Gaming the System: The Rise of First Party Fraud | "What The Fraud?" Podcast

THOMAS TARANIUK: Hello and welcome to What The Fraud?, a podcast by Sumsub, where digital fraudsters meet their match. I'm Thomas Taraniuk, Head of Partnerships here at Sumsub, a global verification platform helping businesses verify users, companies, and transactions.

In today’s episode, we’re tackling first-party fraud, and the numbers are hard to ignore. Around 45% of chargebacks are thought to be fraudulent. 62% of businesses say it’s on the rise, and nearly half say customers aren’t doing it out of desperation—they’re simply learning how to game the system.

The problem is, most of it isn’t even tracked as fraud. It’s written off as refunds, disputes, or customer service costs, which means many businesses don’t actually know how much they’re losing. The fraud landscape is changing, and one of the most important shifts is this: the threat is coming from within.

My guest today is Richard Bromley, Head of Fraud and Disputes Risk at Monzo Bank. Richard has spent years working at the sharp end of financial crime and fraud risk across some of the most well-known names in fintech and financial services. He brings a uniquely practical perspective on where the lines are drawn—and more importantly, how to enforce them. So Rich, welcome to What The Fraud?

RICHARD BROMLEY: Amazing, thank you so much for having me here.

What is first-party fraud?

THOMAS TARANIUK: Rich, let’s start with the basics. First-party fraud gets talked about a lot, but many people still have a blurry picture of what it actually is. Can you share your perspective and explain why it’s fundamentally different from the kind of fraud people usually think of?

RICHARD BROMLEY: It’s a great place to start, because if you ask people to define first-party fraud, you’ll get a wide range of answers. At a high level, first-party fraud is when someone knowingly misrepresents their identity or provides false information for financial or material gain. Simple examples help bring this to life. It could be someone exaggerating their salary on a mortgage application. It might be ordering goods or services online and falsely claiming they were never delivered to obtain a refund. It could even involve agreeing to use your bank account to transfer illicit funds—what’s commonly known as money muling.

Suggested read: What Is a Money Mule? Red Flags, Examples, and Prevention

One of the biggest issues with first-party fraud is that it’s often seen as a victimless crime. In reality, that couldn’t be further from the truth. It’s a growing threat that causes significant harm to individuals, businesses, and communities, and it can lead to serious consequences for those involved.

If we break it down further from a banking and financial services perspective, there are a few key categories. One is fraudulent reimbursement claims, where an existing customer reports fraud that never actually happened to receive compensation. Another is application fraud, where false or manipulated information is used to secure financial products. Then there are more nuanced forms, like referral or incentive abuse—for example, exploiting referral bonuses offered by banks.

When people talk about first-party fraud, you’ll often hear the term “friendly fraud.” I feel strongly that this is the wrong term. First-party fraud is a crime, and there’s nothing friendly about it. While the individual committing it may benefit financially, the impact is felt by banks, payment processors, merchants, and ultimately other consumers.

If there’s one takeaway, it’s this: we should move away from calling it “friendly fraud” and start treating first-party fraud as a serious risk in its own right.

THOMAS TARANIUK: So this “friendly fraud” isn’t so friendly after all. Do you think the language itself is part of the problem?

RICHARD BROMLEY: Absolutely. It’s unhelpful both for the public and for professionals working in fraud prevention.

There was research by Cifas showing that nearly half of adults surveyed—around 48%—believed it was reasonable to commit first-party fraud. That is often related to retail scenarios, like falsely claiming non-delivery to get a refund, or even exaggerating qualifications on a CV.

This behavior is becoming culturally normalized. When you combine that with a term like “friendly fraud,” it reinforces the idea that it’s harmless or acceptable.

That perception also affects how organizations prioritize risk. If fraud teams categorize risks like authorized push payment fraud, account takeover, and card fraud alongside something labeled “friendly fraud,” there’s a danger it won’t be taken as seriously. The term creates the wrong impression and can influence decision-making in ways that underestimate the risk.

THOMAS TARANIUK: And unlike other types of fraud, the damage here isn’t always clearly tracked. A lot of it gets buried in refunds and disputes. Do you think the industry really understands how big the problem is?

