Left of Boom

“We have data” might be the most common sentence in banking right now. It is also the most misleading.

Having data is not the same as using it, and in fraud prevention that distinction is not academic. It is the difference between a phone call that stops a wire transfer and a loss that cannot be undone.

I have been sitting with this since we hosted Paul Benda, EVP of Risk, Fraud and Cybersecurity at the American Bankers Association, for a webinar earlier this year. Paul is one of the foremost voices in the country on how fraud actually operates — not just the tactics, but the infrastructure enabling it. He intimately knows about shell telecom companies that cost $600 to register and simply relaunch under a new name when regulators catch up, about social media platforms reportedly earning billions from scam ads while simultaneously shutting down a community bank’s educational post for using the word “scam,” and about AI voice cloning tools that can replicate anyone’s voice in under five minutes using audio that is already publicly available.

He also did a live demo. He cloned his own voice, then his CEO’s, then his daughter’s — wrote a script placing him in distress at a police station, added matching background audio, and played it for the room. He built the whole thing in 45 minutes on a personal laptop in a hotel room. I have a son, grandchildren, and I sat there thinking about receiving that call. Then I thought about our clients’ customers, many of them elderly and alone, and how completely convincing it would be.

Let me make one thing clear: I am not a fraud expert. Paul is. What I took away from that conversation was not standing on scam infrastructure but a sharper understanding of what community banks can actually control in an environment moving faster than most of us want to acknowledge. Paul called it “moving left of boom.” I kept hearing it as a data problem.

The Signal Is Already There

By the time a customer is ready to send money, they already believe the story they have been told. The voice sounded right, the caller ID matched their bank, and the details were specific enough to feel legitimate. At that moment, prevention is nearly impossible. But the signals that precede it — in transaction patterns, account behaviors, and the small deviations from what normal looks like for a given customer — show up earlier, and the question is whether anyone is watching, and whether the right people can see them in time to act.

Working with over 150 community banks, we see the same pattern repeatedly. The insight exists somewhere in the institution — a micro-deposit flagging a new external payee, a crypto transaction in an age bracket that does not typically engage with those platforms, a withdrawal pattern with no precedent in a customer’s history. What fails is not the data. It is distribution. The signal never reaches the lender, the branch manager, or the call center rep who could recognize it and make a call before the money moves.

Paul shared a few specifics worth carrying back to your institution. On micro-deposits, that routine activity becomes far more meaningful when combined with other behavioral indicators, and institutions watching for that combination are catching fraud earlier than those treating each signal in isolation. On age-based monitoring, if your institution is watching crypto-related transactions starting at age 70, Paul’s research suggests moving that threshold down to 60, because that is where targeting actually begins. In one documented case, 93 percent of crypto ATM transactions were fraudulent, with an average victim age of 71 and an average loss of $8,000.

Fraud Cannot Live in Its Own Corner

Paul was direct about this: fraud cannot be siloed. Fraud teams, cyber teams, and frontline staff are often looking at different pieces of the same picture, and when those views never connect, criminals move through the gaps between them. What our clients have found, again and again, is that when everyone in the institution is working from the same data, patterns become visible that no single department would have caught on its own — not because anyone was doing their job poorly, but because the picture was never whole.

That is the real argument for data democratization in a fraud context. It is not about building more sophisticated models or buying new tools. It means using the data that already exists and making sure it reaches the people positioned to act on it. Integration without democratization is just a prettier silo. A signal that lives in a dashboard no one opens, or reaches the fraud team three days after the wire cleared, is not a defense. It is a record.

The institutions doing this well are not doing anything exotic. They have built connected visibility across departments, established the habit of looking at the same information together, and given frontline staff enough context to recognize when something does not look right and the confidence to say something about it. That is what community banks do better than anyone — they know their customers, and they can pick up the phone. What data makes possible is knowing when to.

If you missed the webinar, the recording is available HERE, and I would encourage every community banker I know to spend an hour with it. Paul covers the full picture — the telecom problem, the AI threat, what Australia is doing differently, and what banks can put in place right now. He is one of those people who leaves you thinking differently than when you sat down, and in this environment, that is exactly what we need.