The financial sector is in a technological arms race against increasingly sophisticated fraud, driven in large part by the pervasive application of Artificial Intelligence.
As fraudsters leverage AI to scale and precision-target their attacks, regulators worldwide are taking notice, signaling a fundamental shift towards tougher standards for financial institutions regarding scam prevention and customer protection.
This evolving landscape is set to impact not just consumer payments, but high-value commercial transactions as well.
To delve deeper into these critical developments, we spoke with Dalit Amitai, Head of Risk and Fraud Technology at global payment company Bottomline.
Dalit offers insights into how AI is reshaping the fraud landscape, the implications of new regulatory initiatives, and what the U.S. can learn from global models in the fight against financial crime.
Our conversation with Amitai is shared below.
Crowdfund Insider: Can you explain how AI is fundamentally altering the banking fraud landscape in real time, particularly for commercial payments?
Dalit Amitai: Absolutely. AI is a dual-edged sword. While it offers incredible potential for legitimate financial innovation, it’s also being weaponized by fraudsters to an unprecedented degree. The core methods of fraud, like Business Email Compromise (BEC), account takeovers (ATO), or social engineering, aren’t new. What AI changes is their scale, precision, and believability.
A fraudster no longer needs to craft one convincing phishing email at a time—they can use AI to generate thousands of highly targeted, nearly perfect fakes. These can include emails, spoofed websites, deepfake audio, and more.
Commercial payments used to be seen as relatively safe because of stable vendor relationships and predictable patterns. That perception is rapidly changing. Fraudsters now mine business data to impersonate vendors, hijack payment instructions, or mimic executive communication styles with alarming accuracy.
This isn’t just about individual AI use cases; it’s a systemic shift in how fraud is perpetrated across the entire interconnected financial ecosystem. We’re moving from a world of sporadic, detectable attacks to one of constant, highly sophisticated, and integrated threats.
Crowdfund Insider: There’s growing bipartisan support for a payments fraud task force in the U.S., and the Federal Reserve just proposed new actions to address check fraud. Why do you see this as the beginning of tighter expectations for financial institutions?
Dalit Amitai: For too long, the primary burden of B2B fraud losses has fallen on commercial entities, unlike the more consumer-centric protections and liabilities seen in retail banking. However, as AI-powered fraud makes these high-value commercial transactions increasingly vulnerable, that imbalance is becoming unsustainable.
The regulators are recognizing that the scale of fraud, particularly authorized push payment (APP) fraud where a victim is tricked into sending money to a fraudster, is escalating across all payment types. While the initial focus of the Federal Reserve’s consultation is on check fraud – which remains a persistent and costly problem, the broader language around “payments fraud” and “exploring stronger data-sharing, oversight, and AI-driven detection frameworks” signals a much wider ambition.
This move is a strong indicator that regulators will likely reassess where the highest dollar-value risks lie and impose more prescriptive fraud prevention obligations across the board. The traditional assumption that businesses have sophisticated internal controls to prevent fraud may be increasingly challenged in the face of AI-driven attacks.
This isn’t just about financial losses; it’s about maintaining trust in the payment system itself. When a business loses a significant amount to fraud, it also impacts its reputation and its ability to operate effectively, and that can have ripple effects through the economy. So, yes, I believe this task force and new proposals are just the tip of the iceberg, foreshadowing a fundamental shift in regulatory expectations for all financial institutions.
Crowdfund Insider: The U.K. has implemented “Confirmation of Payee” (CoP), and the EU is mandating “Verification of Payee” (VoP). What are these global models, and what might U.S. regulators borrow from their approaches to enhance fraud prevention, especially for B2B transactions?
Dalit Amitai: Confirmation of Payee (CoP) and Verification of Payee (VoP) are pre-payment name-matching systems. Before funds are sent, the payer’s bank verifies whether the name provided matches the actual name on the recipient’s account.
CoP was launched in the U.K. in 2020 and is now used in over 99% of Faster Payments. It has helped reduce Authorised Push Payment (APP) fraud and mistaken payments significantly. The EU’s VoP mandate, effective October 2025, will require similar safeguards across the SEPA region.
The U.S. can learn a lot from these models. First, they’re proactive rather than reactive. Instead of chasing funds after fraud occurs, they prevent misdirected payments in the first place. Second, they emphasize shared responsibility across financial institutions. And third, they rely on real-time verification and standardized data-sharing—elements the U.S. is moving toward with initiatives like FedNow.
Incorporating these features, especially for high-value B2B payments, could dramatically reduce fraud from tactics like BEC or invoice redirection.
Crowdfund Insider: Given the escalating sophistication of AI-powered fraud, what constitutes an effective, multi-layered defense for banks today, and how does this go beyond just deploying AI solutions?
Dalit Amitai: It’s critical to understand that AI alone is not a silver bullet. An effective defense against AI-powered fraud must be multi-layered, combining advanced technologies, robust governance, and human expertise. Effective fraud prevention requires a layered defense strategy that includes adaptive AI, robust governance, and collaborative intelligence.
First, adaptive AI is essential. Banks need machine learning systems that evolve as fraud patterns change. These models should learn from each incident and adjust accordingly, rather than rely solely on static rules.
Second, explainability and fairness must be baked into the system. Regulators will demand to know how decisions are made. Algorithms must be auditable, non-discriminatory, and secure. And customer data must stay protected at all times—inside the institution’s firewall.
Third, institutions need systems that integrate intelligence from multiple sources. Fraud doesn’t just show up in one channel. If you can correlate anomalies across login behavior, payment activity, and third-party data, you build a more accurate and resilient risk profile.
Lastly, collaboration is powerful. Banks that partner with payment service providers (PSPs), independent software vendors (ISVs), and other institutions can share anonymized fraud data. That “community sharing” creates a network effect, amplifying everyone’s defenses. Open platforms and interoperability make this possible. It’s one of the strongest tools we have to fight AI-powered fraud.
Crowdfund Insider: What role do you see for industry standards and regulation in shaping the next era of fraud prevention?
Dalit Amitai: Regulation will drive a lot of change. As AI-driven fraud increases and affects more critical transactions, regulators won’t just encourage better controls—they’ll start requiring them. That includes clearer standards around AI transparency, mandatory data-sharing protocols, and possibly even liability shifts.
Just look at the U.K.’s “Failure to Prevent Fraud” law. It mandates that large businesses must prove they took adequate steps to stop fraud. I wouldn’t be surprised to see a U.S. equivalent emerge, perhaps starting with sectors most impacted by APP fraud.
At the same time, industry-led standards will matter just as much. There’s room for fintechs, banks, and PSPs to align on interoperable tools, common APIs for verification, and shared datasets for threat intelligence. Regulation may set the floor, but industry collaboration will raise the ceiling.
Crowdfund Insider: What should institutions be doing now to prepare for this next phase of AI-driven fraud and regulation?
Dalit Amitai: The institutions that thrive will be those that invest early in resilience.
That means:
Deploying explainable, adaptive AI
Integrating fraud signals across systems and vendors
Participating in data-sharing ecosystems
Updating governance frameworks for faster incident response
This is about more than fraud prevention. It’s about earning and keeping customer trust in a fast-changing environment. With regulatory expectations rising, proactive institutions will be better positioned to protect their clients, reputations, and bottom line.
The AI arms race in fraud is real, and it’s accelerating. But so is the opportunity to lead through innovation and cooperation. Now is the time to act.