Fraud Has Become an Identity Problem

Fraud in consumer lending is getting harder to think about the old way. The challenge is no longer just spotting a suspicious transaction. Increasingly, banks have to ask a more basic question first: is the customer really who they appear to be? 

Cristian deRitis of Moody’s Analytics and Subbu Narayanaswamy of Wells Fargo point to a practical consequence: banks need to rethink where fraud sits in the lending process and how much friction they are willing to impose in trying to stop it. 

A few ideas stand out: 

The old fraud playbook is under pressure. DeRitis said fraud has always been part of the business, but AI and other technologies have made it “much easier” to commit and harder to detect. Synthetic identity fraud, in particular, is now “much easier, much more diffuse” than in the past. That puts banks in a tricky position. As deRitis put it, “It’s a very difficult balancing act.” Tighten defenses too much, and legitimate customers struggle to interact. Loosen them too much, and losses rise. 

The patterns can look different than they used to. Narayanaswamy pointed to several examples. In synthetic identity fraud, a criminal can pair a real Social Security number and date of birth with a fake name and address, build credit slowly across accounts, then disappear after maxing out the lines. In first-party fraud tied to point-of-sale lending, the identity may be real, but “there is no willingness to pay.” And in account takeover, a fraudster can obtain a legitimate customer’s credentials and redirect a loan disbursement to a mule account before the real customer realizes anything is wrong. 

Synthetic fraud flips the model. Narayanaswamy said older fraud systems were built around the idea that “a legitimate user is initiating a suspicious transaction.” Today, he argues, the pattern is often reversed: “The user isn’t legitimate, but the transaction seems legitimate.” That is why fraud can no longer be treated as a narrow back-end screening function. The risk begins earlier, at account opening and underwriting, where banks are trying to determine whether the borrower is real in the first place. 

Fraud now has to be embedded into the flow. Narayanaswamy said fraud “used to be a separate layer,” but now it is “embedded into this entire underwriting flow.” That is a significant shift. It means fraud detection has to sit inside credit decisioning, identity verification, and broader risk management rather than alongside them. 

AI cuts both ways. DeRitis said banks are adopting new AI tools as quickly as possible to stay ahead. But Narayanaswamy also raised the obvious question: is AI helping with fraud mitigation, or “is it actually proliferating fraud?” 

The takeaway: Fraud has become less about suspicious payments and more about suspicious identities. For banks, that means the strongest defenses will come less from a stand-alone fraud layer than from a tighter connection between identity, underwriting, and risk management. 

For institutions looking to strengthen that response, ProSight’s Fraud Alert Network offers a way to share intelligence, receive timely fraud alerts, and connect with verified fraud prevention peers across the industry.