Federated Fraud Detection: The Signal is in the Network

With Eric Broda – Agentic Mesh | Agentic AI | Autonomous Agents | Generative-AI | Data Mesh | Data Products | Climate Solutions | Banking | Insurance | Payments

In the financial services industry, fraud losses are huge, and growing.? Real-time payments (RTP) make this situation worse: the incidence of fraud, and corresponding losses, have increased dramatically in every region that has adopted RTP.? And fraud is getting increasingly sophisticated as criminals take advantage of new technologies and techniques, constantly probing for “weak links” to exploit in the payments network.

Today, organizations realize that fighting fraud in isolation is no longer an economically viable approach, which has led to the creation of consortiums of payment participants that pool their knowledge.? These consortiums typically pool data in a central location with the hope that with greater data they can identify “signals” (fraudulent transactions) from “noise” (valid transactions).??

We propose a better approach, one that is both practical, lower cost, and is based upon techniques and patterns that are proven to work.? In this article, we will explain this provocative position as follows:

• Pooling data to support fraud identification into a central repository not only creates a host of problems but we suggest that logistics of pooling data at the speed and scale required for RTP just won’t work.
• There are latent “signals” that are already present in the payment network that are largely ignored.? We propose to capture the “signal in the network”
• A federated fraud detection architecture will capture the signals in the network in the more effective, efficient, and scalable fashion that will also address the needs of RTP

Fraud Moves Fast - The Response Must Be Faster

Today, payments-related fraud losses are immense and rising rapidly.? Consider recent headlines:

• Juniper Research:? “Online Payment Fraud Losses to Exceed $343 Billion Globally over the next 5 years”
• Mastercard: “Global ecommerce fraud is increasing… and is predicted to exceed $48 billion this year”
• Federal Trade Commission:? “Consumers reported losing more than $10 billion to fraud in 2023, marking the first time that fraud losses have reached that benchmark. This marks a 14% increase over reported losses in 2022. … Bank transfers and payments accounted for the highest aggregate losses reported in 2023 ($1.86 billion [USD])...”
• Payments Canada:? “Majority of Canadians alter payment habits due to fraud concerns - 13 per cent affected by payment fraud in the past six months”

Real-time payments (RTP) are becoming far more prevalent globally, introducing transactions that are executed and settled in 5-7 seconds.? No recourse.? Money has left the bank.? And hopefully it moved from the right place to where it was intended to go.??

But while RTP has transformed the financial landscape by enabling instantaneous fund transfers, the speed and convenience of these payments has introduced new challenges in managing fraud.? It is clear that not only are fraud losses enormous, but with RTP they will grow dramatically:

• Increased Fraud Risks: The immediacy of RTP leaves minimal time for traditional fraud detection methods to identify and intercept suspicious transactions. Fraudsters exploit this rapid processing to execute unauthorized transfers before detection systems can respond (Source: Deloitte)
• Authorized Push Payment (“APP”) Scams: RTP systems have seen a rise in APP scams, where individuals are deceived into authorizing payments to fraudsters. The irrevocable nature of RTP makes recovering funds from such scams particularly challenging (Source: EY)
• Sophisticated Fraud Tactics: Fraudsters are leveraging advanced tools, including AI, social engineering and bot networks, to automate and scale their attacks against RTP systems, increasing the complexity of fraud detection (Source: Datavisor)

To counteract this accelerating threat, financial institutions must deploy equally adaptive, real-time fraud prevention solutions.? We believe there are untapped opportunities that can allow organizations to better detect the fraud “signal” in the noise and leverage the untapped “network” of readily available information sources to materially reduce the incidence of fraud and its losses.?

Current Situation

Traditionally, banks and payment providers have operated within settlement windows spanning several hours to multiple days. These delays provide a buffer to verify transactions, reconcile accounts, and flag irregularities, giving institutions time to detect and mitigate risks like fraud and money laundering. However, this approach relies heavily on batch processing and retrospective analysis, which can delay action until long after suspicious activities have occurred.

