Keeping Payments Safe at Scale—Money 20/20 Part 2 | “What The Fraud?” Podcast

THOMAS TARANIUK: Hello, dear audience, and welcome to “What the Fraud?”—a podcast by Sumsub, where digital fraudsters meet their match. 

I’m Thomas Taraniuk, Head of Partnerships at Sumsub, the global verification platform helping to verify users, businesses and transactions.

Today’s episode is a special one. We’re coming to you straight from Money20/20 Europe in Amsterdam—the heartbeat of the fintech world this week—where the big topics are fast-moving innovation, rising risk, and what it really takes to build trust in modern finance.

And this time, we’re partnering with “the c-suite podcast”—bringing you inside the room with the people shaping the future of money and stopping fraud before it starts. Let’s get into it.

Spencer Hanlon, Chief Operating Officer at Nium

THOMAS TARANIUK: Now I’m sitting with Spencer Hanlon, Chief Operating Officer at Nium. Thank you for joining us today. Very excited to have you on the “What The Fraud?”

SPENCER HANLON: So nice to be here. Thanks very much for the opportunity, and nice to be here representing Nium.

Changes in operational risk management across fintech and travel

THOMAS TARANIUK: Spencer, you’ve worked in both payments fintech and travel as well, which are very unique, high-speed, high-risk environments. What’s changed most in your approach to operational risk over the time that you’ve worked within both industries and sectors?

SPENCER HANLON: First of all, it’s not getting any easier. We operate in an area that, unfortunately, is the target of some very clever people with some very negative motivations. So, you have to be on your game, and that just means you have to invest in the tech. Luckily, we have AI on our side—that’s making it easier. It’s making it easier for us, but it’s also making it easier for the opposition. And so, we have to stay on our game there and get the right people with the right knowledge and skill set to bring that advantage to us. But it’s all about people. At the end of the day, you’ve got to hire the people who know what they’re doing, who have the background and that landscape of threat awareness to be able to keep us on our guard because, as I said, unfortunately, it’s an ongoing battle.

And the unusual thing about fraud is it’s common, so we don’t need to compete on this—we can collaborate as partners in the industry, and that’s to our betterment.

How fraud networks leverage AI and industry knowledge

THOMAS TARANIUK: 100%. And do you think these fraud or criminal networks will still have, let’s say, the same strategy or tactic—hiring first, hire good criminals, make sure that they know the industry. They’re using AI tools, and they’re able to circumvent systems which have—and I mean, you’re completely right as well—businesses do need to work together because the weakest link will make it more difficult for other businesses as well.

SPENCER HANLON: I hear all the stories of Black Hat conferences and events in Vegas and all that sort of stuff. I’m not sure whether that’s urban myth.

THOMAS TARANIUK: It’s not myth, is it?

SPENCER HANLON: I don’t know, but I’ve got to believe that these guys are investing just as much as we are. But the other thing I would sort of advocate to anybody who’s concerned about this, who’s kept up at night—the more you restrict your appetite for risk until you understand what you’re doing, the safer you’re going to be. I mean, it sounds like apple pie and straightforward advice, but stay in the center lane.

Stay in the center lane. And then, when you understand, expand from that to other, more risky verticals. Then, first of all, do your homework in terms of the controls and the measures you need to put in place, and that will see you right. The worst thing you can do is step into these verticals without the knowledge of what you’re doing. That’s where you fall foul, because these players know who’s coming in, know who’s setting up shop, and they’re the first people that they go after.

The risk vs. growth strategy at Nium

THOMAS TARANIUK: Spencer, it sounds like you’ve had a plan in terms of your future fraud risk controls at Nium as well. What does the risk and growth trade-off look like at Nium as you move forward?

SPENCER HANLON: There’s no doubt that there is an increased revenue opportunity the further you go from the center path. Everyone wants to stay center because that’s exactly where it’s safest, but it’s also the most competitive part of our business. The more you deviate from that, the more upside there is in revenue potential. Again, the trick here is not to get distracted by that revenue potential. Step very cautiously and carefully. Baby steps. Bring people along who have been in those verticals to guide your business—from the operations, from the risk management, and from the revenue side.

