In the Security & Compliance track, we heard from experts across financial services, law enforcement, and fintech on how to fight fraud, protect consumer and business accounts, and navigate the risks of real-time payments and emerging artificial intelligence (AI). From check fraud and business email compromise to faster payments and phishing scams, the sessions offered timely insights, proven strategies, and a clear call to action: modern fraud prevention is a layered, tech-enabled, and education-driven effort.
Attendees walked away with actionable strategies—from strengthening internal controls and investing in behavioral biometrics, to improving the usability of tools like positive pay and advancing AI governance. Whether you were looking to protect your commercial clients, educate your account holders, or prepare for a more regulated AI future, this track delivered the insights to move forward with confidence. Let’s take a closer look at what we covered.
This session brought together experts from Regions Bank, Valley Strong Credit Union, and the U.S. Postal Inspection Service to explore the growing threat of check fraud. Inspector in Charge Eric Shen from the Postal Inspection Service highlighted how fraudsters are leveraging stolen mail and social media platforms like Telegram to traffic checks and orchestrate organized fraud. The discussion emphasized the rising risk of check alteration and check washing, with calls for stronger detection, reporting, and public-private collaboration.
Randy Wilborn from Regions Bank shared that over 65% of check fraud exceptions detected at the bank are now due to altered payee names, reinforcing the need for payee-positive pay as a critical control. Melissa Freitas of Valley Strong described their shift from reactive to proactive fraud mitigation, including early education at account opening, fraud alerts, and staff training. Both institutions stressed the importance of fraud education, account holder outreach, and operational simplicity to drive adoption of check protection tools—especially as fraud becomes more sophisticated and costly.
🧠 Insight to Remember: Proactive education and prevention tools like check positive pay are essential in fighting check fraud. Waiting until fraud happens is no longer an option—institutions must engage clients early, streamline onboarding, and make prevention part of the everyday conversation.
In this data-driven session, Christine Barry of Datos Insights shared key findings from recent research on the evolving role of positive pay in business fraud prevention. With over 90% of U.S. financial institutions reporting a rise in fraud attacks against business clients, interest in check and ACH positive pay is growing. Yet despite heightened awareness, adoption remains low—only 29% of banks are satisfied with their current positive pay uptake, and just 35% of small businesses report using it. The presentation highlighted that check fraud remains a top threat, with check washing and mail theft continuing to dominate, even as businesses persist in using checks for internal control reasons.
A major barrier to broader adoption is usability. Many businesses either find the process of generating check issue files too complex or don’t fully understand check positive pay’s value. Additionally, less than 20% of banks currently require certain businesses to adopt Positive Pay, though 41% plan to do so in the near future. Christine also emphasized the potential of reverse positive pay and called on financial institutions to modernize offerings by improving usability, integrating with accounting systems, and investing in education and training. With a sizable portion of non-users open to adoption within the next year, banks and credit unions have a clear opportunity to deepen business relationships through strategic improvements.
🎯 Key Takeaway: The demand for fraud protection is rising, but positive pay adoption still lags—bridging the gap requires better education, usability, and proactive outreach. Financial institutions that simplify the experience and position positive pay as essential—not optional—will be better positioned to protect clients and grow commercial relationships.
Financial leaders from Unitus Community Credit Union, USF Credit Union, BioCatch, and Alkami came together to unpack how artificial intelligence (AI) is both a growing fraud threat and a powerful tool in the fight against it. Justin Hochmuth of BioCatch explained how AI is making fraud more convincing—from improved phishing scripts to deepfakes and voice spoofing—eroding consumer trust and raising the stakes for financial institutions. Panelists discussed the reputational risk of fraud-related losses and the growing need for institutions to proactively restore trust with account holders by detecting and stopping attacks before damage occurs.
The panel shifted focus to AI’s positive potential—using high-quality, well-connected data to improve fraud detection, decision-making, and user experience. Char Sears from Unitus and Velena Cruz from USF described how their institutions use AI to surface meaningful behavioral insights, improve fraud rules, and reduce false assumptions based on generational or anecdotal data. AI is helping institutions reduce friction for low-risk users while sharpening focus where risk is real. Best practices included taking a phased rollout approach, refining fraud rules based on feedback loops, aligning fraud tools with strategic goals, and building internal buy-in through clear data storytelling. Across the board, the message was clear: AI isn’t just a security concern—it’s a strategic imperative.
✅ What You Should Know: AI can create risk—but it’s also the key to smarter fraud prevention and better user experiences.Financial institutions that use AI to unify data, reduce bias, and balance risk with frictionless engagement will be best equipped to build trust, prevent fraud, and grow safely.
As faster payment networks like RTP and FedNow gain traction, financial institutions are facing new fraud challenges that require faster, smarter responses. ABNB Federal Credit Union shared how a layered fraud prevention strategy—including real-time monitoring and behavioral analytics—enabled them to roll out faster payments without increasing operational risk.
Speakers Kevan Williamson from Georgia’s Own Credit Union and Shyam Menon from DefenseStorm emphasized the need to break down traditional fraud silos. Kevan urged institutions to apply a cybersecurity (InfoSec) mindset to fraud, centralizing data and enabling holistic responses. DefenseStorm’s “linked and layered” approach to fraud and cyber signals reinforces the need for unified platforms that stop fraud in real time—without compromising user experience.
