There’s a saying that it is hard to put a broken vase together after it has been damaged, and reputations for trust and efficiency can suffer hard-to-fix reputational damage. But there are ways to handle the task, the author of this article says.

The following commentary, which speaks to concerns about cybersecurity, fraud and other problems that banks and wealth managers face, comes from Roman Eloshvili (pictured below), who is founder of XData Group, a business-to-business development company, focused on the European sector. 

Roman Eloshvili

Recently, it was reported that German banks froze over €10 billion in PayPal payments amid suspected fraud triggered by failures in PayPal’s own detection systems. So, when fraud detection fails, how can banks rebuild trust in their payment infrastructure?

The editors are pleased to share these views; the usual editorial disclaimers apply to views of guest writers. To comment, email tom.burroughes@wealthbriefing.com and amanda.cheesley@clearviewpublishing.com
 

In our society filled with hacks, phishing schemes, DDoS attacks, and relentless fraud attempts, we can’t just depend on automation anymore. Sure, smarter KYC processes help, but let’s be real: payments are more than just machines communicating with each other – they’re about people putting their trust in other people. And when a false flag locks a customer out, it’s not the protocol that keeps them loyal; it’s how the bank treats them at that moment.

Fraud alerts will always need to be quick, but speed without a touch of empathy can feel cold. Sometimes, the real chance to shine during a crisis is to genuinely show that you care, not just that your system is functioning properly.

Transparency and collaboration: A mutual contract
Trusting that money is secure – whether it’s in banks, fintech, or the entire financial system – isn’t something you can just demand. It’s something you must earn, and that process can be slow and, at times, quite painful. When negligence creeps in, it leads to frustration. And once that frustration takes hold, companies begin to lose their grip on clients – gradually, but inevitably.

From my perspective, this is a bit of a taboo topic. Very few of us are comfortable admitting that silence can be far more frightening than receiving bad news. Stepping away from the theme of fraud detection, in everyday life, a quick and coordinated response – even if it’s not flawless – can provide relief and help maintain trust. Ultimately, transparency is the foundation of any healthy relationship, whether it’s with your customers, partners, or even your own employees.

The deluge
I can still picture late August 2025. German banks suddenly hit the brakes on over €10 billion ($11,755) in payments linked to PayPal after a wave of “suspicious” debits came through. On the surface, it seemed like just another blip. But if you were even slightly connected to the industry, you could feel the tremors – trust was shaken.

Payments are meant to be the reliable backbone of fintech. When that foundation wobbles, no amount of carefully crafted apologies are going to fix it. I know a few people who found themselves in the thick of it, and what they shared wasn’t just frustration with the technology – it was a deep sense of disappointment. That incident made me rethink the fundamentals: how we assess risk, how we build solid partnerships, and how we safeguard customers without stifling them. These concens go beyond just fixing code; they’re all about maintaining credibility.

AI-powered anomaly detection: From reactive to proactive
Take Feedzai’s collaboration with UK banks as a prime example: their machine learning tools are revealing patterns that human analysts might overlook. Sometimes, all it takes is a simple phone call, a clear explanation, or even just saying, “We messed up.” That touch of humanity can make all the difference between losing a client for good or keeping them around for another decade.

Chart 1. KYC is no longer a checkbox – it’s a capital priority. As AI, biometrics, and blockchain reshape compliance, fintechs are pouring billions into smarter, faster, and more resilient identity infrastructure. Source: https://kpmg.com/xx/en/what-we-do/industries/financial-services/pulse-of-fintech.html)

Oversight: Internal and external
I’ve never really been on board with outsourcing compliance. It tends to stretch accountability thin and leaves regulators peering into confusing black boxes. So, what’s a better way? It’s all about finding the right balance between innovation and resilience. Take a look at the UK’s Department for Work and Pensions – they set a great example in 2023. They managed to block £1 billion ($1.35 billion) in incorrect Universal Credit payments before any money was disbursed. That’s being proactive, not just reactive.

Far too often, banks only step in after things have gone south. But real trust is built by preventing those messes from happening in the first place.

The risk of overcompliance
Fraud doesn’t typically make a grand entrance. What we usually see is its quiet slippage through side doors and even through those little cracks in the wall that you might have overlooked. That’s why relying on just one, even the most popular tool such as SAS Fraud Management or FICO Falcon, isn’t enough. You need a whole arsenal: behaviour checks, device fingerprints, velocity limits, biometrics – each one needs to be tested individually.

This isn’t just a theory. According to UK Finance, banks managed to prevent £1.25 billion in unauthorised fraud in 2023 – that’s about 64 pence saved for every £1 that was attempted. That’s how layered defences are supposed to work.

But here’s the catch: fraudsters are always evolving. If our defences don’t keep up, they’ll eventually find a way to outsmart us.

Towards a resilient payments future
The PayPal freeze wasn’t a one-off. In January 2025, the US Consumer Financial Protection Bureau hit Block (more precisely, a famous Jack Dorsey’s Cash App) with $175 million in fines for weak fraud controls. In India, regulators repeatedly flagged Paytm and UPI apps for loose KYC, sometimes forcing temporary shutdowns. All these cases keep bothering me more. Although I can’t provide any straightforward unambiguous remedy at this point, I offer to open a broader discussion on how to effectively implement preventive fraud detection without compromising trust.