Handling external risk through Nium’s partner platforms

THOMAS TARANIUK: Got it. And from your perspective, you’re looking at Money20/20 with a few big topics in mind. Embedded finance is one of them at this event as well. When fraud starts to happen on Nium’s partners’ platforms, let’s say, it can still hit Nium’s infrastructure. How do you manage that kind of distributed external risk at Nium, especially as you look forward to different types of fraud which are coming into play in practice?

SPENCER HANLON: It’s a challenging area. I’m not going to sugarcoat it. Having to police your customers and partners is never a fun experience.

THOMAS TARANIUK: Always very difficult.

SPENCER HANLON: Yeah. We’re here to serve our customers and to provide them the best products, services, and experiences possible. However, unfortunately, we are in an industry where we have to take obligations from our regulators and from our partners and pass them on to our customers.

Suggested read: How to Check if a Company is Legit

And so, the majority of people in this industry have been on both sides of the fence. They understand what it feels like to have enhanced due diligence done on you from customer or supplier. And I think it’s all about respect, openness, and a degree of flexibility. If an audit is delayed by one or two days, don’t freak out. It’s the way the industry is run, and it’s about transparency. Where alarm bells start ringing is where you feel like you’re not being told the whole truth. And that’s something you start to feel after being in the industry for a while.

Keeping compliance agile in a real-time payment world

THOMAS TARANIUK: Trust is of the utmost, especially between external third parties, and I can imagine how difficult it is to run a program which is international, with different licenses as well, and different partners and different jurisdictions. It makes it ever more complicated.

At Money20/20, and especially in 2025 as we move into ’26 as well, RTP or real-time payments is a massive topic, and it creates new expectations for both speed and agility—but also increased pressure on your team, for instance. At the end of the day, and at your scale at Nium, how do you keep risk and compliance systems agile enough to keep up with expectations from businesses and from end users as well?

SPENCER HANLON: So the tools you use, the profiles you have, the expectations you have on the transactions coming through—all help you in terms of increasing your straight-through processing. Ultimately, if it’s automated and it doesn’t need a human hand to touch it, that’s how you can deliver the promise. Nine times out of ten, if it does come out of what you expect, then it’s about people, SLAs, operational excellence. And again, an understanding between you and the customer about what your SLAs are. “Please, I’ll ask you for a piece of information. Please come back to me within a certain timeframe.” And that comes from maturity in the relationship.

Major shift shaping the future of fraud and compliance

THOMAS TARANIUK: Cadence and communication is key. And going back to trust, it’s super important there. Spencer, from your perspective, what’s one shift in global payments—or let’s say compliance as well—you think will reshape fintechs and how they handle fraud and how they handle risk in the future?

SPENCER HANLON: There’s one thing that’s a challenge and one thing that’s potentially a boon. The challenge is—as you mentioned it earlier—real-time payments. I remember the days when if you sent a transaction to Malaysia, okay, it arrives in five days. What’s the big deal? Now it’s about, has it arrived in five seconds?

Suggested read: Fraud Risks in Real-Time Payments | “What The Fraud?” Podcast

Actually, what I think we need to be talking more about is on-time payments. When did I say it was going to arrive? And has it arrived when I said it was? Payroll is a perfect example of that. So, the fact that we’re getting more and more impatient with when things arrive—that makes fraud management harder, right? No doubt about it. AI is the potential solution to that, because I can force-multiply the intelligence I’m putting on these transactions. So that, I’m really, really thrilled about, because it means I don’t need to have hundreds and hundreds of people working on the problem.

The urgency dilemma: when is real-time really necessary?

THOMAS TARANIUK: 100%. Less spreadsheets as well, of course. But in today’s day and age, instant gratification is the name of the game. If they hear that they’re going to get an instant payment—and of course, their colleague, friend, or employees are going to receive that as soon as possible—what does that mean? What’s ASAP nowadays? It’s usually within a second.

