How American Express Can Transform Fraud Detection and Cardholder Experience with Agentic AI
How American Express Can Transform Fraud Detection and Cardholder Experience with Agentic AI
Fraud is getting faster, more coordinated, and harder to spot. At the same time, cardholders expect their American Express cards to work instantly, everywhere, without interruptions. That tension is exactly why agentic AI in fraud detection (American Express) is becoming such a high-stakes conversation for fraud leaders, product teams, and risk executives.
Traditional fraud stacks can be strong at scoring risk, but they often struggle to coordinate what happens next: deciding when to step up verification, how to communicate with a cardholder, how to route cases, and how to learn from outcomes quickly. Agentic AI changes that by acting as an orchestrator across systems, policies, and workflows. The goal isn’t “more AI.” The goal is fewer fraud losses, fewer false declines, faster investigations, and a cleaner cardholder experience.
What Is Agentic AI (and How It Differs From Traditional AI)?
Agentic AI definition in payments context
Agentic AI in fraud detection is a goal-driven approach where an AI system can plan, take actions, and coordinate across tools within defined guardrails. In payments fraud prevention, that means the system doesn’t stop at a risk score. It can assemble context, propose an action, trigger an approved workflow, document its reasoning, and route edge cases to humans.
This differs from the tools most fraud teams are used to:
Rules engines: Great for deterministic logic, but rigid and expensive to maintain as fraud patterns evolve.
ML models: Great for prediction, but typically stop at “high risk” vs “low risk” without orchestrating investigation, communications, or evidence collection.
RPA scripts: Useful for automation, but brittle when inputs change and usually not designed for real-time transaction monitoring.
Agentic AI doesn’t replace these components. It coordinates them into an operational system.
The “agent + tools” model for fraud operations
In a card issuer environment, value comes from connecting intelligence to action. That requires tools, not just a model. A practical agentic AI fraud detection setup typically connects to:
Transaction monitoring systems and authorization feeds
Customer profile systems and historical spend patterns
Device intelligence and network signals
Knowledge bases containing internal policies, fraud playbooks, and escalation rules
Case management platforms used by fraud investigation teams
Communication channels like in-app push, SMS, email, and call center workflows
Analyst workbenches and reporting systems
Instead of forcing analysts and customer care to swivel-chair across these systems, the agent becomes the workflow layer that pulls context together and pushes the right next step.
Why American Express is a compelling use case
American Express is often discussed in this context because premium cardholder expectations make the customer experience in fraud alerts especially sensitive. In many card programs, a false decline is a nuisance. In premium segments, it can be a relationship-breaking moment.
At the same time, fraud investigation automation and dispute handling are operationally heavy. When you add evolving threats like synthetic identity, account takeover, and coordinated mule networks, the ability to orchestrate decisions and workflows becomes just as important as detection.
The Fraud + CX Problem: Where Current Approaches Break Down
Fraud teams rarely lose because they lack data or models. They lose in the messy middle: fragmented signals, inconsistent workflows, and slow response loops.
Common failure points in fraud detection
The most common breakdowns typically look like this:
False positives leading to false declines, which frustrate cardholders and reduce spend
Siloed signals where device, behavioral, merchant, and historical patterns aren’t unified into one view
Model drift as fraudsters adapt, especially in bot-driven testing and new merchant patterns
Confusion around edge cases such as first-party fraud vs true third-party fraud
In many stacks, a model detects risk but cannot reliably explain why in a way that is useful for operations, customer support, and governance.
Operational bottlenecks
Operational reality matters. Even excellent card fraud detection AI can underperform if the workflow around it is slow.
Common bottlenecks include:
Alert fatigue: too many alerts, not enough prioritization
Slow investigations because evidence lives across too many systems
Inconsistent decisions between fraud ops, disputes, and customer care
Manual documentation that creates audit and compliance headaches later
When the system is fragmented, teams compensate with staffing, escalation layers, and manual reviews. That reduces agility and increases cost.
Experience breakdown moments for cardholders
Cardholders don’t experience “fraud systems.” They experience moments.
The high-friction moments tend to be:
A decline at the point of sale with limited guidance
A vague alert that doesn’t clearly explain what to do next
Too much authentication too often, even for low-risk situations
Long resolution timelines with little transparency
If fraud prevention creates repeated friction, the brand pays for it through reduced spend, churn risk, and contact center load.
