Skip to main content
Contact
Submit RFP

      Banks today are confronted with increasingly complex forms of fraud. This is because the use of artificial intelligence (AI) in particular not only opens up new opportunities for the institutions themselves, but also new areas of attack. AI-supported methods such as deepfakes or social engineering are becoming increasingly sophisticated and more difficult to recognise.

      Online banking and instant payments in particular, i.e. transfers in real time, pose an increased risk: payments are executed within seconds, while the time available for verification mechanisms is decreasing. Added to this are new European requirements such as the Instant Payment Regulation (IPR), the Payment Services Directive 3 (PSD3) and the Payment Services Regulation (PSR), which impose obligations on banks.

      Effective fraud management is therefore essential. It protects the finances of the bank and its customers, ensures compliance with regulatory requirements and preserves trust in the institutions.

      What are typical fraud patterns?

      Attackers are constantly adapting their methods to new security standards. Common procedures are

      • Phishing and smishing: Deception via e-mails or text messages with the aim of obtaining confidential information such as access data or TANs.
      • Identity theft: Use of stolen or falsified identities to open accounts or carry out transactions.
      • Social engineering: Manipulation of bank employees or customers in order to disclose confidential information.
      • Insider fraud: Exploitation of access rights by employees to carry out unauthorised transactions or pass on data.
      • Account takeover: Account takeover through hacked credentials and withdrawal of funds.
      • Real-time transaction fraud: Manipulation and unauthorised execution of payment transactions with instant payments due to a lack of control options
      Ready to talk? Contact us.

      How can strong fraud management protect banks?

      The increasing complexity of attacks through the use of the latest technologies makes it considerably more difficult to secure financial assets and trust. For this reason, effective fraud management is required that incorporates all facets of an effective fraud operating model and areas of the bank.

      KPMG recommends setting up and evaluating fraud management organisations in line with a standardised fraud target operating model.  This is done on the basis of a holistic approach, analysing four different main dimensions and eight sub-dimensions. (see figure below)

      Figure: "Analysis dimensions of anti-fraud management based on a fraud target operating model": Source: KPMG in Germany, 2025

      Fraud Management

      Fraud Management im Kontext der PSD3 und AI-basierter Risikomodelle

      Fraud Management im Kontext der PSD3 und AI-basierter Risikomodelle
      Download
      Study

      Zahlungsdienstleister-Störung

      Der Superbooster für Zahlungsbetrug

      Download

      Turning insights into resilience together

      KPMG unterstützt Banken und Finanzdienstleister dabei, ein ganzheitliches Betrugsmanagement aufzubauen und weiterzuentwickeln. Unsere praxisnahen Modelle und fundierte Marktkenntnis helfen, Sicherheits- und Regulatorische Anforderungen effizient umzusetzen und Bedrohungen frühzeitig zu begegnen, um somit den Betrügern einen Schritt voraus zu sein.

      Interested in our services? Contact us.
      Use of AI to fight financial crime

      Einsatz von AI zur Bekämpfung von Finanzkriminalität - Nutzung einer AI-Layer-as-a-service-Lösung zur Ergänzung bestehender Compliance-Systeme

      Einsatz von AI zur Bekämpfung von Finanzkriminalität - Nutzung einer AI-Layer-as-a-service-Lösung zur Ergänzung bestehender Compliance-Systeme
      Download

      More KPMG insights for you

      Your contact

      Volker Smielick
      Volker Smielick

      Director, Financial Services

      KPMG AG Wirtschaftsprüfungsgesellschaft