SPENCER HANLON: It’s seconds. However, it doesn’t always need to be. I think we are marching towards a drumbeat that’s slightly unnecessary. What is critical is: when does it need to be there? Does it need to be there by midnight? Does it need to be there by 9 a.m. next morning? By close? That’s what I think we should all be driving towards, because that allows us the time and the space to do everything we need to do—to protect our money, to protect the customer’s money, and to satisfy the whole ecosystem in terms of the security of it.

THOMAS TARANIUK: Absolutely agree with you. But unfortunately, fintechs and SMEs are market- and consumer-driven, right? And consumers want everything done yesterday, which makes it very difficult to put in that friction to make sure that we save the money and we protect them from bad actors—which is a shame.

SPENCER HANLON: Yeah, absolutely. But that’s the excitement of it, right? That’s what we’re all trying to do.

THOMAS TARANIUK: That’s the challenge, and that’s where we’re innovating. Well, thank you so much, Spencer, for joining us on the “What The Fraud?” podcast. It’s been a pleasure.

Clarena Furtado, Head of Online International Business at PagSeguro

THOMAS TARANIUK: I have Clarena Furtado joining us from PagSeguro, who is the Head of Online International Business. Thank you for joining us on the “What The Fraud?” and “the c-suite” podcast today.

CLARENA FURTADO: Thank you for having me. A pleasure to be here.

THOMAS TARANIUK: It’s our pleasure. So, your parent company, PagBank, has seen rapid growth in Brazil, but also beyond as well. What’s been the most important move from your perspective, Clarena, when you’ve made the scaling across Latin America whilst keeping, of course, your risk in check?

CLARENA FURTADO: Well, it’s been a challenge, but we have had great success in Brazil because in Brazil we are a bank and acquirer, so it’s a good combination. What we have done is, like you said, we have cross-sold our products from Brazil going into LATAM. So going into LATAM is a lot about getting the right partners, getting the right local payments, getting the right relationships in the region, in the different countries where we are. So, what we do is we sell, of course, all the robust solutions that we have in Brazil. And then, when we go into LATAM, getting those partners in place—whether it’s the operational partners, or the different local payment partners—is essential because it’s part of what we sell. And that’s why we have had such big success.

Managing third-party risk while scaling operations

THOMAS TARANIUK: That’s great to hear. And of course, it’s one thing managing internal risk parameter frameworks, but working with so many great partners, it’s essential to make sure that you manage risk on the procurement side. How do you do that at PagBank and PagSeguro?

CLARENA FURTADO: We have, like I said, a lot of risk partners, a lot of solutions—working a lot with AI, working a lot with data. So, it’s a lot about data because we work across different verticals and through different payment methods. The risk will be different depending on the payment methods and the verticals. We are diverse in terms of verticals—we work with everything from retail companies to sports betting companies to travel companies. So, the risk is different because the consumer is different.

Also, when you go into LATAM, the risk in each country is completely different. For example, we have Brazil, and then we have four local entities: Colombia, Peru, Mexico, and Chile. And it’s a different scenario—a different landscape—when you look at the risk. Even though some characteristics remain the same, certain verticals are higher risk. Like I said, having the right partners, looking at the data, using AI, and everything that new technology offers has helped us manage that risk.

But it’s always about keeping an eye here and keeping an eye there. From a sales perspective, this becomes a challenge because, of course, we want to grow the business, but at the same time, we want to make sure we have stable and durable growth. Sometimes going into high-risk verticals can represent a threat. We need to ensure all risk rules are in place.

Also, when we go into Latin America, we share the risk with our partners. Sometimes we work with the biggest acquirers in the region and share the risk with them. So, we create a plan where we, of course, look at the data, but they also look at the data, and we work together to ensure that we have the proper risk tools in place and that we can manage the fraud that comes in.

Navigating LATAM’s fragmented financial markets

THOMAS TARANIUK: A lot of unique challenges in a very different market—Latin America, of course—and unique challenges require unique, complex solutions, right? Which it sounds like you have under control. But Latin America’s financial system and ecosystem has unique challenges in itself. What makes financial products in Latin America, and some of the markets you mentioned, different? And more importantly, how are you navigating that complexity?

