How Do Banks Investigate Unauthorized Transactions

How Do Banks Investigate Unauthorized Transactions

Bank fraud is a major issue for individuals and businesses concerned with cyber security. How do banks investigate unauthorized transactions? 

Let’s take a detailed look at the bank fraud investigation process, assessing everything from the investigation of check fraud to credit card fraud investigation. In this article, we will look at:

  • different types of bank fraud
  • common signs of fraud, and
  • the fraud investigation process.

Types of Fraud

As a starting point, it is important to understand that there are different types of fraud, each with its own legal implications, including:

  • True fraud
  • Friendly fraud
  • Family fraud

What is known as “true fraud” is the classic scenario: A criminal steals a credit card number or an account holder’s credentials and then attempts to make a purchase. 

Friendly fraud” is triggered by the cardholder themselves. The cardholder disputes a transaction, claiming that it is a fake charge when, in fact, it is not. 

A related category is “family fraud”, which involves a family member or friend using someone’s card without their permission. Both the family and friendly versions involve a crime against the merchant or vendor, whereas the true version involves a crime against the card or account holder.

Common Signs of Bank Fraud

Signs of bank fraud can happen on both the customer and bank ends of a transaction. As such, bank fraud detection involves monitoring every step of the payment or transfer cycle.

Common signs of bank fraud include:

  • A customer seeing unfamiliar payments in their account or on a statement
  • Sudden account overdrafts
  • Unrecognized, new accounts in a person’s name
  • Receiving correspondence from a debt collector on an unknown account
  • Unusually large charges
  • Charges in a new location far from the customer’s usual transactions

One particular area of concern involves contactless cards. 

Even after the accounts associated with these cards have been cancelled, fraudsters can still get fraudulent charges through, in some cases. 

For this reason, it is important that consumers regularly review statements.

The Fraud Investigation Process

The bank fraud investigation process involves several steps and is regulated by various acts, depending on the region in which the bank does business. 

Most fraud investigations begin at the request of the bank customer, whether that is an individual or business. 

The customer triggers a dispute which the bank then establishes as a fraud claim. A fraud claim involves a detailed investigation into the transaction and any and all associated evidence.

The 10-day Deadline

Once a bank opens a fraud claim at the request of a customer, a 10-day time period begins in which the bank must either complete the investigation or ask for an extension. 

If the bank requires more than 10 days to conduct the investigation, they will need to temporarily refund the questionable charge to the customer. 

The majority of banks will automatically trigger this temporary credit at the start of the investigation to streamline the entire process.

Assessing the Evidence

The core component of a bank fraud investigation involves assessing the available evidence. 

A bank will typically begin by looking at the transaction itself to see if there are any obvious indicators of fraud. The bank will look at the following when assessing the transaction:

  • Timestamps
  • Geolocation
  • IP addresses associated with both ends of the transaction
  • Any additional elements that may indicate that the cardholder did not trigger the transaction.

Next, the bank may look for some common signs of friendly fraud. 

For example, children often trigger “fraudulent” transactions by making in-app purchases in games. 

Another common scenario is when a customer signs up for a trial period but does not cancel the account before the end of that trial period. 

In these “friendly” scenarios, a bank would not necessarily notify law enforcement that fraud has taken place, though it is at their discretion to do so.

Finally, the customer will need to provide their own evidence in the fraud claim. This can include proof of where they were at the time of the transaction or any documentation that a fraud was not legitimate.

Returning Money to the Bank Customer

In situations where bank fraud has been confirmed, getting the stolen funds back to the bank customer can be more complex than one might expect. 

In the majority of cases, the funds can be officially returned to an account in a few days.


When identity fraud has taken place, things can become more complex. The individual against whom the fraud has been committed will need to contact the credit bureaus and put a fraud alert on their credit reports. 

Identity fraud that has resulted in long-standing fraud can cause serious damage to a credit report and take years to make right. As such, it is recommended that consumers monitor their reports on a regular basis.

Credit Cards vs. Debit Cards

What many consumers don’t realize is that there are significant differences between how fraud liability is dealt with in credit cards vs. debit cards. 

