AntiFraud.es / Case Studies / APP Fraud — Retail Banking
🏦 Retail Banking

APP fraud strategy overhaul for international bank

End-to-end redesign of authorised push payment fraud controls — combining ML transaction monitoring, behavioural analytics, and precision customer friction.

−28%
Fraud losses in 6 months
+9pts
Legitimate approval rate
6mo
Time to measurable result
€18M
Annual fraud exposure addressed

The challenge

The client — a mid-sized international bank with operations across three European markets — was experiencing a sharp escalation in authorised push payment (APP) fraud losses. Criminals were exploiting the bank's fast-payment rails and targeting customers through sophisticated impersonation attacks: fake bank staff calls, investment scam platforms, and purchase fraud across digital channels.

The existing fraud controls were rule-based and largely reactive. The bank's fraud team was overwhelmed with manual review queues, false positive rates were eroding customer experience, and the business was under pressure from regulators following the EBA's updated APP fraud guidelines. A fundamental rethink was needed — not just new rules, but a new strategy.

Diagnosis

The engagement began with a six-week forensic review of the bank's fraud control environment. This covered transaction monitoring architecture, customer authentication journeys, friction strategy, operational workflows, and data infrastructure. Key findings included:

  • Rule-based detection was generating a 34% false positive rate, causing significant operational cost and customer friction at legitimate payment points
  • No behavioural analytics were in place — the bank had no visibility on anomalous session behaviour, device changes, or social engineering indicators prior to payment initiation
  • Customer intervention (friction) was applied uniformly rather than risk-calibrated, meaning high-risk payments received the same treatment as routine ones
  • There was no feedback loop between fraud confirmed losses and model updates — the detection system was not learning
  • APP scam typologies in the bank's own data were not systematically categorised, making root cause analysis and trend detection impossible

"After implementing their fraud strategy, we saw a 28% reduction in fraudulent transactions within just 6 months, while significantly improving our legitimate customer approval rates."

— Chief Risk Officer, International Banking Group

The solution

The engagement delivered a three-layer fraud strategy redesign over a six-month programme:

1

ML-based transaction risk scoring

Replaced static rule thresholds with a gradient-boosted transaction risk model trained on 18 months of labelled fraud data. The model incorporated 140+ features including payment velocity, beneficiary network analysis, device fingerprinting signals, and time-of-day patterns. This reduced false positives by 41% while improving fraud catch rate.

2

Pre-payment behavioural analytics

Deployed session-level behavioural monitoring to detect social engineering indicators before payment initiation: unusual navigation patterns, extended call-in-background signals, rapid beneficiary addition followed by immediate payment, and device/location anomalies. High-risk sessions triggered targeted interventions before the customer reached the payment screen.

3

Risk-calibrated friction strategy

Redesigned the customer intervention framework to match friction level to risk score. Low-risk payments proceeded seamlessly. Medium-risk triggered smart friction — targeted warnings about specific scam types detected. High-risk triggered delay, additional authentication, and warm transfer to the fraud prevention team. This reduced unnecessary friction for 94% of legitimate customers while strengthening protection for high-risk payments.

−28%
Fraud losses
−41%
False positives
+9pts
Approval rate

Operational transformation

Alongside the technical controls, the engagement delivered a complete operational redesign. This included a new fraud taxonomy aligned to the bank's actual loss data, a real-time management dashboard for the fraud operations team, an escalation framework for complex APP cases, and a training programme for frontline staff on social engineering recognition.

A continuous improvement loop was established: confirmed fraud cases were automatically fed back into model retraining on a weekly cycle, ensuring detection capability evolved as attack patterns changed.

Regulatory alignment

The new framework was designed from the outset to be aligned with EBA APP fraud liability guidelines and Banco de España expectations. Documentation of the risk model, governance structure, and customer communication approach was prepared for regulatory review, resulting in a clean assessment from the supervisory authority within three months of deployment.

Related case studies

⚡ Fintech

Identity fraud framework for high-growth neobank

Synthetic identity & deepfake detection — €4.2M saved in year one.

 🛒 E-commerce

CNP fraud reduction for major European retailer

−44% chargebacks, +12% revenue. 3-month payback period.

 🛡️ Service

Fraud Strategy Consulting

End-to-end fraud strategy design for financial institutions.

Engagement snapshot

6mo
Programme duration
€18M
Annual fraud exposure
140+
Model features deployed
3
European markets covered

Fraud types addressed

APP / Wire fraud Impersonation Investment scams Purchase fraud Romance scams

Capabilities delivered

ML risk scoring Behavioural analytics Friction strategy Fraud taxonomy Ops dashboard Regulatory docs

Facing similar challenges?

Let's discuss your APP fraud exposure in a confidential call.

Get in touch →