking, insurance, and wealth management.

Industry

                                                    Fraud Example

Financial Services Industry Agnostic

 Account Takeover (ATO):  Criminals gain unauthorized access to a victim's financial accounts by using stolen login credentials. This can happen through credential stuffing — where they test lists of leaked usernames and passwords from other data breaches to see if they work on a new site — or through phishing. Once in control of the account, they can transfer funds, make purchases, or apply for new credit in the victim's name. It is important to note that this is not only done by unknown criminal actors but sometimes by known family members, such as a child or spouse.
Payment Redirection: This is a form of business email compromise (BEC) where a criminal "spoofs" an email to appear as a trusted business partner or employee. The fraudster sends an urgent request, such as "Hey, our system is down today, can you redirect the wire, payroll file, etc. to HERE." These types of scams should be confirmed with out-of-band communication, such as a phone call to a validated number. Bank account verification vendor tools can be used to validate the association of a person with a specific account. Payment portals could also be used as an alternative to prevent this type of fraud. There has been an uptick in the targeting of commercial clients — particularly among organizations that received COVID-19 related Paycheck Protection Program (PPP) loans.
Social Engineering:  This category includes scams like phishing (deceptive emails), smishing (fraudulent text messages), and vishing (scams conducted over the phone). Fraudsters exploit human psychology through these deceptive communications to trick victims into revealing sensitive information. These tactics create a false sense of urgency or authority to bypass a person's judgment and gain access to their accounts. A particularly advanced tactic is "dual spoofing," where a fraudster spoofs the bank's number to get customer information, then spoofs the customer's number to call the bank and gain account access.
Sales Fraud: This form of fraud can occur when financial representatives or agents sell products to customers and receive compensation for the sale. Financial representatives may engage in activities such as overselling, selling non-suitable items, taking funds from accounts to buy more product, or misclassifying sales to hit goals and prices. The Wells Fargo  cross-selling scandal in which unauthorized bank and credit card accounts were opened is a well-known example of this type of fraud.
Internal Fraud: Employees engaging in fraudulent activity can be a risk for any organization. Examples include embezzlement, where an employee steals funds from the company, or data theft, where an insider sells customer information to external criminals, which can then be used to facilitate other types of fraud. Activity in the procurement area, such as fake vendor invoices or inflated submissions, is another example of this type of fraud.
Card-Not-Present (CNP):  This type of fraud involves criminals using stolen credit or debit card details to make online or phone purchases without the physical card. It is a pervasive threat that affects financial institutions, merchants, and payment processors, with the availability of stolen data on the dark web further amplifying the risk.
Technological Risks:  This encompasses several threats, including cyberattacks (malware and ransomware), data breaches, and AI-driven fraud. Criminals use advanced technology to attack financial systems, steal vast amounts of data, or leverage AI to create highly sophisticated, personalized scams at scale.

Banking

 Synthetic Identity Fraud:  This often targets the credit system. A criminal might create a "Frankenstein" identity by combining a real Social Security number (SSN) with a fake name, address, and date of birth. They use this new identity to open a bank account, apply for a credit card, and build a credit history over time with small, legitimate-looking transactions. Once the credit limit is high enough, the fraudster maxes out the cards and disappears, leaving no one to pursue as the identity is a fabrication.
Real-Time Payment:  Criminals take advantage of instant payment systems to commit fraud, as the speed and irreversibility of transactions make it difficult to recover stolen funds.
Credit Bust Outs:  A fraudster opens a legitimate line of credit, rapidly maximizes the available balance, and then defaults on the entire debt, often after transferring the funds out of the country.
Credit Washing: A scammer falsely claims identity theft to credit bureaus, forcing legitimate, negative credit items to be removed from the victim's report, thereby artificially "cleaning" the credit profile to qualify for new loans or accounts.
Straw Buyer Schemes: An individual with a good credit history — the "straw buyer" — applies for a mortgage on behalf of another person who would not qualify, often for a property that is overvalued. The fraudulent mortgage is then approved, and the actual buyer defaults on the loan, leaving the financial institution with a massive loss.