These extended settlement periods, while necessary for ensuring accuracy, also create vulnerabilities. Fraudsters exploit this lag to move funds across accounts or jurisdictions before red flags are raised. The fragmented nature of these checks, combined with time gaps, means that by the time illicit activities are identified, reversing or blocking transactions becomes significantly more complex, increasing the likelihood of financial loss.

The growing demand for faster, more efficient financial services, coupled with rising fraud losses are pushing the industry to reconsider this model. Reducing, or eliminating, the time between transaction initiation and settlement requires rethinking how risks are managed in real-time. Banks and payment providers must strike a balance between speed and security, using advanced technologies to detect fraudulent behaviour as part of the payment process without compromising the integrity of financial systems.

Enter Real-Time Payments (RTP).?

RTP systems are gaining momentum globally, with notable deployments including TCH and FedNow in the U.S., SEPA Instant in Europe, and UPI in India. The push towards adoption is driven by compelling benefits. RTP enhances operational efficiency by enabling instant settlement, reducing manual reconciliation, and lowering transaction costs. Businesses gain better liquidity management, reduced reliance on credit, and streamlined processes like invoice reconciliation. With data-rich messages following the ISO 20022 standard, RTP minimizes administrative overhead and the need for intermediaries, driving more efficient financial operations.

Beyond efficiency, RTP elevates the user experience with 24/7/365 availability, instant payment confirmation, and transaction transparency. This real-time certainty fosters trust and meets rising consumer expectations for fast, seamless interactions across personal, business, and cross-border transactions. RTP also unlocks new business models, such as instant gig economy payouts, and promotes financial inclusion by giving underbanked populations immediate access to funds. As economies become more interconnected, RTP ensures businesses stay competitive and aligned with global financial standards, fostering innovation and growth.

Problem Statement

The widespread adoption of RTP introduces new challenges, particularly in detecting and preventing fraudulent transactions. In the past, banks and payment providers had settlement windows spanning hours or days to identify and address fraud or money laundering. With RTP, this buffer is eliminated as funds move instantly or near-instantly, with settlement occurring in real-time as part of the transaction or shortly thereafter. This shift demands new approaches to fraud detection, requiring real-time monitoring and advanced technologies to safeguard financial systems without compromising the speed and convenience that RTP offers.

And as RTP eliminates traditional settlement delays, fraud tactics are evolving to exploit the rapid movement of funds. Fraudsters are shifting from methods like account takeovers and credential stuffing – where stolen credentials are used to infiltrate accounts – to more sophisticated schemes such as APP scams where victims are manipulated through social engineering to willingly transfer money to fraudulent accounts. Additionally, mule networks are increasingly used to facilitate these schemes, moving and splitting stolen funds swiftly across accounts and borders, making detection and recovery far more challenging.

Fraudulent actors also increasingly employ sophisticated techniques such as synthetic identities, machine learning algorithms, and automated tools including AI-enabled simulations to stay ahead of detection mechanisms and dupe consumers through advanced social engineering. As fraud becomes more dynamic and adaptive, traditional rule-based systems with relatively static models often fail to keep up, leading to false positives or negatives.

Fraud actors also adapt by targeting organizations with weaker fraud defences, shifting between institutions to evade detection. Without strong, real-time fraud detection capabilities, organizations become vulnerable, especially as criminals learn to exploit gaps in newly implemented RTP systems. This fluid and opportunistic behaviour heightens the need for advanced, predictive monitoring tools that can detect unusual patterns instantly and stop fraudulent transactions before they settle, ensuring organizations can keep pace with the dynamic nature of financial crime.

