Bijan Sanii is CEO and founder at INETCO

It may seem reassuring that JPMorganChase, the largest U.S. bank, is among the 12 launch partners involved in Anthropic’s Project Glasswing. But given the stark cybersecurity warning the initiative represents, including a single financial institution is nowhere near enough.

Anthropic launched Glasswing on April 7 as a limited-access effort built around Claude Mythos Preview, which it describes as its most capable AI model yet and one that is especially adept at autonomous cybersecurity tasks such as finding and exploiting software vulnerabilities. Rather than release Mythos broadly, Anthropic says it is keeping access tightly controlled and using the model through Glasswing to help secure critical software before attackers can take advantage of the same kinds of capabilities.

While a growing number of organizations, including financial institutions, are being granted access to Mythos, greater and more diverse banking involvement needs to happen sooner rather than later. Banks already operate in one of the most heavily targeted cyber environments in the world. They manage enormous volumes of sensitive data and transactions while relying on a mix of cloud services, third-party vendors, open-source software, internal APIs and legacy infrastructure layered together over decades.

That complexity has always created risk. What changes with a model like Mythos is the possibility that vulnerability detection and exploitation could be accelerated at a scale and speed the sector has never faced before. For instance, unlike previous AI models that assisted humans, Mythos can analyze code, find weaknesses and chain multiple vulnerabilities together to create working exploits without human intervention. No wonder the International Monetary Fund (IMF) recently identified the AI model as a major systemic threat to global financial stability.

When the creator of a frontier AI system decides its cybersecurity capabilities are sensitive enough to limit access, financial institutions should pay very close attention. The danger is not simply that attackers may get access to better tools. It is that the economics of cyber crime may be changing. Tasks that once required significant time, expertise and coordination — mapping environments, identifying weaknesses, testing exploit paths and combining vulnerabilities across systems — could become even faster, cheaper and more scalable than they already are with existing AI tools.

For an industry like banking, where trust, uptime and transaction integrity are everything, that matters enormously.

Financial institutions do not operate in neat, self-contained environments. They operate in interconnected ecosystems. A weakness in a third-party provider, a gap in an internal application or an overlooked vulnerability in older infrastructure can quickly become more than an IT problem. It can affect customer access, payment flows, fraud controls, operational resilience and institutional reputation. If advanced AI lowers the barrier to uncovering and weaponizing those weaknesses, the threat environment becomes more dynamic, more persistent and less forgiving.

This is why the banking narrative needs to be front and centre in any conversation about models like Claude Mythos. Cybersecurity in finance is not just about protecting systems. It is about protecting confidence.

Too much cybersecurity thinking is still rooted in a slower-moving world: periodic patching, annual audits, quarterly reviews and remediation after the fact. But if AI is compressing the timeline between vulnerability discovery and attempted exploitation, then banks need to evolve from a periodic security mindset to a real-time resilience mindset.

That starts with accepting a simple reality: prevention alone is no longer enough. No institution can assume it will find and fix every weakness before an attacker finds a way to exploit it. The real test is whether suspicious behaviour can be detected as it emerges, whether malicious activity can be isolated quickly and whether damage can be contained before it spreads into payments, fraud or service disruption.

That is also why transaction visibility matters more than ever. In a more aggressive cyber environment, institutions need to close the growing latency gap between attackers and defenders. They need to understand what is happening inside transaction flows in real time. They need to be able to spot altered messages, unusual reversals, suspicious behavioural patterns, impossible geographies, abnormal terminal activity and signs that otherwise legitimate infrastructure is being manipulated. When attackers become better at finding technical weaknesses, defenders must become better at catching operational consequences in milliseconds.

Regulators and financial institutions should also stop treating AI-driven cyber risk as tomorrow’s problem. It is already a governance problem, a resilience problem and a systemic-risk problem. The sector needs clearer expectations around secure AI deployment, third-party dependencies, vulnerability disclosure, red-team testing and incident preparedness in an era of AI-assisted attacks. This is not just about individual firms hardening their own environments. It is about ensuring the broader financial ecosystem can withstand faster and more adaptive threats.

There is, of course, another side to this story. AI is strengthening defenders. Project Glasswing is built on exactly that premise: that powerful models can help trusted organizations identify and fix vulnerabilities faster. But banks do not get to experience only the upside. They have to manage the messy middle — the period where powerful cyber capabilities are advancing rapidly, safeguards are uneven and criminal incentives remain strong. That period appears to be in full swing: According to Nasdaq Verafin’s 2026 Global Financial Crime Report, global losses to fraud scams and bank fraud schemes have increased by 9.2 percent each year since 2023, reaching $579.4 billion USD in 2025.

The debate is not really about one company or one model. It is about whether the financial sector is prepared for a world in which AI can expose hidden fragilities across digital infrastructure faster than many institutions can remediate them. What once required significant technical skill and time can now be executed in minutes: voice cloning needs less than a minute of audio, generative AI can produce highly convincing forged documents at scale and deepfake-driven social engineering is becoming increasingly targeted and believable. The result is not just more fraud, but faster, cheaper and harder-to-detect fraud.

In finance, trust is not a feature. It is foundational. Customers trust that their money will move safely. Institutions trust that their systems will function as intended. Markets trust that critical infrastructure will remain resilient under pressure.

If AI is testing those assumptions in new ways, banks cannot afford to respond slowly. The institutions that adapt now — with real-time transaction intelligence and a much more dynamic view of operational risk — will be far better positioned than those that continue to treat cybersecurity as a back-office IT issue.

The post Mythos access may be limited, but banking threats are there for all to see appeared first on INETCO Payment Security Solutions.

Then the warning signs start stacking up. An AI-driven BIN attack has quietly pushed enumeration activity higher. A few merchants are generating abnormal dispute patterns. Missing or mismatched transaction fields are generating response code errors. Chargeback reversal behavior looks unusual. By the time these card scheme alerts trigger, the problem has already moved from operational nuisance to compliance exposure.

