Be it new generations of artificial intelligence or increasingly skilled threat actors, fraud continues to be a massive thorn in the side of banks and credit unions across the U.S. New research from American Banker finds that institutions have more gaps in risk defenses than they might think.
Risk and fraud professionals at financial institutions saw significant upticks in attempts over the 12-month period ending April 2025, impacting areas such as onboarding new products and day-to-day interactions with customers. This trend is
American Banker polled 121 executives across the bank, credit union and payments industries as part of its
Top findings from the report include:
Improving fraud management is a top customer experience priority for bankers.- Card and check fraud are the
top fraud category for respondents this year. - Big players were focused most on
real-time payments fraud , while smaller ones looked to card and check fraud. - Fraud attacks are on the rise
across bank operations . - The challenge of
combining disparate data sources is a huge hurdle to effective fraud prevention.
Other areas of the report feature insights into how institutions are deploying technology to improve customer experience while stiffening customer identity verification.
Results from the report are highlighted below using interactive charts. Mouse over each section for more detail, and click on the chart labels to show or hide sections.
While outdated user portals and siloed user channels are often sore spots for financial institutions trying to offer a good customer experience, surveyed bankers say deterring and minimizing fraud attempts is their top priority in the coming months.
Roughly 63% of those surveyed put
Other priorities range from reducing friction points (55%) and seamless identity authentication (50%) to addressing know-your-customer compliance requirements (27%).
Nic Adams, co-founder and chief executive of the cybersecurity firm 0rcus, said that banks' typical approach to combating fraud is "overwhelmingly reactive" through investments in "fraud detection and getting money back, not in proactive fraud prevention built into their systems."
For their customer verification procedures, banks "must stop building systems that depend on the safety of personal information like Social Security numbers or dates of birth. It is all stolen," he said.
Fraud is an umbrella term that accounts for a wide range of schemes ranging from card and check fraud to money laundering and even identity theft, which means that not all attacks hit banks as hard as the others.
Respondents said
Identity theft and synthetic identity seemed to aggrieve bankers less this year than in 2024, when American Banker first conducted this report. They fell by 7% and 6% respectively.
Kevin Surace, CEO of the software testing firm Appvance, said that because most traditional forms of customer verification tools only measure access to a device and not the true identity of the user, banks are left open to fraudsters using phishing, spoofed websites or social engineering to scam consumers.
"Payments fraud is no longer just a detection problem, it is an identity problem. Every major scam from account takeovers to real-time payment abuse begins with a failure to confirm who is actually transacting," Surace said. "Only hardware-based biometric authentication that is phishing-proof and cryptographically tied to the banking domain solves this."
The results from the report paint an interesting picture, in that the scale of the financial institution meant the fight against fraud could be on a different battleground.
For instance, 65% of those working at national banks with more than $100 billion of assets were focused on real-time payment fraud through networks such as Zelle and systems including the Federal Reserve's FedNow and The Clearing House's TCH.
Among bankers at midsize to regional banks, those with between $10 billion and $100 billion of assets, 54% were most preoccupied with wire transfer fraud.
Community banks with less than $10 billion of assets and credit unions/payments firms had similar fears when it came to card and check fraud.
Experts like Richard Crone, CEO of Crone Consulting LLC, highlighted how the near-instant nature of technology like real-time payments is a benefit for fraudsters just as much as it is for consumers.
"[Real-time payments] is uniquely vulnerable because there's no dispute window, once the fraud clears on RTP, recovery success rates drop below 20% as per our findings," Crone said.
These worries are expected to continue into what Crone identified as the next wave of payments technology called
"Agentic payments compress the fraud window to milliseconds, so without active, biometric-based password-less controls … the risk isn't added, it's multiplied," Crone said.
It's not just the different kinds of fraud tactics that create problems for bankers, but also the frequency with which these attacks happen.
Close to one-third of professionals surveyed said they saw a sharp rise in fraudulent activity across ongoing day-to-day interactions with customers over the last 12 months. Similar activity was reported during product onboarding tasks and instances where customers were reverifying their identity.
Dennis Maicon, vice president of payments and banking for the fraud management software firm DataVisor, said smaller institutions can boost their fraud measures by tapping into "consortium intelligence" that includes flagging data such as "behavioral blacklists, shared device intelligence and synthetic identity markers."
"Participating in data collaboratives or partnering with vendors who maintain these networks allows smaller FIs to detect emerging threats faster and more accurately than relying solely on internal data," Maicon said.
Struggles with integrating data from across all channels and sources were a major challenge for fraud combating efforts at banks with $10 billion of assets and beyond. Eliminating points of friction in the customer verification process was the most pronounced issue for credit unions and payments firms of all asset sizes.
The friction in customer verification is often tied to a gap in priorities between teams tasked with onboarding new customers and those working to safeguard institutions and customers alike from fraud, according to Trace Fooshée, strategic advisor for advisory firm Datos Insights.
"A lot of the folks who are [focused on acquiring] deposits, new relationships, digital accounts and so on and so forth, they want to maximize acquisitions and often see the fraud unit as something of a speed bump in making those acquisitions as voluminous and high margin as possible," Fooshée said.
In order to get senior management to invest more into counterfraud measures, those teams need to be able to successfully showcase that their work will "reduce multiple different types of losses, while simultaneously reducing friction in onboarding," he said.