Top 7 reasons legitimate transactions get declined
False decline reduction starts by naming the usual culprits:
Travel or location changes that don’t match recent behavior
Sudden spending spikes (amount or frequency) that look like velocity fraud
Merchant category changes that are uncommon for the cardholder
Device or network changes (new phone, new IP, VPN usage)
Authorization patterns that resemble bot testing
Thin-file scenarios where history is limited or inconsistent
Overly conservative rules layered on top of model outputs
Agentic AI fraud detection is valuable because it can treat these as solvable workflows, not just “model thresholds.”
Where Agentic AI Can Create the Biggest Impact (High-Value Use Cases)
The fastest path to value is not deploying agentic AI everywhere. The highest-performing teams start with a small set of workflows where orchestration and speed matter most.
Use case 1 — Real-time transaction triage + decision support
In real-time transaction monitoring, milliseconds matter. An agent can assemble context quickly, such as:
Merchant risk patterns and historical dispute rates
Device fingerprint and login/session anomalies
Past confirmations from the cardholder (e.g., prior “yes, it was me” responses)
Travel notices and typical spend bands
Velocity checks across merchants, geos, and channels
Then it can recommend actions:
Approve
Step-up verify
Temporary hold pending confirmation
Decline
The key difference is that the agent can generate a decision trace that supports explainable AI in financial services requirements and operational review.
Use case 2 — Step-up authentication orchestration (reduce friction)
Many fraud stacks treat step-up as a fixed flow. Agentic AI allows adaptive friction: more friction only when it improves risk outcomes.
For example, the agent can choose the best step-up method based on risk, channel, and cardholder preferences:
In-app push verification for known devices
One-time passcodes for medium risk when app access is limited
Biometric re-authentication for suspicious session activity
Call-back verification for high-risk account takeover scenarios
Better orchestration improves approval rates while still reducing fraud losses, which is the core tradeoff modern fraud teams are judged on.
Use case 3 — Autonomous case summarization for fraud analysts
Fraud investigation automation often starts with a simple win: turning noisy event logs into a clear narrative.
An agent can produce:
A timeline of relevant events (logins, device changes, spend spikes, address updates)
The key anomalies and why they matter
Linked entities across the case (devices, emails, addresses, merchants)
Suggested next best actions aligned to policy
Templated documentation for case notes and audit trails
This reduces average handle time and improves consistency between analysts.
Use case 4 — Dispute/chargeback intake and evidence assembly
Chargeback dispute automation is another high-impact workflow because it touches both cardholder experience and operational cost.
An agent can:
Guide the cardholder through dispute intake with clearer questions
Pull relevant transaction details automatically
Collect evidence from internal systems where policy allows
Classify likely scenarios (true fraud, merchant dispute, first-party fraud signals)
Package evidence for faster downstream handling
The outcome is usually less rework, fewer back-and-forth messages, and shorter time to resolution.
Use case 5 — Proactive cardholder communications that reduce churn
Customer experience in fraud alerts is often an afterthought, but it has direct impact on trust.
Agentic workflows can produce alerts that are:
Short and action-oriented
Personalized to channel and urgency
Clear about what happens next
Consistent with internal policy language
After the incident, proactive reassurance messages and status updates reduce call volume and improve sentiment, especially when a cardholder had a negative point-of-sale moment.
5 agentic AI workflows for card fraud teams
Real-time transaction triage with explainable decision support
Adaptive step-up authentication orchestration
Fraud analyst case summarization and next-action recommendations
Chargeback dispute intake and evidence assembly
Proactive cardholder communication and resolution updates
Reference Architecture: How Agentic AI Fits Into Amex-Style Systems
Agentic AI in fraud detection (American Express) works best when it’s treated as a workflow layer, not a replacement for the existing fraud stack.
Core components
A practical architecture typically includes:
Event ingestion from real-time authorization streams
Feature store and entity resolution to unify identity across channels
Fraud models and a rules layer for deterministic controls
Agent orchestration layer for tool calling and workflow routing
Case management integration plus audit logging
Human-in-the-loop interfaces for reviews and overrides
This approach keeps the existing investments in models and transaction systems while upgrading the system’s ability to act.