CLARENA FURTADO: Okay, first of all, Latin America is fascinating as a region. We have two big languages. Brazil has more than 210 million people speaking only Portuguese. Then we have the rest of the region speaking Spanish. But do not be deceived, because the region is very diverse. When you compare Chile to Mexico, you’re looking at very different landscapes.

One of the mistakes people make is to think of Latin America as a single entity. It’s not. There are different behaviors, different consumer habits, different levels of market maturity, and different regulations. When it comes to managing fraud, you have to look, for example, at chargebacks and how regulation treats them—how you’re going to manage them, how you’ll have the reports in place, and what will happen.

A lot of the region has become regulated—especially in the last five to seven years. It’s now a big challenge. There are many consumer protection laws or policies, and if you don’t manage those well, you could end up in a bad place.

Scaling instant payments without sacrificing risk control

THOMAS TARANIUK: I completely agree, and lots of differences when we’re talking about Latin America compared to Europe, as you mentioned. Real-time payments—RTP—specifically Pix, are reshaping expectations. How do you match that scalability with risk across the region when individuals expect speed at the end of the day?

CLARENA FURTADO: Yes. That’s always the challenge—managing that equation. You must balance the user experience with risk and volume. But you also don’t want to sacrifice everything for consumer experience. But if you don’t offer a good user experience, you have nothing in the end.

It’s like managing different buckets at the same time. You have to manage your risk with the right tools. You have to manage the user experience and make sure it flows. You also have to navigate the regulation and the consumer behavior differences across countries.

For example, Pix came out in Brazil four years ago. It’s growing a lot—it’s owned by the central bank. When Pix launched, there were a lot of challenges because, of course, fraudsters were targeting it.

So, the central bank had to step in and make changes to the product. For example, there’s now a limit on how much you can transfer at night because of fraud incidents. With the help of the central bank and fraud tools, we’ve reached a good place where we can say that instant payments have been successful in Brazil.

Now, in other countries, we see new instant methods emerging—like Colombia with Bre-B or Yape in Peru, which is a very popular wallet. Each of these presents challenges. You have to ask, how will I manage this? How do I make sure I have the right tools in place to handle consumer behavior and manage fraud? It’s a constant challenge.

Adapting to younger digital-first generations

THOMAS TARANIUK: And it’s evolving, right? I’m sure if we had this meeting again in 2026 at Money20/20, we’d be talking about different things.

CLARENA FURTADO: Exactly—and that’s what’s so fascinating. It’s evolving. Especially in the region, you have a young population coming in. I see it in my children and grandchildren. Their behavior is different. They want fast, secure payments—and they want them immediately.

THOMAS TARANIUK: Instant gratification.

CLARENA FURTADO: Instant gratification. They have no patience for anything. That’s the new generation of consumers we work with. That’s why alternative payment methods are a big deal. They’ll continue to evolve and become more refined and mature. And we have to adapt to these new consumer expectations.

Balancing user experience with advanced fraud protection

THOMAS TARANIUK: So, Clarena, another question for you: how are you ensuring that PagSeguro meets user expectations in terms of user flow and payment speed, while also staying ahead of emerging threats like AI fraudsters?

CLARENA FURTADO: Well, we take the user experience very seriously. We have teams dedicated to managing that because, like I said, I have to oversee all parts of it.

We want to manage risk and volume, but not at the cost of poor user experience. That only happens through strong partnerships—partners who work with us not only in Brazil but across the region.

Partners who understand local behavior, have local data, and help us manage risk. You can only effectively manage fraud and risk through AI and new technologies—but also through data. You need to understand: when are consumers buying? What are they buying? What’s the typical average? How often do they buy? What vertical do they belong to?

Suggested read: Why Behavioral Analytics is Key to Fraud Detection Today

Understanding this from a local perspective has been essential to our success at PagSeguro.

The most common mistake fintechs make when entering LATAM

THOMAS TARANIUK: Amazing to hear. It sounds like you’re very experienced in this regard. And working with fintechs at PagSeguro, helping them understand the threats out there, is essential. So, for fintechs entering Latin America—given the rapid expansion in digital payments and financial inclusion—what’s one strategic mistake you see too often, and what should they do differently?

