28 July 2026
,
Johannesburg

FraudSense South Africa 2026

South Africa's dedicated event for fraud defence in the AI economy

Request InvitationPartner with us
AI vs AI: The New Frontline in Fraud, Identity and Trust
South Africa is facing the sharpest rise in digitally enabled financial fraud, with fraudsters increasingly bypassing systems by manipulating customers directly. SABRIC's 2024 statistics show digital banking fraud nearly doubling to 98,000 incidents in a single year — banking apps accounting for 65% of cases and losses crossing R1.9 billion. Phishing, vishing, SIM-swap, deepfake impersonation, and AI-generated social engineering are now scaling across banks, fintechs, payment platforms, and telecoms faster than rule-based detection and human review can respond.

FraudSense South Africa convenes the senior leaders rebuilding fraud, AML, identity, cybersecurity, payments, and digital trust for this new reality. The summit examines how institutions are restructuring response models around AI-driven detection and investigation, coordinating defence across PayShap and the real-time payments ecosystem, and renegotiating liability as threats operate at machine speed.

Why FraudSense, why now
0 %
increase in deepfake fraud incidents YoY
0 B+
ZAR of banking fraud losses in 2025, up 23% YoY
210 M+
in financial losses linked to banking fraud in 2025
0 B+
digital payments processed annually in South Africa
Who will be there
A cross-functional room of leaders responsible for fraud response, digital trust, and financial resilience across South Africa
ROLES

Chief Risk Officers
Chief Compliance Officers
Chief Information Security Officers
Heads of Fraud & Financial Crime
Heads of Payments Risk & Digital Trust
Heads of Authentication & Identity Security

ORGANISATION TYPES

Banks & Digital Banks
Fintech & Payments Platforms
Telecoms & Digital ID Providers
Insurance Providers
E-Commerce & Retail Platforms
Regulators & Infrastructure

What makes FraudSense unique
Built for institutions responding to fraud operating at machine speed
Built around live operational pressure
FraudSense is designed around the operational problems institutions are dealing with now — AI-generated scams, synthetic identities, APP fraud, mule networks, deepfake impersonation, and machine-speed social engineering. The agenda focuses on investigation realities, AI-native response models, reimbursement pressure, detection workflows, and implementation challenges facing fraud and financial crime teams.
Cross-functional by design
Modern fraud no longer sits inside a single function or institution. FraudSense brings together leaders across fraud, AML, cybersecurity, identity, payments, telecoms, digital trust, and risk — reflecting how fraud now moves fluidly across organisational silos, customer channels, payment rails, digital platforms, marketplaces, and financial ecosystems.
AI-native defence, not AI hype
The summit focuses on how institutions are deploying AI across detection, authentication, investigation, orchestration, and response workflows. Discussions are operational rather than theoretical — centred on what is already working, where institutions are struggling, and how defence models are evolving as both fraud and response begin operating at machine speed.
Agenda

8:00

9:00

Registration

    9:00

    9:05

    Opening Remarks

      9:05

      9:35

      AI vs AI: South Africa's Fraud Arms Race Has Already Started

      South African institutions are operating inside a machine-speed fraud economy where attackers and defenders both deploy AI-assisted capability. Criminal syndicates run deepfake impersonation, synthetic identity generation, adaptive scams, and automated social engineering at industrial scale, while institutions race to rebuild defence around behavioural intelligence, orchestration, and real-time decisioning. Trust itself is collapsing as a defensible signal — voice, video, and document evidence can be generated faster than institutions can verify them. The arms race is here and widening.
      • AI accelerates faster than banks can adapt. What breaks first in the fraud stack — detection, investigation, response, or governance?
      • Attackers now deploy AI at industrial scale — synthetic identities, cloned voices, adaptive scams. Where does behavioural intelligence materially outperform rule-based detection?
      • AI-native defence sounds inevitable but is operationally expensive. Where does it actually outperform legacy controls, and where is the marketing claim ahead of reality?
      • The next fraud stack must counter AI threats the current one was never designed for. What does a three-year, AI-ready architecture have to look like?

      9:35

      9:50

      How We Solved...

      A practical case study on a real industry challenge, the approach taken, and results achieved.

