Sector Spotlight: Transaction Fraud Systems

JULY 8, 2025

By: Tyler Brown

Fraud detection and prevention systems play a crucial role in protecting financial institutions (FIs) from financial losses and reputational damage while ensuring compliance with applicable laws. These tools identify suspicious activity and mitigate fraud to avoid financial damage to the FI or its customers. Effective fraud systems help manage operational costs and support an institution’s growth by enabling more, faster, and lower-friction transactions at a low successful fraud rate.

This Sector Spotlight covers fraud systems for payments rails that FIs directly enable access to for their customers. The three key types of products that are adjacent to transaction fraud management are KYC, AML monitoring, and authentication.

We do not cover fraud systems that are sold primarily to nonbanks, directly or through distributors (e.g., acquiring banks, payment gateways, payment processors) but offer examples in our supplementary list. Many of these systems are designed to mitigate card-not-present fraud (merchants are liable for fraudulent card-not-present transactions by card network rules) and chargeback fraud (the acquiring bank may hold the merchant liable and debit its account). They may also cover ACH transactions in this context.

Bank-focused fraud systems address the following:

• Checks: Check fraud systems offer two core capabilities, which are frequently part of the same solution. One is broadly defined as check-image verification, which confirms that the check is legitimate, validates signatures and amounts, and checks for alterations. The other uses data from the bank and check-fraud consortia to risk-score the check based on historical customer activity and consortium data to screen for the risk of check kiting and payment scams like excess of purchase price, fake payments for sold goods, or lottery scams.
• ACH: ACH fraud systems block fraudulent or fraud-induced payments before settlement. These systems aren’t necessarily sophisticated: An ACH fraud system may only process a batch file and deny or flag transactions for review based on basic transaction parameters (like transaction amount or type of recipient). A more sophisticated system risk-scores ACH transactions based on historical customer transaction patterns and consortium data, and these systems use some combination of device, location, behavior intelligence, and step-up authentication to prevent or limit damage from fraud.
• Wires: Wire transfer fraud systems focus on identifying and verifying the payee. The value of the average wire makes the potential damage of authorized push-payment fraud to the customer immense, and the FI faces liability if it’s negligent or careless in processing a wire. Institutions with high volumes of wires, and wires that can be initiated through digital banking, require account takeover and authorized push payment protections like those for ACH, but more robust, and should be tuned to an institution’s wire initiation process and risk tolerance.
• Real-time payments: Real-time payment fraud systems must be able to immediately process everypush-payment transaction straight-through within the FI’s risk tolerance, protected by robust account takeover prevention and multiple layers of authentication.
• Cards: Credit and debit card fraud systems use customer behavior and transaction location to help banks and credit unions prevent unauthorized transactions and mitigate chargeback fraud, limiting the bank’s exposure to losses based on network rules and federal regulations. Zero-liability protection for consumer credit cards places substantial liability on issuers for unauthorized transactions.

What’s going on in transaction fraud systems

As FIs adopt new rails and as fraud technology evolves, so does fraud. Each rail brings different transaction speeds, authentication standards, and processing flows, forcing fraud systems to adapt. Early fraud tools were designed for slower, manual environments like checks and wires, but the growth of digital payments and higher transaction volumes has made automated, real-time detection essential.

Below is a look at the latest developments in fraud systems across categories:

Checks

Check fraud prevention systems have evolved in the two decades following Check 21’s implementation by Regulation CC. By enabling the use of substitute checks and electronic image clearing, Check 21 shifted check fraud management from physical document review to electronic verification. Modern check fraud systems incorporate image analysis tools, based on increasingly sophisticated machine learning algorithms, that flag forged, altered, or counterfeit checks, incorporate check fraud data from consortia, and reference a depositor’s patterns of behavior while taking inputs from different deposit channels.

ACH

The ACH networks process by far the most transactions of any rail. FedACH processed 20.1 billion items in 2024, and The Clearing House’s EPN processed 20.7 billion transactions. ACH fraud isn’t as pervasive as check fraud, however: Depository institutions filed 204,927 suspicious activity reports (SARs) for ACH in 2024, up from 143,269 in 2020. They reported 521,036 check-related SARs in 2024, up from 216,963 in 2020, on lower volume. But faster payments leave less time to claw back a transaction: NACHA estimates that about 80% of ACH network volume settles in one day or less. More sophisticated account takeover protections and machine learning-driven payment fraud detection have made ACH fraud more difficult despite the high transaction volumes.

Real-time payments

Batch-based fraud systems and manual reviews characteristic of check, ACH, and wire fraud management are not sufficient for real-time payments. Key factors influencing fraud systems designed for real-time payments are, first, which institutions originate real-time payments and their risk tolerance, and the overall modernization of transaction fraud software. Low transaction volume relative to other rails creates a low base for fraud (FedNow processed 1.51 million payments in 2024, totaling $38 billion, and RTP processed 343 million payments in 2024, totaling $246 billion). The high volume of real-time payments originated by the largest FIs (TCH-owner banks among them) lends itself to custom fraud solutions, but as other institutions warm to sending real-time payments, third-party solutions should become more popular.

