AI-enabled fraud is reshaping the economics of fraud defense across banking and B2B payments. For decades, financial institutions relied on post-transaction monitoring, delayed settlement windows, and manual review to identify suspicious activity and, on rare occasion, to recover funds. But fraud volumes just keep growing. Now, AI is the favorite in the fraudster’s toolkit. Detection is being outclassed by smarter scams.
What happens when all former defenses are made obsolete by AI-enabled fraud?
Once funds are paid out, they tend to be irretrievable. That’s been a reality since payments began. But the current obsession with faster B2B payments (‘the consumerization of B2B’), and an overall quickening in financial processes, is forcing banks to rethink not only fraud tools, but the very architecture of their commercial payments fraud posture.
Meanwhile, fraudsters are becoming more scalable and more convincing, using AI-enabled attacks, sophisticated phishing schemes, and increasingly advanced account takeover (ATO) tactics. The result is an arms race in which banks must combine real-time analytics, behavioral intelligence, ‘explainable’ AI, and smarter investigation workflows to keep up.
According to Bottomline fraud expert Eric Choltus, the entire financial sector is undergoing a fundamental redesign of how fraud prevention operates.
“The decision window is collapsing,” Choltus says. “With real-time payments, you have to do it in seconds, or even sub-seconds, depending on where in the flow you’re doing the monitoring.”
That AI acceleration, plus abundant fraud still perpetrated using old-timey swindles (non-AI business email compromise, phone fraud, paper check usage), is driving change in fraud monitoring strategies, AI adoption, and commercial payments investigative techniques.
Fraud Monitoring Moves Upstream
Historically, fraud systems monitored transactions near the end of the payment lifecycle, just before they were sent to the payment rail. That approach worked reasonably well in traditional payment environments where transactions might still be reversed or intercepted after detection and before settlement.
Faster ACH payments and instant options have changed that equation entirely.
Banks are now seeking earlier detection points inside payments themselves, via financial messaging and other advanced solutions, IDing suspicious behavior before funds are released. That, at least, is the desired outcome. But it’s an uphill fight, given that the U.N. Office of Drugs and Crime (UNODC) with Interpol recently placed the global fraud take at nearly a half-trillion USD last year and growing. It demands immediate action.
Accordingly, “Banks are redesigning their fraud strategies,” Choltus says. “Instead of just trying to speed things up, they have to rethink it strategically around where to monitor for fraud in the payment lifecycle, doing it as early as possible, and doing it in real time.”
That upstream approach allows institutions to ingest a broader set of fraud signals beyond the payment. Identity data, device data, behavioral biometrics, geolocation, IP address information, session behavior and user activity can all become part of the fraud decisioning process before money leaves the institution, Choltus says.
The move toward layered fraud defense is becoming especially important as account takeover attacks surge across commercial banking and client environments.
AI-powered strikes using deepfakes, highly convincing spoofed websites, and remote desktop manipulation schemes, often used together, are making it very difficult to distinguish legitimate from illegitimate activity with fraud solutions that are just a few years old.
“We’re seeing a large increase in account takeover as it relates to commercial banking,” Choltus notes as an example. “Fraudsters are leveraging technology to take advantage of remote desktop protocols and phishing schemes” in faster waves, using illicit automation.
In many cases, attackers are not merely stealing credentials. Choltus says they are gaining direct access to authentic user devices and operating inside real employee sessions, making detection significantly harder for instigators using traditional fraud systems.
That’s where behavioral biometrics emerge as a critical next-generation fraud defense capability. Banks and their payment partners are getting much better at decoding how users move a mouse, type on a keyboard, or navigate screens to determine whether behavior aligns with known user patterns. These subtle signals can help identify suspicious behavior even when traditional authentication indicators are blinking green.
Using this kind of approach, “You can increase the risk score of transactions created or approved in a session where the behavioral biometrics were off,” Choltus says. That describes an elegant digital way to expose criminals and stop fraudulent transactions from settling.
