The Banking View | Fraud defence with built-in contingencies: interview with Danske Bank

Dave Laramy, Head of Group Fraud, ABC & Tax Evasion, Danske Bank, reveals how multi-layered, AI-aware strategies, real-time monitoring, and agile controls are defending against scams and Fraud-as-a-Service threats.

Dave, thank you for joining us. Could you please introduce yourself and share more details about your professional background and your role at Danske Bank?

I’m responsible for Fraud Management, Anti-Bribery & Corruption, and Tax Evasion Prevention controls across the Danske Bank Group. Danske Bank is Denmark’s largest bank, with a significant presence across Sweden, Finland, and Norway. I moved to Copenhagen in 2022, having previously held senior fraud and financial crime roles in the UK for over 20 years.

In 2025, global fraud losses reached alarming levels, with scams costing approximately USD 442 billion. In 2026, what is the single “unblockable” scam posing the greatest risk, and what are this year’s top fraud and cybercrime threats?

One of the realities that keeps fraud teams busy is that we cannot control the evolution of technology or the tactics fraudsters choose to deploy. These range from simple social engineering to highly sophisticated, automated attacks. What we can control is our response, both reactively and proactively, to emerging and evolving threats. The advancement of technology is unstoppable. AI is removing language barriers and enabling scale attacks and targeted deepfakes.

AI fraud rings are morphing into cyber-cartels, peddling scams like Amazon Prime for crooks – ready-made phishing kits, voice clones, and deepfake tools for USD 50/month. What's your hottest take on the Fraud-as-a-Service explosion fuelling this underworld boom? What are the biggest risks or challenges organisations face as FaaS scales rapidly?

It’s true that the barriers to entry for those wishing to commit these types of crimes have reduced and that criminals are working together (not without incident, I might add) more closely than ever before. We are dealing with bored teenagers in bedrooms all the way up to state-sponsored attacks and organised crime groups targeting us specifically. Unfortunately, this is not helped by geopolitical challenges, and it is not going anywhere. It’s also not new; FaaS has been around for several years. The agility and scalability of the fraudsters, as well as the sophisticated use of AI, make this more challenging than ever.

How are banks leveraging AI technologies to stay ahead of increasingly sophisticated fraud, and how are fraudsters simultaneously adapting to and exploiting new technologies to advance their attacks?

The use of machine learning and AI within fraud prevention is not new. I was using a neural network model for lending fraud prevention as far back as 2006. There are many emerging use cases for newer technologies such as GenAI, which can be used to help customers identify scams upfront, ask questions within payment flows, and help investigate fraud claims. Fraudsters will continue to exploit the technology to try and evade identity verification onboarding controls, develop increasingly sophisticated deepfakes, switch languages with ease and scale and pivot more quickly than ever before. Fraudsters using evolving technology is also nothing new, so having the monitoring in place to identify changes in fraudster behaviour and react accordingly is critical.

How can analysing different customer segments reveal insights into fraud risk and behaviour, and what practical lessons and proven successes have experts gained from years on the front line of fraud detection and response?

I think various pieces of research have shown that whilst literally anyone can fall for a scam in today’s world, certain customer groups are more susceptible to certain types of scams than others. It’s no surprise that investment and romance scammers will target the wealthy and lonely, whilst Facebook Marketplace scams are targeting those actively on Facebook. The customer profile can be built into prevention and detection strategies to focus on the harm. It is not true to say it’s just the elderly that are targeted by scammers, but there are certainly elderly and vulnerable victims, as well as a lot of people who thought it would never be them.

What are the practical strategies for conducting thorough risk assessments, identifying critical vulnerabilities, and prioritising mitigation efforts, and how can organisations apply the latest methodologies, regulatory expectations, and emerging best practices to enhance resilience and response capabilities?

