When AI empowers fraudsters, fraud doesn’t look like fraud anymore

Guest contribution from Dr Nicola Harding, shared during the 5th Annual FinCrime Leaders Summit DACH - Frankfurt

At the recent FinCrime Leaders Summit DACH in Frankfurt, Dr Nicola Harding, Criminologist, joined Mick Morris, Product Director at Cleafy, for a fireside chat on one of the most urgent challenges facing financial institutions today: how artificial intelligence is reshaping fraud.

The session was more than a discussion; it was a myth-busting conversation designed to look deeper than the usual headlines about AI and fraud and to explore how technology is already changing the way criminals operate.

Fraud is no longer a cottage industry. It has become industrialised, scalable, and powered by AI.

“AI has really helped with upscaling - bigger, better, faster, stronger. It enables criminals to do more, more quickly”.

During the COVID-19 pandemic, criminals adapted quickly, exploiting legitimate payment channels and digital banking services to move illicit funds. Today, AI has supercharged these methods. Fraudsters are now able to:

• Write convincing phishing scripts at scale
• Analyse social media to craft personalised social engineering hooks
• Clone voices and identities with alarming accuracy

The result is fraud that is not just smarter, but faster, more adaptive, and significantly harder for banks to detect.

One of the strongest points made by Dr Nicola Harding was the need to understand fraud as it really happens, not just how it appears on paper. Research that includes insights from those with lived experience of offending paints a more complex picture.

Fraudsters don’t always seek quick wins. Instead, they often exploit what can be described as “liminal spaces,” the moments where identity, access, and transactions overlap.

In these ambiguous zones, intent can be hidden. Automation thrives here, and manipulation becomes invisible until it’s too late.

Traditional fraud controls tend to focus on the transaction level—the point at which money actually moves. But by that stage, AI has already done its work.

“By the time you’re at AML or transaction monitoring, the crime is in motion, often over. The signals appear much earlier... You already have the data to pre-empt a lot of fraud. The challenge is putting it together and pointing AI at the breadcrumbs early.”

Prevention in the AI era requires going further upstream in the customer journey. Banks need systems capable of detecting unusual intent, behavioural patterns, or sequencing anomalies before the transaction occurs.

Examples include:

• Device anomalies (unexpected changes in how customers log in)
• Odd flow paths (navigating digital banking in unusual ways)
• Unusual sequencing (processes being completed in an abnormal order)

These signals reveal manipulation early. This is the foundation of prevention by design: embedding resilience directly into the architecture of digital banking services.

When asked what advice he would give to banks in Germany, Switzerland, and Austria, Dr Nicola Harding was clear: map your risk zones.

“Bring fraud, product, vulnerability, customer service, PR, and cyber into the same room at the design stage. In most institutions I visit, some of these people have never even met. Compliance can’t be a tick-box exercise. Culture has to change so cyber and fraud aren’t battling to the death on opposite sides of the house.”

Key areas of focus should include:

• Logins and identity verification flows
• Contact centre scripts
• Account recovery processes

By monitoring these touchpoints, financial institutions can build visibility where identity meets access. The goal is not just to detect fraud, but to anticipate the intent that comes before fraud itself.

Another important misconception was addressed: the belief that fraud is primarily about external attackers breaking in.

In reality, AI is increasingly being used to manipulate customers directly—to trick, coerce, and convince them to bring fraud through the front door themselves.

That means fraud prevention strategies must evolve. Defences can no longer be designed only to protect systems. They must also recognise when human trust is being hijacked.

Fraud is evolving rapidly, but so too are the tools, insights, and collaborations available to counter it. Events like the FinCrime Leaders Summit DACH in Frankfurt highlight the importance of bringing industry experts together to share knowledge and to stay one step ahead of AI-powered crime.

About the author

Dr Nicola Harding is a leading criminologist and subject matter expert in financial crime. Formerly CEO of We Fight Fraud, she works with banks, fintechs, regulators, and governments worldwide to tackle fraud and design systemic vulnerabilities. Nicola combines academic depth with frontline industry insight, advising the UK Home Office, financial institutions, and international partners on fraud prevention, consumer protection, and corporate resilience. Her work spans original research, policy influence, and creative interventions - from exposing loopholes in digital payments to developing innovative prevention frameworks adopted across the financial sector and beyond.