And it is this attack vector – choosing the weakest link in the financial community – which is the most problematic.? Fraudulent actors know that today, banks typically only use their own customer and transactional data for risk scoring, limiting their ability to spot broader fraud patterns that may emerge across institutions. For instance, a fraudulent actor might attempt small-scale fraud across multiple banks, avoiding detection by maintaining a low profile within each institution’s dataset. Today, fraudsters rely on individual banks having incomplete information about participants involved in a payment transaction.? When one bank identifies a fraudulent transaction, the fraudsters attempt the same techniques at another bank, and then another, until one bank allows a transaction to go through.

For banks with relatively strong in-house fraud implementations, this approach has historically worked effectively with slower payment types and less sophisticated fraud patterns, and has in fact been viewed as a strategic advantage over banking competitors with less sophisticated systems and/or more limited data sets. As the fraud patterns continue to increase in sophistication and losses continue to mount, this isolated approach can no longer mitigate the financial losses without material impact to business profitability.

The problem, simply put, is that one-sided information about payments participants (retail or commercial) has exposed all banks to increased fraud.? And even if one bank becomes better at fraud detection, the remaining banks suffer, leading to mistrust of our financial system and broader industry regulatory exposure.

Centralization Solutions and the Data Sharing Dilemma

To address this, a fraud solution must incorporate mechanisms for collaborative intelligence and get the full and aggregated fraud assessment of all participants.? Today, organizations are considering “centralized” solutions, but these traditional solutions introduce data security risks and operational challenges when data and fraud analysis is consolidated into a single entity.

A centralized solution faces significant challenges primarily due to the need for a single, highly-trusted entity to collect, manage, and control vast amounts of data from various participants. In a centralized system, each contributing party must relinquish control over its data, placing it in the hands of a central authority. This creates concerns over data privacy, security, and sovereignty, as contributors may be hesitant to share sensitive information without guarantees that it will be handled properly. Moreover, centralized databases become attractive targets for cyberattacks (data honeypots), as they concentrate valuable data in one location, increasing the risks of breaches or data misuse. If the central operator is a market regulator or regulator-adjacent entity, some of these concerns may be allayed, but at the cost of restricting competition and innovation in the market by third-party solution providers. A further limitation of centralized solutions lies in their narrow, payment rail-specific approach to fraud detection. While centralization focuses on payments-only data (and often a subset of the total universe of domestic payments), individual banks possess a more comprehensive, 360-degree view of their customers through signals from other transaction types, such as lending, credit activity, online banking patterns, or even behavioural cues like ATM withdrawals at non-local branches. This richer context allows banks to build more accurate fraud detection models by connecting disparate signals beyond payment transactions. However, even if these insights could enhance collaborative fraud detection efforts, banks are unlikely to permit the sharing of such extensive data across institutions due to concerns over privacy, data governance, and customer trust. Without the ability to pool these deeper, more nuanced signals, centralized systems remain inherently limited, reducing their effectiveness against sophisticated fraud schemes that span multiple financial interactions.

Another challenge of centralized solutions is the issue of data management and scalability. As the volume of data grows, centralized systems often struggle to efficiently ingest, process and manage such large quantities of information in real-time. This is particularly problematic in dynamic industries like financial services, where the ability to rapidly detect fraud or errors is critical. The centralized approach may introduce bottlenecks or delays in processing, as the system becomes overloaded with information, potentially leading to inefficiencies or missed opportunities for timely intervention.

Finally, centralized systems may suffer from lack of flexibility and trust among participants. The single governing entity in a centralized solution often dictates how data is processed, analyzed, and shared, which can lead to concerns over fairness and transparency. Participants may feel uncomfortable with one organization having control over the rules and decision-making processes, especially when their own interests may not be fully represented. This lack of trust can hinder widespread adoption, as entities may prefer to retain control over their data rather than rely on a central authority that may have conflicting priorities or insufficient accountability.