I am a fan of ‘red teaming’ fraud controls, and one of the simplest versions of these is to release features to employees of the bank first so they can actively try and break it before launching to customers. Having monitoring in place from day 1 of a customer launch is also critical to establishing that everything is working as it should. Early fraud cases on any new products and services should be subject to deep root cause analysis to understand how fraudsters exploited the controls in place and what remediation is required. When building controls, always make sure that you’re able to apply parameters which you can change easily and have a kill switch to use in the event of emergencies. This might sound drastic, but there have been a couple of moments in my career where that’s proven to be really useful.

How can breaking down silos within and between organisations help combat financial crime and fraud, and what types of fraud and AML data should be shared internally and externally to maximise impact while ensuring data integrity, privacy, and security?

Sharing data effectively across your own organisation is Fraud 101. However, this can be challenging, as data often exists in multiple formats and across multiple systems. Having multi-disciplined squads is a great way to progress technology changes and bring stakeholders along the journey. I am hopeful that data sharing frameworks (such as CIFAS in the UK or NFCERT in the Nordics or Fraud Information Distribution Arrangement – FRIDA - from the EPC) will continue to grow and provide value and be boosted by forthcoming regulation either from AMLA or under the Payment Services Regulation.

Real-time payments accelerate legitimate transactions, yet they enable fraudsters to extract funds from compromised accounts before detection systems activate. How can financial institutions prevent these instantaneous thefts without introducing friction for legitimate customers?

Real-time domestic payments have been around for over 20 years, though cross-border real-time payments are a relatively new phenomenon. The key is to be able to interrupt transactions in real-time and either decline or hold transactions until the bank is satisfied it doesn’t relate to financial crime. It shouldn’t be necessary to hold the vast majority of transactions as there are numerous tools, models and data feeds that can be used to reduce false positives at the detection stage. The conversations with customers can be protracted depending on the fraud type as they may be under the spell of the fraudsters.

What are your own personal best practices for protecting yourself from fraud and scams? How can individuals protect themselves against scams?

Those who know me will know that I haven’t answered my phone to unexpected phone calls since the early 2000s, and I don’t use one of the large email providers. My advice to others would be to only use ‘trusted channels’ when communicating with organisations, for example, within their mobile banking apps that you have been using for some time. Don’t trust unsolicited calls, SMSs or messages within communication apps or on social media. In the UK, you can call 159 and ask to be put through to your bank, with confidence that the call is legitimate.

Dave, with fraud losses exploding toward USD 58 billion amid AI deepfakes and quantum risks, what's your message to banks – beyond “invest in AI” – on turning defence into a ruthless competitive moat this year?

“A ruthless competitive moat” is definitely a phrase I shall be using myself this year, with the historical version typically being called a multi-layered fraud defence strategy. My message is that you need to have contingency strategies ready to go for each layer of your fraud strategy. Sometimes you need to raise alert volume to drive away an attack or honeypot it into something that is easier to defend. If you change your strategy frequently, it becomes much more difficult for AI, or indeed humans, to figure out.

The Banking View is an exclusive series capturing direct perspectives from banks on how they are navigating payments modernisation, fraud and financial crime, regulation, and innovation. In a landscape defined by rapid regulatory change, increased cost pressures, industry consolidation, rising expectations for real-time, seamless payments, and relentless innovation demands, banks face complex trade-offs between speed, security, and compliance. This series goes beyond theory to examine real decisions, real constraints, and real outcomes: what banks are prioritising, what is changing, and what is proving more challenging than expected. Each edition features candid insights from banking leaders, real-world case studies, perspectives on emerging topics, lessons from both successes and setbacks, and in-depth analysis of the technologies, processes, and trade-offs shaping strategic decisions. The Banking View delivers a front-line perspective on how banks are prioritising transformation, managing risk, and driving innovation under sustained pressure.

About Dave Laramy

Dave is the Head of Group Fraud, ABC, and Tax Evasion at Danske Bank. He moved to Copenhagen in 2022 and, before this, held various senior roles in fraud and financial crime, with experience in both traditional and challenger banking.

 

 

About Danske Bank

Danske Bank is the largest bank in Denmark with a strong international presence, particularly in the Nordic markets, serving a full range of customers.