Constant vigilance is the new reality for acquirers. Rather than reacting only to major fraud events or operational failures, acquirers must now proactively identify subtle, hard to detect performance issues and suspicious activity the instant they emerge across the lifecycle of every transaction. Increasing exposure to card scheme penalties is no longer driven solely by large-scale fraud or authorization disruptions, but by the continuous evaluation of fraud ratios, card scheme message quality, authorization behavior and transaction processing compliance across the merchant portfolio. Even small anomalies, if left undetected, can accumulate into significant financial, operational and compliance risk. 

In the past, the final risk and credit decision typically sat with the issuer. But relying on issuers to detect transactions that trigger penalties from card networks is no longer enough. The onus is now on acquirers to detect and block suspicious transactions earlier in the authorization lifecycle — without impacting legitimate customer activity and merchant revenue.

The lowdown on card scheme penalty risk

Card scheme penalty programs are designed to protect the integrity of the payments ecosystem. Networks such as Visa, Mastercard and American Express monitor disputes, declines, authorization quality, card testing, message errors and fraud to ensure payment participants are operating securely and reliably.

But the models are changing fast. In the past, many programs focused on individual merchants or specific rule violations. Today, acquirers are under growing pressure to manage risk across entire portfolios. That means a single merchant, a cluster of borderline behaviour or one high-volume BIN attack can create problems far beyond the source.

Scheme penalties can stem from a variety of issues. Excessive authorization retries, incorrect merchant-advice code usage, mismatched authorization and clearing records, missing fields, formatting errors, latency, timeout problems and unexpected declines can all contribute to broader compliance risk. The risk is especially acute in card-not-present environments, where fraudsters can test stolen or AI-generated card numbers at scale. These attacks often begin as streams of low-value authorization attempts. To the customer, they may be invisible. To a card scheme, they can look like excessive enumeration activity. To an acquirer, they can trigger monitoring, fines and deeper scrutiny.

In other words, the problem extends far beyond a single dramatic breach. More often, it is incremental degradation across dispute, authorization and fraud performance metrics.

From blind spots to boardroom risk

For acquirers, the challenge is full visibility into in-flight transactions. Most payment ecosystems are complex, fragmented and fast-moving. Transactions pass through merchants, terminals, gateways, switches, processors, issuers and schemes. Operations, compliance and fraud teams may each see part of the picture, but not the whole transaction journey in real time.

That blind gap matters more than ever. Without a field-level view across authorization and clearing flows, teams may not see early warning signals until after thresholds have already been breached. A merchant may be drifting toward excessive disputes. A retry loop may be creating unnecessary declines. A BIN attack may be hiding inside a broader stream of small approved authorizations. A mismatch between authorization and settlement data may be generating preventable card scheme exposure.

By the time a monthly report surfaces the issue, the organization may already be facing penalties, additional reporting requirements, merchant remediation pressure or entry into a monitoring program.

The stakes are high. Card scheme penalties can escalate into recurring fines, operational restrictions, payout disruptions, merchant offboarding, audit complexity and reputational damage. For acquirers, the consequences are no longer confined to one merchant account. Portfolio-level accountability means one weak point can affect the entire acquiring business.

Collateral damage: More than fines

The financial impact of card scheme penalties can be damaging, but fines are only part of the story.

For one thing, there is operational strain. Investigating scheme events often requires manual correlation across systems, teams and data sources. Analysts must reconstruct what happened, identify the merchants or devices involved, determine whether fraud or technical errors were the root cause and provide defensible, auditable evidence to schemes.

For another, revenue risk often rears its ugly head. Overly blunt responses — such as blocking broad IP ranges, restricting merchant categories or offboarding merchants too quickly — can suppress legitimate transaction volume and frustrate good customers.

Then there’s the customer experience. Excessive false declines, failed transactions and delayed authorizations erode trust. 

Last but certainly not least comes compliance pressure. Once an acquirer enters a monitoring program, the operational burden often becomes ongoing. Teams must prove improvement, maintain reporting, demonstrate controls and prevent recurrence to avoid enforcement action impacting an acquirer’s ability to participate in the network.

The result is a costly cycle: message and fraud errors create scheme exposure → scheme exposure creates operational burden → operational burden distracts teams from proactive prevention → more message and fraud errors occur.

Card scheme risk in action

A leading acquiring bank processing high volumes of card transactions recently faced this exact challenge. As transaction volumes grew, so did its exposure to disputes, unexpected declines, card scheme errors and fraud.

The bank needed to detect early warning signals before they escalated. Yet fragmented visibility across its payments environment made that difficult. Without a real-time field-level view across authorization and clearing flows, message errors, performance and fraud patterns were often identified too late.

The risks were wide-ranging: bot-driven card testing, card-not-present fraud, message tampering, merchant-advice code and response code errors, excessive retries, missing or mismatched transaction fields, velocity breaches, connectivity failures, chargebacks and rising customer friction.

By deploying INETCO BullzAI, the bank can shift from reactive monitoring to proactive control. Real-time 360-degree visibility across every transaction, down to the message field level, enables the bank to track authorization rates, monitor fraud and dispute ratios, identify enumeration activity, flag retries and errors, and block those transactions before card network thresholds are breached.

The impact: faster root-cause analysis, fewer false declines and stronger audit-ready evidence for dispute and compliance management.

Building proactive strategies to avoid card scheme penalties

Avoiding scheme penalties requires a shift from end-of-month investigation to earlier identification of transaction issues and blocking of suspicious activity. Acquiring banks, processors and merchants should focus on five core capabilities:

Real-time threshold monitoring

Teams need live visibility into authorization rates, fraud ratios, dispute ratios, enumeration activity and merchant-level performance. Waiting for batch reports leaves too much time for risk to accumulate.

Field-level transaction intelligence

Missing, invalid or mismatched fields can trigger declines, retries and scheme rule violations. Organizations need the ability to decode and correlate every transaction message across authorization and clearing flows.

In-flight detection of card testing

Low-value velocity spikes, high declines from specific BIN ranges, repeated attempts from the same devices and suspicious merchant activity must be identified while transactions are in flight, not after enumeration ratios have been impacted.

Root-cause isolation

Technical errors, performance issues and fraud can look similar from a distance. Teams need to quickly determine whether the source is a merchant, terminal, device, card, gateway, third party connectivity issue or message-formatting problem.

