AI Fraud in Lending: The Cannon at Your Gates
October 15, 2025 · Daniel Pravich · 10 min read
Featured in SFNetIntro
Castles were impenetrable fortresses for centuries in medieval Europe, keeping their inhabitants safe even as attackers ravaged the surrounding lands. Storming a castle was deadly for attackers, and even the largest trebuchets could do little damage to their thick stone walls. Castles meant that defenders always had the upper hand in military conflicts.
This changed dramatically with the introduction of a new, 14th-century technology: the cannon. Early cannons were unreliable, typically putting their operators in more danger than their targets. But after a century of relentless improvement, the cannon upset the balance of power in favor of the attacker. In the 15th century, castles that were once thought impregnable had fallen, and by the turn of the century, it was clear that warfare had changed forever. In 1519, Niccolo Machiavelli wrote, “There is no wall, whatever its thickness, that artillery will not destroy in a few days.”
Today’s financial institutions have robust defenses against fraud that have enabled safe finance for decades, but AI technology poses a looming threat. For years, AI has been rapidly improving and is beginning to pose a risk to traditional lending procedures. As AI continues to improve, will it advantage the defender (lenders and factors) or the attacker (fraudsters and borrowers misrepresenting collateral)?
The advantages are asymmetrical. AI makes traditional fraud easier and hugely scalable. However, AI also enables new defenses that can prevent increased fraud, if the defenders act with haste.
What is AI?
AI systems are unlike typical computer programs because they are “grown” from training data, rather than being designed and built by programmers. AIs are given vast amounts of data and learn on their own what the underlying patterns and features of the data are. AI systems have taught themselves how to read, write, do mathematical calculations, write code, and complete most tasks that can be done on a computer, all at an expert level. Modern AIs can pass the Bar, CFA, and any other exam you can think of. And they are rapidly improving.
Today, AI systems can expertly reason about questions, generate and edit images, write documents, and much more. Likely, they will soon be indistinguishable from a remote worker. If you aren’t already familiar, go to chatgpt.com or gemini.google.com to try them. But keep in mind that these AI systems are basic compared to other offerings that exist today, and that AI systems in general are improving at a rapid pace.
AI Fraud Today
But what does AI enable for an attacker today?
Here’s a quick example with 2 BOLs. Can you tell which one is fake and which one is real? Take a close look and see if you can tell before reading on…
Trick question! They were both fake! Here are the originals:
Or are these the fakes? Can you even tell? No, the second set are the real ones.
On the first set of documents, the following changes were made using AI:
- 1st image: The unit quantities are doubled. We instructed the AI on what numbers to put, and it altered the image, mimicking the look of the existing text.
- 2nd image: Fake carrier signature and date. We instructed the AI to create a signature with “light blue penstrokes that are difficult to read.” We then instructed it to add the date 6-30-24.
- For both images, the edits were generated from scratch and not copied from another source.
It took under an hour to build the system for generating these fake documents, and it would take no time to generate a thousand more. Maybe an eagle-eyed field examiner could tell the difference, but doing so reliably and on a schedule would be impossible. And remember, today is the worst this technology will ever be.
Beyond document manipulation, AI tools can help attackers by being an intelligent “fraud consultant,” giving expert-level advice on any scheme. Some models may not help if you directly ask them to help commit fraud, but these safeguards are easily circumvented. In general, any novice fraudster is now an expert.
A Possible Tale from the Near Future, March 2027
Lisa’s firm, like many, had been aware of AI-enabled fraud since 2025, but maintained confidence in their old processes. They stuck with their tried-and-true processes while competitors scrambled to change.
Lisa had been closely monitoring Riverside Distribution for months due to their history of delayed payments, disorganized financials, and their owner’s stressed demeanor on calls. Then suddenly, everything seemed to turn around: new contracts materialized, revenue surged, and cash flow stabilized, all coinciding with their application for a significant expansion loan.
This rapid turnaround didn’t sit right with Lisa. In her eight years of underwriting and portfolio management, such a swift recovery for a distressed company was rare. She tasked her analyst with fast-tracking reviews of companies with strong financials, specifically to investigate Riverside by verifying the new contracts, calling clients directly, and cross-referencing everything.
Two months later, payments started going missing. The culprit was not Riverside Distribution, however, but Meridian Manufacturing, another company in their loan portfolio. Meridian had been systematically inflating its revenues and fabricating contracts using DocuForge Pro, the same off-the-shelf AI fraud software that had been increasingly identified in investigations across the US and Europe for the past 6 months. The document manipulation had started right after Lisa’s team shifted focus to Riverside.
Lisa’s analysis confirmed that the Riverside Distribution turnaround was legitimate. While she’d been scrutinizing a genuine recovery story, fraudsters using widely available AI tools had evaded their detection. Losses exceeded $1.2 million.
New Balance of Power
This scenario or one like it will happen to unprepared lenders in the coming years. However, by understanding the new balance of power that AI creates, defenders can maintain the upper hand.