        9:50

        10:20

        Real-Time Rails, Real-Time Models: Pre-Settlement Intercept as the New Defensive Standard

        PayShap has crossed 30 million transactions on rails that clear in seconds and are irreversible by design. The defensive answer emerging across the major banks is the same: score every transaction against the customer's behaviour in milliseconds, and hold suspect payments before they clear rather than chase them after. One major bank reports cutting EFT fraud by 80 percent in four months on this model. The question is whether pre-settlement intercept becomes the sector standard fast enough.
        • 89% of fraud leaders call instant payments a high fraud risk. Does the rail's irreversible design outrun every control bolted onto it?
        • Pre-settlement hold is becoming the SA defensive pattern across banks. What does real-time behavioural scoring require to hold a payment without breaking the rail?
        • Behavioural models now flag transactions the customer authorised and passed facial ID on. Where is the line between intercepting fraud and overriding the customer?
        • SIM-swap remains the dominant mule-onboarding enabler. What must real-time bank-MNO intelligence exchange deliver, and where is COMRiC-SABRIC falling short?

        10:20

        11:05

        Networking Break

          11:05

          11:35

          When the Face Was Never There: Injection Attacks and the Silent Failure of Liveness

          Deepfake-driven fraud in South Africa surged twelve-fold year on year, and the dominant attack is not a convincing video — it is the injection attack, where a fraudster feeds an AI-generated image stream straight into the verification system and bypasses the camera entirely. Liveness detection that runs at the application layer, not the device layer, fails silently: the bank believes it verified the customer, the regulator believes the obligation was met, and neither is correct. The control passed. The person never existed.
          • Injection attacks bypass the camera through virtual devices and emulators. Where does liveness detection have to sit — device layer or application layer — to survive them?
          • A single synthetic face has been reused thousands of times across platforms. What does the bank detect when the fraud is industrialised, not one-off?
          • FICA permits remote biometric verification assuming liveness works. When it fails silently, has the bank actually met its obligation, or only believed it did?
          • POPIA treats biometrics as special personal information. What is the bank's exposure when synthetic or fraudulently obtained biometric data sits inside its systems?

          11:35

          11:50

          How We Solved...

          A practical case study on a real industry challenge, the approach taken, and results achieved.

            11:50

            12:20

            The Duty of Care Question: How Far Should a Bank Go to Protect a Customer From Themselves?

            South African banks are being pushed into a role they never accepted: arbiter of whether a customer's own instruction can be trusted. With the NFO finding for the bank in roughly four in five disputes and reimbursement norms unsettled, the question of who stops a payment — and who absorbs the loss — is now daily operational reality. But the duty does not stop at the bank: the telco that enabled the SIM-swap and the institution that onboarded the mule sit in the same chain.
            • A model flags a payment so anomalous it suggests duress — yet the customer authorised it and passed facial ID. Should the provider delay it anyway?
            • Institutions can now lock the app or hold a payment mid-session on behavioural signal alone. Where does protection end and unlawful interference begin?
            • Reimbursement-by-default shifts the loss onto the institution that paid out. Does it reduce scams at source, or just move the cost?
            • Duty of care is landing on banks first — but the telco enabled the SIM-swap and the receiving institution onboarded the mule. Who else owes the customer a duty?

            12:20

            12:35

            How We Solved...

            A practical case study on a real industry challenge, the approach taken, and results achieved.

              12:35

              13:05

              After the Loss: Evidence, Adjudication, and a Dispute Process Nobody Trusts

              When a South African customer disputes a fraud loss, the institution's authentication records — OTP confirmation, device trust, session logs — are frequently treated as conclusive proof of consent. Victims increasingly contest that those markers prove intent in an era of SIM-swap, device compromise, and social engineering. Adjudication has accepted technically impossible evidence; the burden of proof sits with the customer; and the underlying technical record is often withheld. The dispute process itself has become a fraud-defence failure point.
              • OTP and device records are treated as proof of consent. Where does authentication evidence stop proving intent under SIM-swap and device compromise?
              • Adjudication has accepted technically impossible evidence. What forensic-technical competence does fair dispute resolution require, and who supplies it?
              • Burden of proof sits with the customer, who cannot see the evidence. Where is the line between confidentiality and a contestable process?
              • Reimbursement frameworks elsewhere shift the default toward the customer. What would a workable South African adjudication and recovery standard require?