The “decision loop” (sense → reason → act → learn)
A useful way to operationalize agentic systems is the decision loop:
Sense: gather signals from transactions, devices, behavior, and history
Reason: evaluate risk and apply policy constraints
Act: approve, decline, step up verification, or create a case
Learn: incorporate feedback from confirmations, chargebacks, and analyst labels
Teams that build the learn step early typically outperform because they shorten the time between new fraud pattern and updated defenses.
Data sources that matter most
For card fraud detection AI, the signals that drive performance usually include:
Transaction data: MCC, merchant, amount, time, channel
Behavioral signals: session anomalies, navigation patterns, unusual sequences
Device and network intelligence: fingerprinting, IP reputation, SIM swap indicators
Customer history and preferences: typical spend bands, travel patterns, trusted devices
External threat intelligence where permissible and compliant
The biggest gains often come from entity resolution: connecting “who” across accounts, devices, merchants, and channels with confidence scoring.
Guardrails, Governance, and Compliance (Critical for Financial Services)
Agentic AI can move fast, which is exactly why governance must be designed in from day one. Financial services teams also need controls aligned with model risk management for AI expectations and broader security and privacy requirements.
Preventing harmful actions (agent safety)
The first rule of agentic deployments is limiting blast radius. Practical controls include:
Hard constraints on what the agent can do (for example, it can’t change credit limits or modify customer data without explicit approvals)
Approval gates for high-impact actions (blocking, freezing, or sensitive outreach)
Rate limiting and anomaly detection on agent-triggered actions
Tiered decisioning, where only narrow, low-risk scenarios are eligible for automation
These guardrails prevent “agent overreach” while still delivering operational value.
Explainability and auditability
Explainable AI in financial services is not just a regulatory checkbox. It’s how teams debug and improve.
Strong setups include:
Decision traces showing which inputs were used and which tools were queried
References to internal policy and playbooks that justify the recommendation
Plain-language reasons that can be used by customer care where appropriate
Evidence logs designed for internal audit and post-incident review
When explainability is built into the workflow, teams can move faster without losing control.
Privacy, security, and data handling
Fraud systems are deeply sensitive because they touch PII, behavioral data, and financial activity.
Core practices include:
PII minimization and role-based access controls
Encryption in transit and at rest
Strict data retention rules based on legal and operational requirements
Segmentation between experimentation environments and production data
For enterprise deployments, it’s also important that any platform supporting these workflows has clear data processing controls and does not train on customer data by default.
Model risk management and validation
Even when agentic systems are orchestrating workflows, models still need ongoing validation.
Best practice usually includes:
Monitoring drift, performance, and bias over time
Shadow mode evaluation before changing production decisioning
Red-teaming for adversarial threats, including tool abuse and prompt injection risks
Incident response playbooks specific to AI-driven workflows
The operational goal is predictable behavior under pressure, especially during fraud spikes.
Agentic AI governance checklist for fraud teams
Define what the agent is allowed to do, and what it can never do
Require human approval for high-impact actions
Log every recommendation, action, and data source used
Monitor performance drift and false decline rates continuously
Run shadow mode pilots before production changes
Test for adversarial behavior and workflow abuse
Maintain clear escalation paths and rollback procedures
Measuring Success: KPIs That Capture Both Fraud and Experience
If measurement only focuses on fraud loss rate, teams often over-tighten controls and punish legitimate spend. If measurement only focuses on approvals, losses rise. Agentic AI in fraud detection (American Express) should be evaluated on a balanced scorecard.
Fraud/risk KPIs
Fraud loss rate (basis points) by channel and segment
Account takeover rates and containment time
Detection precision and recall, tuned for business thresholds
Time-to-detect and time-to-contain during active fraud events
Approval + revenue KPIs
False decline reduction
Approval rate lift, especially in high-value segments
Incremental spend retained due to fewer declines and fewer unnecessary step-ups
Operational efficiency KPIs
Alert volume reduction through better prioritization
Average handle time for investigations
Time to resolution for disputes
Analyst consistency and documentation quality
Cardholder experience KPIs
CSAT or NPS specific to fraud interactions
Engagement rates for verification flows
Drop-off during step-up authentication
Complaint volume related to declines, holds, and resolution timelines
A practical tip: track these KPIs by cohort. A great overall number can hide a terrible premium-segment experience or a specific channel weakness.