   Insurance

 Property & Casualty Fraud: A common example of "soft fraud" is inflated claims. For instance, a homeowner with hail damage to their roof might claim a total loss and receive a payout for a complete roof replacement, but then only perform a minor, low-cost repair. An example of "hard fraud" is arson for profit — when a property owner deliberately burns down an insured building to file a claim for the total loss of the structure and its contents. 
Auto Insurance Repairs: This type of fraud can occur on repairs due to shoddy work, the use of aftermarket parts, side deals, and the inclusion of damage not related to the claim.
Staged Accidents: This is an example of "hard fraud" in which criminals intentionally cause a collision. Common tactics include "swoop and squat" where a car quickly cuts in front of a victim's vehicle and slams on the brakes, forcing a rear-end collision or a "jump-in," when a fraudster who was not in the vehicle at the time of an accident, later claims to have been injured in order to collect a payout.
"Owner Give-Up":  This is when a vehicle owner falsely reports their car as stolen or damaged to get an insurance payout. This often happens when the owner can no longer afford the car or needs to get rid of a vehicle with expensive mechanical problems.
Rate Evasion: People commit this type of "soft fraud" by lying on their insurance applications to qualify for a lower premium. This can involve misrepresenting the primary driver, a vehicle's garaging location, or the number of miles driven annually. This type of fraud is widespread and costs the industry billions.

Wealth Management

 Authorized Push Payment (APP):  A classic example of this is a "pig butchering" scam. A fraudster, often using a fake persona on a dating app or social media, builds a long-term relationship with a victim. Over time, they convince the victim to "invest" in a fake cryptocurrency platform. The victim is told to transfer large sums of money to what they believe is an investment account, but in reality, they are directly sending the funds to the fraudster. Because the customer authorized the fund transfer, it's not a traditional hack, making it difficult to recover the funds.
Ponzi Schemes: This is a classic investment fraud.  The most infamous example is Bernie Madoff, who promised investors high, consistent returns. Instead of actually investing the money, he used funds from new investors to pay "returns" to earlier investors. The scheme collapses when the flow of new money stops and there is not enough to pay out investors who want to withdraw their funds.
Elder Financial Exploitation:  This is a growing concern. A wealth manager, or even a family member, might convince an elderly client to give power of attorney or change a will, then misappropriate their funds. For example, a fraudulent "advisor" might move a client's life savings into high-risk, illiquid investments that generate high commissions for the advisor but are completely inappropriate for the client's risk.

The Evolving Regulatory and Standards Landscape

The regulatory environment is struggling to keep pace with the speed of fraudulent innovation. While no single, overarching anti-fraud regulation exists, a patchwork of laws and standards provides a framework for action.

  • Anti-Money Laundering (AML) and Know Your Customer (KYC): Regulations like the U.S. Bank Secrecy Act (BSA) and global standards from the Financial Action Task Force (FATF) are foundational. They mandate customer identity verification and suspicious activity monitoring, which are critical first lines of defense against many types of fraud.
  • Data Protection Regulations: The General Data Protection Regulation (GDPR) and similar laws are crucial. The link between data breaches and fraud is undeniable, making robust data protection a key pillar of any anti-fraud strategy.
  • Key Standards:
    • The Payment Card Industry Data Security Standard (PCI DSS) provides a roadmap for securing credit card information.
    • For a broader approach to program design, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) Fraud Risk Management Guide offers a principled framework encompassing governance, risk assessment, control activities, and monitoring.

The Critical Components of a Leading Anti-Fraud Program

A truly effective anti-fraud program is not merely a collection of tools; it is a strategic capability built on a foundation of strong governance, advanced technology, and a culture of vigilance. Leading practices exhibit several key characteristics:

  1. Strong Governance and Culture: Fraud prevention must be a "tone at the top" priority. This includes a clear mandate from senior leadership, a dedicated and well-resourced fraud team, and a culture that encourages every employee to be an active participant in fraud detection. Regular, comprehensive risk assessments are non-negotiable to identify vulnerabilities and emerging threats.Critically, fraud risk increasingly overlaps with money laundering, sanctions evasion, cyber-enabled identity theft and broader conduct risks. Leading regulators now expect financial institutions to adopt integrated models that combine fraud, AML, sanctions, and customer behavior analytics, rather than treating them as separate and reactive risk domains. By merging fraud-detection data with AML insights, institutions can identify anomalous patterns earlier, reduce fragmented investigations, and create a unified intelligence view of customer behavior across the lifecycle.
  2. Advanced Technology and Data Analytics: The arms race against fraud is won with data. Leading institutions are deploying:
    • Real-Time Monitoring: Using AI and ML to analyze transactions in milliseconds, identifying anomalies and patterns indicative of fraud.
    • Behavioral Biometrics: Tracking user behavior patterns, devices, and network data to produce risk scores as triggers, rather than just relying on simple location or spending profiles.
    • Enhanced Authentication: Moving beyond simple passwords to multi-factor authentication (MFA) and biometric solutions, including methods beyond single message service (SMS) and one-time PINs such as passkeys and device-based push notifications.
    • Ecosystem Integration: Leveraging fintechs and third parties for broader data coverage and integrating risk data across systems to close gaps.
    • Fraud Detection Systems: Utilizing sophisticated fraud scoring and network analysis to identify and halt fraudulent activity before it can cause harm.
  3. Robust Processes and Controls: Technology is only as good as the processes that support it. Best-in-class programs feature:
    • Rigorous KYC and Customer Due Diligence (CDD): Continuous monitoring of customer transactions and activity to detect suspicious behavior.
    • Comprehensive Incident Response: A clear, well-rehearsed plan for addressing fraud incidents, including protocols for reporting, investigation, and recovery.
    • Employee Training and Awareness: Regular training to equip employees with the knowledge to spot red flags and the authority to report them.
    • Special Investigation Units (SIUs):Having a well-oiled SIU can be a strong asset. Automated flags can identify suspects and create referrals for a human-in-the-loop review, which may be conducted by the SIU.