Does the industry understand how big the problem of first-party fraud is?

RICHARD BROMLEY: The short answer is no.

First-party fraud is defined and categorized differently across organizations and sectors—whether that’s financial services, merchants, insurance, or payments. That inconsistency makes it very difficult to measure the true scale of the issue.

On top of that, a lot of cases go undetected. Take a simple example: someone buys a TV they can’t afford, then later submits a false claim saying it was never delivered. If that claim is approved and they never repeat the behavior, it may never be identified as fraud.

What we can say with confidence is that this is a growing problem. Research consistently shows that more consumers are willing to engage in this behavior, and the lack of a shared definition makes it harder to track and combat. For many professionals in fraud and risk, this is a major concern—and it’s something that’s keeping people across the industry up at night.

THOMAS TARANIUK: That’s a really interesting point. Even at the individual case level, if something like that TV example is handled by customer support rather than a fraud team, is it always classified correctly?

RICHARD BROMLEY: I can’t speak for every organization, but from a Monzo perspective, we take a structured approach. If we detect potential first-party fraud, regardless of how it surfaces, we guide the customer through a reporting journey. That process is also an opportunity to provide education and better understand the situation around what fraud actually entails in terms of reporting it to your bank. We also use a machine learning model that’s calibrated to pick up a range of signals and intelligence—both transactional and behavioral—that may indicate potential first-party fraud.

What we then do is put those cases in front of one of our highly-trained fraud investigators, because they’re best placed to assess whether first-party fraud is actually taking place. Based on that diagnosis, they determine the appropriate next steps in terms of treatment. That process also drives how cases are labeled, which is critical.

When I mentioned earlier that we use a machine learning model to detect first-party fraud, it’s only as effective as the data we feed into it. That’s why we combine technology with expert human input. Our fraud specialists ensure the right signals are captured so the model can continue to evolve and improve.

The last point I’ll make here is that there are typically two types of first-party fraud actors. On one side, you have organized criminal groups—OCGs—who attempt to commit first-party fraud at scale. Their data, transaction patterns, and behavior tend to follow a certain structure.

On the other side, you have opportunistic actors. This ties back to the TV example I mentioned earlier. These individuals are not typically hardened criminals, but people who encounter an opportunity and, with enough motivation, decide to exploit it. That motivation can also be influenced by environmental factors, such as the challenging economic climate we’re currently experiencing.

THOMAS TARANIUK: From your perspective, it sounds like you’ve addressed one of the biggest challenges here—distinguishing between individuals who have a genuine refund request and those who feel entitled to something they’re not actually owed, versus those who are deliberately trying to defraud a business.

As you mentioned, that could be criminal gangs, or it could be someone acting opportunistically. It sounds like you have strong systems in place at Monzo Bank, but for other businesses, is this something they can implement quickly? Or has it taken years of work to build and scale across the organization?

Can businesses quickly implement first-party fraud protection systems?

RICHARD BROMLEY: This is a strategy that has evolved over a number of years, and it continues to change and develop.

If I were advising an organization today that doesn’t yet have a dedicated first-party fraud strategy, that would be one of the first places I’d start. Internally, your policies should clearly define what first-party fraud actually is. That’s critical, because without a definition, you can’t properly label, track, or measure how it’s developing across your systems.

It also means different teams may be speaking different languages. From a risk perspective, I might define first-party fraud one way, while someone in data or engineering might see it differently. Establishing a clear definition creates a shared understanding across the organization.

From there, you build your approach. But like all fraud typologies, it evolves quickly. That’s why it’s important to combine strong data, consistent categorization, and accurate labeling with real-time insights from fraud investigators who are reviewing cases every day.

That combination allows you to understand how first-party fraud is changing and what patterns are emerging. For fraud professionals, being able to see that evolution in real time is essential.

The final point is the importance of committing to a strategy. Without one, you end up reacting tactically. With a defined strategy—whether over one, two, or three years—you can better understand how the problem develops within your systems and invest in the right tools and processes to manage, treat, and measure it effectively.

