Payment fraud continues to rise in 2025, with platforms like Cash App under scrutiny after its parent company, Block, agreed to pay up to $255m to settle claims of inadequate fraud prevention. These incidents are not isolated—they reveal systemic weaknesses in onboarding, transaction monitoring, and document verification that allow criminals to exploit FinTech platforms at scale.
According to Resistant AI, fraud often begins at the first touchpoint: onboarding. Criminals bypass identity checks with forged documents, stolen credentials, or synthetic identities to gain access. Once inside, they move swiftly—using mule networks and system loopholes to initiate and launder fraudulent transactions. The most effective way to counter this is through a layered approach: integrating secure onboarding, document fraud detection, and intelligent transaction monitoring.
At its core, payment fraud refers to deceptive, unauthorised financial activity, usually involving stolen, forged, or AI-generated identities. The distinction between “fraud” and broader financial crime is blurring, with tactics such as APP (authorised push payment) scams increasingly involving money laundering structures and mule accounts.
Fraud at the onboarding stage is particularly dangerous. It allows criminals to pass KYC/KYB checks, giving them a blank slate to operate. These attacks often rely on document alteration, stolen data, or synthetic personas built using AI tools. Without advanced fraud detection software, platforms remain exposed.
Once inside, attackers launch transactional fraud—using the platform’s speed and ease-of-use to route stolen funds through shell accounts and third parties. AI-driven transaction monitoring is crucial here. It detects behavioural anomalies and connects weak signals across time, outperforming rigid, rules-based systems that often miss sophisticated schemes.
The fraud landscape has industrialised. Attackers now operate like tech startups—using automation, AI, and social engineering at scale. They pose as freelancers, vendors, and gig workers, often with convincing documents or manipulated digital identities. Neobanks and new platforms, due to high onboarding volumes, are especially vulnerable, although even established banks face growing challenges.
Platforms relying on manual reviews or inflexible rules are struggling. Criminals use shell accounts, jurisdictional gaps, and speed to vanish before being caught. Meanwhile, heavy-handed rules introduce friction for legitimate users without effectively curbing fraud. The financial cost is immense. From 2023 to 2028, global payment fraud losses are projected to exceed $362bn, with P2P fraud surging and APP scams now accounting for 75% of digital banking fraud losses.
The UK is one of the first to take decisive regulatory action. New rules enforced by the FCA and PSR require payment providers to reimburse victims of APP fraud. This shared liability between sending and receiving institutions marks a major shift and forces platforms to upgrade their controls or face reputational and financial consequences.
Fraud today comes in many forms—APP scams, identity theft, chargeback fraud, mule networks, and account takeovers. Each exploits a different vulnerability and requires a tailored defence. APP scams in particular are surging, with UK Finance reporting £459m in losses in 2023. Mule scams and synthetic identity abuse are also growing threats, particularly due to AI-driven automation.
The reputational stakes are high. When platforms fail to stop fraud, they face customer churn, scrutiny from regulators and partners, and the risk of being blocked by banks. As Resistant AI’s AML solution engineer Lucie Novotná warned, banks may block payment platforms entirely due to perceived fraud risk, even when the majority of users are legitimate.
Criminals are getting more sophisticated in how they forge documents—using Photoshop, AI tools, and even physical edits to fool digital verification systems. Common fraudulent documents include fake passports, utility bills, business certificates, and deepfaked ID selfies. These are used in both KYC and KYB processes to create shell businesses and false identities.
The solution? A multi-layered fraud defence. First, platforms must secure onboarding with document fraud detection and forensic checks. Then, AI-powered transaction monitoring is needed to detect behavioural anomalies. Combining these layers creates a defence system that evolves with emerging threats.
Platforms like Payoneer are already seeing results. By integrating Resistant AI’s document analysis, they reduced manual reviews by 90% and prevented synthetic identity fraud before it could affect the platform.
Fraud has evolved into a scalable, AI-powered industry. Platforms must now match that pace with equally adaptive technologies. AI doesn’t just catch more fraud—it preserves customer trust, reduces manual workloads, and helps FinTechs meet compliance obligations with fewer trade-offs.
To build fraud resilience, platforms must address challenges in identity verification, transaction visibility, scale, infrastructure, and regulatory pressure. Preventing fraud isn’t just about stopping theft—it’s about securing platform growth, maintaining trust, and proving credibility to regulators and partners alike.
Copyright © 2025 FinTech Global
