In speaking recently with my current co-worker Amanda Estiverne-Colas, who serves as Director and Head of Payments Practice at Perficient, Amanda shared with me statistics she had provided to her audience at the 2025 GULF AML Forum, an annual conference for anti-money laundering (AML) professionals in the financial services industry and government. The statistics, which I found both fascinating and scary, included:
- Phishing attacks have surged by 4,151% just since ChatGPT’s launch in 2022
- Phone Phishing attacks increased by 28% in Q3 2024, while smishing incidents rose by 22%
- More than half (53%) of all breaches involve customer PII, which can include tax identification numbers, emails, phone numbers, and home addresses
For the clarity of readers, phishing is the fraudulent practice of sending email messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers, and smishing is the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.
In our hyper-connected world, digital transactions occur at lightning speed, creating a vast and complex landscape for financial crime. While artificial intelligence and machine learning tools are vital in the fight against fraud, the human element remains the cornerstone of effective defense. Fraud detection isn’t just about algorithms; it’s about the people behind the screens—the victims, the fraudsters, the analysts, and the developers.
As I spoke with Amanda about how financial institutions and consumers can fight against burgeoning fraud, I was reminded of the teaching of a former co-worker from much earlier in my career. Having just finished serving in the army, that co-worker highlighted the motto of the Seven Ps. Those Ps being “Proper Prior Planning Prevents Piss-Poor Performance”. The current, and with all-due respect to the members of our armed forces, better-etiquette, saying is limited to the Four Ps—Protect, Prepare, Pursue, and Prevent. Using this, readers can gain a holistic understanding of how more resilient, human-centric systems can be designed and built to combat fraud.
Protect: Safeguarding More Than Just Data
Protection is the primary line of defense, extending beyond a company’s balance sheet to its reputation, customer trust, and employee well-being. In the digital age, this means creating safeguards that are both technologically advanced and human aware.
The human side of protection involves recognizing that the primary target of many modern fraud schemes is not system vulnerability, but human psychology. Social engineering preys on trust, fear, and urgency. As such, the most crucial protective measure becomes continuous human training and awareness. Staff must be educated in the latest social engineering tactics, red flags in communication, and subtle behavioral changes that might indicate internal fraud, such as an employee living beyond their means or refusing to share job duties.
Furthermore, dealing with victims of fraud requires a distinct human touch. A customer who has lost their life savings to an online scam needs empathy and clear, supportive guidance, not automated responses. Human analysts serve as the compassionate front line, helping victims navigate a distressing experience and rebuild trust in the institution.
Prepare: Cultivating Resilience and Expertise
Preparation means anticipating complexity and ambiguity, as fraudsters constantly adapt their methods. Technology helps, but it is the trained professional who must handle the unexpected.
A significant human challenge in this phase is managing “alert fatigue”. Advanced fraud detection systems generate high volumes of alerts, many of which are false positives (legitimate transactions incorrectly flagged as fraud). Analysts, overwhelmed by the sheer volume, may become desensitized to actual threats. This is where human expertise and critical thinking are indispensable. Experienced analysts provide essential feedback on the utility of detection models, helping to tune systems to be more accurate and reduce false positives.
Preparation also involves developing professional resilience. Investigators deal with angry victims and deceptive individuals, requiring emotional intelligence and clear communication skills. The human element in preparation ensures that institutions are not just structurally ready with protocols but also staffed with people who are mentally and skillfully equipped to handle high-stress situations.
Pursue: The Art of Human Investigation
When fraud occurs, the pursuit begins. While data analytics help “follow the money,” human investigators are the ones who put the pieces together, often leveraging a combination of technical knowledge and investigative experience.
Transactions in a digital landscape rarely move in straight lines. Criminals use layering, cross-jurisdictional transfers, and digital assets to obscure the path. Pursuing these requires human ingenuity to connect seemingly unrelated data points and understand the “why” behind the transactions.
Crucially, pursuit relies heavily on inter-institutional and human collaboration. Sharing information between banks and agencies, often hampered by misinterpretations of privacy laws, is a human-led effort to overcome organizational silos. Human networks and trusted relationships between compliance professionals are essential to disrupt criminal activity effectively.
Prevent: The Continuous Cycle of Learning
Prevention is about learning from every case and educating both consumers and staff to stop future occurrences.
Starting with an all-digital approach, one bank that worked with Amanda and her team initiated real-time transaction notifications requiring instant customer verification, to help prevent fraud. Another financial institution worked with Perficient to modify their in-app fraud education library updated weekly with new threats. AI-powered analysis of customer transaction patterns triggers proactive educational interventions before fraud occurs.
This final P is not just all-digital but also brings us back to the human element as the loop-closer in the system. Every investigation offers insights into new fraud typologies, compromised onboarding flows, or novel social engineering tactics. It is up to human teams—investigators, risk managers, and product developers—to establish effective feedback loops.
The human side of prevention is fostering a culture where fraud is not a siloed responsibility but a part of the organization’s DNA. It involves embedding “compliance by design” into new digital products, ensuring that human-centric insights are used to make systems inherently more secure.
Conclusion:
Ultimately, the digital age has made fraud detection faster and more data-intensive, but the core battle remains human versus human—the fraudsters’ psychology against the collective ingenuity and integrity of those dedicated to stopping them. By embracing the Four Ps of Protect, Prepare, Pursue, and Prevent, Perficient can combine their AI expertise with technical and compliance staff and ensure that both human and artificial intelligence are combined successfully at the heart of your firm’s defensive strategies against fraud.
Our financial services experts continuously monitor the financial services landscape and deliver pragmatic, scalable solutions that meet the required mandate and more. Reach out to Perficient’s Director and Head of Payments Practice Amanda Estiverne-Colas to discover why we’ve been trusted by 18 of the top 20 banks, 16 of the 20 largest wealth and asset management firms, and 25+ leading payment + card processing companies and are regularly recognized by leading analyst firms.
