Fraud Detection Model

High Risk

Real-time transaction monitoring system flagging suspicious patterns. Handles 2M+ transactions daily across all payment channels.

Assessment Progress6/10 questions

EU AI ActColorado AI ActNIST AI RMFISO 42001

Assessment Questionnaire

Risk Management

Does the fraud detection system have a documented risk management process for false positives impacting legitimate transactions?

Yes — risk management framework established Q4 2025, reviewed quarterly. False positive impact on customer experience is a tracked KPI.

EU AI Act

Are risks of discriminatory fraud flagging across demographic groups identified and mitigated?

Fundamental rights impact assessment completed. Key risks: disproportionate flagging of transactions from certain regions. Mitigations include demographic-aware threshold calibration.

EU AI Act

Data Governance

Is the transaction data used for model training documented with provenance and quality metrics?

Partial — data sources documented, but quality metrics for representativeness across transaction types still pending.

NIST AI RMF

Are bias testing procedures in place for fraud flagging rates across customer demographics?

Awaiting response

Colorado AI Act

Transparency

Is there a mechanism for customers to contest fraud flags and request explanations?

Awaiting response

EU AI Act

Human Oversight

Can a fraud analyst override or release transactions flagged by the model?

Yes — all flagged transactions are routed to a human analyst queue. Override capability with audit logging is built in.

EU AI Act

Are fraud analysts trained on model limitations, known blind spots, and failure modes?

Awaiting response

NIST AI RMF

Technical Robustness

Has the fraud model been tested for adversarial robustness against evasion attacks?

Awaiting response

ISO 42001

Accuracy

Are fraud detection precision, recall, and false positive rates monitored in production?

Precision: 94.2%, Recall: 87.8%, F1: 90.9% — monitored daily with automated drift alerts.

EU AI Act

Record Keeping

Are fraud detection decision logs and alert dispositions maintained for the required retention period?

Yes — all decision logs retained for 5 years per EU AI Act Art. 12 requirements.

EU AI Act

Gap Analysis

3 gaps identified

Art. 9 — Risk ManagementHigh

Bias monitoring for fraud flagging rates across customer demographics not yet implemented.

Recommendation: Deploy demographic-aware false positive rate monitoring with automated alerting.

MAP 2.3 — Data ProvenanceMedium

Training data quality metrics for transaction type representativeness are incomplete.

Recommendation: Complete dataset documentation including transaction type distribution analysis and coverage gaps.

SB 205 — TransparencyHigh

No mechanism for customers to contest fraud flags and request explanations.

Recommendation: Implement explanation API endpoint and consumer-facing dispute workflow.

Back to Assessments

Fraud Detection Model

High Risk

Real-time transaction monitoring system flagging suspicious patterns. Handles 2M+ transactions daily across all payment channels.

Assessment Progress6/10 questions

EU AI ActColorado AI ActNIST AI RMFISO 42001

Assessment Questionnaire

Risk Management

Does the fraud detection system have a documented risk management process for false positives impacting legitimate transactions?

Yes — risk management framework established Q4 2025, reviewed quarterly. False positive impact on customer experience is a tracked KPI.

EU AI Act

Are risks of discriminatory fraud flagging across demographic groups identified and mitigated?

Fundamental rights impact assessment completed. Key risks: disproportionate flagging of transactions from certain regions. Mitigations include demographic-aware threshold calibration.

EU AI Act

Data Governance

Is the transaction data used for model training documented with provenance and quality metrics?

Partial — data sources documented, but quality metrics for representativeness across transaction types still pending.

NIST AI RMF

Are bias testing procedures in place for fraud flagging rates across customer demographics?

Awaiting response

Colorado AI Act

Transparency

Is there a mechanism for customers to contest fraud flags and request explanations?

Awaiting response

EU AI Act

Human Oversight

Can a fraud analyst override or release transactions flagged by the model?

Yes — all flagged transactions are routed to a human analyst queue. Override capability with audit logging is built in.

EU AI Act

Are fraud analysts trained on model limitations, known blind spots, and failure modes?

Awaiting response

NIST AI RMF

Technical Robustness

Has the fraud model been tested for adversarial robustness against evasion attacks?

Awaiting response

ISO 42001

Accuracy

Are fraud detection precision, recall, and false positive rates monitored in production?

Precision: 94.2%, Recall: 87.8%, F1: 90.9% — monitored daily with automated drift alerts.

EU AI Act

Record Keeping

Are fraud detection decision logs and alert dispositions maintained for the required retention period?

Yes — all decision logs retained for 5 years per EU AI Act Art. 12 requirements.

EU AI Act

Gap Analysis

3 gaps identified

Art. 9 — Risk ManagementHigh

Bias monitoring for fraud flagging rates across customer demographics not yet implemented.

Recommendation: Deploy demographic-aware false positive rate monitoring with automated alerting.

MAP 2.3 — Data ProvenanceMedium

Training data quality metrics for transaction type representativeness are incomplete.

Recommendation: Complete dataset documentation including transaction type distribution analysis and coverage gaps.

SB 205 — TransparencyHigh

No mechanism for customers to contest fraud flags and request explanations.

Recommendation: Implement explanation API endpoint and consumer-facing dispute workflow.