Proposed Solution

We propose a federated and decentralized model of fraud detection that overcomes the limitations of centralized systems. In our solution, all participants in the federated fraud solution (hereinafter referred to as simply “participants”) provide their own insights regarding individual transactions, which are then aggregated to determine an overall fraud “rating”.? In other words the decisioning for a transaction is federated across all participants - each participant is sent information about a transaction and is requested their “opinion”, or rating, on the transaction. The opinions of all participants are aggregated to provide a single score which includes the opinions of not just the immediate parties to a transaction, but rather the entire community of participants.? More participants means more opinions, which means a much more accurate and holistic fraud rating. This is applying the “wisdom of crowds” to fraud detection.

Organizations understand that the more opinions they get regarding fraudulent transactions, then the better their fraud detection capabilities.? However, almost all solutions today are centralized.? They offer the same benefits, but require extraordinary efforts to create a synchronized, up-to-date central repository.

Our federated solution does not come with such limitations. Rather than relying on a vast data repository managed by a single authority, each participating institution controls its own data; there is no central data repository. But each participating institution is still able to weigh in on fraud decisions for individual transactions; but this is now a network call leveraging up-to-date data, rather than requiring a mandate to centralize and continuously update sensitive data.

In our solution, there is no centralized data source and hence there is no complexity of data sharing.? This minimizes concerns over data privacy, security, and compliance, as no raw or detailed data ever leaves the organization’s environment. Banks and financial institutions can participate in collective intelligence efforts without compromising the confidentiality of their customer information.

In this federated model, each institution generates fraud "scores" based on its internal analysis of transactions and interactions, leveraging the complete context of its relationship with the customer and also the interactions of customers of other financial institutions with its own client base. These scores reflect an individual bank’s perspective on the likelihood of fraud for a given transaction, capturing nuances that might be overlooked by payment-only data systems. By focusing on scores, calculated with rich local data, rather than raw data sharing, this approach allows institutions to safeguard proprietary algorithms and insights while still contributing to a fraud detection ecosystem.

The Signal is in the Network

Today’s solutions are centered around monitoring transactions, accounts, and individuals, and they involve only the creditor and debtor payment institutions trying to find the “signal” - the indicator of fraudulent behaviour - in the limited amount of information at their disposal.

But we know that fraudsters always find the weakest link.? They work to avoid the institutions with strong fraud capabilities, typically the largest banks, and focus on those with less capable fraud detection, typically the smaller institutions.? So, the fraudsters are poking at the network of institutions trying to find the gap to exploit.

But there is an untapped source of information available - the network of institutions that are not involved in the specific transaction but nevertheless may have additional information related to the current payment request.? Perhaps they have seen previous fraudulent behaviour from one of the participants in the payment, or maybe they have information about additional related accounts.

The “signal” already exists in the network!? However, the signal in the network is silent, or heard in isolation through isolated processing only.? It has information that is sitting idle, waiting to be heard holistically and deployed to detect fraud.? The signal encodes knowledge that is not being used.

“Transaction-based monitoring is failing, and fighting fraud alone is a losing proposition for financial institutions. The winning strategy is to leverage the signals that exist at the network level, not the individual or the account alone.”? – Mike Cook, Global Payments Leader, IBM

Our federated solution aggregates and weights the fraud scores submitted by all participating institutions, including those beyond the debtor and creditor agents involved in the transaction, to create an ecosystem-wide view of each transaction’s risk.?

This collective intelligence offers a more powerful fraud detection capability by incorporating multiple perspectives on the customers (or accounts) involved as part of the risk scoring process. A suspicious transaction flagged by one bank, even if not immediately actionable, can provide valuable signals to others, creating a dynamic ecosystem where fraud patterns can be identified more effectively. Institutions benefit from real-time feedback on evolving risks without relinquishing sensitive data or relying on a central repository vulnerable to cyberattacks.

