The fraud model that worked in 2023 may be missing fraud in 2026

Why fraud detection models built in 2023 may be missing today's fraud patterns.
The fraud model that worked in 2023 may be missing fraud in 2026

Health plans and banks are running AI fraud detection systems that were accurate when they were built. In many cases, they're quietly degrading, and the metrics used to monitor them aren't designed to catch it.

A pattern shows up wherever a health plan or a bank has run a fraud detection model for a couple of years without retraining it: precision erodes quietly. In a representative scenario, the share of flagged claims or transactions that turn out to be genuine fraud slips from around 78% at deployment to 51% over eighteen months. False positives pile up. Legitimate members and customers land in review queues. By the midpoint of that curve, the model is creating more friction for honest people than it is catching bad actors. The fraud it was built to detect has evolved. The model has not. And the dashboards, stable in aggregate, never registered the drift.

This is a version of a problem with real research behind it, a documented mechanism, and an accelerating timeline in 2026. The fraud detection systems that health plans and banks stood up in 2022 and 2023 were trained on the claim structures, transaction signatures, and behavioral patterns of that moment. The fraud landscape has moved a long way since. The models, in many cases, have not.

The fraud arms race and what it means for static models

The scale tells the story. In June 2025 the Justice Department announced the largest health care fraud takedown in its history: 324 defendants charged in connection with more than $14.6 billion in intended loss, more than double the previous record. What should unsettle anyone running a detection model is how the schemes now work. In one $703 million case, defendants allegedly used artificial intelligence to generate fake recordings of Medicare beneficiaries consenting to services they never wanted. Generative tools are producing synthetic identities, fabricated documentation, and claim narratives engineered to look like the real thing. The fraud a model learned to recognize in 2023 has since been studied, automated, and reverse-engineered by the people the model is trying to stop.

For a health plan's Chief Medical Officer or head of payment integrity, the consequence is concrete. A special investigations model that quietly slips from catching four in five fraudulent claims to catching one in two is not a line on a dashboard; it is millions of dollars in improper payments walking out the door while the same model buries investigators in false positives on legitimate members. The model is running. The metrics look fine. The exposure surfaces months later, in an audit, a recovery shortfall, or a regulator's question.

The structural trap for any static fraud model is simple: new schemes are, by definition, absent from the training data. A model trained on 2023 fraud learns 2023 fraud. As the schemes evolve, in response to enforcement, new channels, and the steady arrival of better tools, the model's coverage of novel patterns decays. If it is being retrained mostly on synthetic data generated from its own prior outputs, the decay compounds: the synthetic data inherits the same blind spots as the original, and each retraining cycle reinforces them.

The nature paper and what it means for claims retraining pipelines

The research literature has been building since 2023. A paper published in Nature in July 2024 demonstrated the mechanism cleanly: when models are trained iteratively on their own output, with synthetic data from one generation becoming training data for the next, performance degrades at the tail of the distribution first. Rare patterns, minority cases, and edge cases fall out of reliable coverage before any aggregate metric moves. Health plans and banks running synthetic retraining pipelines without verifying what that synthetic data actually covers are running exactly this risk. The KPI dashboard looks stable because it is measuring the center. The degradation is happening at the margins, which, in fraud detection, is precisely where the consequential cases live.

Banking shows the same dynamic with a different accelerant. The Federal Reserve Bank of Boston reports that synthetic identity fraud losses crossed $35 billion in 2023, and that generative AI has become a volatile accelerant, automating the creation of fake identities that fuse real and fabricated data, complete with deepfaked documents and voices. A fraud model trained on the synthetic identities of two years ago is now scoring a population of fakes built by far better tools. The transactions that should look anomalous increasingly look ordinary, and a static model has no way to know what it is no longer catching.

For a bank's head of fraud or Chief Risk Officer, the same gap reads as synthetic identities clearing onboarding, accounts maturing quietly into credit lines, and losses surfacing only after the fake has been cultivated for months. By the time the pattern is obvious, the model that should have caught it has already been trained to treat it as normal.

Verification as a continuous function, not a launch gate

A 2025 paper on preventing model collapse through synthetic data verification found that external verification, by human domain experts or by a demonstrably stronger model, prevents the iterative degradation that unverified synthetic retraining produces. The finding is not that synthetic data should be avoided. It is that synthetic data has to be anchored to what is genuinely true and complete in the domain, and that anchor has to come from outside the model itself.

For a health plan or a bank, the practical implication is that fraud-model quality is not a property you establish at deployment and then monitor from a distance. It is a continuous function of whether the model's coverage of current fraud is being actively maintained, through targeted collection of real cases, structured expert review of novel schemes, and verification that specifically tests edge-case and tail coverage rather than aggregate precision alone. The expertise that does this, the special investigations analyst who has seen the new claim scheme, the fraud examiner who recognizes the shape of a synthetic identity, carries knowledge the model does not have and the synthetic pipeline cannot generate.

The fraud model that worked in 2023 is not automatically the fraud model that works in 2026. Given how fast the tools and tactics are moving, with generative AI now available to fraudsters at industrial scale, the question is not whether a model will need updating. It is whether the domain expertise and verified data required to update it are actually available, at the pace the threat demands. That capability is rarely sitting ready inside the organization running the model.

Recent Blogs

From investigation to implementation: Why multiple representation has changed the motor finance redress equation

From investigation to implementation: Why multiple representation has changed the motor finance redress equation

Banking and Financial Services
February 16, 2026
CX solutioning in the agentic AI era

CX solutioning in the agentic AI era

Technology
Retail & E-commerce
November 5, 2025
How motor finance leaders can navigate the £8bn redress challenge

How motor finance leaders can navigate the £8bn redress challenge

Banking and Financial Services
October 13, 2025