CLARENA FURTADO: Yes. First of all, thinking that it’s going to be easy. Over and over, I talk to big global partners who say, “Oh, we’re in Brazil, and it’s been eight months, and we still haven’t integrated.”

They think it’s going to be smooth. Don’t make that mistake. Understand the landscape in each country—especially in Latin America. Look at regulation, tax implications, user experience—everything in the ecosystem. Just because you have a good product, and there’s a need for it, and you think the supply and demand equation is solved—doesn’t mean implementation will be fast. You need local understanding. You need the right partners—consultants who can teach you how the market works.

Taxes are complex in Latin America. Regulation is complex. It’s different country to country. Chile has strict enforcement. Mexico is extremely bureaucratic. You need the right connections. Don’t go in alone.

Make sure you have the right partners—whether law firms, risk and fraud partners—people who know the region and local challenges. Have a full plan. Otherwise, you could lose the opportunity. This is about timing. Consumers move fast, competitors move fast. If you’re not ready, you’ll take a year or more—and that’s what I hear from even large global companies.

THOMAS TARANIUK: Absolutely agree with you. A fragmented ecosystem in Latin America, but one that should work together—especially given that financial crime is borderless. I’m glad to have PagSeguro helping fintechs of all sizes as they move forward. Thank you so much for your insight here at Money20/20. Really appreciate your time.

Ian Morrin, Head of Payments & Platforms at Tink

THOMAS TARANIUK: Ian, welcome to Money20/20. How have you found the event thus far?

IAN MORRIN: Yeah, I found it really good. I think it’s a great place to come and meet various stakeholders in the industry. And we were saying before we came on that I think you just get a real spread across our customer base. Made some good connections.

What are the biggest blockers to open banking adoption?

THOMAS TARANIUK: Excellent. And Ian, you’re the General Manager for Payments and Platforms in Europe and the CEO of Tink in the UK as well. It’s quite an exciting position and area to be in at the moment, especially with new technologies coming through, different types of payments, and especially being at Money20/20—surrounded by merchants, new payment institutions, and maybe a future of scary types of fraud as well. Open banking, of course, has also come a long way in the last couple of years. But adoption still lags in certain places from what we can see. What are the biggest blockers from your perspective as we move forward?

IAN MORRIN: From the foundation—sort of early PSD2—there was a lot of hype around the disruption that was maybe going to come as a result of that. And I think we have seen some early adopters pick it up, particularly in account funding use cases, and that’s grown very strongly. We’ve seen that continue to grow. Today, it’s probably the best use case out there. I think the big difference that I’ve seen over the last 12 to 18 months really is that three years ago, people were buying open banking because they thought they had to have open banking. Whereas now what I’m seeing is merchants actually coming to market and saying, “Hey, look, I’ve got this use case, I’ve got this journey, this customer experience that isn’t working so well. How can I use open banking—pay by bank, account information—to make that journey smoother?” And so, the deployments are more thoughtful. And now we’re actually seeing the volume go. I think you’ll see that uptick now over the next year or so.

How do you drive commercial growth while staying compliant?

THOMAS TARANIUK: That’s great to hear. And moving fast—especially in regulated environments—is really tough. It’s difficult to navigate, and it makes it less simple when you’re trying to build things. So how do you keep, let’s say, Tink’s commercial teams up and moving forward, pushing for growth and growth value within today’s day and age, but also still operating within the guidelines of regulation?

IAN MORRIN: I think it’s super important to have—I’m going to say this—a compliance function that works, and having a really strong legal component in there that works very closely and is aligned with the business goals, the purpose, and the teams. And then I think we need to make sure that the teams understand the rules they’re playing within and what is required of them. But actually, having those strong support functions that are aligned and work very closely with the teams means that you can push forward with confidence.

What are the biggest threats to payment flows and trust?

THOMAS TARANIUK: That’s a foundation as well, isn’t it? Yeah, absolutely agree there. And trust is a major theme, especially within businesses. But we’ve talked a lot today about trusting your third parties, even if they’re not regulated, like software providers. Even if they’re not regulated, of course, you still bear quite a lot of the risk on their behalf. And having that good cadence, trust, and communication is essential as well.