This model also promotes trust and collaboration among participants by maintaining the autonomy and privacy of each institution's data. Banks can confidently engage in the network, knowing that their insights are contributing to a safer financial system without exposing their customers, data, or business operations to unnecessary risks. Our federated approach offers a scalable, flexible solution that aligns with the regulatory environment, enabling faster detection of complex fraud schemes while fostering innovation and ensuring the resilience of financial ecosystems.

Our federated solution is particularly attractive because it enables data privacy with autonomy, enabling participants to share insights, patterns and critical events without needing to centralize or disclose large amounts of sensitive information. In industries like finance or healthcare, where data confidentiality is paramount, federated systems allow entities to collaborate while retaining control over their proprietary data. This decentralized approach reduces the risk of breaches or misuse, as data remains within each organization’s control and only aggregate, anonymized or algorithmically-derived scoring information is shared. It also addresses concerns around data sovereignty, where organizations may be unwilling or legally restricted from transferring sensitive information to a centralized authority.

Additionally, a federated solution offers scalability and flexibility. Each participant can maintain and process its own data, reducing the bottlenecks that are common in centralized systems when handling large data volumes. The decentralized nature allows for real-time processing and more agile responses to dynamic threats like fraud or cyberattacks, without overloading a single central entity. Federated systems are also more adaptable, as individual organizations can choose the tools or algorithms best suited to their needs, without being bound by a one-size-fits-all central authority.

Federated solutions foster collaboration through trust. By minimizing data centralization, these systems address participants’ concerns over fairness, transparency, and control. Entities are more likely to participate when they know their data remains private and they retain ownership of their processes. Federated systems often include privacy-preserving technologies like tokenization or secure multi-party computation, further enhancing trust. This approach allows for collective intelligence and risk mitigation while avoiding the friction caused by concerns over data governance and central authority control.

Finally, by distributing the score calculation out to individual institutions and standardizing on the outcomes rather than dictating a fixed set of models, the federation solution accelerates time to market for both initial launch and changes over time. Rather than being beholden to big-bang changes that depend on the slowest mover to complete an implementation or enhancements, the ecosystem can evolve incrementally and more rapidly.

“There’s immense power in consortium data. By sharing intelligence programmatically across the network, organizations can boost the accuracy of fraud detection by over 250%, significantly enhancing predictive models and enabling faster identification of mass-scale attacks. This approach doesn’t just strengthen the system’s overall defenses—it fortifies the weaker links that fraudsters often target.”? – Rob Fodor, Fraud Mitigation Expert, Founder of Parallel Partners Canada, and former VP of Fraud Management / Chief Data Officer at Interac

Liability Considerations

In today’s payment systems, two key participants drive a transaction: the originating and receiving financial institutions. Depending on their role in the transaction, these entities function as either the debtor agent, which initiates and authorizes the payment by releasing funds, or the creditor agent, which receives the payment on behalf of the beneficiary via central bank settlement of accounts between the participating institutions. The crucial aspect is that the debtor agent generally carries the liability for fraud since it is the institution that decides whether to release the funds. This structure is deeply embedded in current financial systems, and our federated fraud detection solution does not propose to change these roles or liabilities, although as noted earlier there are changes to liability and risk apportioning occurring in other jurisdictions.

In fact, in our proposed solution, the debtor bank remains in full control of the decision-making process, maintaining its ability to assess internal risks, apply business rules, and follow established protocols before releasing funds. What our solution introduces, however, is an additional layer of intelligence: a fraud score generated collaboratively across multiple participating institutions.

This score, much like a credit score, evaluates the likelihood of fraud based on transaction patterns, participant behaviours, and other relevant factors - but across an entire community of participating institutions. The fundamental value proposition, in fact, is that the scoring model leverages insights from all participating banks to create a true broad community assessment, allowing each institution to have a much broader view of potentially suspicious activity.?

The aggregated fraud score provided to the debtor bank is an evaluation of the transaction and the participants involved, pulling from data patterns from all banks that might otherwise remain hidden within the isolated data silos of individual banks. In this way, the fraud score acts as a critical input to the debtor bank’s existing decision-making process, supplementing its own data without overriding it. The debtor bank still has the final say in whether to authorize the transaction, but now it does so with a much richer set of information.

