Over recent years, authorized party fraud committed deliberately by legitimate customers (often referred to as first-party fraud) has emerged as a fast-growing, complex category of loss for financial institutions. One industry source estimated that in 2025, this type of fraudulent behavior made up 37% of fraud events (Off-site) across financial services globally. Fraudulent behavior, such as false claims, misuse of payment channels or money mule activity, may resemble normal behavior. This often makes it difficult for financial institutions to distinguish fraudulent intent from routine activity. Understanding the current trends and drivers of this type of fraud is essential to reducing losses while preserving a positive customer experience.
Test your Knowledge: Do you know how to classify this type of fraud? Learn how you can take insight to action with the FraudClassifierSM model.
When Customers Exploit the Financial Institution Relationship
When a customer intentionally misuses access to products, services or customer protections, they exploit the relationship with their financial institution for their own personal or financial gain. Common examples include:
- Authorized party check fraud. This occurs when the account holder knowingly issues or deposits checks for the purpose of committing fraud. Common instances include issuing checks with the knowledge that funds are insufficient; depositing the same check multiple times through different channels; or check kiting, where a customer deliberately writes a check for more than is available in their account and then deposits the check into another account to falsely inflate the balance.
- False claims. Although false claims often are directed at merchants or service providers, financial institutions may be targeted as well. For example, customers may dispute a legitimate ACH debit that they knowingly authorized in hopes of receiving credit for it. Furthermore, as scams have become relatively common, individuals can more plausibly make false claims of victimization. For example, customers may send a wire or ACH transfer to themselves or to another complicit party and later claim they were “scammed,” hoping to trigger reimbursement.
- Intentional money mules. Intentional money mules knowingly allow their financial accounts to be used to move or conceal illicit funds, often in exchange for payment or other benefits. Unlike unwitting participants, these individuals are aware that the money they receive and transfer is tied to fraud, scams or other criminal activity. Mule activity plays a critical role in scaling fraud operations and complicates efforts to trace and recover stolen funds.
Recent Drivers of Authorized Party Fraud
Several factors contributed to recent growth in authorized party fraud, where account holders act fraudulently using their real identities.
First is the shift from in-person banking to mobile and online banking. Historically, branch employees played a meaningful role in identifying red flags. While digital interactions improve customer convenience, they also reduce opportunities for frontline staff to observe and question unusual behavior. Digital account opening also has created new pathways for exploitation. Criminals may open accounts digitally at any time of day, season the account over time to appear legitimate, and later engage in fraudulent activities — such as intentional account overdrafts or money mule activity. Losses tied to new account fraud continue to grow, reaching $7 billion in 2025 (Off-site), a 13% increase year over year.
Second, individuals now have access to “how-to” resources, both on the dark web and mainstream platforms. Social media influencers can post content that spreads misinformation about false claims or describes how to manipulate customer protections. Examples include:
- Video tutorials suggesting ways to “get money back fast” by disputing legitimate transactions or credit records
- Social media reels advising that financial institutions “always side with the consumer”
- Online forum threads portraying certain dispute processes as “loopholes”
- Misinformation about technical glitches that enable “free money”
The ease of committing scams has fueled intentional money mule activity, as criminals need financial accounts to move or launder scam proceeds. Criminals leverage social media and private forums to recruit willing mules, promoting “money flipping” or mule opportunities as low-risk ways to earn fast cash.
Detection and Prevention: Modernizing Controls for Customer Intent
As customer intent becomes harder to interpret, traditional fraud controls alone may be insufficient to prevent and detect fraud. Therefore, a multi-layered approach across the customer lifecycle is essential.
Onboarding is a critical first step because it offers the earliest opportunity to assess whether an applicant is likely to behave legitimately. Valuable tools that can provide insights into the customer’s likely intent include evaluating the strength of digital footprints, identifying inconsistencies in device behavior or application information, and performing velocity checks to determine whether an identity or device is being used to open multiple accounts.
Once a customer is onboarded, continuous monitoring of account and transaction behavior is essential, as outlined in the table below.
| Authorized Party Check Fraud | False Claims | Intentional Mule Activity |
|---|---|---|
|
|
|
Finally, customers engaging in fraud often do so across multiple products and across multiple institutions. Fraud, credit and compliance teams frequently observe different parts of the same behavioral pattern. Stronger coordination across functions enables earlier detection and more effective intervention. Cross-organizational information sharing is valuable to allow the financial institution to see risk patterns that may be invisible when data is viewed in isolation. Shared intelligence helps differentiate true victims from individuals committing intentional misuse, strengthens risk models with broader inputs, and enables faster and more accurate decisions.
Conclusion
In an environment where authorized party fraud is expanding in both scale and sophistication, financial institutions must evolve beyond traditional controls to effectively manage the gray areas of customer intent. Important tactics include robust onboarding controls, continuous monitoring of behavioral signals, and greater collaboration across internal teams and external organizations. In doing so, financial organizations can more accurately distinguish legitimate behavior from individuals exploiting the system, intervene earlier and apply targeted controls.