THOMAS TARANIUK: It sounds like you’ve got a strong handle on the different fraud typologies as we move into 2026, even though they continue to evolve.

There’s one side of the equation that focuses on identifying fraud types, spotting indicators, and stopping them. But what about the consequences? From your perspective, which type of fraud is more costly?

Is it opportunistic fraud, where you react and block accounts? Or is it organized criminal activity, where you try to eliminate the problem at the root? Are opportunistic actors more likely to reoffend, or is it the organized groups that pose the bigger long-term risk?

Which type of fraud is more costly?

RICHARD BROMLEY: It’s a great question, and honestly, it’s a bit of both.

A lot depends on the broader macroeconomic and geopolitical environment. To give a clearer example, when authorized push payment reimbursement rules came into force in October 2024, criminal groups were already preparing to exploit them.

For those unfamiliar, these rules require banks to reimburse customers who fall victim to certain types of fraud. Criminals saw this as a new opportunity. Very quickly, they began testing ways to exploit the system—for example, by submitting false reimbursement claims for scams that never actually occurred.

That’s a clear example of organized criminal behavior adapting to regulatory change.

On the opportunistic side, activity tends to come in waves. When you consider the current cost-of-living pressures, especially during periods like Christmas, people may stretch themselves financially. That can create motivation to look for ways to recover money, even if it means making a false claim.

Another area we need to talk about is “hacks,” particularly those shared on social media. The term is widely used, but in many cases, it’s simply about exploiting system weaknesses.

A few years ago, there was an incident where a temporary system glitch allowed customers to write checks to themselves, deposit them at ATMs, and withdraw funds before verification. Normally, that wouldn’t be possible, but the glitch created a window of opportunity.

This spread rapidly on social media. People shared instructions, videos, and step-by-step guides. Because it was perceived as a victimless act—targeting a large bank—many individuals justified taking part. That example highlights how normalized this behavior can become.

On the subscription side, we’re also seeing growth in what’s sometimes called “misguided disputing.” These are customers who raise disputes without malicious intent. They may see a charge they don’t recognize and assume it’s unauthorized. In reality, they may have signed up for a free trial or a low-cost offer that converted into a recurring subscription.

Research from National Trading Standards estimated that around 4.7 million people in the UK have paid for a subscription they didn’t realize they had signed up for.

Because these payments are often low value, they can go unnoticed, unchallenged, or unresolved. When customers struggle to cancel or get refunds from merchants, they often turn to their bank and report the charge as fraudulent.

From their perspective, they didn’t knowingly authorize it. But operationally, this creates a growing challenge for banks.

THOMAS TARANIUK: Given all of that, do you see economic pressure as a valid justification for this behavior? And are we doing enough to reframe it as a crime rather than something casually described as a “hack”?

RICHARD BROMLEY: Education is absolutely critical, but every case needs to be assessed individually. We’re dealing with real people, so it’s important not to take a one-size-fits-all approach. At the same time, there has to be a deterrent. If you lean too far toward education without enforcement, you risk creating an environment where individuals feel they can continue exploiting the system. That can also make an organization appear like an easier target, particularly to organized criminal groups.

Criminals are quick to identify weaknesses. If they see one vulnerability, they may assume there are others and increase their efforts accordingly.

That’s why balance is so important. Where we can clearly demonstrate that first-party fraud has occurred, we can take appropriate action—whether that’s exiting the customer relationship or sharing intelligence to prevent similar behavior across other institutions.

The combination of strong detection technology and experienced fraud investigators allows us to build that level of confidence. The technology highlights the signals, and the investigators apply the expertise needed to confirm whether first-party fraud has actually taken place.

THOMAS TARANIUK: Super interesting. You mentioned a couple of points there, especially around the idea that if there’s blood in the water, the sharks will come, right?

And that applies not only to organized fraud groups targeting banks and fintechs, but also to everyday consumers. At the end of the day, people are sharing tips—habits, tricks—on social media, and that’s becoming a major driver of this behavior.

So are we actually seeing fraud tips being shared openly on social media? Tricks and methods circulating at scale?

