Fraud is becoming more widespread, more adaptive and more difficult to contain, and financial institutions are responding by reshaping the way detection, prevention and customer protection are integrated across payment systems.
Federal Reserve Financial Services Risk Officer Surveyreleased Tuesday (April 28), based on responses from more than 400 organizations, offers a system-level look at this pressure. The central bank found that fraud is increasing across debit, check, ACH and wire channels, driven by sophisticated criminal tactics, increased digital exposure and persistent fraudulent activity that exploits consumers and institutions alike.
Debit card fraud remains nearly universal, while check fraud has continued to resurface for several years. At the same time, organizations have reported increased exposure to account holder fraud, business email compromise, and unauthorized debits within ACH activity, along with ongoing fraud associated with account takeover and exploitation networks.
The survey confirms that there is no major category of fraud that is declining. As a result of this upward trajectory, organizations face a pattern of cumulative pressures in which multiple factors, including impersonation and credential compromise, progress simultaneously.
Operationally, the pressure is compounded by detection challenges. Many organizations continue to identify fraudulent activity only after losses have occurred, particularly in the case of fake accounts, as funds are often exhausted before intervention is possible.
PYMNTS confirms unauthorized access
PYMNTS intelligence findings reinforce and expand the scope of the Federal Reserve’s observations. ““State of Fraud and Financial Crime 2025” In the US report, which was done in collaboration with Block, it was found that unauthorized party fraud now accounts for 71% of incidents and losses, reflecting a shift towards account takeover and credential abuse.
Advertisement: Scroll to continue
This development signals a change in how fraud operators operate. Instead of relying primarily on manipulating legitimate users to initiate transactions, attackers gain access to accounts and initiate activity directly. This distinction changes the defensive posture required of financial institutions, where prevention must occur early in the interaction and often before the transaction begins.
The consequences extend beyond financial loss. PYMNTS Intelligence reports that half of organizations experience negative impacts on customer loyalty, while significant shares point to reputational damage and lost business opportunities.
The Fed’s survey aligns with these findings by highlighting the rise in impersonation fraud and credential-based attacks across payment channels. Both sets of data point to identity and access to the central battlefield.
Technology as a defense
In the face of these pressures, financial institutions are increasing their reliance on technology to identify and mitigate fraud. PYMNTS Intelligence reports that 68% of organizations have increased spending on fraud detection, reflecting a shift toward AI-based approaches and behavioral analytics.
These tools are designed to operate continuously, analyzing transaction patterns, user behavior and contextual signals to identify anomalies that may indicate account takeover or fraudulent intent. The goal is to move from reactive identification to early detection during the transaction lifecycle.
The Fed’s survey identifies similar approaches. Organizations cite real-time monitoring alerts, enhanced authentication controls, and machine learning models as key components of their fraud mitigation strategies.
Additional measures include biometric verification, transaction monitoring and customer education aimed at reducing exposure to social engineering attacks.
At the same time, the survey underscores ongoing restrictions. Detection processes remain largely manual in many organizations, system integration challenges delay response times, and information sharing across organizations is often restricted. These factors contribute to delayed identification and reduced cure rates.
From fragmented defenses to integrated systems
The combined results suggest that the central issue is not simply the presence of fraud, but rather the fragmentation of defenses. Effective mitigation requires coordination across systems, channels, and organizations, as well as alignment between detection tools and operational processes.
Organizations that rely on siled controls or post-transaction review are less likely to contain losses in an environment where fraud occurs quickly and across multiple touchpoints. In contrast, those that integrate analytics, monitoring and response into a continuous process are better positioned to identify and address threats before they escalate.