Wires

For FIs that don’t process many wires, there hasn’t been a strong need for wire transfer fraud systems to evolve. Not much on the backend has changed since the mid-1990s, and the FedWire and CHIPS (TCH) networks are still characterized by few transactions, high average transaction value, and intensive manual fraud checks. (In 2024, FedWire initiated 209.9 million transfers with a $5.4 million average value, and TCH’s CHIPS processed 142.0 million total transactions with a $3.3 million average value). But wires are susceptible to push-payment fraud like other electronic payment channels, and modern fraud prevention systems add layers of authentication and integrate sophisticated identity tools to verify the payor and payee.

Cards

According to network rules, liability for potential losses related to card fraud differs for issuing banks, acquiring banks, and merchants, which then dictates the fraud systems they need. Changes to liability, card security, and use of payment channels complicate different players’ needs. (This Sector Spotlight focuses on solutions that are most appropriate for banks involved in card transactions.) Issuers’ adoption of EMV chips in the last decade has lowered the risk of card-present fraud, and merchants have generally been liable for card-not-present fraud. But systems must still detect unusual card-present behavior, and banks need to meet requirements for the 3D Secure authentication protocol.

Transaction fraud systems vendor snapshot

Fraud solutions are typically designed around the types of fraud they handle. Companies frequently offer fraud solutions for more than one payment rail, and features may be offered as modules for an enterprise fraud solution. A bank or credit union’s choice of payment fraud systems depends on its business and functional requirements; payment fraud prevention needs are typically based on rails offered and payment volume.

Here’s a snapshot of transaction fraud systems. The list is representative, and our analysis is based on the best available public information:

• Abrigo: Abrigo, formed in 2019 through the merger of Banker’s Toolbox, Sageworks, MainStreet Technologies, and Farin, delivers fraud detection as part of its broader risk and compliance suite aimed at community FIs. Abrigo supports check, ACH, and wire fraud detection.

• ACI Worldwide: ACI Worldwide, founded in 1975, launched the latest iteration of ACI Fraud Management in 2020. ACI’s global customer base includes large FIs, payment processors, and infrastructure providers, and it supports payment rails in multiple jurisdictions.

• Alkami: Alkami, founded in 2009, offers check and ACH positive pay tools through its digital banking suite. These tools are designed for business banking clients of community and regional institutions. Alkami does not provide a dedicated fraud detection engine but integrates with partner platforms to extend its capabilities.

• Advanced Fraud Solutions: Advanced Fraud Solutions, which was founded in 2007, delivers a suite of payment fraud detection tools tailored to mid-sized banks and credit unions. Its product line includes TrueChecks, TrueACH, and TrueWire.

• DataVisor: DataVisor was founded in 2013. It first targeted social platforms and technology companies and later expanded to service FIs. Its fraud platform uses machine learning to detect anomalies in ACH, card, wire, and real-time payment activity.

• Feedzai: Feedzai, founded in 2011 in Portugal, launched its RiskOps fraud prevention platform in 2021. Its platform supports fraud detection across checks, ACH, real-time payments, wires, and cards. Feedzai is used by banks, card issuers, and payment processors across North America and Europe.

• FICO: FICO, founded in 1956 as Fair Isaac Corporation, was a pioneer in credit scoring and has since expanded its offerings, including into fraud management. Its system, called Falcon, supports credit and debit card fraud detection, wire transfers, and real-time payments, but advertises a focus on credit cards.

• Fraud.net: Fraud.net was founded in 2016 to provide cloud-based fraud and anomaly detection using device, network, and behavioral intelligence. Its platform supports transaction screening for ACH, wire, real-time, and card payments and is used by a mix of FIs and merchants. It offers a no-code rules engine and integrated case management that enable customers to centralize fraud prevention across departments and channels.

• HAWK: HAWK, founded in Germany in 2018 as HAWK:AI, is a real-time AML and fraud detection platform that supports check, ACH, real-time payments, and cards using streaming analytics to flag suspicious behaviors as transactions occur.

• NICE Actimize: NICE has offered enterprise fraud and financial crime management solutions since acquiring Actimize in 2007. The Integrated Fraud Management platform provides cross-channel protection across checks, ACH, wires, and cards, and is widely used by top-tier and regional banks.
• OrboGraph: OrboGraph, which was founded in 1995 in Israel, was acquired by and partially integrated with Revenue Management Solutions in 2022. The Orograph brand is semi-independent and specializes in check processing and check fraud prevention.
• Outseer: Outseer is RSA’s Fraud and Risk Intelligence unit spun out in 2021 and rebranded. Its platform uses behavioral biometrics and transaction risk scoring to prevent card-not-present and digital banking fraud. Outseer counts domestic and global FIs as customers.

