Fraud & AML/CFT
Fraud and AML/CFT live in the same decision surface. These essays cover layered controls, sanctions screening, chargebacks and the feedback loop that keeps them honest.
Case studies
Automated merchant onboarding pipeline, KYC/KYB, UBO discovery, sanctions and PEP screening, risk-tiered decisioning with full audit trail. Activation cut from weeks to hours; manual review load down 70%.
Layered fraud, AML/CFT and sanctions decisioning built natively into the payments stack, vendor signals, device intelligence, internal velocity rules, SAR-ready audit trails. Fraud loss held <0.1% of GTV; fraud incidents down ~65%.
Ran payment operations for South Asia's largest marketplace across 5 markets during a COVID volume surge. Designed and shipped the COD-to-digital migration as an incentives + trust program — lifted digital share ~40% and cut dispute cycles ~50%.
Identified, value-modeled and deployed 4 production GenAI solutions across merchant integration support, incident auto-escalation, partner support automation, and a fraud/AML AI pilot with a major banking partner.
Wired SWIFT MT and MX (ISO 20022) messaging into the Simpaisa cross-border stack with gpi tracking, CSP attestation and dual-rail parsing — sustained 99.9%+ message-acceptance rate through the ISO 20022 migration window.
Essays · 17
A SWIFT Compliance Checklist for Banks and Fintechs
A working checklist of the SWIFT compliance items that audits, sponsors, and regulators actually ask about.
Correspondent Banking and the Reality of Emerging-Market Corridors
De-risking did not reduce risk. It moved the risk to the corridors that need access most.
SWIFT, AML/CFT, and Sanctions Screening in Practice
Sanctions screening is where compliance theory meets throughput reality. The product decisions live in the list overlay, the matcher, and the review queue.
Sanctions Screening Without Killing Throughput
Sanctions screening is a latency problem and a false-positive problem dressed up as a compliance problem.
AML/CFT: Rules vs Models, and Why You Need Both
Rules are explainable and weak. Models are powerful and unexplainable. Production AML needs both, layered.
PCI DSS and ISO 27001 as Product Programs
PCI DSS and ISO 27001 are not paperwork projects. Run as product programs, they make the platform measurably stronger.
Chargebacks Are a Product Problem
A rising chargeback line is product debt that finance is paying. The fix is upstream.
Layered Fraud Controls in the Payments Stack
No single fraud control survives a determined attacker. Layered controls do, and they do it without crushing conversion.
Onboarding Conversion vs. Default Rate: The Real Tradeoff
Conversion and default rate are not enemies. They are two sides of the same product surface.
Risk Tiering Merchants Is a Product Decision
Tiering is the single most leveraged product decision in a payments platform. Most teams hand it to risk and never recover.
Regulatory UX: Why the Name on a Payment Screen Can Block a Launch
Regulators do not read your roadmap. They read your screen.
Merchant Onboarding: Where Growth, Risk and Compliance Collide
Three teams own onboarding. The merchant only sees one experience. That gap is the product.
Where ML Beats AI: Six Payment Problems an LLM Cannot Touch
There is a quiet AI-in-fintech mistake teams keep making: reaching for an LLM the moment the word 'AI' shows up on the roadmap. Sometimes the right answer is a gradient-boosted tree and a clean feature pipeline. This is the operator's argument for the boring choice.
Product Management for Payments Platforms: What's Different, and What's Not
A payments PM is a SaaS PM with three extra constituencies and one extra reflex. Get the reflex wrong and the other constituencies stop trusting you.
GenAI in Fintech: 4 Production Use Cases That Actually Ship
Most fintech AI work in 2026 is still demos. These four use cases are not, they're running in production at $1B+ TPV across five regulated markets.
Project Management for Fintech Regulatory Programmes: PCI DSS, ISO 27001, SOC 2, AML/CFT
A regulatory programme is not a compliance exercise. It is a project with an immovable deadline (the audit), an external grader (the auditor), and a delivery cost (remediation) that gets paid up front or many times over.
AI Fraud Detection vs Rule Engines: A Field Comparison
AI fraud detection beats rule engines on novel-attack detection. Rule engines beat AI on explainability and ops cost. The right answer is almost always a hybrid, and the design of the hybrid is the actual work.