Fraud investigations offer critical insights that form the backbone of effective Fraud Prevention. However, weaker investigation frameworks often lead to prolonged lead times for process and policy improvements, leaving financial institutions exposed to evolving threats and significant financial losses.

According to RBI data, Indian banks reported frauds worth ₹36,014 crore in FY25, with the majority linked to loan related frauds. These are not just numbers. Every fraud incident directly impacts profitability, increases compliance risk, and damages brand trust. If only the identification of the root cause of these frauds were easier and faster, the companies could improve controls sooner and avoid losses from dragging on.

However, fraud lifecycle management has traditionally been slow, fragmented and operational heavy, often taking 3-6 months to complete, due to which institutions struggle to feed the insights from fraud incidents back into internal controls, process and policies. This also makes compliance extremely difficult.

Recognising this critical need, the RBI issued Master Directions on Fraud Risk Management for Banks and NBFCs in India on July 15, 2024. These directions mandate establishing a holistic framework for fraud lifecycle management that not only ensures punitive actions but also helps enhance FRM frameworks within these institutions.

In this blog, we’re going to explain how advancements in Generative AI can help us automate and streamline fraud lifecycle management, transforming this complex process into a more efficient and compliant operation.

‍Understanding the Fraud Lifecycle

In the Indian lending context, the fraud lifecycle usually begins when a loan account is suspected to be fraudulent. This suspicion can be triggered through various channels, some of which are -

• Customer complaints
• Employee referrals
• Whistleblower complaints
• Early Warning Signals
• Market alert
• Social Media
• Internal audits
• Background checks

Upon intimation of potential fraud, the case is undertaken by the FRM (or FCU) team for investigations which involves extensive analysis and reporting.

1. The FRM team performs an in-depth investigation to identify the root cause of the fraud and collect evidence.
2. Investigation findings are presented to a committee that examines the case and recommends next steps if the evidence is compelling such as legal action, disciplinary action or closure.
3. Show-cause notices are issued to the involved parties, as per the principle of natural justice, apprising them of the allegations and supporting evidence. They are allowed at least 21 days to present their defense.
4. The response to the show cause notice is reviewed by the committee, which then classifies the accounts as fraud, as per RBI guidelines if the evidence still stands strong.
5. Fraudulent parties are then issued Reasoned Orders (legal notice) apprising them of the final decision of the financial institution and that legal action will be taken against them in due course.
6. The FRM team then reports the case to regulatory bodies through FMR1 and to law enforcement agencies (LEAs) followed by court proceedings.
7. Recommendations for process and policy improvements are shared with stakeholder teams to strengthen internal controls.
8. In case of employee involvement, staff accountability examination is done and appropriate measures are taken as deemed fit such as warning, suspension or termination depending on the nature of the case.

This structure looks well defined on paper. However, in practice, the entire process takes three to six months, which delays both compliance and corrective action.‍

‍Challenges Faced by Banks and NBFCs

The current fraud investigation process, as can be understood from the above, involves extensive analysis and manual effort, vendor collaboration for verifications, writing multiple reports, legal work, compliance, inter-departmental coordination and more. Some of the biggest pain points include -

1. Lengthy root cause analysis - Investigation officers spend a lot of time sifting through internal and external data sources and websites to identify the root cause of the fraud and collect evidence.‍
2. Inefficient investigation reports - Teams have to write detailed investigation reports for documentation, presentation to the committee and inter-departmental collaboration which is an inefficient process, further complicated by a lack of English proficiency among some investigation officers.‍
3. Lack of standardization - In the absence of Standard Operating Procedures (SOPs) and guidelines, RCAs and reports may not always meet expectations of designated reviewers and committee members leading to back and forth.‍
4. Legal paperwork overload - The creation of Show Cause Notice, Reasoned Orders, Regulatory reports consumes a lot of time and adds to cost significantly.‍
5. High attrition - Investigation work is mentally exhausting and at times poses personal threat to field officers. Therefore this space sees high employee attrition and demands frequent hiring and retraining.‍
6. Operational complexity - Tracking the progress and managing documents for numerous concurrent investigations is a major coordination challenge and an operational risk.

These issues have significant impact on the business -

1. High costs - Fraud incidents increase proportionally with the business growth, and so does the cost of investigations in the absence of automation.‍
2. Compliance risk - Delay in reporting to regulatory bodies and LEAs and staff accountability examinations, pose a significant compliance risk.‍
3. Weaker controls - Longer lead times and fragmented processes often delay improvements of internal controls, processes and policies, leaving institutions exposed to prolonged risks and losses.

How Generative AI can Transform Fraud Lifecycle Management

The advancements in Generative Artificial Intelligence (GenAI) over the past 2 years has shown tremendous potential in transforming workflows such as analysis and reporting. The technology, when used in the right way, brings three major benefits: speed, standardization and scalability.

Here are some specific ways in which GenAI Agents can be used in the process -

1. Root Cause Analysis - AI agents are capable of gathering data from internal and external data sources, analyzing that to generate insights and thus perform verifications such as employment and employer profile, credit behavior, skip tracing, parallel financing and more. Predictive and classification capabilities of AI models allow them to identify modus operandi and process/policy lapses easily.
2. ‍Natural Language Insights - LLM models can synthesize and present complex data in the form of easily understandable insights that can be comprehended well by the investigation officers ‍
3. Narrative Generation - LLM models are capable of generating narratives or paraphrasing remarks provided by investigation officers to ensure standardization and comprehensiveness of the investigation reports‍
4. Guiding Investigation Officers - AI models can provide suggestions to teams to ensure they are adhering to the SOPs and not missing out on any critical aspect during investigation and reporting.‍
5. Report Generation - AI agents are good at reasoning and writing reports. Therefore, all the reports in the process such as Investigation Report, Show Cause Notice, Reasoned Order, Regulatory and Committee reports can be autonomously generated by these agents, as long as the relevant information is available.‍
6. Recommendations - LLM models, with understanding of internal processes and policies, are able to determine the lapses that may have happened and suggest actionable recommendations to prevent such incidents in future.

Best AI platforms go vertically deep merging with the existing way of working, instead of changing it, while making the process easy and efficient.

Canso’s Approach

At Canso we have developed a unique platform that leverages Generative AI to automate and unify the entire fraud lifecycle. Our solution delivers measurable outcomes -

1. Reduce turnaround time by more than 70%
2. Lower operational and legal cost significantly
3. Ensure full compliance with RBI Master Directions on FRM

By integrating every stage of the fraud lifecycle from initiation till closure into one unified platform that drives automation and inter-departmental collaboration, Canso eliminates fragmentation and enables seamless end to end management.

Final Word

For senior leaders in Indian banks and NBFCs, the question is not if but how to adapt. Fraudsters are already using innovations in technology to stay ahead. The only way to keep pace is by adopting equally advanced technologies.

Generative AI is not about replacing human judgement. It is about empowering teams with speed, accuracy and intelligence. With RBI’s directions now in force, leaders have both a regulatory push and a strategic opportunity to transform fraud risk management.

At Canso, we would be glad to engage with you and share how GenAI can help you stay complaint, save cost and build stronger defenses against fraud.