How the Federated Fraud Solution Works

In this framework, the federated fraud detection solution operates strictly as an information broker. Its role is solely to facilitate the secure exchange of transaction data and fraud scores between participating banks.?

Specifically, our federated solution:

• Collects transaction/participant information: Information about a transaction (e.g., amount, location, participant history) are securely communicated by the federated solution with participating banks. Customer data, and in fact any data that the bank has, remains within each participating bank's environment.? Crucially, no transaction or customer data is ever persisted within the federated solution.
• Broadens the ecosystem visibility of transactions: By obtaining scores from institutions beyond just the creditor or debtor agents, more insights can be gathered on the customers involved in the transaction based on past or recent behaviour observed by other institutions for one or both of the customers
• Generates and distributes fraud scores: Based on the shared insights from all participating institutions, our federated solution generates an aggregate score - based upon individual bank scores of a specific transaction - that reflects the likelihood of fraudulent activity. The aggregated score (as well as any agreed to transaction details) are given directly to the institutions involved in the transaction but are also shared with all participants in our federated solutions, allowing the cumulative capability of all participants to increase (and thereby lower fraud for all participants).??
• Shared Governance and Policies: The algorithm that creates the aggregated score is based upon policies adopted and agreed to by all participating institutions. All results and policies that govern the federated solution’s operations and governance are agreed to and approved by organizations that participate in the federated solution.?
• Facilitates collaboration without compromising privacy: Banks retain control over their data, and only anonymized or aggregated insights are exchanged between institutions. The federated system ensures that no sensitive information is centralized or exposed, minimizing the risk of data breaches or misuse.
• Supports the existing liability framework: Since the solution does not alter the decision-making process, the existing rules around fraud liability can continue to operate unchanged. The debtor bank can remain responsible for deciding whether to release funds based on the fraud score and its internal assessment. The federated solution does not impose any new rules or liabilities, ensuring continuity with current regulatory and operational frameworks, but would also support different models if they were to evolve or be mandated.

By acting as an information broker, the federated system enhances fraud detection across the banking ecosystem without interfering in the banks’ decision-making autonomy or liability structures.?

1. A customer at the debtor bank (A), logs into their mobile banking app and submits a payment request to a recipient at the creditor bank (B). The debtor performs local fraud scoring and deny-list checks which both pass, and submits the transaction to the Federated Fraud Service for ecosystem scoring. Key data elements included in the federated fraud request may include: Source Account # (BankID-Transit-Account), Destination Account #, transaction value, local score results, etc.?

1. The Federated Fraud Service validates the scoring request and then routes it to all participating and online banks in the ecosystem, including the creditor bank (B).

1. All available participants score the transaction based on their local datasets, and either respond with a scoring result within a system-wide time window, or timeout.

1. The Federated Fraud Service collects all responses received in time, aggregates the scores in line with the industry-agreed policies, and forwards the results to the debtor bank (A).

1. The debtor bank (A) evaluates the aggregate score and confidence, makes a pay / no-pay decision, and either submits the transaction to the payment rail for processing or declines it back to the customer.

Federated vs. Isolated Fraud: Real-Time Payments Scenarios

Scenario 1: Fraud detection with federated scoring

In this scenario, a fraudulent actor is attempting to send funds to a compromised mule account at Bank B, from multiple source accounts at Banks C, D, and A in that order.?

(1) & (2) When attempting to send payments from Bank C and Bank D, the internal fraud systems of each bank score the transaction low enough for it to be declined prior to submitting it to the payment rail. Crucially, both Bank C and D keep a record of having declined the transaction to the specific account number at Bank B.