From your perspective, what are the biggest threats or challenges that you see in the future for Tink when we’re talking about today’s payment flows? And how do you think they should be solved?

IAN MORRIN: That’s a big question, a very broad question. You mentioned trust there. I think if you’re going to see anything grow, anything adopted by the consumer, there has to be trust there.

How do you build trust? The experience has got to be solid. It’s got to be easy and simple, and it needs to pop up in multiple places where you already have trust in whatever it is that you’re doing. So, if it’s funding an account that you’ve always funded manually and now you have a simple, easy flow that enables you to do that—that can start to build trust.

Then maybe when you see it pop up in an e-commerce website: “Ah, I see that. I know that. I’m going to use it.” I think we’ll see more and more—we’re seeing it now—but more and more thoughtful journeys so that the consumer is educated coming into those flows. And that’s where we’re seeing the sort of success increase.

How do you balance speed and friction in consumer payment journeys?

THOMAS TARANIUK: Agreed. And it’s also about managing the expectations, I would assume, of the consumer. Because at the end of the day, if they go to a flow they’re very used to and it turns out to be twice as long—we put in a speed bump, we put in some friction—they’re going to be disappointed. You’re going to have drop-off, and they’re going to go to someone else. And that’s something that you don’t want at the end of the day, right?

IAN MORRIN: But then, I was talking to a customer the other day around—we work really hard to take friction out of a journey. But then, if it’s your end of tax year and you want to top up an ISA or a pension, you’re going to move £20,000, £10,000. You want a little bit of friction in there. Actually, that gives the consumer a bit more confidence—”Right, there’s my bank app. Yes, I can see that I’m authenticating in my bank app, and that’s the right thing to do.” So yeah, we work very hard to take friction out of the journey, and then in some places we maybe add just a little bit back.

Who owns the risk in embedded finance?

THOMAS TARANIUK: Some places it’s foundational, right? Especially if you’re moving your life savings and you realize they’ve gone in a millisecond. That can be quite scary too.

IAN MORRIN: You want to make sure it’s going to the right place. Exactly.

THOMAS TARANIUK: And of course, we’re at Money20/20. A major theme that we’re seeing today is embedded finance. I don’t know if you’ve seen that as well. But the key question is still there—who owns the risk within embedded finance? And where do you think that responsibility falls?

IAN MORRIN: Let’s say, compliance risk, right? So where does that sit? There’s a set of regulations out there. We need to comply with those regulations. We have a couple of different models—our licensed customers license predominantly, and it’s our license. Therefore, compliance risk sits with us, which is why we have some of that friction in those flows to make sure that we really know and have confidence that it’s a valid payment and the person who’s trying to make the payment or move the funds is the right person. I think that’s super important.

How can fintechs scale fast while staying compliant?

THOMAS TARANIUK: And of course, with embedded finance, we’re servicing a lot of new businesses—SMEs, fintechs, etc. What would you say is one piece of advice you could give to fintechs trying to scale fast but also remain compliant at the same time? It’s a difficult, broad question, but one for you, Ian.

IAN MORRIN: I think collaboration, actually. You asked me at the head of the call what’s really important in our business to be successful. And I said we have a strong compliance function. Well, if you’re starting off, you’re in open finance, you’re going into a new area—there are other people who’ve got some of that experience. And I think that collaboration across other businesses, organizations, fintechs—that’s where you gain your advantage. Talk to people, share, and work out how to collaborate together.

What role does AI play in fraud prevention and embedded finance?

THOMAS TARANIUK: And that, of course, enforces trust, which is required—especially within our industries as well. Final question to you—artificial intelligence. We talk about it a lot. It’s a buzzword. Everyone’s talking about it. It’s a great tool that can be used by the businesses at hand to protect themselves and to make life easier for users. But it can also be utilized on the other side of the coin—by fraudsters—to enhance, let’s say, their ROI on going and targeting fintechs, payment institutions, and the end users as well. What would you say about artificial intelligence use cases within embedded finance? And what do you see in terms of the future for protecting users and businesses?

