Why AI Fraud Detection in Banking Depends on Data Sharing, Not Just Better Models

The most consistent theme across the panel “AI as a hero saving banks from future fraud?” at FIBE Berlin this year was that banks still lack effective mechanisms for sharing fraud intelligence across institutions. The discussion, moderated by Fintech journalist Tom Matsuda, featured insights by Francesco Cometa, Senior Officer at European Investment Bank (EIB), Nina Ihl, Principal Compliance at Commerzbank, and Patrick Töniges, Co-Founder & Managing Director at spotixx.

Customer data is commercially sensitive and banks are competitors. “I’m not allowed to share it because of data protection, and also, it is my business,” said a panellist. “I don’t want the next bank to go to our customers.”

But both regulatory and technical developments are changing that calculus. Article 75 of the Anti-Money Laundering Regulation (AMLR) and Article 83 of the Payment Services Regulation (PSR) are designed to enable banks to share data to combat financial crime, balancing privacy with the broader public good of tackling fraud.

On the technical side, approaches such as privacy-preserving computation and federated learning are enabling the sharing of insights without exposing underlying customer data. The challenge is finding mechanisms that allow institutions to collaborate without exposing commercially sensitive customer information.

Töniges painted a striking picture of what success could look like: “Once one bank detects a fraud ring, everyone can know immediately. If Germany gets this right, fraudsters will avoid Germany — and move somewhere else. That is exactly why this needs to become a European and eventually a global standard.”

Cometa pointed to the EU’s Digital Operational Resilience Act (DORA) as evidence that regulators are increasingly comfortable with structured information-sharing frameworks around operational and cyber risk.

Keeping Humans in the Loop

Given the pace of automation, a natural question is where human judgment still fits. The panel broadly agreed that AI augments investigators, but does not replace them. Human investigators remain essential, particularly when fraud patterns evolve faster than historical training data.

Töniges described the practical mechanics: AI agents can pre-process alert data and surface a recommendation based on similar historical cases, so that when an investigator picks up the file, they are not starting from scratch. AI helps investigators prepare decisions more efficiently by drawing on similar historical cases, he said, while noting that productivity gains of 30–40% are probably conservative.

Human oversight is also becoming a formal regulatory expectation rather than simply a governance preference. Ihl summarised the compliance officer’s reality: “When my regulator comes, I need to be able to show what we did at every step. AI is a black box, and my regulator is chasing me to know what is going on inside it.”

Why Explainability Matters

For anyone building AI fraud detection systems, whether at a major institution or a challenger fintech, the panel had consistent advice: explainability must be built in from day one.

Cometa referenced the European Central Bank’s Onsite Inspection Manual, updated in July 2025, which includes a dedicated chapter on machine learning and requires banks to explain every step of their model’s decision-making process. “The bank must explain every step of the process. Any single step must be traced and properly governed inside the internal control function,” he said.

For fintechs, the temptation to move fast and ask for forgiveness later is understandable, but expensive. “Compliance downstream is so much more expensive than staying compliant from the start,” said Töniges. “Once you have been fined, you cannot onboard new customers. Get it right from the start, and you save costs in the end.”

Can Banks Ever Fully Close the Gap?

The final question of the session was the hardest: Is staying ahead of fraudsters a realistic goal, or is this permanently a game of managing the gap?

The panel did not suggest banks can eliminate fraud entirely, but there was broad agreement that coordinated data sharing could materially improve detection rates.

“The only way forward is for banks to start sharing data, and not only banks, but also telcos and other companies that might be involved,” said Töniges. “Once that is working at scale, fraudsters will simply move to geographies where the systems are not yet established. That is why this needs to happen at a European, and eventually global, level.”

Cometa ended on a constructive note, arguing that regulation and innovation are not inherently opposed and that coordinated frameworks could materially improve fraud prevention over time.