✅ What You Should Know: Faster payments demand real-time fraud response—and a unified view across all channels to drive account holder value and reduce risk. A centralized, layered fraud strategy is key to keeping up with evolving threats without slowing down the user experience.
This session featured experts from Empower Federal Credit Union, Credit Union of Southern California, and the U.S. Secret Service, who unpacked the growing threat of social engineering scams targeting both consumers and financial institutions. Jennifer Hamil of the U.S. Secret Service explained how attackers use emotional manipulation—urgency, fear, and trust—to trick victims into revealing personal and financial information. She highlighted the most common scams, including phishing texts, romance schemes, and fake toll violations, and stressed the importance of recognizing red flags like poor grammar, suspicious links, and pressure to act quickly.
Renee Martinez (CU SoCal) and Bobby Osborne (Empower FCU) shared real-world fraud cases and their financial institutions’ prevention strategies, including agent training, account holder education, and the use of technologies like voice authentication (Glia and Illuma Shield) and behavioral biometrics (BioCatch). They emphasized cross-team collaboration and the need to balance strong security with a smooth user experience. Both credit unions also use brand protection tools to detect and remove phishing sites impersonating their institutions. The session reinforced that while technology is critical, account holder awareness and early intervention remain the most powerful tools in defending against social engineering attacks.
🚨 Fraud-Fighter Focus: Education and awareness are the strongest defenses against social engineering. Technology plays a critical role, but training staff and educating account holders are what truly help prevent scams before they happen.
In this session, industry experts from Salem Five Bank, Arkansas Federal Credit Union, and Appgate explored how financial institutions can strengthen business client relationships through proactive fraud mitigation and layered security strategies. Lisa Carbone of Salem Five detailed the rise in check fraud, business email compromise, and spoofed communications, emphasizing that fraud is growing more sophisticated and harder for clients to detect. She stressed the need for financial institutions to act as trusted advisors, providing frequent education and tools that help businesses protect themselves—especially since business clients aren’t covered by the same regulatory protections as consumers.
Branden Stroth from Arkansas FCU and Dee Millard from Appgate reinforced the importance of a layered fraud defense, including tools like behavioral biometrics (BioCatch) and Appgate’s transaction monitoring and digital threat protection. Both noted the growing threat of account takeovers and the use of social engineering tactics to bypass security controls. They also highlighted the operational need for strong internal audits, dual controls, and well-defined risk appetites. Across the board, panelists agreed that fraud prevention is no longer about single tools or teams—success lies in cross-functional education, customizable tech, and staying agile as fraud tactics evolve.
🔍 What Matters Most: Protecting business clients requires more than tools—it takes education, layered defenses, and a proactive approach. Financial institutions must move beyond reactive fraud mitigation and instead help businesses understand their shared responsibility in keeping accounts secure.
AI has quickly become a buzz word in the financial services industry. With an infinite number of potential use cases adopting the technology and operating within regulatory guidelines has made digital transformation efforts feel a bit daunting rather than exciting. This panel moderated by Erin Rahaim, Alkami’s AI Compliance Officer, featured panelists Grace Pace the SVP of Digital Banking at Quontic Bank and industry influencer, Theodora Lau. Their conversation centered on the emerging risks and evolving strategies tied to artificial intelligence in banking. The panel opened by acknowledging industry-wide enthusiasm about AI’s potential—87% of surveyed banking professionals believe AI will improve the industry—but also highlighted a growing perception that its benefits are primarily skewed toward larger financial institutions. This perception, along with anxieties around resource constraints, lack of policy infrastructure, and fear of the unknown, are preventing many smaller banks and credit unions from taking their first steps into AI deployment.
To address this inertia, the panel emphasized the importance of building foundational AI governance at their institution. They recommended starting with a basic internal AI policy, identifying internal champions like an AI compliance officer, and establishing governance committees that include compliance, risk, and IT voices. The speakers encouraged financial institutions to take an iterative, incremental approach: start with low-risk use cases and grow expertise over time. By framing AI adoption as a process, institutions can build confidence while keeping security and compliance front and center. The session closed with a look toward the evolving regulatory landscape, urging proactive preparation even in the absence of finalized legislation.
🎯Next Step for Financial Institutions: Start small, but start now. Building a basic AI policy and identifying internal champions are essential first steps in navigating emerging AI risks—and doing so will position your financial institution to benefit from AI safely, securely, and confidently.
This roundtable gathered financial institution leaders for a focused, peer-driven conversation on defending against evolving fraud threats. The session invited participants to collaborate on practical strategies that build both security and operational resilience. Conversations centered on five key discussion topics: emerging fraud trends, platform configurations and reporting best practices, real-world use cases, the operational and financial impacts of fraud, and the role of third-party solutions. Participants explored how fraud tactics are shifting—especially between business and retail accounts—and how predictive analytics and alerting tools can play a larger role in early detection. The group also discussed how fraud impacts more than just the bottom line—it can delay innovation, damage institutional reputation, disrupt operations, and influence cyber insurance costs.
🔑 Key Takeaway: Fraud is evolving, fast. Financial institutions that share intelligence, leverage third-party technology from leaders in security, and engage with peers through groups and partnerships are better equipped to respond—quickly and confidently.