(3) When the attempt is made from Bank A, the internal fraud system initially passes the transaction, and then sends a scoring request out to the set of community participants in the Federated Fraud Solution. Both Bank A (the debtor) and Bank B (the creditor) score the transaction high (“safe”) due to the limited insights they have with regards to the transactions that are party to the transaction.?

However, Bank C and D both score the transaction low (“warn” or “risky”) in their responses, such that the aggregate score and confidence returned by the federated solution to Bank A results in Bank A ultimately deciding to decline the transaction.

Scenario 2: Fraud detection without federated scoring

In this scenario, the same set of transaction attempts are made to send to a compromised mule account at Bank B, but without the benefits of a federated fraud scoring ecosystem that can provide broader data perspectives on the accounts involved in the transaction. All fraud decisions are made locally, and generally only by the debtor.

(1) & (2) As in Scenario 1, Bank C and Bank D both decline the transaction and keep a record in their local systems of the specific account involved at Bank B.

(3) When the transaction is then attempted at Bank A, the internal fraud system passes the transaction and sends it to the payment rail where it is received by Bank B, where it is accepted without any local fraud scoring since the liability for the decision is with Bank A.

Without the benefit of the insights of the other parties in the community, in particular Bank C and Bank D, the fraudulent transaction is able to succeed.?

Extensibility and Hybrid Operations

The focus of the proposed solution is on the data owned and/or managed by the banking participants of the ecosystem; however, there is no barrier to extending the scope of the network to incorporate other data sets that could enrich the ecosystem assessment of risk. Examples of additional inputs that can provide scores to augment bank insights include:

• Cellular communications providers?
• Social media and networking sites
• Third-party location and device fingerprinting service providers
• Other payment network providers / operators
• Credit rating agencies

Many markets built out real-time payments prior to the broader implementation of real-time API interfaces into banks, and so had no choice other than central data sets (honeypots) updated on a batch basis. The federated scoring approach can be layered over top of an existing central solution to materially improve the scoring capabilities by leveraging the 360-degree customer view of the banking participants, and to provide a roadmap to reduce or eliminate the amount of sensitive data stored centrally.

Federated Solutions in Play Globally

Our approach is based upon successes in other industries where incomplete information that leads to industry-wide inefficiencies are addressed through a federated solution, although many of these solutions rely on the problematic centralization of data. This historical pattern does not negate the validity of our approach; instead, our federated fraud solution takes advantage of modern techniques (for example, remarkably fast networks, standard APIs, and “mesh” techniques designed for federated data solutions) which were not practical in the past.??

Industry pioneers have led the way to federated solutions across multiple domains:

• Credit rating Agencies: individual credit rating agencies may have incomplete or partial credit worthiness information, but multiple federated credit agencies offer a much better, more accurate, and fulsome credit profile (and also rate of change (up/down) over sliding time window).? Multiple credit agencies, such as Moody's, S&P, and Fitch, aggregate information from various sources to build a more comprehensive profile of creditworthiness. Similarly, in fraud detection, pooling transaction histories or patterns across multiple banks can provide a fuller picture of suspicious activity.

• Insurance Industry: In insurance, federated systems often aggregate claims data across multiple companies. Services like CLUE (Comprehensive Loss Underwriting Exchange) compile information on past claims, enabling insurers to better assess risk by identifying potentially fraudulent claims or applicants who repeatedly file claims across different insurers.

• Healthcare Sector: In healthcare, federated data sharing is used in prescription monitoring programs. For example, in the U.S., systems like the Prescription Drug Monitoring Program (PDMP) allow states to share prescription data across borders, reducing the risk of individuals "doctor shopping" to obtain excessive amounts of controlled substances. This is a strong parallel to how banks could share data on known fraudulent actors to curb repeat offenses across institutions.

• Telecommunications: Federated models are used for fraud detection across telecoms. Systems like GSMA's Fraud and Security Group enable telecom companies to share information on fraudulent SIM cards, call-routing schemes, and other suspicious activity, allowing for a collaborative approach to mitigating fraud risks.