Precise intervention

Blunt blocking of transactions creates customer friction and revenue loss. The goal is to block the suspicious transaction, device, card, terminal or merchant patterns with surgical precision and accuracy –- without disrupting legitimate activity.

As card scheme expectations continue to evolve, many acquiring banks are looking for better ways to identify transaction issues earlier and reduce exposure before they become larger operational or compliance problems.

Request a demo today to connect with an INETCO payments expert and explore practical approaches for identifying transaction risk earlier, strengthening scheme compliance readiness and improving visibility across your payment environment.

To learn more, read the customer story: How a leading acquiring bank avoided scheme penalties and download the INETCO BullzAI for preventing card scheme penalties sheet.

The post The new reality for acquirers: blocking transactions that trigger card scheme penalties appeared first on INETCO Payment Security Solutions.

Facilitated by the KNET Payment Gateway under the supervision of the Central Bank of Kuwait (CBK), the service has become such a key part of the country’s digital banking ecosystem that the CBK is making it crystal clear that real-time must also mean reliable.

The new and troubling cost of unreliable instant payments

The CBK recently instructed KNET to implement a structured penalty system for participating banks that fail to process customer transfers through WAMD because of technical disruptions. The fines range from KD 1 to KD 20 per failed or delayed transaction, depending on the length of the outage: 

• KD 1 for delays of one to four minutes
• KD 5 for five to 15 minutes
• KD 10 for 15 to 30 minutes
• KD 20 for failures exceeding 30 minutes.

With all 11 domestic banks in Kuwait using WAMD, the operational stakes have been raised dramatically. Payment uptime is no longer just a service-quality metric; it has become a matter of regulatory compliance, financial exposure and institutional trust. 

For years, payment downtime has been measured in service-level agreements, customer complaints, reputational risk and lost transaction volume. Under the new WAMD penalty framework, downtime now creates a direct, per-transaction financial liability. Every failed or delayed transfer has a cost, and every unresolved technical issue can quickly become a regulatory and financial headache. This elevates real-time monitoring and rapid incident response into mission-critical operational functions.

Why every minute matters

CBK data reveals that WAMD processed approximately KD 2.646 billion across 40.382 million transactions in the first quarter of 2026, with March transaction activity rising 5.1 percent month over month. At that velocity, even a short disruption can become expensive. Based on Q1 2026 volume, WAMD was averaging roughly 449,000 transactions per day, or about 312 transactions per minute. A four-minute outage could therefore expose a bank to about KD 1,250 in penalties, while a 30-minute outage could reach roughly KD 93,600. And that’s before customer-impact, remediation and reputational costs are even considered.

The takeaway here: In Kuwait, payment availability is no longer an IT performance metric. It is now a compliance requirement that isn’t adequately supported by after-the-fact reporting. On that note…

From reactive reporting to real-time visibility

INETCO BullzAI is built for exactly this environment. The platform gives payment operations teams end-to-end visibility into every in-flight transaction, helping them detect, isolate and remediate failures in real time, before they impact WAMD payments. Instead of waiting for KNET or customers to report failed transfers or spending precious time reactively searching for the root cause of issues across fragmented systems, banks can see transaction patterns as they change, proactively identify where failures are occurring and act while there is still time to prevent penalty-generating disruption.

In other words, the value here is not just in seeing that there was downtime. Rather, it is in detecting the early signals of unexpected transaction declines, failures, slowdowns and third party disconnects quickly enough to respond and fix before escalation. INETCO BullzAI achieves this by watching for indicators such as:

• A sudden drop in transaction volume: If WAMD payment traffic falls sharply during a normally active period, it may indicate that customers, channels or upstream systems are unable to initiate or complete transactions.
• A spike in failed or timed-out transactions: An increase in failed payments, timeout responses, reversals or incomplete transaction flows can signal that the service is degraded, unavailable or struggling to process requests.
• Slower transaction response times: Even before a full outage occurs, rising latency can show that WAMD processing is becoming unstable. INETCO BullzAI can help detect this degradation before it turns into a complete service failure.
• Breaks in normal transaction flow: If transactions are being initiated but not completed, or if they are stopping at a specific stage in the payment journey, INETCO BullzAI can help reveal where the service disruption is occurring.
• Participant- or channel-specific issues: Downtime may not affect the entire WAMD rail. It could impact one bank, one channel, one switch connection, one integration point or one transaction type. INETCO BullzAI can help identify whether the issue is isolated or widespread.

For operations leaders, this is about uptime. For compliance teams, it is about evidence. For the C-suite, it is about reducing avoidable financial exposure in a payment channel that is central to everyday banking in Kuwait.

Resilience is also a fraud problem

As real-time payment volumes rise across all 11 Kuwaiti banks, operational reliability and payment security become deeply interconnected. A system outage, latency spike, routing error or transaction failure can quickly escalate into customer-impacting disruptions, regulatory exposure and reputational damage. At the same time, the speed and irrevocability of instant payments create an attractive target for fraudsters, leaving banks with little time to detect and stop malicious activity before funds move. Fraudulent attacks can take several forms including phishing, account takeovers, authorized push payment fraud, mule accounts and transfer redirects. 

That’s where INETCO BullzAI also plays a vital role by including an automated fraud-prevention layer with its real-time transaction monitoring capabilities. The AI-powered platform detects emerging fraud patterns in real time and blocks suspicious activity in as little as 20 milliseconds. For Kuwaiti banks, that speed matters. Real-time payments leave little room for delayed decision-making, manual review or batch-based fraud controls. Fraud needs to be detected while the transaction is still in flight.

A layered defense makes all the difference

INETCO BullzAI provides banks with a powerful dual layer of protection against the growing operational and security risks emerging from Kuwait’s rapidly expanding instant-payment ecosystem. It’s an AI-driven platform that delivers two mission-critical capabilities simultaneously: ensuring payment performance reliability through fewer transaction failures, faster issue resolution and stronger operational compliance — while also enabling real-time detection and blocking of fraudulent transactions without increasing false positives or impacting legitimate customer transactions. The result is greater resilience, reduced financial exposure and stronger confidence in every transaction.