According to the Federal Fair Credit Billing Act in the US, a customer is only responsible for $50 of the fraudulent charges if the card has been lost or stolen. If card fraud has taken place while the card is still in the possession of the account holder, they are liable for no part of the charge. The merchant will need to refund the monies to the cardholder; the merchant will also have a chargeback fee levied against them.

Debit cards, however, have a very different situation. They are overseen by the Electronic Fund Transfer Act in the US

If a customer reports the fraud in 48 hours, their liability is limited to just $50; however, if it takes them longer than two days to report the fraud, their liability shoots up to $500. If the customer fails to report fraud within 60 days of the transaction, they are on the hook for the entire sum of the transaction.

The deadlines in the EU are more generous. Customers who have fraudulent transactions within the EU have 13 months to report a transaction. If the transaction is outside the European Economic Area, the reporting period is limited to 70 days.

Chargeback Representment

Chargebacks related to unauthorized transactions can cost businesses a lot of money in fees and returned monies during the fiscal years. 

For this reason, some merchants engage in a process known as “chargeback presentment”. 

Fraud investigations often take place primarily on the customer side, meaning that the merchant is locked out from the process. 

If a fraud has been found fraudulent by a bank and a merchant has been told to refund the monies, the merchant can represent the chargeback to the bank, giving them an opportunity to dispute the bank’s findings.

How do banks investigate unauthorized transactions using AI and ML?

The shift of banking operations online over the past decade has led to new challenges regarding customer funds and data safety. The number of online fraud attempts has skyrocketed, making this a top-of-the-list issue for many banks. Global online payment fraud losses reached over $48 billion in 2023. 

Luckily, the emergence of artificial intelligence (AI) and machine learning (ML) is helping shift the tide of fraud detection in bank’s favor. The use of AI for bank fraud investigation is not only quick but also efficient. Better yet, when applied well, AI-based systems could even help identify fraud before it happens. Here are some ways financial institutions are using AI and machine learning to investigate unauthorized transactions:

Network analysis for money laundering and loan fraud detection

Machine learning can help develop network graphs that map out transactions between multiple bank accounts. AI can aid in entity link analysis that involves visualizing intricate connections between entities that don’t seem to have any relationship at all. This can come in handy when tracing accounts engaged in money laundering, which would otherwise be quite difficult to track manually. 

On the other hand, machine learning models can detect loan fraud before it even happens by analyzing a user’s application details and credit history and assessing any discrepancies. These models have been used in cases of synthetic identity fraud, where criminals create mule accounts using identities containing real and fake information. The mule accounts can be used to pump up credit scores or facilitate other illegal activities.

Creating purchase profiles

Purchase profiles are created by analyzing vast customer behavior data using artificial intelligence and machine learning. These profiles are key in behavioral analytics and anomaly detection. Behavioral analytics can help financial institutions have an up-to-date picture of what account activity is normal and what can be considered out of the ordinary during the bank investigation process. 

Account transactions are automatically flagged when they don't fit the already profiled pattern. For instance, this has helped examine login frequencies and sudden changes in a user’s behavior, such as accessing your bank account using a new device and at a new location.

Anomaly detection algorithms can help catch fraud transactions that slip through manual checking, such as an unusually high-value payment or flurry of transactions. For instance, Mastercard incorporates Decision Intelligence, an AI that has created purchase profiles for its cardholders. The AI helps investigate bank fraud by setting a behavioral baseline that enables the company to block suspicious transactions automatically in real time. 

Bank fraud investigation: Legislative regulation in 2024

Bank fraud investigations in the US involve various parties depending on the type of fraud. In most cases, this bank investigation process aims to examine suspicious activities or transactions conducted by bank accounts and uncover the perpetrators of the fraudulent behavior.

Unfortunately, bank fraud investigations can be hectic, some taking months or even years to complete. It’s no surprise that government regulators have come up with new legislative regulations to help streamline the way banks can investigate unauthorized transactions when they occur. 