Explainable AI + Human Oversight = Victory
AI usage among banks is expanding, but many institutions remain cautious about AI-based decision-making, especially where high-value commercial transactions are involved. Imagine a scene out of “The Terminator” then reimagine it for business payments.
That caution is driving interest in ‘explainable AI’ and ‘governed AI’ models that preserve transparency and human oversight. “Nobody wants a million-dollar transaction to be stopped by AI without humans understanding why the AI stopped it,” Choltus explains.
Rather than moving directly to autonomous fraud controls, many institutions are adopting what Choltus describes as a “crawl, walk, run” strategy for AI adoption. The approach allows banks to gradually introduce AI into fraud workflows while keeping investigators and analysts comfortably involved in decision-making.
Bottomline refers to this as a “gray box” model, as compared to a “black box” model. “You can use AI and keep visibility into what’s happening. Keep it explainable. Keep humans in the loop.” Choltus says. Such transparency is important for governance, compliance, and auditability requirements for FIs.
AI is likewise proving highly valuable in reducing what Choltus calls the “fraud response cycle time.” That’s the interval between when a new fraud attack or fraud attack type is identified, and how long it takes banks’ controls to adapt and stop it.
In the past, that cycle could stretch for months as investigators analyzed incidents, identified threat vectors, updated controls, and validated new rules. Choltus says he’s seen it take six months or longer. That can be lethal for commercial payment fraud losses, and for bank customer confidence.
Agentic AI assistants are now helping banks dramatically compress those timelines by supporting investigation, analytics, model tuning, and documentation processes. Agentic AI seems the most promising operating model. “We want to use AI to help banks shorten that fraud response cycle time from months down to weeks or even days,” Choltus says.
Smarter Investigations as a Competitive Advantage
As fraud volumes grow and payment speeds increase, banks are altering how fraud investigations themselves are conducted. Modern investigation workflows need to focus on reducing analyst friction, surfacing better intelligence, and speeding up good decisions.
Choltus outlines four major priorities for improving fraud investigations:
- Intuitive investigator interfaces
- Embedded intelligence augmentation
- Record-and-replay capabilities
- Agentic AI investigative assistants
The top priority is eliminating investigatory inefficiencies. “You want all the information you need at your fingertips so that you can quickly make better decisions,” Choltus says. That includes transaction history, user context, payer/payee relationships, and risk indicators surfaced inside a unified interface.
The second priority involves intelligence augmentation. That is defined as integrating third-party intelligence sources directly into fraud analytics so investigators no longer waste time manually validating entities or beneficiaries.
“If, to begin with, the fraud system can look up [a payee] and see that [it is] a valid beneficiary, then it’ll never even serve that alert to an investigator,” Choltus explains.
The third point is generating intense interest across banking: record-and-replay capabilities that allow investigators to reconstruct a digital session screen by screen as it really happened. “This is the video camera for the digital banking branch,” Choltus says. “Investigators can replay screen by screen exactly what happened inside any session.”
It dramatically improves investigator understanding of suspicious activity, particularly with ATO and cases involving remote desktop compromise or manipulated user sessions.
Finally, agentic AI investigator assistants are proving to be a powerful tool for fraud teams. Choltus describes agentic AI investigation assistants as conversational tools capable of helping investigators interpret alerts, understand risk signals, and navigate complex fraud scenarios in real time.
“You’ve got this super powerful assistant that’s helping you understand the alert and helping you do your job better on a daily basis,” he says. As the speed of payments and services expands globally, these capabilities are moving from innovations to operations.
The future of B2B fraud defense will depend not only on detecting fraud faster, but on creating intelligent, explainable and highly adaptive systems that easily keep pace with faster, more sophisticated attacks, all while preserving the security and UX that payment networks and other high-value commercial payments systems need.
Learn more about better fraud-fighting options: Payments Fraud Defense