IAN MORRIN: We’ve always got to focus on protecting the end consumer. There’s always a risk around fraud. Open banking is built in a specific way to reduce the likelihood of fraud in any of those flows. So, we’re alive to it. We work with it all the time. You know, it’s not just another—it is another angle. We look at it, we work at it, we’re all working together. It comes back to collaboration. We need to work with the banks, with the FIs, with the merchants, to make sure that we’re protecting our end users.

Suggested read: How to Prevent AI-Generated Fraud: Use Cases

THOMAS TARANIUK: End users, your business, of course, and the entire ecosystem and community as well. But very glad to have you in the same boat and working together towards a future without fraud—which may never come, but one can dream.

IAN MORRIN: We do our best, exactly.

THOMAS TARANIUK: Ian from Tink, thank you so much for joining us here today on What the Fraud? Really appreciate your time.

IAN MORRIN: Thank you very much for having me.

Darek Paleczny, Chief Risk & Compliance Officer at Worldline

How digital-first infrastructure is reshaping fraud and compliance in merchant services

THOMAS TARANIUK: Darek Paleczny, the Chief Risk and Compliance Officer at Worldline. A very exciting but cumbersome role, I can imagine as well. So, thank you very much for being on the “What The Fraud?” Podcast here with “the c-suite podcast” as well. I’d love to jump into a couple of questions for you.

DAREK PALECZNY: Sure. Thank you, and thank you for the invite.

THOMAS TARANIUK: Amazing. And you’re of course working on a few conversations here at Money20/20 and speaking at this event as well about how digital-first infrastructure is reshaping fraud and compliance at the same time. From the merchant services perspective, what shifts are you seeing within this remit and the fraud patterns and vectors within the fintech payments space as well? How is Worldline adapting to these changes and new fraud challenges?

DAREK PALECZNY: That’s a really good question. In terms of fraud patterns and what we can see, it’s really dynamic. So probably the answer would vary depending on whether we answer the question now, three months ago, or in six months. The fintech world is developing very quickly. It’s changing, it’s dynamic. For us, it’s about how we can prepare for this.

It’s more than just deploying a tool—saying, “Okay, we have a good tool, job done, we can move on.” It’s really about properly embedding and owning the tool and the whole infrastructure. What I mentioned earlier at the panel today is about tailoring this to your needs, making sure it works well for the business, the risk appetite, and the customers you have.

It’s a bit like buying an off-the-shelf product—like buying a sports car. It might be fast, it will take you there, but whether it’s the fastest route? Not necessarily. You have to know what you need and tune it to your own needs. And maybe you realize you don’t drive on flat surfaces, so maybe you need a 4×4. That’s really what will take you there.

We also make sure that we have well-synced teams—first line talking to the second line. It’s about that feedback loop so we can act quickly. Whatever is a potential issue now, you cannot take for granted that it will work well in the next 6–12 months.

Hidden merchant risks in a borderless fraud environment

THOMAS TARANIUK: Agreed. And I completely see that happening, especially when so many businesses are different. They service different markets, different industries, different customers, whether or not they’re merchants or retail customers. It means that, as you mentioned, it’s not one-size-fits-all. And I love the analogy of a car—because at the end of the day, it might be very nice, a yellow Lamborghini, right? But if the engine’s not there, if the mileage isn’t there, you’re going to have a bad time.

Continually adapting, of course, to new trends—12 months from now we’re going to be talking about another type of fraud at Money20/20 in 2026. It might be new tactics and developments we need to envision to move things forward.

And with fraud tactics getting more sophisticated, complicated, and borderless, what kinds of hidden risks are merchants facing on a day-to-day basis across Worldline’s merchant customer base?

DAREK PALECZNY: I think it’s something critical, what I mentioned earlier—it’s about making sure that we don’t take things for granted. So we don’t stand still and say, “Okay, we deployed the control, we’re good, we can move on.” It’s about constant review, a continuous feedback loop between teams and talking to customers.

Often, it’s seen like a tension between making a smooth journey for the customer and meeting regulatory requirements. I think now, we’re really in an era where in fact, it’s complementary. Sometimes we make it easier for the customer to onboard and reduce friction. Having some healthy friction—that’s really the key.

