Alloy’s 2024 State of Fraud Benchmark Report

Examining fraud trends in financial services

In 2023, fraud remained a top challenge for banks, fintechs, and credit unions. But what types of fraud were most prominent, and how are organizations fighting back against growing fraud threats?

Alloy surveyed more than 400 decision-makers in fraud-related roles at financial services companies in the US and UK to find out how fraud has impacted their business over the last twelve months, what they're doing to combat it, and their predictions for the year ahead.

Data from the 2024 report was collected in November 2023, and data from the 2023 report was collected in September 2022.

Get a sneak peek of the reports!
We’ve highlighted five key insights from the reports below.

1. Nearly 60% of banks, fintechs, and credit unions lost over $500K in direct fraud losses in 2023.

The direct cost of fraud is significant. 57% of respondents indicated that their organization lost over $500K (EUR/USD) in direct fraud losses over the past twelve months. Over one-quarter of respondents lost over $1 million in direct fraud losses over the past 12 months.

Direct fraud losses only account for the actual amount of money successfully stolen due to fraudulent activity. There are also indirect fraud costs that financial services companies pay, such as money spent on investigating and recovering fraud funds, loss of customers, and reputational damage.

How much money has your organization incurred in direct fraud losses over the last 12 months?

No fraud losses
$1 - $100,000
$100,001 - $500,000
$500,001 - $1,000,000
$1,000,001 - $10,000,000
Over $10,000,000
Don’t know/not sure

2. Fraud rates are rising in both consumer and business accounts.

Over two-thirds of respondents reported an increase in the number of fraud attempts in consumer accounts over the past 12 months. Meanwhile, just over half of respondents said that the number of fraud attempts in business accounts increased over the past year.

How has the frequency of attempted fraud attacks changed compared to last year?

62% for attacks by individuals
52% for attacks by businesses
20% for attacks by individuals
25% for attacks by businesses
Stayed the same
17% for attacks by individuals
22% for attacks by businesses

3. Globally, Authorized Push Payment (APP) fraud is the most common type of fraud.

Often the result of social engineering scams, APP fraud occurs when someone is coerced into authorizing a real-time payment to an account controlled by a fraudster. Over the past twelve months, new developments in artificial intelligence (AI) enabled fraudsters to execute more sophisticated social engineering scams than ever before.

As a result, 22% of respondents ranked APP fraud as their top fraud type by case volume, leading all other categories.

What type of fraud do you see most frequently by case volume?

Authorized push payment (APP) fraud
Bust-out fraud
Account takeover fraud
Identity theft fraud
Synthetic identity fraud
Chargeback fraud
Check fraud
ACH fraud
Money muling
Wire fraud

4. Step-up authentications are the most common fraud protection tool once potential fraud is suspected.

Across all industry segments, step-up authentications — such as phone-centric verification, selfie/liveness tests, and document verification — were the most prevalent fraud prevention measures to respond to suspicious activity. Meanwhile, banks were more likely than fintechs and credit unions to freeze accounts when fraud is suspected.

Once an anomaly or risk is identified, what do you do about it? Select all that apply.

Step-up authentication - phone-centric verification
Step-up authentication - selfie or liveness test
Step-up authentication - document verification
Step-up authentication - Knowledge Based Answer (KBA)
Freeze account
Extend hold period
Lower payment limits
Other: (please specify)
None of the above

5. To combat fraud, 3 out of 4 banks and fintechs are planning to invest in an Identity Risk Solution in the next 12 months.

75% of respondents said they plan to invest in an Identity Risk Solution (an end-to-end platform to manage identity, fraud, credit, and compliance risks throughout the customer lifecycle) in the next twelve months. Credit unions and community banks are even more likely to plan to invest in an Identity Risk Solution this year, with 88% indicating their plans for implementing an Identity Risk Solution.

What types of technologies will you be looking to invest in the next 12 months? Select all that apply.

Identity risk solution
Voice, facial & fingerprint recognition (biometrics)
Document verification software
Anti-scam education tools
Machine learning
Alternative data vendors (cash flow data, utility bills, etc.)
Other: (please specify)
None of the above

Download the Full State of Fraud Benchmark Reports

Respondents included 400 decision-makers working at financial institutions in:

  • Fraud
  • Compliance
  • Risk technology procurement
  • Digital banking strategy
  • Account opening

Surveys were conducted by Qualtrics, a leading survey platform that powers +1B surveys every year.