Kicking the Tires on Your Program: A Call to Action

The time to act is now. To build a resilient anti-fraud program, financial institutions must perform an honest self-assessment. Consider the following:

  • Strategy and Governance: Is your anti-fraud program integrated into your overall business strategy? Are roles and responsibilities clearly defined?
  • Risk Assessment: Do you have a clear understanding of your specific fraud risk exposures and your tolerance for that risk?
  • Technology and Data: Are you leveraging the latest in AI and ML? Is your data infrastructure capable of supporting real-time analytics?
  • Metrics and Reporting: Are you measuring the effectiveness of your program? Are you capturing the full benefit of your anti-fraud efforts, including avoided losses and improved customer trust?

By identifying the gap between your current state and your target state, you can develop a clear, properly resourced roadmap for building a leading anti-fraud program. This is not an expenditure; it is an investment in your company's future, a proactive measure to protect your customers, your reputation, and your bottom line. In an increasingly digital world, the ability to build and maintain trust is the ultimate competitive advantage, and a leading anti-fraud program is the cornerstone of that trust.

How Ankura Can Help

Fraud is a dynamic threat that demands a strategic and forward-thinking response. Our firm's Financial Services Advisory team helps financial institutions shift from a reactive, compliance-driven approach to a proactive, risk-based strategy. We partner with you to build and mature your anti-fraud program, turning it from a necessary expense into a source of competitive advantage.

Our approach is comprehensive, leveraging the key pillars of a leading anti-fraud program to deliver tangible results:

  • Fraud Program Assessment:We begin with a holistic evaluation of your current anti-fraud strategy, governance, and technology. By understanding your specific risk landscape and tolerance, we help you define a clear target state and a prioritized roadmap to get there. This ensures your efforts are aligned with your business objectives and regulatory expectations.
  • Operational Model Optimization: We help you refine your operating model to improve efficiency and effectiveness. This includes clarifying roles and responsibilities, enhancing the interaction between your business, risk, and technology functions, and optimizing the processes for investigation and corrective action.
  • Advanced Technology and Data Deployment: We assist in deploying targeted, data-driven solutions — including advanced analytics, AI and machine learning (ML) — to detect and prevent fraud. Proprietary tools such as Ankura's AI Analyst allow for rapid triage and review of suspected fraud or financial crime, enabling smarter decision-making, real-time monitoring, and a more sophisticated defense against emerging threats.
  • Risk and Response Remediation: In the face of a triggered fraud event, we provide rapid, expert support. We help you investigate the incident, remediate the vulnerabilities, and implement stronger controls to prevent future occurrences, allowing you to learn from the event and emerge more resilient.

By partnering with us, you can transform your anti-fraud capabilities, empowering your organization to mitigate risk, protect customer trust, and secure your financial future in an increasingly digital world.

Footnotes

1 https://b2b.mastercard.com/news-and-insights/blog/ecommerce-fraud-trends-and-statistics-merchants-need-to-know-in-2024/"

2 Every Dollar Lost to a Fraudster Costs North America's Financial Institutions $4.41 According to LexisNexis True Cost of Fraud Study from LexisNexis Risk Solutions

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors
Photo of Jordan Kuperschmid
Jordan Kuperschmid
Photo of Brad Schaltenbrand
Brad Schaltenbrand
Photo of Perry Clark
Perry Clark
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More