The recent Corporate Transparency Act (US) is a new anti-money laundering (AML) regulation that came into effect in early January 2024. It requires US and foreign firms doing business in the US to provide information about their beneficial owners to the government. Existing companies will have a one-year period to comply with this act, while newly registered ones only have 90 days from their registration date. This Act is aimed at providing transparency around ownership of businesses in the US, hence negating money laundering schemes. 

The Transparency Act will supplement the Bank Secrecy Act (BSA), which requires banks to adopt customer identification programs and report suspicious transactions to US law enforcement. Besides, the Office of the Comptroller of the Currency (OCC) has prescribed regulations that provide banks and federal saving associations with resources and tools such as High-Risk Money Laundering and Related Financial Crime Areas(HIFCAs) to help strengthen their risk management programs. 

The Bank Secrecy Act has also been vital in helping banks investigate unauthorized transactions and identify cases of terrorist financing. Financial crime investigations are becoming more effective with the help of departments such as the Financial Crimes Enforcement Network (FinCEN). For instance, banks are mandated to file Suspicious Activity Reports (SAR) with FinCEN every time they suspect a case of fraud. 

Recently, FinCEN proposed a rule that will expand how financial institutions are defined. If the proposed rule is adopted, financial institutions will also include investment advisers — parties who are normally absolved from AML and counterterrorism requirements. The proposed rule is also aimed at streamlining information sharing among law enforcement agencies and financial institutions to allow the Treasury Department to target money laundering schemes and speed up bank fraud investigations. 

Other regulations, such as Title 18 United States Code 1014, help outline what mortgage fraud entails and the penalties that come with such charges. What’s more, the Social Security Administration (SSA) recently enforced section 1140 of the Social Security Act by rolling out electronic consent-based Social Security Number Verification (SSN) service that will help mitigate synthetic identity fraud (SIF).

The US Department of the Treasury has been leading the charge in updating the framework for dealing with financial fraud within the US and globally. As a result, we are likely to see multiple changes in the various legislative Acts regarding bank fraud investigation going forward.

How to Prevent Bank Fraud

From the consumer perspective, the following steps can help prevent bank fraud:

  1. Always verify the security of online payments by looking for a lock icon and a URL that begins with https://
  2. Keep all card information private, and do not share even with close friends
  3. Hide pin codes when entered into a keypad
  4. Keep contact information for all banks on hand to report fraud as soon as possible

Banks have a long list of steps they need to take to counter unauthorized transactions. 

These include but are not limited to:

  1. Conducting regular audits and reviews of internal procedures and compliance checklists
  2. Maintaining digital images of checks
  3. Establish security protocols for cards and associated software
  4. Establish two-party authorization protocols on wires and ACH transactions.
  5. Reconcile wires and ACH releases on a daily basis
  6. Split internal duties related to payment processing (i.e. initiating, authorizing, reconciling, etc.)
  7. Instigate a review of signature and authority levels whenever an account change is triggered
  8. Establish in-house protocols regarding the storage and destruction of documents associated with accounts
  9. Limit remote, employee access to banking systems
  10. Regularly assess compliance laws related to fraudulent transactions by a regional government

Finally, banks in the U.S. need to implement strict controls over ACH transactions, which include all transactions sent in the U.S. via the Automated Clearing House network. 

ACH filters and blocks can stop external attempts to trigger and ACH transfer and remove funds. Blocks also work to prevent any disbursements from a customer account, while filters prevent releases of funds that do not match a pre-authorized list. 

Filters can include limiting permission to only certain business partners and setting a dollar limit on transactions.   

As the world economy continues to expand and move almost exclusively into the digital space, individuals and banks will have to increase their fight against bank fraud. 

Fortunately, there are a number of steps both parties can take to prevent these financial crimes. 

Hopefully, the increase in customer knowledge and awareness, as well as improvements in financial technologies, will limit unauthorized transactions to a few incidents in the years to come.

CEO, Co-founder. Innovative and commercially-minded Creative Technologist. Solid experience in product & market needs analysis, business strategy development & team leadership.
Get technical, business insights, and industry news straight to you inbox