That combination of real-time visibility into both system health and transaction risk is especially important now because the CBK’s penalty framework effectively turns WAMD reliability into a measurable financial obligation. Instant payments compress the window for both operational recovery and fraud intervention to mere seconds. In a real-time ecosystem like WAMD, a failed or fraudulent transaction happens immediately — and so do the consequences.

The institutions that succeed will be those that can identify anomalies faster, automate response actions, reduce downtime and stop fraud before it impacts customers or financial institutions. With INETCO BullzAI, Kuwaiti banks gain greater operational resilience, stronger compliance readiness, lower financial risk and increased trust in the instant-payment network.

Ultimately, the lesson is simple: Don’t pay the fine, build the visibility to prevent it.

Learn how INETCO BullzAI can help you stay ahead of compliance risk and payment fraud in 2026 and beyond by scheduling a demo today.

The post Why Kuwait’s WAMD penalty framework demands real-time payment visibility and in-flight fraud prevention appeared first on INETCO Payment Security Solutions.

INETCO’s inclusion in CCI’s national network reflects the growing importance of real-time transaction intelligence and AI-driven payment fraud prevention in today’s digital economy. As financial institutions and payment providers face increasingly sophisticated fraud threats and rising demands for resilience, the need for trusted, real-time payment protection has never been greater.

We’re proud to share the following announcement from the Council of Canadian Innovators.

Originally published on the CCI website, May 25, 2026.

The Council of Canadian Innovators is pleased to welcome INETCO and CEO and Founder Bijan Sanii to our national network of high-growth technology companies.

INETCO is a Vancouver-based global leader in real-time transaction monitoring and AI-driven payment fraud prevention. The company works with financial institutions, payment providers, and fintechs in more than 30 countries to secure unparallelled confidence in every transaction, helping them detect fraud before losses occur, stop payment fraud and cyber-attacks in milliseconds, and surface behavioural insights from every customer transaction to strengthen security and performance.

Founded with a clear mission to deliver the payment security and reliability that all people deserve, INETCO has built a reputation as a trusted partner in some of the world’s most demanding payments environments. With a growing footprint across the Middle East, Africa, and Central and Latin America, INETCO is scaling its global reach while remaining rooted in British Columbia’s technology ecosystem.

Bijan Sanii is the CEO and Founder of INETCO, bringing more than 30 years of experience as a technology industry executive and a long record of leadership within British Columbia’s tech community. He has also been actively involved in community-building, mentorship, and philanthropy through long-standing board and civic leadership.

“Real-time payments only work if trust keeps pace with speed,” said CCI Chief Executive Officer Patrick Searle. “INETCO is proving that Canadian companies can lead in fraud prevention and transaction monitoring at global scale, and that capability will be essential as Canada modernizes its own payments infrastructure.”

Since 2015, the Council of Canadian Innovators has been dedicated to supporting Canada’s high-growth technology companies, working with government leaders to co-develop strategies that unlock the country’s innovation potential.

The post CCI Welcomes INETCO to National Network of Innovators appeared first on INETCO Payment Security Solutions.

VANCOUVER, B.C. — May 21, 2026 — INETCO, a global leader in real-time payment fraud prevention, today announced the monitoring of more than 100 billion transactions per year, empowering financial institutions and payment service providers across more than 30 countries to outsmart fraudsters, stay compliant and keep every customer safe. 

Representing about 3% of total global payments, the milestone comes at a time when AI-driven fraud, account takeovers, social engineering and coordinated money laundering attacks are accelerating. According to Nasdaq Verafin’s 2026 Global Financial Crime Report, global losses to fraud scams and bank fraud schemes have increased by 9.2% each year since 2023, reaching $579.4 billion USD in 2025. According to a 2026 Gartner® survey, “when asked about changes in annual financial losses due to fraud over the past three years, most banks reported an increase. Only 30% of banks saw any decrease in fraud losses, while 70% experienced some level of increase.”¹ 

Transaction intelligence compounded

“If you wait for fraud loss, you’re too late,” said Bijan Sanii, CEO and Founder of INETCO. “What sets INETCO apart isn’t just the volume of transactions we monitor, but how that scale continuously sharpens our intelligence. As threats evolve, organizations must act before damage is done. Our 100-billion-transaction milestone represents a massive foundation of behavioral insights and transaction intelligence that allows banks and fintechs to stop sophisticated attacks at speed, ensuring protection without compromising the flow of legitimate banking and payment interactions.”

A front row seat to the evolution of fraud

INETCO BullzAI addresses new payment fraud and cybersecurity threats like nothing else on the market today by delivering AI-driven behavioral insights and a patented transaction firewall that instantly blocks fraud with precision at the individual transaction level. With capabilities that can’t be reverse-engineered or quickly replicated, it advances protection and reliability across every channel and rail — from digital and mobile to ATM, POS and branch — spanning card, ACH, wire and real-time payments.

Higher customer security and satisfaction

In addition to blocking confirmed fraudulent transactions in under 20 milliseconds, organizations using INETCO BullzAI have also reported:

• Reduced false positive rates (~45% within 90 days of implementation)
• Lower fraud loss and repayment costs (~25% reduction in financial losses within first six months of deployment)
• Faster, more effective investigations (40% reduction in average fraud investigation time)

Shaping the future of digital payments

As global payment volumes continue to grow and fraud threats become more adaptive, the demand for AI-driven solutions that identify and block unique transaction and attack profiles in real time is widely expected to keep rising across the banking and payments sectors. “While AI-powered cybercrime is among the most serious challenges facing financial security today, AI is also creating a powerful opportunity for institutions to improve their defences,” Sanii said. “The industry is undergoing a major shift, with organizations investing heavily in real-time protection. Used by bad actors, AI can intensify criminal activity; used by financial institutions, it has the potential to become one of the most effective tools for prevention.”

Many INETCO customers are realizing this positive effect. “INETCO BullzAI gives us real-time visibility across thousands of self-service and digital payment transactions — revealing which financial institutions and merchants are active, how transactions are performing and where suspicious behaviors or anomalies occur,” said Mario Rouhana, Chief Operation Officer at Alhamrani Universal, the Middle East’s largest ATM solution provider. “By understanding the behavioral patterns of every user, terminal and device, we can scale our business with confidence, respond instantly to emerging threats and reinforce the trust our customers, partners and regulators place in Alhamrani Universal as a leader in secure digital transformation.”