              13:05

              14:00

              Mid-day Networking Lunch

                14:00

                14:30

                Fraud, AML, Cyber, and Identity Are Converging. Is the Institution?

                Financial crime no longer operates in separate categories. Fraud, scams, mule activity, laundering, cyber compromise, identity abuse, and crypto cash-out move through the same criminal ecosystems — across banks, fintechs, crypto exchanges, and insurance — while institutions remain structured around siloed functions and disconnected workflows. The regulator is now pushing the other way: the FSCA has proposed a centralised national anti-fraud intelligence hub, shifting the sector from isolated bank responses toward shared defence. The convergence is happening on the criminal side. The question is whether the operating model — and the regulator — can force it on the defensive side fast enough.
                • The FSCA has proposed a national anti-fraud intelligence hub. Does collective defence require shared infrastructure, or can it work bank-by-bank?
                • The same mule networks drain accounts, cash out through crypto, and reappear as loan applications within hours. Where does the investigation workflow actually stop?
                • Cyber intelligence is upstream of most fraud events. What does the sector lose by keeping cyber and fraud on separate workflows and reporting lines?
                • A shared hub means sharing data with competitors. Where does collective defence collide with competition, privacy law, and who owns the liability when it fails?

                14:30

                14:45

                How We Solved...

                A practical case study on a real industry challenge, the approach taken, and results achieved.

                  14:45

                  15:15

                  What the Market Taught Us: Live Lessons from Recent Fraud Events

                  Five senior fraud leaders. Five recent fraud events that hit the South African market. Each speaker has five minutes to walk the room through what their institution observed, learned, or changed in response — not what their institution failed at. No slides. No presentations. The moderator opens each segment with a single framing question and closes it with a single audience question via Slido. The format is built for fraud leaders who want operational substance from peers without the polish of a vendor case study.

                    15:15

                    15:35

                    Afternoon Networking Break

                      15:35

                      16:05

                      IT Security Is Not Fraud Operations: Why South Africa Keeps Answering the Wrong Question

                      When South African fraud losses make headlines, institutions respond with cloud architecture, zero-trust, and access posture — competent IT security answers to questions fraud operations should own. The disciplines are not the same. The NFO finds for the bank in roughly four in five cases, yet the metrics that decide fraud outcomes — detection, freeze speed, recovery — rarely surface in these defences. Alert volumes climb, analyst tenure falls, and the public conversation increasingly conflates two disciplines with fundamentally different operational objectives.
                      • Banks answer fraud questions with IT posture. Where does the bank separate IT-security accountability from fraud-operations accountability, and who owns which?
                      • Fraud outcomes turn on mule detection, time-to-freeze, and recovery — not log integrity. What does the fraud team actually measure, and publish?
                      • Analyst tenure in South African fraud ops is under two years. What does the institution do about a workforce that turns over faster than it can train, and where does AI close the gap?
                      • Inter-bank freeze response decides whether stolen funds leave. What service level between banks would move recovery rates, and what blocks it today?

                      16:05

                      16:25

                      The Hardest Calls in Fraud Defence: Where the Room Actually Stands

                      South African fraud leaders agree on the threat and split hard on the response. This is not a panel — the room votes live on the industry's most contested questions, sees where it stands, debates the divide, and votes again. The session surfaces what private conversations already know: the hardest calls in fraud defence have no consensus, and the disagreement is the most useful thing in the room.
                      • When a customer is manipulated into authorising a payment, who should carry the loss — the bank, the customer, or the institution that onboarded the mule?
                      • A bank's AI flags a high-probability scam, but the customer insists on paying. Block, delay, warn and proceed, or stay out of the way?
                      • Agentic payments are arriving — customers telling an AI to pay on their behalf. Is the fraud stack ready, or years from it?
                      • The single highest-leverage fix for South African fraud — faster inter-bank freezing, AI-driven detection, mandatory reimbursement, or better adjudication?

                      16:25

                      16:30

                      Closing Remarks

                        Contact Us
                        Whether attending as a delegate or exploring sponsorship, contact us to discover exciting opportunities at our upcoming events.
                        Thank you! Your submission has been received!
                        Oops! Something went wrong while submitting the form.
                        © Copyright 2026-28
                        Terms of UsePrivacy Policy