The frontlines of fraud: How Brazil is becoming a global testbed for financial crime prevention

By Camila Fernandes (QED Investors) and Marcia Netto (Silverguard)

Brazil is racing ahead in digital payments... and becoming a hotspot for financial fraud. With real-time transfers now embedded in daily life, the same infrastructure that enables financial inclusion also introduces new vulnerabilities. However, while the scale and speed of fraud are deeply concerning, Brazil is also laying the groundwork for combating it.

Together—Camila, as a partner at QED, and Marcia, as a founder at Silverguard—we’ve been in the trenches of this transformation. We’ve identified where the system is breaking, the regulatory shifts underway and the type of innovation urgently needed.

This piece connects those dots and invites builders to help close the gaps. From QED's perspective, we want to invest in this future.

The scale of the problem

In 2024, Brazil’s financial sector reported R$10.1 billion in losses related to fraud. More than half of Brazilians say they’ve personally experienced it. For every real stolen, banks spend up to R$4.49 in response and recovery. This is not just costly, it’s systemic. Fraud is now estimated to cost the country between 0.35 percent and 0.4 percent of GDP, a figure that likely understates the true impact.

Speed compounds the risk: 61 percent of scams are completed within 24 hours, leaving institutions with very little time to intervene.

Roughly 70 percent of all fraud losses in Brazil come from social engineering scams—schemes that trick victims into transferring money themselves. These attacks bypass traditional security layers, making technical defenses alone insufficient.

How the scams work

According to the 2024 Pix Scam Study by Silverguard, the most common scam tactics reported include:

1. Fake online stores (44.9%)
2. Investment scams and “money-doubling” offers (14.6%)
3. Friend or family impersonation scams (9.9%)
4. Fake job offers or extra income opportunities (6.8%)
5. Sales through hacked social media accounts (6.4%)
6. Fake calls or messages from bank support (5%)
7. Fake fines, taxes, or bill charges (3.2%)
8. Advance fee scams (2.8%)
9. Fake loan offers (2.3%)
10. Prize scams with upfront fees (1.5%)

A key challenge is the use of mule accounts ("contas laranja"), real accounts operated by third parties, often rented out to fraudsters or opened under duress. These differ from fake accounts, which are typically created using synthetic or stolen identities. Alarmingly, scams are becoming more professionalized: today, two out of every three accounts receiving fraudulent Pix transactions are business (”PJ”) accounts, which offer less friction, higher limits and are harder to take down quickly.

This shift underscores the growing need to detect not only fraud at the origin, but also abuse at the destination. That’s where offboarding comes in: identifying and removing high-risk accounts already inside the system—especially mule accounts—is now just as critical as onboarding. Done right, offboarding based on shared signals and behavioral data can dismantle criminal infrastructure before it’s reused.

How Brazil compares globally

Other countries are also under pressure. The U.K. reports that fraud now accounts for 40 percent of all crime. Singapore saw a 70 percent spike in online scams in 2024. India’s high-value cyber fraud cases quadrupled in a year.

What sets Brazil apart is the scale, reach and ubiquity of its real-time payments ecosystem. Over 42 billion Pix transactions occurred in 2024. That reach, without matching control layers, has made Brazil both a cautionary tale and a proving ground for new solutions.

Fixing the system: Regulation gets serious

To address the crisis, Brazil’s Central Bank has taken decisive action. Two major regulations are reshaping how fraud is handled at scale:

• Pix Special Refund Mechanism (MED): Created in 2021, one year after the launch of Pix, the MED allows fraud victims to formally request the return of funds. Once initiated by the victim's bank, the funds are immediately blocked at the receiving institution. Both banks have seven days to evaluate the claim and, if funds are still available, return them to the victim. Under BCB Resolution 589, all Pix participants must offer self-service MED functionality within their apps by October 2025. MED 2.0, expected in February 2026, will enhance fund recovery by enabling the tracing and blocking of fraudulent transfers across up to five layers of accounts.
  ‍
• Resolution No. 6, a joint resolution by Brazil’s Central Bank and the National Monetary Council (CMN), issued in 2023, mandates the sharing of information on suspected fraud cases among financial institutions. As an addendum, BCB Resolution 343 requires these institutions to conduct biannual customer base checks to identify and mitigate fraud risks proactively.
  
  

Together, these mechanisms form a two-pronged defense—one reactive, one preventive—helping Brazil transition toward a safer and more coordinated fraud response system.

The Central Bank is also preparing two important innovations:

• Pix transaction alerts: Using data from Resolution No. 6 or the DICT infrastructure (a centralized Pix directory managed by the Central Bank), financial institutions will soon be required to trigger real-time scam alerts before a Pix transaction is completed. This adds a layer of smart friction to protect users during suspicious transfers.
  ‍
• CPF block for account opening: Starting in December 2025, individuals will be able to access the “Meu BC” system and voluntarily block their personal ID ("CPF") from being used to open new financial accounts. Financial institutions must consult this database before opening any new account. If the CPF is blocked, the institution must deny the request. The block can be reversed at any time by the user through the same portal.
  

This last measure is designed to address the rise in fake accounts at the source—a threat expected to escalate with the advancement of dark AI and deepfake technologies, which challenge KYC processes. At the same time, it may introduce friction that affects onboarding conversion rates, especially for fintechs focused on rapid user acquisition.

Where the system still breaks

Despite meaningful regulatory progress, the experience for scam victims remains fragmented and frustrating. One person described it as "feeling failed twice—first by the scammer, then by the system."