RICHARD BROMLEY: Yes, absolutely. Fraud-as-a-service has been around for a while, but what’s become increasingly concerning in recent years is the shift from the dark web to the surface web.

If you go onto a range of social media platforms—and I don’t need to name them—you can search a few keywords and very quickly find content that gives tips and guidance on how to handle different scenarios and, effectively, how to commit fraud.

What’s important here is how that content is framed. When you read it, the underlying message is often that this behavior is acceptable—that it’s a victimless crime and that you’re not doing anything wrong.

You’ll see phrases like “this is a hack,” “this is an opportunity,” or “everyone is doing it.” It’s often glamorized—people showing cash, multiple cards, or perceived success. That normalizes the behavior.

If something is presented as normal within a community, especially on social media, it becomes easier for individuals to rationalize their actions. They start to think, “This is reasonable. This is why I’m doing it.”

That’s where pressure and opportunity intersect. And to your point, the speed at which this information spreads across social platforms significantly accelerates this type of fraud.

THOMAS TARANIUK: What really stands out in this discussion is how much of this fraud is perceived as low risk. From your perspective, to what extent are banks and fintechs unintentionally creating systems that are easy to exploit? Are they partly responsible for how consumers behave in these scenarios?

To what extent do banks and fintechs unintentionally create systems that are easy to exploit?

RICHARD BROMLEY: I don’t believe so. If we’re talking about financial services, the industry has invested heavily—millions, if not billions—into fraud detection and prevention. First-party fraud is simply another typology that needs to be addressed within that broader effort.

What we’re dealing with here is the human element. Take the reimbursement scenario: when a customer reports fraud, you want that experience to be empathetic, customer-centric, and supportive. For someone who has genuinely been affected, it’s a difficult situation, and the priority is to make them whole.

Where I think there’s a significant opportunity is in data sharing—both within sectors and across sectors.

Financial services already does a good job of sharing information internally, but first-party fraud extends beyond banking. It affects retail, insurance, and other industries. The challenge is how we share signals across the entire ecosystem.

For example, if there is strong evidence that someone has committed first-party fraud in a retail context, and they later try to open an account or interact with another financial provider, having access to that signal allows for better risk management. However, one of the core challenges remains the lack of a consistent definition of first-party fraud. Until that’s aligned across sectors, it’s difficult to build a unified approach.

THOMAS TARANIUK: So there needs to be alignment on definitions, especially for cross-industry data sharing. But internally, we also need to understand user intent, right?

RICHARD BROMLEY: Exactly.

THOMAS TARANIUK: I want to get into the core tension that intent creates for fraud and customer experience teams. Rich, we’ve covered what first-party fraud looks like and why it’s growing. Now let’s talk about the central operational challenge.

The person you’re trying to stop is your customer. If you get it wrong either way, you lose. Around 60% of merchants report false positive rates between 2% and 10%, and half of consumers would switch banks for a better dispute experience. Those are tough constraints. How do you balance losing the customer versus losing the dispute?

Losing the customer vs losing the dispute

RICHARD BROMLEY: Any effective fraud strategy should consider three core components: fraud prevention and loss reduction, customer experience, and operational cost. Every decision sits somewhere within that triangle.

In this case, detection is the key factor. If you can accurately detect risk early, you can shape the customer journey accordingly.

If you subject every customer to a heavy, intrusive process, they may feel they’re being treated like a suspect when they’re simply reporting an issue. That can damage trust and push them toward another provider.

From a customer perspective, reimbursement is only part of the equation. Fraud also has emotional and psychological impacts—stress, loss of trust, and frustration. These are harder to measure but just as important.

What we focus on is using data and technology—transactional, behavioral, and external signals—to create more nuanced and dynamic customer journeys.

For straightforward cases, we can offer a seamless experience and resolve issues quickly. For higher-risk scenarios, we introduce additional steps, request more information, or conduct deeper investigations. The key is that this friction is targeted, not applied universally.

No system is perfect, and there will always be some false positives. But by making these journeys dynamic, you not only improve customer experience but also create a deterrent for fraudsters.