• Plaid: Plaid, founded in 2013, introduced Signal in 2022 to help fintechs and banks assess the risk of ACH returns. Signal generates risk scores based on connection history in the Plaid network, customer account use, past transactions, and customer identity data.

• Sardine: Sardine, founded in 2020, offers a risk decisioning, fraud prevention, and AML platform. The system monitors identity data, device profiles, and transaction behavior in real time and uses a machine learning model to identify and stop fraud.

• SAS: SAS launched SAS Fraud Management, which it developed with HSBC to check credit card transactions for fraud, in 2007. Today’s platform covers many rails, now including check, ACH, real-time payments, and wire transfers, and cards. It is used by some of the world’s largest banks.

• SQN Banking Systems: SQN Banking Systems, which the company says introduced the first PC-based signature verification system, now specializes in managed fraud solutions for FIs. Its SaaS product, SENTRY, supports fraud detection for checks, ACH, wire, and debit cards.

• Unit21: Unit21, which was founded in 2018, offers a no-code fraud management and AML platform tailored to fintechs and, increasingly, traditional FIs. Its tools allow institutions to monitor ACH, check, and real-time payments using customizable rules.
• Verafin (Nasdaq): Verafin, a Nasdaq subsidiary that was founded in 2003 and acquired in 2021, offers an integrated fraud and AML platform for FIs. A top selling point is the volume of data from a consortium that it orchestrates to support detection and prevention for checks, ACH, wires, cards, and real-time payments.

What to look for in transaction fraud systems

Fraud systems for FIs vary; they span from single-rail point solutions to enterprise fraud systems. Features to watch for in all of them include:

• Target market: Most payment fraud systems are offered primarily to either FIs or merchants. Data providers supply both.
• Rails: Fraud detection capabilities tailored to each rail’s unique risks, the institution’s volume on each rail, and what must be automated to be efficient.
• Data integration: Ingests and effectively uses fraud signals supplied by consortia of FIs and, in the case of credit and debit cards, the networks.
• Real-time scoring and risk decisioning: Supports immediate risk analysis of users and transactions, making it suitable for faster and real-time payments.
• Alerting and case management: Allows analysts to pick alerts, triage them efficiently, and quickly review potentially fraudulent activity.
• Device and behavioral intelligence: Monitors device, location, and usage patterns for continuous authentication.
• Machine-learning models: Uses sophisticated machine learning algorithms to automate the detection and prevention of fraud while still giving analysts control.

The Case for Best of Suite

By: Kate Drew

July 9, 2025

When I started my first job as an equity research analyst years ago, our training director gave me a piece of advice. He said, “It’s better to be wrong with The Street than to be wrong on your own.” He was telling me not to bet against the pack, even if I had a good reason to.

Why not? Too risky.

This is an idea I think many bankers feel deeply. In a highly regulated industry, it can be terrifying to break away from established technologies, those employed by your peers, even if doing so promises benefits. This is why, despite plenty of conversation around best of breed technology approaches — by which a bank gets its technology from an array of handpicked providers — many community banks still opt for best of suite, meaning they get their technology largely from a handful of well-known vendors.

Industry observers and consultants will often talk about best of breed as the future and best of suite as the past. Best of suite gets a bad rap as outdated and not sustainable. I’ve talked about this myself, and I do think it’s probably true at a high level. But there is nuance in this discussion that often gets left out — past and future is too simplistic; it’s more about who you are as a bank and what works for your institution. For example, for an institution with limited resources, managing the complexity and risk associated with a multipronged vendor strategy may simply be too much. And that’s okay.

The bigger question should be, “What technology stack do I need to support my business strategy?” Every bank is about 90% the same and 10% unique. That 10% is where the future lies. Figure that out, and how to support it from a technology perspective, and you’ve got a real shot at thriving long term. If you’re an institution that can accelerate that 10% through best of suite, then that’s your answer.

However, in taking such an approach, your choice of vendors becomes very, very important. You’ll need to look for providers that are strategic, able (and willing) to co-create with their clients, and build to an agile yet rich roadmap. Additionally, you’ll need to have a clear vision of your own strategy and be able to articulate the bank’s technology needs. Tight integration between your business strategy and your technology strategy is key.

Now, I don’t think the advice I received was totally right. There are certainly instances where breaking from the pack is warranted in different contexts or we’d never have any innovation at all. But, sometimes, it does make sense. My goal is to let any bank struggling with this, any institution feeling that an inability to evaluate and manage a portfolio of vendors is holding its business back, that you’re not necessarily behind the curve. What makes an institution ahead or behind is very much specific to that institution and whether it’s done the strategic work necessary to support a long-term future. From that perspective, technology is the easy part. Once you know what you need, you can go and get it — no matter who it’s from.