Monzo's Playbook for Fraud Detection

Monzo's fraud detection platform processes transactions for over 12.1 million users, who spent more than £55 billion through the bank in 2024. The system is designed to handle this scale with ultra-low latency, as fraudulent transactions account for fewer than one in every ten thousand transactions. The architecture is built on a reactive, microservices-based platform using Google Cloud's BigQuery and Vertex AI. Each transaction passes through a four-step process: identifying applicable controls, loading features from a dedicated service, executing logic written in Starlark, and finally applying actions like blocking a payment or issuing a warning. Monzo's previous production model was a LightGBM baseline, which has now been compared against the new multi-task neural network. This newer approach, focused on representation learning, demonstrated superior ability to generalize and maintain higher recall on rare and previously unseen fraud behaviors. The emphasis on "adversarial adaptation" is a direct response to the tactics of sophisticated fraudsters. Attackers constantly probe systems with low-risk transactions to learn the rules, adapt their strategies to mimic legitimate behavior, and then scale the attacks once a weakness is found, creating a continuous arms race. This system has shown measurable results in reducing losses from authorized push payment (APP) scams. In 2023, Monzo reported that its machine learning models helped limit losses to just £213 for every £1 million transacted. Operating within the UK's regulatory framework, Monzo's use of AI is overseen by the FCA and PRA, which apply existing financial rules rather than AI-specific legislation. Key constraints shaping their system design include stringent data protection, privacy rules, and the FCA's Consumer Duty.