The threat has changed — the governance response has not kept pace
Fraud against financial institutions and their clients is not new. What is new is the character of the threat. AI has transformed fraud from a largely opportunistic, low-scale activity into a precision-engineered, industrialised operation. The barriers to executing sophisticated fraud — the cost of producing convincing impersonation materials, the effort required to research specific targets, the technical skill needed to evade detection — have collapsed. What once required a criminal organisation with significant resources can now be executed by a single actor with access to publicly available AI tools.
For Swiss private banking specifically, this transformation carries acute implications. Private banking clients are high-value targets. Their wealth is concentrated, their trust in their relationship managers is deep and exploitable, and their digital literacy — particularly among older, established clients — may not have kept pace with the sophistication of the threats they face. A private banking client who can be persuaded that their relationship manager is calling them is a client who can be persuaded to do almost anything.
The governance challenge for Swiss private banks is to treat AI-enabled fraud as what it is: a material, evolving operational risk that requires board-level ownership, adequate risk appetite articulation, and a management framework that goes beyond the traditional fraud prevention toolkit.
Global fraud losses attributed to AI-enabled attacks — including deepfake impersonation, AI-generated phishing, synthetic identity fraud and voice cloning scams — have increased dramatically since 2023. Swiss financial institutions are not immune. FINMA has flagged fraud risk as an increasing operational risk concern, and several Swiss private banking groups have reported material fraud incidents involving AI-generated impersonation of senior management and relationship managers in the past two years.
The pattern is consistent: fraudsters research their targets using publicly available information, generate convincing impersonation materials using AI, and execute attacks that rely on the target's trust in familiar voices, faces and communication styles. Defences built around recognising obviously fake communications are not adequate against attacks of this quality.
The new threat typologies: what boards need to understand
Fraud risk governance requires boards to understand the specific threats their institution faces — not at a technical level, but at a strategic one. The following typologies represent the most significant AI-enabled fraud threats to Swiss private banking institutions and their clients in the current environment.
The governance response: fraud risk at board level
Fraud risk in Swiss private banking has historically been managed primarily as an operational matter — a function of the compliance, operations and IT security teams. AI-enabled fraud demands a different approach. The sophistication, scale and speed of the current threat environment elevate fraud risk to a strategic level that requires board ownership, explicit risk appetite articulation and regular board-level reporting.
The board's governance responsibilities in relation to AI-enabled fraud are specific and non-delegable. The board must approve the institution's fraud risk appetite — including explicit positions on client liability for fraud losses, on the level of investment in fraud prevention infrastructure, and on the acceptable residual fraud risk after controls are applied. It must receive regular reporting on fraud incidents, near-misses, emerging typologies and the performance of fraud prevention controls. And it must satisfy itself that management has an adequate response to the changing threat environment — not just technology deployment but organisational capability, client communication and incident response planning.
"In the AI era, fraud is no longer an operational problem with board visibility. It is a strategic risk that requires board ownership from the outset."
Client protection: the relationship manager's role
The most effective fraud prevention in private banking is not technological — it is relational. The deep, long-standing relationships that characterise Swiss private banking are simultaneously the institution's greatest vulnerability to social engineering and its most powerful defence against it. A relationship manager who knows their client well enough to recognise unusual behaviour — an uncharacteristic sense of urgency, an unusual request, a slight change in communication style — is a more sensitive fraud detection instrument than any AI system.
Building this human layer of fraud defence requires deliberate investment in relationship manager training, clear escalation protocols for suspicious client behaviour, and a culture in which raising fraud concerns is encouraged rather than seen as an obstacle to client service. It also requires frank, proactive client communication — educating clients about the fraud threats they face, establishing out-of-band verification procedures for significant transactions, and maintaining updated contact information that allows the institution to reach clients through channels that fraudsters cannot easily intercept.
The verification problem: when you cannot trust the voice
The deepfake threat creates a fundamental verification problem for private banking. If a voice on the phone cannot be trusted as genuine, the authentication systems built around voice recognition and verbal instruction become unreliable. This is not a hypothetical future risk — high-quality voice cloning tools are publicly available and have been used in fraudulent attacks against financial institutions.
The governance response requires institutions to establish out-of-band verification protocols for high-value or unusual instructions — verification procedures that use a communication channel separate from the one through which the instruction was received. If a client calls to authorise a large transfer, the institution calls back on the client's registered number before executing. If an instruction arrives by email, confirmation is sought by telephone and vice versa. These protocols must be embedded in operating procedures, known to clients in advance, and applied consistently — not only when the relationship manager feels something is wrong.
The regulatory dimension: FINMA's expectations on fraud governance
FINMA does not maintain a separate fraud risk framework — fraud risk falls within the broader operational risk framework that FINMA supervises through its examination of institutions' risk management and internal control systems. However, the regulator has been clear that operational risk management must be adequate to the actual threat environment, and that the actual threat environment has changed materially with the advent of AI-enabled fraud.
Institutions that have not updated their fraud risk frameworks to reflect AI-enabled threats are operating with frameworks designed for a threat landscape that no longer exists. FINMA's on-site examiners will ask about fraud incident trends, about the specific controls in place against emerging typologies, and about how the institution is communicating fraud risks to clients. Institutions that cannot answer these questions with specific, current information are demonstrating an operational risk management gap.
There is also a conduct dimension to fraud risk governance that FINMA monitors. How does the institution respond when a client suffers a fraud loss? Does it apply its liability framework consistently and transparently? Does it support clients through the recovery process? Conduct failures in fraud response — particularly where vulnerable clients are involved — attract FINMA's attention in the same way as conduct failures in other areas of client treatment.
Building a fraud-resilient organisation: the practical framework
The client communication imperative
One of the most underinvested elements of fraud prevention in Swiss private banking is client communication. Many institutions communicate about fraud risks reactively — after an incident, or in response to a regulatory requirement. The AI era demands a proactive approach.
Private banking clients need to understand, in clear and accessible language, that the fraud threats they face have changed fundamentally. They need to know that a voice claiming to be their relationship manager may not be genuine. They need to know that an urgent instruction to transfer funds — however convincing the source appears — should trigger a pause and a verification call to their bank's registered number. And they need to know that their bank will never ask them to transfer funds to a "safe account," override their own security procedures, or keep a transaction secret from family members.
This communication is not a compliance exercise. It is a genuine client protection service — one that, if executed well, reduces fraud losses, strengthens client relationships and differentiates the institution from peers who treat fraud communication as a legal requirement to be minimised.
AI as a fraud defence: the detection opportunity
The same AI capabilities that fraudsters deploy against private banking clients can be deployed by institutions in their defence. Machine learning models can identify anomalous transaction patterns — unusual timing, atypical beneficiaries, uncharacteristic amounts — in real time and flag them for review before execution. Behavioural biometrics can detect account access that does not match the client's established usage patterns. Natural language processing can identify communication that exhibits characteristics of social engineering or script-driven fraud.
These capabilities are genuine and valuable — but they require the same governance discipline as AI deployed in AML compliance. Models must be validated, performance monitored, human judgment maintained over final decisions, and the board kept informed of detection rates and incident trends. AI that detects fraud is a risk management tool, and risk management tools require governance.
The ultimate defence against AI-enabled fraud is not, however, a more sophisticated AI detection system. It is a combination of technology, trained people, strong client relationships, verified procedures and board-level commitment to fraud prevention as a strategic priority. Institutions that understand this — and build accordingly — will be better protected than those that treat fraud prevention as a technology procurement exercise.