Looking ahead, INETCO is preparing to launch a new agentic AI agent — an exciting advancement in AI-assisted investigation designed to help fraud teams accelerate investigations, reduce the burden of false positives and turn complex risk signals into explainable, actionable insights. Book a briefing for an early look at what’s ahead.

1. Source: Gartner, “Major Fraud Trends That Banking CIOs Must Counteract (Part 1),” Vatsal Sharma, 9 March 2026.

Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

About INETCO

Outsmart fraudsters, stay compliant and keep customers safe with INETCO. Monitoring more than 100 billion transactions annually, INETCO is the trusted choice for financial institutions, fintechs and payment service providers worldwide to deliver the payments reliability and security that all people deserve — every moment, every day. Embrace the power of end-to-end visibility, AI-driven behavioral modeling and real-time fraud prevention to secure unparalleled confidence in every transaction. www.inetco.com

The post INETCO surpasses 100 billion annual transactions as demand for payment fraud protection soars appeared first on INETCO Payment Security Solutions.

Anthropic’s AI model Mythos, part of its Claude software, represented a clear threat to banks and financial institutions in South Africa.

This is according to Bijan Sanii, CEO of Canadian fraud detection provider INETCO.

“South African banks and financial institutions should be concerned,” Sanii told MyBroadband in an emailed Q&A. “Not because Mythos is necessarily being used in fraud scams and bank fraud schemes today, but because it signals where the cyber threat environment is heading.”

Anthropic, one of the world’s most important generative AI makers, positioned Mythos as an extremely capable AI model designed to identify vulnerabilities in critical software beyond human capabilities. The company decided to release Mythos under heavily restricted access through “Project Glasswing” to prevent the model from falling into the wrong hands.

On 21 April, Bloomberg reported that unauthorised users had gained access to Mythos.

“Even restricted AI tools can leak, be misused or be accessed,” said Sanii. “For South African institutions, the issue is that AI is accelerating the discovery, testing and potential weaponisation of software weaknesses.”

Sanii said he expected other models as powerful as Mythos to emerge in the coming years, which could help attackers map environments, identify weak points, and chain vulnerabilities much faster.

Last week, San Francisco-based security firm Theori employed an “AI hacker” called Xint Code to uncover a high-severity Linux vulnerability that could have allowed attackers to gain a root shell. The flaw affected mainstream Linux distributions using kernels built since 2017 and was discovered after a researcher set the AI to follow an insight into an underexplored bug class in Linux’s crypto subsystem.

“In effect, Mythos is accelerating the shift from a slower cyber world built around periodic reviews and after-the-fact remediation to one where banks need in-flight detection and real-time resilience.”

These risks could be amplified for local financial institutions. While large global technology firms and select banks were granted early defensive access to Mythos, most South African firms were excluded. Sanii said that this could widen the gap between organisations that can test and strengthen systems against AI-assisted attacks and those that must defend without this advantage.

Financial institutions under attack in South Africa

Adumo, one of South Africa’s largest payment processors that processes over R100 billion annually, was the target of a data breach in April that involved an external application connected to its system. That same week, the country’s largest bank by assets, Standard Bank, announced that private client information had been shared online. This followed a major data breach by a threat actor called “Rootboy.” While it was not confirmed whether AI was used in the attacks, cybersecurity firm Check Point Software told MyBroadband that hackers were using AI to aid their attacks in South Africa and worldwide.

“AI-assisted tools can help attackers discover and exploit vulnerabilities much faster,” explained Sanii. “Banks should treat AI cyber risk as a governance and resilience issue, not only an IT issue.”

He said that financial institutions in South Africa should expand red-team and penetration-testing programmes to reflect the growth of AI-assisted attack methods. That meant not only testing individual applications but also how vulnerabilities could be chained across APIs, identity systems, payment environments and, crucially, legacy platforms.

“Then there’s the issue of third parties,” he said. “A weakness outside the bank’s own walls can still become a banking problem if it affects customer access.”

Local banks, insurers, retailers, fintechs and payment providers depend on scores of external vendors, processors, cloud platforms, call centres and software services providers.

“The reported Mythos access issue is a reminder that trusted partners can become an exposure point,” he added.

He said the threat Mythos poses to local financial institutions extends beyond the Anthropic AI model. Instead, its development is a signal that cyberattack capabilities are becoming faster.

“South African banks and companies that adapt now will be much better positioned than those that continue to treat cybersecurity as a back-office technology issue.”

The post INETCO’s Bijan Sanii on the threat every South African bank should be worried about appeared first on INETCO Payment Security Solutions.

As highlighted in the article, INETCO CEO Bijan Sanii points out a critical truth:

The truth of the matter is, there’s hundreds of pretty significant financial institutions that are not well protected, that don’t have an ability to inoculate themselves against this.

The conversation is being fueled by the emergence of AI technology capable of identifying software vulnerabilities at a speed and scale that was previously unimaginable. What once took skilled attackers months or years can now potentially be achieved in hours.

The shift to “machine-speed” risk

At the heart of the issue is a growing imbalance: AI is accelerating the discovery of vulnerabilities faster than organizations can remediate them.

This creates what experts are calling a remediation gap — a widening window between when a weakness is identified and when it can be fixed. For banks operating complex interconnected systems, that gap represents real exposure.

Legacy infrastructure and third-party dependencies only compound the problem. Many financial institutions still rely on older technologies and vendor ecosystems that weren’t designed for this level of scrutiny or speed.

Public confidence vs. private concern

While some bank leaders are publicly downplaying the risks, the reality behind the scenes appears more nuanced. Security teams are actively testing these new AI capabilities, reassessing their defenses and grappling with how to respond to threats that operate at machine speed.

This isn’t just a theoretical risk. It’s a rapidly evolving operational challenge.

Why this matters now

The rise of AI-powered vulnerability discovery changes the rules of the game:

• Attack surfaces expand faster as systems are analyzed more deeply
• Time-to-exploit shrinks dramatically
• Detection systems that rely on delayed data are too slow to catch threats in real time

In this environment, prevention alone is no longer enough. Financial institutions need the ability to see, understand and respond to threats as they happen, not after the fact.

