Real-time, account-to-account payments are no longer a novelty; they’re an expectation. Yet the same speed that delights customers also accelerates risk. In an interview hosted by HCLTech at Sibos 2025, Santosh Kumar, Head of UK Banking at HCLTech, and Helena Forest, EVP, Global Product and Commercial for real-time payments at Mastercard, explored the fraud patterns shaping this landscape and the tooling, data and partnerships needed to protect trust.

HCLTech’s latest research, Future of Payments: AI everywhere. Trust nowhere? underscores the tension leaders face: 82% believe AI is the only way to balance frictionless customer experience with fraud prevention, yet 60% view current AI fraud tools as ineffective. This conversation dug into why and what comes next.

What fraud patterns are emerging with real-time payments?

“Account-to-account, real-time payments are indeed on the rise,” said Forest. With broader infrastructure and “more and more new use cases,” adoption is accelerating. But so are scams; especially authorized push payment (APP) fraud. As she explained, in APP cases “end consumers or employees of a company are scammed and tricked into willingly transferring money,” making detection and recovery “quite difficult.”

Two dynamics intensify the problem. First, criminals exploit speed: “They’re able to move stolen funds relatively quickly using different mule accounts,” compressing the full cycle and complicating recovery. Second, “fraud and scams are moving earlier into the actual value chain… at the initiation,” shifting the battleground to onboarding, identity proofing and early behavioral signals.

Santosh agreed that the target is trust: “Fraudsters are not attacking the system. They are attacking customers’ trust.” He pointed to a “huge rise” in APP scams and noted that proliferation of new accounts is being “exploited…to break up” traces of criminal activity. The implication for banks is to strengthen controls where customers begin their journey and where transactions are first authorized.

AI’s promise versus today’s reality

HCLTech’s research highlights the paradox: leaders need AI to remove friction while stopping fraud, but many don’t trust today’s tools. Santosh’s litmus test is timing: “If the tool is catching the fraud after it has happened, then it is like a blunt tool.” AI only earns its keep if it “can scale and detect things real time and before the fraud has happened.”

That means pairing models with richer context: “It was also about identity intelligence…and having…common standards,” he said, so banks and networks can share the right signals. Santosh laid out a practical stack for instant payments:

• “Real-time risk scoring is the first step.” Decisions must be made before funds move
• “Account verification…the whole nine yards of checks…is extremely [important]”
• “New-account detection” needs an industry approach to spot mule networks
• “Authentication” must be strong yet “seamless,” because “customers…don’t need to know what’s happening behind the scenes”

Together, these shift AI from a blunt instrument to a pre-transaction defense.

Trust by design: Intelligence behind a simple front end

Forest framed Mastercard’s approach as simplicity on the surface, sophistication behind the scenes. Customers want experiences that are “intuitive, safe and fast,” while the platform introduces “friction where it matters.” That requires dynamic risk management and “the ability to score transactions” and “treat transactions differently” based on value and risk.

Data is the differentiator: “Real-time data availability and cross-industry collaboration is incredibly important,” she said. With broad visibility, AI models trained on “billions of patterns and transactions” can score both initiating and receiving parties, and “we see…that the rates of APP fraud have now drastically declined” where these capabilities are in place. The lesson is that fraud doesn’t stop at any single bank’s edge, so neither should the data that defends against it.

Ecosystem partnerships: From point solutions to shared outcomes

Real-time payments evolve quickly and vary by market. Forest emphasized that while Mastercard runs global platforms, “plugins,” or specialized partners and local capabilities, are “absolutely essential” to complement core services and sustain trust as use cases grow.

Santosh went further: “The ecosystem is fundamental…No one bank or country can stop it.” With cross-border volumes rising, collaboration across banks, networks and governments is vital. He welcomed moves like the UK’s embrace of digital identity, arguing that shared, verifiable identities let participants “start to share those identities” within a global framework, strengthening defenses end-to-end. Partnerships like HCLTech with Mastercard help banks “take the right solutions to our customers” and “prevent” attacks earlier in the flow.

A playbook for resilient real-time payments

The path forward is emerging as prevent at initiation, decide in real time, verify accounts continuously, authenticate seamlessly and share intelligence across the ecosystem. AI is central, but only when fed real-time, cross-industry data and aligned to pre-transaction controls. As Forest noted, the goal is a simple, safe front end with intelligence that customers never see. As Santosh stressed, effectiveness is measured not by catching fraud after the fact, but by stopping it before money moves.

If HCLTech’s research captures the current tension of leaders betting on AI while doubting today’s tools, this conversation points to resolution: standards for identity and data sharing, dynamic risk models and partnerships that scale across borders. Get those ingredients right, and real-time payments can deliver on their promise of speed and trust at global scale.