Tom Cook is chief product and technology officer at risk intelligence firm LegitScript.

A recent survey by the Association for Financial Professionals highlights this escalating threat: 79% of U.S. businesses faced payment fraud attempts in 2024, yet only 22% successfully recovered most of their lost funds, down from 41% the previous year.

While this type of illegal activity — such as email phishing or invoice fraud — is relatively well known, the online fraud ecosystem has also expanded into less-publicized sectors. Payments and e-commerce, for instance, have seen unprecedented growth in recent years but are increasingly vulnerable to sophisticated, AI-driven schemes.

The dramatic increase stems from fraudsters leveraging advanced AI techniques such as synthetic identity creation, vendor impersonation, and transaction laundering, which are well-known tactics in a fraudulent merchant’s toolbox. Still, artificial intelligence is making these techniques faster, more convincing, and more scalable to deploy. Manual approaches and legacy automated detection methods are no longer adequate against AI-powered scams designed to outsmart human review teams and basic risk models.

Companies facilitating online transactions will likely find that the risk controls that served them well just a year or two ago are no longer adequate. They must leverage AI against AI. This means integrating real-time, machine-learning-driven detection systems into how they onboard merchants and continually monitor activity.

Emerging threats: synthetic identities and transaction laundering

AI fraud tactics have become alarmingly sophisticated. Synthetic identity fraud, where fabricated details combine convincingly with authentic personal data, now routinely fools standard verification checks. Similarly, transaction laundering has evolved, with fraudsters able to deploy AI-built "front" websites so convincing that they evade standard onboarding detection.

In the midst of this, identity verification is becoming trickier. Consider the case of scammers successfully using deepfake technology to impersonate a senior executive at Arup, prompting an employee to initiate an  illicit transfer of $25 million. This same technology is already being used to fool ID verification methods in KYC checks. These deepfake images and videos, combined with AI’s ability to rapidly spin up sophisticated merchant profiles, are going to make it harder than ever for underwriting and onboarding teams to spot bad actors.

AI as a defensive strategy

Combating these threats requires an AI-driven approach that dramatically outpaces and outperforms traditional methods. Real-time AI solutions enable payment companies and marketplaces to detect fraud signals early, rapidly pinpointing anomalies and mitigating potential losses before they escalate.

Recent research shows that AI-powered systems can achieve up to 98.5% accuracy in violation detection at financial institutions, significantly lowering compliance risks and operational errors. The Global Treasurer further highlights that AI systems effectively analyze vast datasets in real time, swiftly identifying patterns and anomalies that traditional systems miss, thus strengthening security and reducing operational costs. These findings provide hope to companies trying to stop merchant fraud. It’s no wonder so many payment service providers are actively exploring AI-driven solutions for their merchant onboarding and merchant monitoring.

Key elements of an effective AI-powered merchant risk program include:

• Enhanced KYB and KYC processes: Flags suspicious identities and verifies business legitimacy, detecting subtle indicators that manual reviews typically overlook.

• Real-time merchant monitoring: Continuous AI-driven website monitoring identifies suspicious changes in product listings, website ownership, or transaction patterns immediately, facilitating proactive intervention.

• Regulatory and compliance audits: Continuously assesses merchant websites against evolving compliance standards, instantly detecting violations and minimizing exposure to regulatory penalties.

• Automated MCC detection: Accurately classifies merchant category codes, reducing misclassification, a leading cause of compliance failures.

• Behavioral anomaly detection: Advanced machine-learning algorithms track transaction patterns, flagging unusual spikes or inconsistencies that often signal fraudulent activity.

Integration and scalability

Successful AI-based risk management tools should integrate seamlessly into existing merchant onboarding and risk management workflows. This ensures payments businesses and e-commerce platforms can scale their operations confidently without sacrificing the speed or accuracy of their compliance and fraud detection efforts. 

Organizations leveraging AI for risk analysis report dramatic reductions in false positives and increased speed and precision of their fraud detection capabilities. This heightened accuracy prevents financial losses and preserves consumer trust, ensuring a sustainable merchant ecosystem.

The human element: essential in AI-driven solutions

While AI is a game-changer, it's not a silver bullet, especially when managing merchant risk. The human perspective remains essential. Human experts provide crucial oversight, ensuring that AI models stay accurate, relevant, and adaptable to new and evolving threats. This "human-in-the-loop" approach isn't about choosing sides; it combines advanced AI tools with strong internal controls and ongoing employee education.

Companies proactively embracing AI for merchant risk management aren't just stopping fraud; they enable secure, scalable growth in a complex financial environment. Payments companies and online marketplaces can confidently navigate threats and secure their financial future by seamlessly integrating technology and human expertise.