If processes are predictable, they can be exploited. If they’re adaptive, it becomes much harder for bad actors to navigate them successfully.

THOMAS TARANIUK: That’s really interesting, especially when you think about using AI to guide these journeys and ensure fair outcomes. At the same time, it seems like decisions aren’t always clear-cut—whether to approve or reject disputes, or issue refunds. First-party fraud is fundamentally behavioral; it requires intent. So what early signals tell you something is off, and how does that shape your response?

Early signals of first-party fraud

RICHARD BROMLEY: The decision is rarely binary. First-party fraud involves judgment, and that’s where experienced investigators play a critical role. If you reduce it to a simple yes-or-no decision, you risk losing that balance we talked about earlier.

Signals can be transactional, behavioral, or network-based, and they can apply to individuals or broader customer groups.

If we look at reimbursement scenarios involving organized crime, we often see unusual patterns. For example, a newly opened account receives funds, quickly moves them out, and then submits a claim—perhaps framed as an investment scam.

In those cases, one of the strongest tools we have is collaboration between financial institutions. We can trace the flow of funds—where they came from and where they went—which provides valuable insight into whether the claim is legitimate.

On the opportunistic side, patterns emerge differently. Take a scenario where someone exploits a retail loophole—buying a product like a PlayStation 5, then claiming it was never received.

If that works once, it can spread quickly through personal networks—friends, family, acquaintances. When we start to see repeated transactions at the same retailers, combined with closely timed claims, that creates a clear signal.

This is where behavioral and network-level analysis becomes critical. It allows us to detect emerging patterns early and prevent them from scaling. Because ultimately, the speed at which these behaviors spread is what makes them so challenging to contain.

THOMAS TARANIUK: Super interesting. On the practical side then, Richard—refund leakage, promotional abuse, policy vulnerabilities—if you joined a fintech tomorrow and wanted to understand your real exposure, where’s the first place you’d look?

RICHARD BROMLEY: For me, the answer is always in the investigations. It’s always about the fraud investigators—what they’re seeing and experiencing day in, day out. If I joined a bank or a fintech that hadn’t clearly defined first-party fraud, or had weak labeling and poor data to illustrate the problem quantitatively, that’s where I’d start. I’d work closely with investigators to understand, based on a sample, what typical patterns are entering the ecosystem.

That gives you a baseline. And once you have that baseline—even if it’s not statistically perfect, which can be difficult when relying on human analysis—you begin to understand the common sequences of activity coming into your recourse system. From there, you can start to build out your approach.

There may also be a need for internal education, helping teams understand what the risk actually is, how it materializes, how it can be controlled, and what the broader strategy should look like to manage it in a risk-based and proportionate way.

If you zoom out a bit, particularly in the UK, we know new regulations are expected to come into force around early 2027, with a strong focus on subscriptions and promotions. These will allow customers to cancel subscriptions more easily, often with a single click.

From an operational perspective, that will reduce some of the demand coming into banks. It should help create a clearer baseline of claims that reach fraud or disputes teams—those that are legitimate, alongside potentially malicious first-party fraud claims—while filtering out more of the “misguided” cases.

THOMAS TARANIUK: That makes sense. And I assume those journeys can signal intent from the user, which helps determine whether something is malicious or opportunistic.

RICHARD BROMLEY: Absolutely. You can often identify patterns quite quickly, even without perfectly categorized data. When it comes to organized criminal activity, there are usually clear commonalities.

For example, criminals increasingly use technology to scale their operations. You might see repeated use of similar images—generated, manipulated, or altered using generative AI—which can be an immediate red flag.

You’ll also notice similarities in language. Because they’re operating at scale, the wording used in claims often follows a pattern. The types of claims they submit may also be chosen strategically, based on what they believe is less likely to trigger detection systems. All of this helps you start to build a picture of what’s happening within your recourse system.

THOMAS TARANIUK: That makes a lot of sense. My last question before we move into the quick-fire round touches on a slightly uncomfortable truth. Are some businesses actually generating first-party fraud complaints through their payment or subscription design? If terms are buried so deeply that customers don’t realize they’ve signed up for recurring payments, is that a fraud problem or a conduct problem?