We all think about friction as something negative. Businesses often want to make things frictionless. But healthy friction gives security to the business and to customers. We are really embedding risk assessment into constant review and planning—as much as you can—where we are going to be in 6, 12, or 24 months. It’s not just about where we are now.

Probably 12 months ago, there was a lot of discussion about being prepared to scale. Now, it’s more about being prepared to adapt. The scale will then come naturally.

Common compliance pitfalls for fast-growing merchants

THOMAS TARANIUK: When it comes to compliance as well, what would you envision is one common pitfall for fast-growing merchants? And what do they tend to overlook around this? Can they design smarter systems and fraud frameworks to make sure they overcome these pitfalls in the future?

DAREK PALECZNY: I think probably the main pitfall you see in the market is leaving compliance for later—focusing on growth and speed. It’s also about focusing on speed too much—doing something that brings immediate results in one week, two weeks, one month.

But it’s more about owning and ensuring it will work in the long run. A common pitfall is going for a quick fix because it brings value. And it often does. But then—how adaptable is it?

It’s often far harder to retrofit something. Much harder to unwind the whole process. So it’s about making sure you do it right from the beginning. Don’t take shortcuts. The edge is in getting it right from the very start.

How merchants can use AI to detect fraud and reduce risk

THOMAS TARANIUK: A strong foundation—we keep talking about it. It’s essential from the very beginning, especially for a lot of these small and medium-sized enterprises here at Money20/20. Making sure they have these frameworks from the start will help them scale, and ensuring they can communicate them across business units is essential as well.

Artificial Intelligence is a hot topic. It’s transforming how we detect fraud—but also how fraudsters try to circumvent systems across merchant and retail payments. What is one AI-powered approach that’s actually working today? And do you think fraud teams, even at Worldline, should underestimate it, or should they rely on it exclusively to prevent fraud?

DAREK PALECZNY: I think it’s really about having the right governance and oversight. The dangerous part is—we don’t know what we don’t know. Especially with AI, if we just assume it works exactly the way we thought it would, it may not.

So, it’s only as good as the governance you have in place around it.

Key compliance advice for merchant leadership teams

THOMAS TARANIUK: Agreed. It’s often reactive rather than proactive. There is, of course, ROI and profitability for fraudsters and criminal networks to create these tools and implement them on a mass scale. We only know the damage after it’s been done, and then we build countermeasures reactively to combat them.

I’d like to ask as well—Darek, from your perspective working with these merchants day to day, what’s one piece of advice you would give to their compliance leadership teams? To both scale responsibly and maintain compliance risk frameworks and security for their communities?

DAREK PALECZNY: I think it would be a bit of a summary of what we’ve discussed. Make sure you don’t cut corners. Do it right from the very beginning—because that’s when the real challenges start. If you don’t, you might create more friction later that becomes very difficult to manage.

Ensure ongoing review. Stay on top of it. Have the right structure. Don’t treat compliance as a tick-box exercise. It’s not just: “We’ve done it. We reduced onboarding time. It’s great.” Go a step further. Make sure the left hand talks to the right hand.

Create synergy between systems—your onboarding feeds into AML, feeds into fraud tools, and vice versa. Close the loop. Make things smarter. Use the knowledge and data you have—not just collect it. Smart usage of data is key.

THOMAS TARANIUK: Smart usage of that data—to spot fraudsters, but also to provide a bigger picture of the business and the risks that could affect the community, merchants, users, retail users, and shareholders.

Darek, thank you so much for joining us today on “What The Fraud?” Really appreciate your time.

DAREK PALECZNY: Thank you.

THOMAS TARANIUK: Our pleasure.

Thank you for joining us on this special episode of “What The Fraud?”—we hope you enjoyed these conversations from Money20/20 Europe in Amsterdam. Please hit that “follow” button on your favorite podcast platform. 

And if this episode left you feeling empowered, drop a review! It helps other individuals out there trying to dodge the digital tricksters. So, let’s cut the small talk and get down to business—follow, comment, review. You know the drill. Stay safe, and see you on the next one!