Sophisticated AI technology allows even amateur fraudsters to operate with the expertise of today’s professionals, doctoring documents, maintaining consistent narratives, and avoiding detection. While all-in-one fraud software may not exist yet, current AI models are highly capable when properly utilized. Off-the-shelf software already facilitates ransomware, identity theft, phishing, and money laundering. Similar tools for document fraud are inevitable.
Unfortunately, attackers will always have the advantage at the individual-document level. It is becoming increasingly difficult, even for advanced AI detection, to distinguish fake documents from real ones.
However, attackers face significant challenges in executing sophisticated, multi-document, multi-transaction, and multi-month fraud schemes. A single inconsistency is a thread that, if diligently pulled, can unravel the attacker’s entire operation.
Nonetheless, defenders’ existing processes are largely insufficient to catch these frauds, requiring technological enhancements to counter these evolving threats. Every day, the first major AI fraud incident draws nearer, and lenders must act swiftly to protect themselves.
What to Do
DON’T PANIC! Although AI can enable fraud at a much greater scale, it does not enable any fundamentally new fraud. Existing procedures enforced with awareness, vigilance, and caution will help in the short term. Attackers can move faster than defenders, so enforce existing procedures at the very least. If something looks suspicious, slow down until you confirm its veracity.
Wherever possible, verify using secondary sources. Third-party verification via phone or online portals cannot be faked, but you must ensure you are using a legitimate source. AI can easily fake voices and create duplicate websites.
Comparing documents and checking for logical inconsistencies remains vital. For recurring collateral packages, new invoices appearing on the AR aging should align with the sales journal, and dropped invoices should align with the cash journal and bank statement. Teams should be diligent in checking dates and other details across supporting documents.
Ensure your team is familiar with AI’s capabilities. This will not only help with spotting fakery but also help build foundational knowledge, which will be vital as AI plays a greater role in finance at large. AI is a force multiplier: it makes attackers faster and smarter, but it also helps you bolster your defenses.
Soon, these measures alone won’t suffice. Teams will have to leverage AI for fraud defense. Since attackers have the advantage at the individual-document level, and defenders have the advantage against larger frauds, the best defenses will enable lenders to analyze a higher volume of documents and in greater depth. Scouring every document for the slightest discrepancy would take too long for even a team of people alone, but AI excels at this detail-oriented, repetitive work.
AI systems will parse large document volumes, flagging risks for human review based on content, borrower trustworthiness, and loan size. This digital first pass ensures team members focus on higher-risk areas while ensuring complete coverage is maintained. AI systems will also track trends and ensure high-level numerical consistency. Furthermore, AI will holistically analyze borrowers beyond the raw numbers and help lenders consider potential risks before they become a problem. There are already AI-powered tools on the market that can do this at a multi-document/transaction level, and they will continue to improve in scope. In the future, such systems will be a key tool for ensuring strong defenses.
Additionally, because semi-annual field exam reports will let fraud go unaddressed for months, lenders should adopt a “continuous monitoring” mindset. Continuous monitoring has been out of reach for over a decade, due to the cost of implementation. Fortunately, AI will make such systems far more manageable by handling routine checks and only involving team members when risks are identified.
While exact future specifications of these systems are unknown, increased AI risk means that such systems are likely inevitable. Lenders do not need to build these systems themselves, as AI document processing and fraud detection is already becoming available as a service, much like email or collateral monitoring systems.
An Alternative Tale from the Near Future, March 2027
Lisa’s firm had taken the AI fraud warnings seriously since 2025, upgrading to AI monitoring systems that continuously analyzed transactions and patterns across their entire portfolio.
Lisa had been keeping a close eye on Riverside Distribution due to their distressed status, and she was suspicious when everything suddenly turned around. She lowered the automated system’s risk threshold for Riverside and tasked her analyst with digging deeper.
Over the next few weeks, the automated system flagged Meridian Manufacturing for suspicious invoice patterns. Several contract payments exhibited identical formatting anomalies and sequential reference numbers that didn’t align with normal customer billing cycles. When the field exam team investigated, they discovered that Meridian had been systematically inflating revenues and fabricating contracts using DocuForge Pro. They’d only drawn down $140,000 so far, but the fabricated contracts totaled over $1.2 million.
At the same time, Lisa confirmed the turnaround of Riverside was legitimate. The system had caught what would have become a massive loss with Meridian before it was too late.
Conclusion
The introduction of cannons inherently favored attackers over defenders, but it is not inevitable that AI follows this pattern.
Fraud is inconsistent with the truth, so a sufficiently thorough analysis can, in principle, uncover discrepancies. Due to this asymmetry, fully deployed AI systems will favor the defender. However, this advantage only applies if AI is actually fully deployed. Those who stagnate will face increasing disadvantages. Lenders do not need to blow up their current processes, but they must plan and act to counter the growing AI threat.
Don’t panic. But don’t stand still either.