South African lenders battle rising fraud in real-time payments

By Aarav Garg

A new survey of South African banking leaders by fraud prevention firm BioCatch suggests fraud has become a defining operational risk for the country’s financial services sector, particularly as digital banking and instant payments continue to expand.

The study found that 75% of respondents believe fraud attempts at their institution are increasing, 79% say fraud losses are rising and 81% estimate annual losses exceed $5 million.  At the same time, most respondents still said their fraud controls are effective, with 91% rating them effective or very effective and 34% saying fraud cases are fully investigated within one day. That suggests South African banks are under strain, but not standing still.

The survey also shows that fraud is now being viewed as more than a financial issue. Reputational risk is a major concern, with 78% of respondents ranking reputational damage as equal to or greater than financial loss. For banks and FinTechs, that matters because fraud is increasingly linked to customer trust, brand confidence and long-term retention, not just direct write-offs.

Behaviour-based fraud tools appear to be gaining traction in response. 40% of South African respondents said they are already using behavioural metrics and 43% are evaluating them, while 74% view such tools as highly valuable for detecting coerced or high-risk behaviour. The findings point to a growing interest in analytics that can spot suspicious activity in real time, especially where scams rely on manipulation rather than obvious technical compromise.

Instant payment systems are another key pressure point. The survey found that 89% of respondents associate real-time payment rails with moderate to very high fraud risk, even as they continue to support faster payments and better customer experience. South African leaders also said mule activity is often detected within the first month, averaging roughly three weeks, underlining the need for faster detection and response capabilities.

For FinTech firms, the message is straightforward: as payments become faster, fraud controls need to become faster too. South Africa’s banks appear to be investing in that shift already.

“Fraudsters increasingly no longer break into banks,” BioCatch Global Advisory Director Jonathan Frost commented. “Instead, they manipulate customers’ cognitive and emotional states to override rational judgment. Social engineering has become the primary attack vector, bypassing the billions invested in technological defenses. Criminals have industrialized deception, exploiting trust, urgency, and fear with a sophistication that surpasses that of public awareness efforts and one-time passwords. The question is not whether you can afford to protect your customers from social engineering, but whether you can afford not to. Customers are not a vulnerability to manage. They are an asset to protect. When customers incur losses due to fraud, banks also lose deposits, trust, and legitimacy.”