The role of real-time transaction intelligence

This is where real-time visibility and the ability to harness field-level transaction intelligence in milliseconds plays a critical role, and where Know Your Transaction (KYT) becomes essential. KYT enables continuous real-time analysis of transaction behavior, allowing financial institutions to detect anomalies and payment fraud as it unfolds. 

Explore how KYT strengthens real-time payment fraud detection and prevention in our latest blog.

Gaining access to real-time transaction intelligence will help organizations enhance their ability to:

• Identify subtle behavioral patterns indicative of emerging threats
• Detect and prevent payment fraud and system misuse in real time
• Strengthen cyber-resiliency across legacy and modern environments

In a world where AI can expose vulnerabilities instantly, real-time intelligence becomes the foundation of defense.

Closing the remediation gap

The real question isn’t whether AI will reshape the threat landscape, because it already has. What must be asked now is whether financial institutions can adapt quickly enough to keep pace.

Closing the remediation gap requires more than faster patching cycles. It demands in-flight detection and continuous prevention and visibility across every transaction flowing through the system.

That’s the difference between reacting to threats and staying ahead of them.

Read the full article in American Banker. Source: American Banker, “Knock on wood: Are banks doing enough to cope with Mythos?”, April 30, 2026 by Penny Crosman

FAQ

What is real-time transaction intelligence?

Real-time transaction intelligence is the ability to decode, correlate and analyze every element of a transaction as it happens across systems, channels and networks in milliseconds.

It goes far beyond simple transaction monitoring. It involves:

• Decoding: Inspecting full transaction payloads, not just summaries or logs
• Correlation: Linking activity across channels, sessions, devices and systems
• Contextual analysis: Understanding behavior, timing and anomalies in real time

This level of intelligence enables organizations to move from after-the-fact detection to prevention that starts while transactions are in flight. 

Why does this matter?

AI-powered threats operate at machine speed, so defenses must as well.

Without real-time transaction intelligence, attacks can complete before alerts are generated, fraud signals remain hidden in fragmented systems and security tools lack the context needed to act precisely.

With it, suspicious behavior can be identified mid-transaction, threats can be stopped before authorization or completion and false positives can be reduced through deeper context.

What types of attacks can real-time transaction intelligence help prevent?

Real-time transaction intelligence is particularly effective against:

• Man-in-the-middle (MITM) attacks altering transaction data in-flight
• Malware-driven manipulation of payment requests or responses
• Authorized push payment (APP) fraud using social engineering
• Credential compromise and account takeover with subtle behavioral shifts
• Zero-day exploits that bypass traditional signature-based defenses

How can financial institutions fight AI-powered threats with AI?

As AI accelerates the speed and sophistication of attacks, traditional defenses are no longer sufficient. Static rules, delayed detection and perimeter-based controls cannot keep pace with threats that learn and adapt in real time.

Modern financial institutions must now fight AI with AI. This means combining real-time transaction intelligence for deep visibility and context, self-learning AI models that continuously adapt to behavior, transaction firewall capabilities that monitor transactions in flight, and AI-driven investigation agents that accelerate response and decisioning.

Together, these capabilities form a closed-loop defense system that can detect, decide and act within the lifecycle of a transaction, not after it.

How does transaction intelligence power modern payment fraud prevention?

Defending against AI-driven threats requires more than visibility. It requires a modernized fraud prevention stack that combines transaction intelligence with AI, automation and precision controls, including:

Complete transaction visibility

Provides a full 360-degree view of every message field — application payload, metadata, network data, request/response timing — across all payment channels with no blind spots.

Real-time, end-to-end integrity 

Monitors transactions in-flight from initiation to authorization and back. This enables detection of MITM attacks, malware-based manipulation and zero-day threats before completion.

Self-training individualized AI models

Creates a unique behavioral model for every user, card, device and terminal that self-updates after every transaction.

Transaction field-level blocking

Delivers precision-blocking of specific fraudulent transactions without disrupting legitimate ones, outsmarting WAFs that can only block at IP or port level.

AI-powered investigation agent

Accelerates fraud investigation with AI-driven agents specifically built for payment fraud. These systems automatically triage alerts, surface the most relevant cases for immediate analyst attention, reduce the operational burden of manual false positive reviews and provide explainable AI decisions for faster action.

The result is up to 40% faster investigation and response times, enabling analysts to focus on high-priority threats.

The post Are banks ready for AI-powered cyber threats? appeared first on INETCO Payment Security Solutions.

But today, that’s no longer enough. 

While real-time payments, open banking and global transaction flows have created unprecedented convenience for customers, they’ve also opened the door to faster, more sophisticated financial crime as fraudsters attack through legitimate front doors using stolen identities, synthetic profiles and mule accounts that pass initial checks. Indeed, according to data from our friends at Sumsub, 76 percent of fraud happens after onboarding.

That’s where Know Your Transaction (KYT) comes in. KYT refers to the continuous monitoring and analysis of financial transactions to detect suspicious or anomalous behaviour. Rather than focusing solely on identity and due diligence, KYT focuses on activity and carrying out continuous checks to inform real-time risk scoring — how, when, where and why money moves.

By analyzing behavioral consistency and transaction patterns such as frequency, velocity, counterparties and device signals, KYT enables financial institutions to identify risks that static identity and basic authentication checks simply can’t capture. The key objective is that suspicious transactions are flagged and blocked before they are authorized. This shifts fraud prevention from a reactive investigation process to a proactive, predictive defense.

How is this best accomplished? Keep reading to learn more.  

Why KYT is critical in today’s payments landscape

Faster payments leave no room for delays

From Brazil’s Pix and India’s Unified Payments Interface (UPI) to Indonesia’s BI-FAST and Colombia’s Bre-B, real-time and near-instant payment rails are becoming the norm. According to a study by Juniper Research, the total value of money moving through instant payments is on track to surpass the $100 trillion mark in 2029, up from $60 trillion in 2025. 

Because of this, the window to detect fraud is shrinking dramatically. Fast-moving funds equate to instant and irreversible fraud, with traditional batch-based monitoring systems that flag activity hours or days later no longer being viable. Fraud must be detected as it happens, not after funds are stolen.