Implementation Roadmap (From Pilot to Production)
The fastest way to derail an agentic initiative is trying to automate final decisions before the organization trusts the system. A phased rollout builds confidence and creates the governance muscle needed for scale.
Phase 0 — Readiness assessment (1–3 weeks)
Start by mapping workflows, not models:
Map current fraud workflows and identify friction points
Inventory data sources and determine what’s accessible in real time
Identify tooling constraints in case management and communications
Select 1–2 low-risk, high-ROI workflows (case summarization is often a strong first step)
This phase should end with clearly defined inputs, outputs, success metrics, and escalation rules.
Phase 1 — Pilot in shadow mode (4–8 weeks)
Shadow mode is where the agent produces recommendations, but humans keep decision control.
Run agent recommendations in parallel with current processes
Compare outcomes: false declines, fraud capture, and analyst feedback
Validate audit logs and ensure decision traces are complete
Establish access controls and operational escalation paths
This is also where teams learn what the agent should not do.
Phase 2 — Limited rollout with human-in-the-loop (8–12 weeks)
Move from “interesting” to “useful” without taking on unnecessary risk.
Start with decision support, not auto-decisioning
Allow automated actions only for narrow scenarios with strong confidence
Add post-incident review and continuous monitoring routines
In many teams, this phase creates immediate operational savings and measurable false decline reduction without changing core authorization logic too aggressively.
Phase 3 — Scale + optimize (ongoing)
Once the organization trusts the workflows, scaling becomes a matter of repetition.
Expand into disputes, communications, and multi-agent collaboration
Improve feedback loops using confirmed fraud outcomes and analyst labels
Schedule regular red-team exercises and policy updates
Continuously tune step-up orchestration to reduce friction while maintaining risk controls
This is where agentic AI becomes a durable capability, not a one-off project.
Agentic AI rollout plan in 90 days
Identify 1–2 workflows and define success metrics
Connect the agent to required tools and policy knowledge bases
Run shadow mode and validate decision traces
Add human-in-the-loop gates for sensitive actions
Launch limited rollout for narrow scenarios
Monitor drift, false declines, and resolution times weekly
Expand to adjacent workflows once KPIs stabilize
Risks and Pitfalls (and How to Avoid Them)
Agentic AI is powerful, but fraud is an adversarial domain. The best deployments assume they will be tested by both fraudsters and internal edge cases.
Over-automation and customer harm
Common pitfalls include unnecessary card freezes, confusing communications, and inconsistent outcomes across channels.
Mitigations that work in practice:
Tiered actions with safe defaults
High-impact actions requiring approval
Easy recovery paths for cardholders, including fast verification and clear messaging
Continuous review of “harm events” such as wrongful declines in high-value moments
Data quality and identity resolution issues
Bad joins can create the worst possible outcomes: flagging the wrong person or linking the wrong device.
Mitigation strategies:
Entity confidence scoring, not binary joins
Fallback behaviors when confidence is low
Analyst verification workflows for sensitive actions
Continuous monitoring for data pipeline regressions
Adversarial threats
Fraudsters probe systems to find decision boundaries. Agentic systems also introduce new attack surfaces if not properly constrained.
Key mitigations:
Strict tool permissions and sandboxing
Anomaly detection on agent actions and abnormal workflow patterns
Input validation to reduce prompt injection or tool manipulation risks
Red-teaming that includes both fraud scenarios and AI-specific threats
Regulatory and reputational risk
When outcomes are biased, inconsistent, or poorly explained, the damage is bigger than a single incident.
Mitigations:
Strong documentation and decision traceability
Fairness and performance testing across cohorts
Governance committees and clear accountability
Conservative rollout strategies that prove safety before scaling
Conclusion: A Better Fraud System Is Also a Better Experience
Fraud prevention is no longer just about catching bad transactions. It’s about delivering secure, seamless approvals while keeping cardholders informed and in control. Agentic AI in fraud detection (American Express) points toward a system where models, rules, case management, and communications are coordinated into a single operational loop.
The smartest path forward is to start with workflows that improve speed and clarity, like fraud analyst case summaries and guided dispute intake, then expand into step-up authentication orchestration and real-time decision support. With the right guardrails, auditability, and measurement, teams can reduce fraud losses and reduce friction at the same time.
Book a StackAI demo: https://www.stack-ai.com/demo
