Марія Бровінська Money 4 August 2025, 10:58

AI against fraudsters: Raif cyber experts have created an AI tool that detects fraudulent actions with money before they are committed. How Raifu's anti-fraud system works

In a world where fraudsters are becoming more and more inventive and attacks are becoming more and more sophisticated, Raiffeisen Bank has done something that even big players dare not do: it has launched a fully autonomous anti-fraud system that protects the savings of its clients. We spoke with Oleksiy Skyba, Head of Information Security Management at Raiffeisen, to find out how the solution was created, which now stands guard over the money of millions of Ukrainians.

Instead of ready-made solutions, we develop our own

Unlike many banks that purchase anti-fraud solutions from global vendors like NICE Actimize or Feedzai, Raiffeisen Bank in Ukraine took a different path — in-house, without external contractors or consultants. «We wanted to create not just a protective barrier, but a system that would think a few steps ahead — like fraudsters,» says Oleksiy Skyba, Head of Information Security Management at Raiffeisen Bank. Instead of relying on ready-made scenarios, the bank’s team developed its own analytical platform that combines rule-based logic and machine learning algorithms. The system works in real time, detecting anomalies in customer behavior and preventing fraud before it even happens.

The first version of the system was launched in Rife back in 2008. Since then, it has been continuously improved, adapting to new threats and fraud schemes. While initially the service covered a limited number of transactions and was based on statistical analysis, today the system monitors all banking channels — from Internet banking for individuals and legal entities to card transactions, detects cross-channel fraud, scores credit applications, and automatically checks online merchants for incorrect categorization. Machine learning and artificial intelligence methods are used for deeper analysis.

«We invested not only in technology, but also in our expertise — the experience of analysts, cybersecurity specialists, even behavioral analytics of customers. This allowed us to create a solution adapted to Ukrainian realities,» explains Skyba.

What’s under the hood?

Most anti-fraud solutions react to fraud after the fact — once a transaction has occurred and financial losses have been incurred. Rife’s system works differently: it acts proactively, predicting potential threats and blocking fraudulent actions before they occur.

«We work to stay ahead of the curve. Our approach is not just to react to fraud, but to anticipate it,» explains Skyba. «It’s important that while being highly efficient, we minimize inconvenience to customers. This is a balance between security and convenience that was not easy to achieve.»

The system doesn’t just check transactions against rules. It analyzes over 60 risk indicators in users’ online activity in real time to detect signs of fraud. Its analytics engine is trained on a dataset of over 10 billion transactions and other sensitive operations, ensuring high accuracy of the models.

The flexible architecture of the system allows for dynamic updating of risk indicators, integration of new fraud scenarios and processing of large amounts of data. The models have an adaptive self-learning function, which allows for rapid detection of new types of fraud without the need for large amounts of training data (unlike traditional neural networks).

The system allows you to create and configure rules and models without the need for programming, which allows you to quickly adjust policies to achieve the optimal balance between security and convenience.

Another unique feature is a multi-level monitoring system that tracks user behavior from the moment of login to the financial transaction. This allows you to detect anomalous actions at an early stage — long before a risky transaction is initiated.

All key channels are subject to verification — a mobile application for individuals and online banking for legal entities. Along with this, the system analyzes card transactions, credit applications, even miscoding, when fraudsters deliberately disguise merchants as other categories. Analytical models are able to detect not only typical fraudulent patterns, but also behavioral anomalies, which makes it possible to effectively counteract new schemes even before their mass application.

Ukrainian-based fraud prevention is already working effectively

The effectiveness of the solution has been proven in practice: 92% of fraudulent transactions are blocked before they are completed, and 90% of compromised accounts are detected through behavioral anomalies. At the same time, the system’s false positive rate remains negligible — only 0,2%.

The tool detects a wide range of threats: social engineering, phishing, attacks on business customers, combined fraud with the simultaneous use of cards and remote banking.

«These results indicate that the system not only effectively detects fraudulent schemes and achieves its goals, but also minimizes the negative impact on bona fide customers, while ensuring the maximum level of security. Such a high level of protection significantly increases customer trust in banking services,» notes Skyba.

Currently, the bank can already boast of the results of the system’s work: millions of hryvnias in customer savings, increased trust in remote banking, and countering attacks with adaptation to current fraudulent schemes in 2024.

In 2024, the system demonstrated its ability to successfully adapt to new challenges and neutralize major fraud trends:

Phishing attacks on individuals have been ongoing since the beginning of the full-scale invasion of the Russian Federation, exploiting the topics of social payments, charitable funds, and other manipulative methods.
Cyberattacks on legal entities — thanks to updated behavioral analysis models, the system detects and blocks anomalous actions caused by the compromise of corporate client keys and accounts.
Machine learning and AI — in 2024, improved algorithms for detecting risky behavior were implemented, significantly increasing the speed and accuracy of detecting fraudulent schemes.
Counteraction to multi-channel fraud — the system effectively blocks combined attacks where cards and online banking accounts are used simultaneously.

By the way, Rife’s anti-fraud system is not just «Ukrainized». It was created from scratch for the specifics of the Ukrainian market. According to Oleksiy, everything was taken into account: from the requirements of the NBU to the peculiarities of the logic of the national payment system. «It more effectively detects those schemes that operate in Ukraine, and not in the USA or the EU,» the specialist emphasizes.

Great prospects

According to Oleksiy Skyba, the anti-fraud project implemented by Rife has changed the approach to combating financial threats in the entire banking sector of Ukraine. It was here that the proactive monitoring model was first implemented, which allows not only to identify fraudsters, but also to prevent their actions before harm is done to the client.

The anti-fraud system developed by Rife has the potential to transform the market, as other banks can adopt successful experience and implement similar solutions. This will lead to an overall increase in financial security in the country, the financial institution’s specialists are convinced.

Rife is not limited to internal use only — the team actively shares its experience with the market, helping to strengthen the resilience of the entire banking system. In parallel, the bank is forming a culture of financial security among customers — talking about modern fraudulent schemes and teaching how to protect yourself. «This system is not just technology, but an organizational model that forms a new culture of security. Our contribution goes far beyond fraud detection — we are creating a new philosophy that increases the security, efficiency and resilience of the entire financial sector against future threats,» — summarizes Skyba.

Raifu's IT team has created the YES platform electronic document management system, which has already attracted the attention of foreign colleagues. What is the benefit of this development?

A student from Odessa got into the Raifu cybersecurity team by writing a CISO message in the messenger. Why does Yevgeny Balutov waste time teaching beginners

Rife's cyber specialists saved clients UAH 90 million. How the bank's cyber division works, protecting clients' funds from theft

Sorry, but the money can't even be stolen, it will be stolen. Actually, no. The story of the miracle project from Rife, which has already saved Ukrainians hundreds of millions of hryvnias