The rise of mule account networks

Mule accounts have become a cornerstone of modern fraud operations. Often opened with legitimate credentials, these accounts are used to receive and rapidly transfer illicit funds across networks, making detection and recovery difficult.

KYT plays a critical role in identifying mule activity by flagging patterns such as:

• Sudden unusual spikes in transaction volume
• Rapid movement of funds across multiple accounts, including immediate withdrawals after deposits 
• Repeated transfers to newly added recipients or suddenly reactivated dormant accounts 
• Short gaps between inbound and outbound transactions 
• Shared device fingerprints across accounts
• Anomalous login behavior, including high-risk geolocations or IP addresses

These signals often only emerge at the transaction level, and not during onboarding.

Increasing regulatory expectations

Regulators around the world are placing greater emphasis on ongoing transaction monitoring as part of anti-money laundering (AML) and counter-terrorist financing (CTF) programs. The United Arab Emirates, for instance, recently implemented a new AML law, while a recent report from the Paris-based Financial Action Task Force (FATF) confirmed that Saudi Arabia has made fundamental changes to its AML/CFT law to bring its legal and institutional framework in line with FATF’s updated recommendations.

With financial institutions expected to not only identify suspicious activity, but to do so quickly and accurately, KYT is becoming a foundational requirement. For example, it is a cornerstone of TrustNET, a unified AI-driven platform that combines identity verification, compliance orchestration, payment fraud prevention and real-time transaction monitoring into a single framework. Created through a strategic partnership between Ghana-based BlueSPACE, INETCO and Sumsub, TrustNET integrates global technology expertise with regional fintech leadership to help financial institutions strengthen security, meet regulatory requirements and deliver trusted digital financial services across Africa. According to a report published by AfricaNenda Foundation in partnership with the World Bank Group and the United Nations Economic Commission for Africa, as of late 2025 Africa has 36 live instant payment systems across 31 countries, with around 19 more under development. These systems processed 64 billion transactions in 2024.

Legacy systems have blind spots

Many traditional fraud systems rely on limited data, siloed visibility or rule-based detection that has very limited data elements to evaluate. This makes it challenging for teams in fraud prevention to adapt to new attack patterns. As fraud becomes more dynamic, automated and coordinated, these systems fall behind.

Modern fraud prevention requires access to real-time granular data, behavioural analytics and adaptive intelligence.

What effective KYT looks like

A robust KYT strategy goes far beyond silo-based retrospective monitoring. It requires fraud analysis at the individual transaction level, including: 

• Continuous real-time transaction monitoring across the end-to-end transaction journey and across all channels
• Field-level visibility to analyze granular data elements related to the individual messages sent as part of a payment journey 
• Behavioural models that constantly self-learn after every transaction to identify new fraud patterns and emerging threats
• Individual machine learning models built to perform analysis per entity (e.g. account, card, device, terminal) to deliver more accurate and dynamic risk scoring
• The incorporation of analyst decisions into model training, ensuring that human expertise continuously improves detection accuracy
• Automated alerting and workflow-driven investigation response mechanisms
• Real-time risk advice for every transaction and explainable AI for transparent, high-fidelity decisioning that provides clear reasoning for actions taken 
• Precise controls such as alerts, facilitation of step-up verification, throttling or transaction blocking for high-risk payments with early signals linked to money mule indicators

Together, these capabilities allow financial institutions to move from reactive detection to proactive prevention.

How INETCO BullzAI enables real-time KYT

INETCO BullzAI provides the infrastructure and intelligence needed to bring KYT to life in modern payment environments. Key features include:

Real-time transaction monitoring: INETCO BullzAI monitors transactions as they occur across ATMs, POS systems, digital banking channels and payment networks, ensuring that suspicious activity can be identified and stopped instantly.

Deep transaction visibility: By decoding and analyzing transaction message data at a granular level, INETCO BullzAI delivers a comprehensive view of each transaction journey. This level of visibility allows institutions to detect subtle anomalies that would otherwise go unnoticed.

Detection of complex fraud patterns: INETCO BullzAI’s analytics capabilities are designed to identify multi-vector fraud scenarios, including:

• Mule account networks
• Account takeover attempts
• Bot-driven attacks
• Anomalous transaction flows

These patterns often span multiple systems and touchpoints requiring a unified real-time view.

AI-driven behavioural analysis: Adaptive models continuously learn from transaction behaviour, enabling more accurate risk scoring and reducing false positives. This helps institutions focus on real threats without disrupting legitimate customers.

Transaction intelligence is critical to fraud prevention

As financial crime becomes more automated, distributed and data-driven, siloed approaches to compliance will continue to fall short. That’s why continuous real-time transaction intelligence is the only way forward.

By combining real-time monitoring, deep transaction visibility and adaptive analytics, INETCO BullzAI empowers organizations to detect threats earlier, respond faster and prevent fraud before it impacts customers or the bottom line.

In a world where money moves instantly, security has to move even faster to maintain confidence and trust. 
If your payment fraud strategy still relies on static rules or delayed reviews, now is the time to evolve. Learn how INETCO BullzAI can help you stay ahead of payment fraud and compliance risk in 2026 and beyond by scheduling a demo today.

The post The ABCs of KYT: How this key process combats payment fraud appeared first on INETCO Payment Security Solutions.

A fraud or cyberattack can quickly become a liquidity event when it disrupts settlement funds, triggers abnormal transaction flows or forces payment services offline. That is why banks, payment processors and instant payment networks need real-time visibility into transaction activity, settlement exposure and emerging operational risk.

Consider BTG Pactual’s temporary suspension of Pix operations after a March 22 cyberattack diverted roughly $18 million USD from reserve funds. This was not only a cybersecurity incident. It was also a payments resilience and liquidity risk event. When money moves instantly, institutions need to see abnormal transaction activity as it unfolds, understand what it means for exposure and settlement and respond before disruption spreads.

For banks and payment processors, intraday liquidity monitoring is no longer just a back-office task. It is a real-time operational requirement.

What is intraday liquidity monitoring?