• Anti-Counterfeiting in Supply Chains: Federated approaches in supply chains, such as blockchain or shared databases, are used to detect counterfeit goods. Companies can track product origin, verify authenticity, and flag suspicious entries, similar to how fraud detection across banks would work.

The Key Consideration: Social Engineering

We have shown earlier that the economic incentives of moving to a federated fraud solution are compelling: no bank stands alone, but rather is part of a broader payments community where each member plays off each other to reduce fraud.? Without this link, we see the “weakest link” – typically the smallest institution – become the primary entry point to fraud.? In a community – in our federated fraud solution – institutions work with each other to share information to in aggregate reduce fraud.? All institutions gain access to the fraud signal in the network, and all institutions benefit.? The rising tide floats all boats.

We have also shown that the federated fraud solution is simpler and more practical than a centralized data solution.? Our approach has no “honey pot” that puts data into a single, valuable, repository that is extremely expensive and difficult to protect. Rather, our solution uses tried and proven network technology - the same tech that allows payments to execute thousands of times per second.? Which means we know it can work.

But we also know that RTP imposes new challenges.? How can a centralized data source be synchronized in real-time so that fraud detection can use accurate and up-to-date information?? Banks do not do this today, nor would they be able to do this without massive investments. On the other hand, our federated fraud solution uses data that already exists, where it exists.? No data synchronisation issues; existing data is protected using existing techniques.? We just use the same network techniques as well as algorithms that are already in use to aggregate fraud signals.? So, our solution is not just practical, but it is cheaper, and faster and easier to implement.

However, we have not addressed the social aspects with regards to incentivizing the community to embrace this solution - on purpose.? We have shown there is a clear economic incentive, and a much better technical solution, but our solution does not make it any easier for competitors to come together in an egalitarian way.? Nevertheless, groups can come together: international payments networks are consensus organizations with multiple owners.? Card payments firms share data (although in a different technical manner that we advocate).? It can work.

The question then is: do we want it to work?? We think the answer is yes, and in fact that it must happen to effectively combat the changing fraud landscape.? Payments is the blood that flows in the veins of our global economy.? It powers regional and local economies and is critical to the economic well being, growth, and all countries.? So, perhaps an egalitarian approach may be worth investigating.? Perhaps a community, a network, and federated fraud solution should be owned and operated in an egalitarian way?? We suggest that regions and countries should investigate an ownership structure that spreads the benefits not just to a single controlling entity but rather to a broader set of constituencies, or a neutral arms-length entity / fintech with no direct competitive posture to the community members. If this does not come to fruition, then we suspect that regulators may take it upon themselves to demand change onto the participants, taking away their control over shaping the solution.?

What will the future hold?? It’s hard to predict.? But we do know that there are better solutions to detecting the fraud signal in the network. Our hope is that our federated fraud solution provokes a dialog to examine all options.

Conclusion

Our federated fraud solution addresses the critical gaps in real-time payment systems by enabling collaborative intelligence without compromising data privacy or autonomy. But with a key difference: unlike centralized solutions typically considered today, the federated approach allows individual institutions to retain control of their proprietary data while contributing anonymized insights to a collective scoring mechanism. This model leverages the "wisdom of the community" to produce more accurate fraud detection results, aggregating transaction data and fraud assessments from across the financial ecosystem.

Our solution’s design not only improves fraud detection efficacy but also fosters trust and cooperation among financial institutions. The success of a federated approach in other industries, such as credit ratings and telecommunications, underscores its potential for transforming fraud mitigation in financial services, as well as providing the foundations which may be leveraged to strengthen AML and KYC counter measures. As real-time payments adoption accelerates with new market implementations and the roll-out of open banking, this federated model offers a robust, scalable solution to safeguard financial systems, enhance operational resilience, and protect customer trust.

Keith Ajmani & Eric Broda, February 10, 2025