The “last mile” is the point where capability meets reality. In fraud, it’s where an alert becomes a customer conversation - and where scams are either disrupted or completed.
For decades, financial institutions have invested heavily in fraud detection.
The model has been consistent: identify suspicious activity, generate alerts, investigate cases, and stop unauthorized transactions. Over time, banks have refined this capability into highly structured, efficient operations supported by advanced analytics and well-defined processes.
But scams are exposing a critical gap in this model.
Not because detection has failed - but because detection was never designed to solve the problem scams present.
What F3 Gets Fraud Detection Was Built Around Unauthorized Activity
Traditional fraud programs evolved around a clear premise: the customer is not the one initiating the transaction.
Whether it’s card fraud, account takeover, or identity theft, the core task is to identify activity that deviates from expected behavior and intervene quickly to reduce further losses.
This model works because the signals are relatively well understood. Transactions can be assessed based on patterns, anomalies, and known fraud typologies. Operational processes are aligned accordingly, with clear roles, clear escalation paths, and established rules around liability and reimbursement.
In this environment, success is measured by detection rates, false positives, and loss reduction.
Scams don’t fit neatly into this structure.
And Why Scams Change the Nature of Detection
In a scam, the transaction is initiated and authorized by the customer. From a system perspective, the payment appears entirely legitimate; the customer logs in, passes authentication, and completes the transaction.
However, behind the scenes, reality is quite different; the customer is being manipulated.
This introduces a fundamental shift. The question is no longer simply whether a transaction is fraudulent. Instead, institutions must ask whether a customer is acting under false pretenses, influenced by a narrative they believe to be real.
That distinction has profound implications - not just for detection, but for how institutions respond.
The Gap: A Framework for Human-Centric Scams During the Payment Journey
Another defining characteristic of scams is when they become visible.
Traditional fraud is often identified after suspicious activity occurs. Alerts are triggered, clients will be contacted, and investigation and resolution follow.
Success, defined as the reduction of fraud losses, requires fast fraud vector identification and resolution through enhanced detection and/or system gap resolution.
Scams, by contrast, surface while a payment is in progress. A transfer is initiated. A payment is attempted. A pattern of unusual behavior emerges in real time.
These moments represent a narrow window where intervention is still possible - before funds are irrevocably lost.
But recognizing that moment for what it is requires a shift in mindset. This is not just an alert to be reviewed; it is a potential scam in progress.
And that distinction matters, because it changes what needs to happen next.
The Operational Reality: Fragmentation
Scams can present in multiple operations channels, and each part of the organization engages from a different perspective:
Fraud operations may detect the suspicious transaction and contact the client – focus is on transaction risk.
A contact centre agent may spot a potential scam while supporting a customer transaction – focus is on resolution and efficiency.
An unusual payment may appear questionable to a branch employee - focus is on customer experience.
Fraud claims will become involved after a loss event occurs - focus is on resolving liability.
Individually, each function is optimized for its role. Collectively, however, there is often no unified approach to handling a scam.
This fragmentation becomes most visible in the moments that matter most - when a customer is about to send, or is in the process of sending, a high-risk payment.
The Human Factor: “Breaking the Scam Spell”
Compounding this challenge is the human reality of scams. Customers are victims operating within a carefully constructed narrative.
They may believe they are protecting their accounts, assisting authorities, or pursuing a legitimate opportunity. They may have been coached on what to say and warned that the bank will try to interfere.
This creates a difficult dynamic for frontline employees. They aren’t just assessing a transaction; they must engage with a customer who likely doesn’t recognize they are at risk. Unlike traditional fraud cases, where evidence may be clearer, scam situations require navigating trust, emotion, and persuasion.
Without the right training and preparation, these interactions are inconsistent and ineffective.
And when they fail, the consequences extend beyond financial loss to include customer dissatisfaction, complaints, and reputational risk.
The Missing “Last Mile”
Taken together, these challenges point to a broader issue: banks have sophisticated systems to detect risk and many have scam detection capabilities, however, too often they lack a system for intervening effectively once that risk is identified.
This is the “last mile” of fraud prevention, where an alert transitions from a signal into an action. Where an employee must decide not just whether something is suspicious, but how to engage, what to say, and what outcome to pursue.
In traditional fraud, that last mile is well defined: block the transaction, secure the account, reimburse the customer. In scams, the path is far less clear.
- Should the payment be delayed?
- How should the risk be explained?
- What happens if the customer insists on proceeding?
- What follow-up is required if a scam is suspected?
Without clear answers, institutions are left relying on individual judgment in situations that are complex, sensitive, and time critical.
From Detection to Intervention
Addressing scams effectively requires more than improving detection capabilities. It requires building a new layer of operational capability focused on intervention.
This includes:
- Defining clear protocols for how scam cases are handled across teams
- Equipping frontline staff with the tools and training to engage customers effectively
- Aligning Fraud Operations, Customer Service, and Claims functions around a shared approach and outcome metrics
- Establishing consistent guidance on when and how to pause or stop transactions
- Supporting customers beyond the initial interaction to reduce ongoing risk
These elements transform an organization from a reactive model into one that can actively disrupt scams.
Enabling the Last Mile with Artificial Intelligence
Solving the last mile is not an impossible challenge. It requires effective intervention, consistently and at scale. Advances in artificial intelligence are making this possible.
At one end of the spectrum, AI can engage directly with customers through well-timed prompts or conversational interactions that introduce pause and reflection at critical moments, with the ability to escalate seamlessly to a live fraud agent when needed.
More powerfully, AI can support frontline teams in real time. By assessing transaction context and behavioral signals, it can infer the likely scam scenario and provide agents with targeted questions and intervention strategies - helping them navigate complex conversations with greater confidence and consistency.
In this role, AI does not replace human judgment - it acts as a co-pilot for intervention, enabling institutions to operationalize what has historically relied on individual experience.
A New Measure of Effectiveness
Thankfully, many organizations are investing heavily in scam prevention, but for organizations to truly mature in managing scams, outcome measures must move beyond traditional detection and fraud loss metrics.
Try answering these questions in your organization:
- What happens after the scam alert?
- Can your teams recognize a scam in progress?
- Do your teams across all your client facing channels have the skills and confidence to intervene?
- Do your teams know how to engage customers in a way that changes outcomes?
- Are your interventions effective?
These are not purely technical challenges. They are operational and human ones, and they sit squarely in the last mile.
Closing the Gap
- Scams are not simply another category of fraud.
- They represent a different kind of threat - one that operates through people as much as through systems.
- Financial institutions have spent years refining how they detect and respond to unauthorized activity.
- The next phase of evolution will be defined by how effectively they can intervene when a customer is being manipulated in real time, leveraging AI to interact with clients and support fraud teams with consistent and scalable intervention strategies.
- Because in the end, stopping scams is not just about identifying risk, it's about knowing what to do when it matters most.
This piece is Part 1 of After the Alert, a 3-part guest series exploring the operational and human reality of stopping fraud in real time. Part 2, When Trust Is Transferred - What Financial Institutions Need to Understand About Fraud Victims by Cecilie Fjellhoy, publishes next Wednesday.