Intraday liquidity monitoring is the real-time tracking of incoming and outgoing payment flows and available cash positions to ensure banks can meet immediate, 24/7 payment obligations without exceeding daily maximum limits and risking liquidity shortfalls. Its purpose is to help financial institutions meet payment obligations on time, avoid settlement disruption and respond quickly when abnormal transaction patterns emerge. The latter include rapid acceleration of outbound payments, atypical timings, repeated small-value authorizations and unusually large or clustered transaction volumes.

In a real-time payments environment, that means answering critical questions as activity unfolds: Are transaction flows rising abnormally? Are settlement thresholds being approached? Is the activity operational, seasonal or potentially fraudulent? 

The larger lesson behind the March 22 cyberattack

This recent operational supply-chain compromise matters not just because funds were diverted, but because it exposed how quickly payment-system risk can escalate. Reports indicated that the incident involved funds held in the bank’s reserve account at the Central Bank of Brazil for settlement activity. Hackers penetrated the bank’s internal systems and diverted approximately $100 million reais ($18 million USD) from its settlement reserves. The funds were dispersed across seven banks and partially converted to cryptocurrency before being flagged. Pix services were temporarily suspended at the institution as a precaution, while customer accounts and personal data were not compromised. Most of the diverted amount (73 million reais) was reportedly recovered and services restored within 24 hours, but the disruption still underscores how a cyber event can put immediate pressure on the operational plumbing behind instant payments. 

This marked the third significant supply-chain attack on the Pix ecosystem in under a year, with each following a clear pattern: Instead of going after individual account holders, attackers have shifted their attention to the settlement infrastructure that links financial institutions and payment service providers to the broader payments system. The broader takeaway is clear: In fast payments, a fraud or cyberattack does not need to compromise customer accounts to create serious operational and liquidity pressure. If reserve funds, settlement capacity or transaction flows are affected, institutions may be forced to act immediately to contain risk, protect reputation and trust and limit fraud loss.

That is the challenge in any fast-moving payment environment globally: operators need to see, in real time, when transaction flows begin to threaten intraday liquidity thresholds, settlement capacity or service continuity. The recent wave of attacks indicates that real-time protection mechanisms have not kept pace with evolving threat tactics.

How does a fraud or cyberattack become a liquidity event?

A fraud or cyberattack can become a liquidity event when it causes an institution’s payment obligations to exceed daily maximum liquidity usage limits, causing the organization to suspend payment activity, delay settlement processes and face regulatory scrutiny or penalty fines. This could be due to attacks that divert reserve funds or create abnormal transaction volume or velocity spikes, resulting in negative cash outflows or internal fraud such as malware, transaction injection/manipulation or Shadow AI. In real-time payments, even a short disruption can create immediate, unrecoverable exposure because transactions settle so quickly and continuously.

How can financial institutions and payment service providers block threats targeting liquidity reserves in real time?

There are a number of emerging fraud requirements that will help banks and payment service providers detect and block threats targeting instant payment operational supply chains and liquidity reserves. These include real-time end-to-end transaction monitoring for millisecond fraud detection. A solution such as INETCO BullzAI is specifically designed to perform real-time decoding and correlation of every transaction end-to-end, revealing granular network-level protocol intelligence, response and request timings of every message link, application messages, metadata and device intelligence. This enables continuous know your transaction (KYT) analysis and improves the accuracy and speed of alerts, risk scores and AI behavioural models. The result is the ability to block supply chain attacks in-flight using the INETCO BullzAI transaction firewall, precisely reducing the risk of fraud loss, settlement disruption and liquidity thresholds being surpassed. 

INETCO’s approach stands out because it’s based on a simple premise: financial institutions and payment service providers need to continuously monitor every incoming and outgoing payment transaction themselves. They need to see every cash balance, settlement obligation and in-flight payment in one view and take immediate, AI-driven action to block or suspend suspicious activity. Machine learning models built to analyze the individual behaviours of every account, card and device can self-learn and update after every transaction to pre-emptively spot attacks before fraud loss occurs.  

Rather than relying on batch reports or notifications from central banks, teams can monitor transaction values, payment flows, issuer activity and broader network behaviours as events unfold. This is especially important as hidden payment fraud — such as transaction amounts that fall below fraud thresholds — quietly strains liquidity long before it’s identified.

Why fraud and liquidity can no longer be separated

With INETCO BullzAI, liquidity monitoring is not treated as an isolated function. It sits alongside real-time transaction monitoring and fraud detection and prevention as part of one platform supporting multiple use cases across every payment type and channel.

That reflects what payment operators are increasingly seeing in the real world. A liquidity spike may be operational. It may be seasonal. But it may also be linked to fraud, abnormal behaviour, system misuse or a compromise elsewhere in the payment chain.

In other words, fraud monitoring and intraday liquidity monitoring should no longer be viewed as separate disciplines. In a real-time payments environment, suspicious transaction behaviour can quickly create liquidity pressure, and liquidity stress can be an early signal that something else is wrong.

To learn more about how INETCO BullzAI helps payment networks and financial institutions monitor liquidity in real time, detect abnormal transaction activity earlier and protect payment operations under pressure, schedule a demo today.

The post How to stop fraud and cyberattacks from becoming liquidity ordeals appeared first on INETCO Payment Security Solutions.

This recognition highlights the real world impact our customers are making to prevent payment fraud and strengthen cyber resiliency across global payment ecosystems.

Recognizing innovation in Canada

The Canadian Business Awards celebrate organizations driving innovation and measurable impact across Canada’s economy. Now in its tenth year, the program recognizes companies shaping the future of business through performance and leadership.

Being selected reinforces the growing importance of real time payment fraud detection and prevention in today’s digital economy.

Why this matters

As payment fraud increases in speed and sophistication, financial institutions and payment processors need real time intelligence to detect and stop threats without disrupting legitimate transactions.

With INETCO BullzAI, organizations detect and stop payment fraud in real time while gaining visibility into transaction behavior across complex systems, helping them strengthen cyber resiliency without friction and protect customer trust.

This award reflects the results our customers achieve every day. We thank our customers for trusting INETCO to protect their payment environments and our partners for helping deliver stronger and more resilient ecosystems.

The post INETCO wins 2026 fraud detection and cybersecurity software award appeared first on INETCO Payment Security Solutions.