#54 - 99% of fintechs have this fraud blind spot

Here's a conversation I had last week with a fintech founder:

Me: "Walk me through what happens when someone signs up and makes their first transaction."

Founder: "Our KYC vendor scores them at signup. If they pass, they're in. Then when they transact, our payment fraud system scores the transaction."

Me: "Do these two systems talk to each other?"

Founder: "What do you mean?"

Me: "Can your payment fraud system see that this user barely passed KYC 10 minutes ago with a risk score of 78?"

Long silence.

Founder: "No. Should it?"

Yes. It absolutely should.

The most common fraud blind spot

I see this everywhere.

Most Fintechs organize fraud prevention into two separate silos:

Identity fraud - happens at signup. A user creates an account with a stolen or synthetic identity. This is your KYC team's problem. They use identity verification vendors, document checks, liveness detection, risk scoring.

Payment fraud - happens at transaction. A user uses a stolen card or bank account to make a purchase. This is your payments/risk team's problem. They use transaction monitoring, device fingerprinting, behavioral analytics.

Two teams. Two different sets of vendors. Two completely separate data streams.

On the surface, it might make sense.

The problems happen at different points in the customer journey–signup versus transaction. 

But in reality, things are more complex than that.

It’s likely that the business started with a KYC team because they had to. Payment fraud? That was a late addition, possibly a reaction to a painful fraud attack.

As payment fraud requires technological solutions rather than manual ones, they end up on different teams.

And so you see many Fintechs where Identity fraud rolls up to the COO, and Payment fraud lives under the CFO or CPO.

It doesn’t help that the vendors themselves are often structured this way. You've got identity verification vendors and you've got payment fraud vendors. Rarely do they overlap.

So of course you end up with two separate fraud domains. It's the path of least resistance.

Why is that a problem?

It’s not a problem. It’s four problems:

Problem 1: Fraud falls between the cracks

A fraudster creates an account. Your KYC system scores it 68/100 - medium-high risk, but under your 75 threshold. The account is created.

Ten minutes later, they make a $1,500 wire. Your payment fraud system scores it 72/100 - again, medium-high risk, but under your 80 threshold. The transaction is approved.

Your identity team says: "They passed KYC, we don’t know what they do after."

Your payments team says: "We only see the transaction, our data is limited."

Problem 2: GenAI just made this worse

You know what's been happening in the last 18 months?

Fraudsters can now bypass KYC checks for $150-300 per identity. 

They're using GenAI to create deepfake liveness checks, generate synthetic IDs with complete documentation, and even manufacture credit histories.

Your KYC vendor's job just got exponentially harder, which means more fraud is slipping through at signup with "acceptable" risk scores.

Problem 3: You're buying duplicate capabilities

Are you using the same device fingerprinting vendor for both signup and payments?

Are you using the same entity intelligence vendor for both events?

If the answer is “no,” you’re likely over-investing in your fraud capabilities without getting anything in return.

Remember: It’s not about the cost per check. It’s about managing different vendors, integrating conflicting data, and further isolating your teams.

Problem 4: Fraudsters don’t care your fraud teams are siloed

Let's step back for a second.

A fraudster buys a stolen identity kit. Creates an account. Passes your KYC. Adds a payment method. Makes a purchase. Cashes out.

It takes them 15-20 minutes.

From their perspective, this is a single, continuous attack.

Fraudsters don't respect your org chart. They don't care that your identity team and payments team don't talk to each other. They don't care that your vendors are siloed.

Addressing the gap without drama

I can hear you thinking:

“That’s great and all, but should I now restructure my organization to solve this? Should I rip out vendors who are working just fine? C’mon I have better things to do this quarter.”

And you would be right in thinking that. But you can also start small:

Build a data bridge. Create a lightweight service that captures risk signals from signup and passes them to your payment fraud system: risk scores, consortium data, device telemetry, etc.

Unify orchestration. If you use any orchestration platform on either team, consider expanding its use across the other domain as well. Using one platform to access different vendors is cheaper and easier.

Make one person accountable. Stop splitting accountability between separate teams. Assign a fraud leader responsible for losses across the entire customer journey. Let them figure out how to connect the dots.

How does your fraud organization handle this? Are identity and payments connected or siloed? Hit reply and tell me - I'm curious if anyone's actually solved this well.

In the meantime, that’s all for this week.

See you next Saturday.

P.S. If you feel like you're running out of time and need some expert advice with getting your fraud strategy on track, here's how I can help you:

Free Discovery Call - Unsure where to start or have a specific need? Schedule a 15-min call with me to assess if and how I can be of value.
​Schedule a Discovery Call Now »​

Consultation Call - Need expert advice on fraud? Meet with me for a 1-hour consultation call to gain the clarity you need. Guaranteed.
​Book a Consultation Call Now »​

Fraud Strategy Action Plan - Is your Fintech struggling with balancing fraud prevention and growth? Are you thinking about adding new fraud vendors or even offering your own fraud product? Sign up for this 2-week program to get your tailored, high-ROI fraud strategy action plan so that you know exactly what to do next. ​
Sign-up Now »

Enjoyed this and want to read more? Sign up to my newsletter to get fresh, practical insights weekly!