Are some businesses generating first-party fraud complaints through their payment or subscription design?

RICHARD BROMLEY: From my perspective, that’s primarily a conduct problem. If there are demonstrable terms and conditions outlining what the customer is signing up for, but those terms are intentionally buried in dense, complex language, that raises serious concerns. At the same time, there is an element of questionable practice if customers are being nudged or engineered into agreements they don’t fully understand.

It’s a nuanced issue, and it needs to be addressed. That’s why I’m encouraged by upcoming regulation, which will require clearer communication and make it easier for customers to understand what they’re agreeing to.

It will also simplify the process of canceling subscriptions, allowing customers to resolve issues directly with merchants. It’s unfortunate that regulation is needed to enforce what should really be standard, responsible behavior—providing clear, transparent information about what customers are signing up for.

THOMAS TARANIUK: Absolutely. We’ve talked a lot about consumer responsibility today—how people understand fraud and their behavior when interacting with businesses. But responsibility also sits with merchants, especially when it comes to subscription design and transparency.

Thank you so much, Richard. To wrap things up, we always like to have a bit of fun with a quick-fire round. Five questions, no overthinking. Let’s go.

Quick-fire round

RICHARD BROMLEY: Let’s go.

THOMAS TARANIUK: If you could ban one risky online behavior forever, what would it be?

RICHARD BROMLEY: Online marketplaces without proper verification. Sellers should be verified, and there should be legitimate payment methods in place. Fixing marketplace risks on social media platforms would significantly reduce fraud.

THOMAS TARANIUK: Great answer. Have you ever been a victim of fraud yourself?

RICHARD BROMLEY: I have. When I was a student, I woke up one morning, checked my bank account, and everything I had was gone. It was an account takeover—someone had accessed my account using my username and password. This was years ago, but I have to say the fraud team at the bank handled it incredibly well. They were empathetic and supportive. I didn’t feel like I was being treated with suspicion.

That experience taught me a lot about how skilled fraud investigators are—not just technically, but also in how they handle customers during difficult situations.

THOMAS TARANIUK: That must have been tough, but a valuable lesson. What’s one thing about fraud prevention the public underestimates?

RICHARD BROMLEY: The level of investment. If you look at media coverage, it often focuses on consumer experiences—which is important—but it can create the impression that banks aren’t doing enough. In reality, the industry has invested billions in fraud prevention in recent years, and it continues to do so. At Monzo Bank, our mission is to make money work for everyone, and that depends on keeping customers safe and maintaining their trust.

THOMAS TARANIUK: And from the fraudster’s side, what technology do you think they’re exploiting the most that businesses haven’t fully caught up with?

RICHARD BROMLEY: One area I find really interesting is the use of honeypots. It’s about taking the fight to criminals—using AI and technology to engage them, keep them occupied, and gather intelligence. For example, you can extract details like bank account information and use that data to prevent further fraud. I think that’s a powerful approach.

THOMAS TARANIUK: Really interesting. Final question—if you had to choose a completely different career, what would it be?

RICHARD BROMLEY: Formula One driver. I’d probably crash on the first lap and never race again—but it would be an incredible first lap.

THOMAS TARANIUK: It definitely would be. I’m not sure I’d even make it that far.

RICHARD BROMLEY: I’d be taking it slow.

THOMAS TARANIUK: Richard, thank you so much for joining us on this episode of What The Fraud?

RICHARD BROMLEY: Thank you for having me.

THOMAS TARANIUK: A genuinely important conversation, and one the industry needs to have more openly.

If you enjoyed today’s episode, make sure to follow us wherever you get your podcasts. If you can leave a review, we’d love to hear your thoughts—it also helps more people discover the show and stay ahead of the latest fraud trends. In our next episode, we’re doing a World Cup special. One of the biggest sporting events is coming up, and we’ll explore its impact on fraud—particularly betting fraud at scale. How does fraud risk increase across global betting markets during major tournaments? And what can be done to manage it? We’ll cover syndicates, chargebacks, bonus abuse, and the role of bots.