What Fraud Teams Are (and Aren’t) Testing Today
During a recent webinar with fraud and risk leaders, we ran a few interactive polls to better understand where organizations are today and what’s causing the most concern looking ahead. The results were telling, and we wanted to share a quick snapshot with you.
Here’s what we heard:
1) Most organizations are still reactive
When asked about their approach to fraud testing, the majority of respondents said they primarily rely on losses, alerts, and incidents. Only a small number reported having a formal Fraud Red Team program in place, with many still exploring or running limited proactive testing.
2) Budget and prioritization are the biggest blockers
The top barrier to testing fraud controls in production wasn’t fear of customer impact or regulation – it was budget constraints and competing priorities. Operational complexity and approval processes followed close behind.
3) AI-enabled fraud is the top concern
When looking ahead to the next 12 months, AI-enabled fraud (deepfakes, bots, and automation) ranked as the biggest worry – well ahead of traditional fraud types like ATO and payment fraud.
The takeaway:
There’s a clear gap between what fraud teams are worried about and what they’re currently able to test and validate. As attacker capabilities evolve (especially with AI) many controls that look strong on paper haven’t been pressure-tested against real-world behavior.
Missed the live session?
If you weren’t able to attend the webinar, you can watch the full recording here to hear the discussion and see the poll results in real time:
To learn how organizations are using Fraud Red Team testing to close this gap, download our Fraud Red Team datasheet here: