By Rav Hayer, Managing Director UK & Ireland and Head of BFSI, Europe at Thoughtworks
Fraud prevention has evolved significantly over the past two decades. What began as largely rules-based approaches, reliant on static thresholds and manual review, has shifted towards machine learning models capable of detecting anomalies in milliseconds. But as payments become instant and digital banking becomes the norm, fraud itself has evolved faster than the systems designed to stop it.
Today, financial institutions are under growing pressure to detect and prevent fraud in real time, without disrupting the customer experience. The opportunity is clear: those that can spot fraud earlier and more accurately will reduce losses and protect customer trust. But doing so requires a fundamental shift in how fraud is understood, because fraud is no longer a single-transaction problem.
No longer one-off suspicious transactions.
Historically, fraud detection has focused on individual transitions – a payment may be flagged if it looks unusual; for example, if it is larger than normal or comes from a new location.
This approach assumes that transactions can be assessed independently, but modern fraud is increasingly coordinated and networked. Criminals operate across multiple accounts, devices and identities, deliberately structuring activity so that each individual transaction appears legitimate. What looks harmless in isolation may, in reality, be part of a much larger scheme.
This shift exposes a critical limitation of traditional detection methods: transactions evaluated independently.
Real-time payments have raised the stakes.
The rise of real-time payments has made this challenge more urgent. Money now moves in seconds and once it is sent, it is often impossible to recover. A growing issue in this space is authorised push payment (APP) fraud where customers are tricked into sending money themselves.
As the transaction is technically authorised, it will look legitimate to traditional systems that assess payments individually.
This creates a difficult balance for financial institutions. They need to stop fraud instantly but also need to avoid blocking genuine payments. If too many legitimate transactions are declined, customers lose trust and may take their business elsewhere.
This growing tension is often referred to as a ‘friction gap.’
The problem with looking at transactions one by one.
Most fraud detection solutions today still analyse transactions individually. These systems are typically built on what’s known as tabular data – where each transaction is treated as a single row of information and assessed on its own.
They look at details like amount, time, location, and device to deduce whether something is suspicious. This makes them highly effective at spotting anomalies – the transactions that fall outside expected patterns.
However, the limitation is simple: fraud doesn’t always look suspicious at transaction level.
Criminal networks often spread activity across many accounts so that no single transaction stands out. Each payment may look normal on its own, but together they form a pattern.
These are often referred to as “collective anomalies” – patterns that only become visible when transactions are analysed together rather than in isolation.
This is where traditional monitoring methods struggle. They are good at spotting unusual individual behaviour but are weaker at identifying coordinated activity across groups of accounts.
A shift in data perspective.
To address this, organisations are starting to focus less on individual transactions and more on relationships. Instead of treating each transaction as a separate event, they look at how different elements are connected – for example, whether multiple accounts share the same device, move money in circles, or interact repeatedly with each other.
The shift allows fraud detection to move from asking:
“Does this transaction look unusual?”
To:
“Does this activity belong to a suspicious network?”
That change in perspective is critical as it helps uncover fraud that would otherwise stay hidden.
Using smarter technology to see the bigger picture.
New approaches, such as leveraging AI, are helping financial institutions make this shift.
These tools are designed to analyse not just individual data points, but the relationships between them. In more advanced cases, this includes graph-based approaches, where data is mapped as a network of connections rather than individual records. They can detect patterns across many steps and connections, helping identify coordinated fraud activity that could go under the radar.
Some of these models – often referred to as graph neural networks (GNNs) – are specifically designed to learn from these connections and uncover patterns across multiple steps.
Importantly, this doesn’t mean replacing existing systems. Instead, these new methods can be used alongside current solutions to improve accuracy and reduce false alarms. A hybrid approach combining both existing and newer techniques, helps organisations become more effective at detecting fraud, and improve accuracy, while keeping systems fast and reliable enough for real time payments.
Prevention needs to reflect the reality of fraud
Fraud has changed. It is faster, more coordinated, and harder to detect using traditional methods. Organisations are now operating in an environment where decisions must be made in seconds, and where mistakes can be costly – either through financial loss or lost consumer trust.
The key shift is simple: fraud is no longer about individual transactions viewed in isolation. It is about patterns, connections and behaviour across networks.
To stay ahead, organisations need to evolve how they see risk. Those that move early will be better placed to protect customers, reduce losses, and build lasting trust.