Today, 70 percent of victims in Brazil search Google as their first response to being scammed. Only one-third are aware of the official MED process. And even those who try to recover their losses often face a maze of obstacles, including unresponsive banks, police report requirements and lengthy delays. In 2024 alone, 5 million MED requests were filed—but only 9 percent resulted in full refunds.

To close this gap, Silverguard created SOS Golpe, a free, WhatsApp-based reporting channel that:

• helps victims report scams within minutes,
• offers 10 days of real-time support, and
• notifies the destination bank with case documentation and fraud signals.
  
  

What makes SOS Golpe especially effective is its integration with the AI Scam Checker, an AI-powered tool at the core of Silverguard’s platform. It uses a living scam taxonomy and additional signal checks to produce a fraud risk score that increases accuracy and avoids false positives. By capturing fraud signals before the MED process even begins, institutions can act faster and more effectively. It also strengthens MED requests with structured, high-quality documentation that improves the chances of recovery.

Silverguard’s ecosystem approach connects victims, origin, and destination banks, bridging institutional blind spots and enabling a new kind of collaborative fraud defense. This coordination is increasingly vital as scams now span multiple platforms and financial institutions.

The takeaway? Early, structured, and cross-institutional action increases refund rates—and gives fraud teams a fighting chance. But more importantly, solutions must align with real victim behavior, not just regulatory intent.

Where the innovation is happening

Brazil’s response is no longer just policy-driven, it’s becoming deeply technical. To comply with the new rules and fight fraud proactively, institutions are investing in:

• Graph neural networks to map hidden fraud rings
• Behavioral biometrics like typing speed, device movement, and geolocation
• Document forgery detection using computer vision
• Sub-second transaction scoring for real-time decision
• Deepfake detection for selfies and liveness checks
• Streaming data pipelines to replace outdated batch systems
• Zero-trust identity models with continuous verification
• Proactive offboarding systems to detect and remove high-risk or mule accounts within the ecosystem
• Destination-side fraud controls to stop scams where the money lands—not just where it starts

This framework highlights the three essential phases of fraud defense in a real-time payments ecosystem:

• Onboarding: Identity proofing and risk screening at account creation
• Transaction monitoring: Real-time behavioral analysis to catch anomalies before the money moves
• Offboarding: The emerging third pillar—identifying and removing high-risk accounts (like mules or rented accounts) already inside the system
  
  

The identity overhaul: Laying the foundation

Underlying all of this is Brazil’s ambitious effort to rebuild digital identity.

Launched in 2023, the new national ID system combines:

• Biometric authentication (facial recognition tied to, ‘CPF', Brazil's social security number)
• Blockchain infrastructure for immutable records and verifiable credentials
• QR code-based validation for everyday use across finance, health, education and public services
  
  

This shift allows for cross-platform interoperability, reduces reliance on physical documents (which are often forged) and lays the groundwork for continuous, secure identity verification across the ecosystem.

Identity has long been the Achilles’ heel of fraud prevention in Brazil. With more than 80 percent of identity fraud happening at the verification stage, and 88 percent of fake IDs being physical printouts, moving to secure, digital-first identity systems is not optional, it’s essential.

But it’s not easy

Momentum doesn’t mean inevitability. We still see major challenges that could slow down or derail progress:

• Legacy tech stacks in many institutions weren’t built for real-time fraud detection
• Talent shortages in fraud modeling, ML engineering, and data ops
• Inconsistent API standards, which make interbank coordination clunky
• False positives, which lead to wrongful account blocks and user friction
• Incentive misalignment, where some institutions still treat fraud data as proprietary
• Low refund liquidity, especially when fraudsters instantly withdraw money
• Privacy concerns, as behavioral tracking and biometrics expand
• Exposure via third-party providers: The June 30, 2025 cyberattack on C&M Software—where over R$1 billion was siphoned from Central Bank reserve accounts via Pix and SPB through a single compromised provider—underscores the vulnerability of the ecosystem and the need for continuous supply chain security and partner monitoring
  
  

These are not easy problems to solve. But they are precisely where innovation is needed most.

If you are building here for LatAm, let's chat!

At QED, we’re actively looking to talk to companies solving fraud across the identity and transaction lifecycle. From our side, we’re especially excited to meet founders building in:

• Identity proofing and onboarding intelligence
• Real-time fraud detection and behavioral scoring
• Synthetic ID and mule account tracing
• Refund orchestration and dispute automation
• Blockchain-based identity infrastructure
• Shared fraud data layers for institutions
• User-first recovery experiences
  
  

If you’re working on any of the above—or see an opportunity others have missed—we’d love to talk. Please email me directly here.

What we’re still thinking through

As we continue exploring the fraud and identity landscape in Brazil and globally, a few big questions shape how and where we invest:

• Architecture: Will Brazil follow the U.S. in favoring modular point solutions or are we headed toward full-stack orchestration, given advances in AI, blockchain and open data? Brazil’s real-time infrastructure may favor the latter.
  ‍
• Go-to-market: Should founders lead with B2B or B2C? Consumer urgency is clear, but enterprise adoption often defines scale. The best companies may do both—if they sequence it right.
  ‍
• Incumbent adaptability: Can today’s players keep up, or will challengers define the next wave? We don’t expect a winner-takes-all market—moats may come from niche focus or unique data access.
  ‍
• Exit timing: Will incumbents acquire early, or will new entrants scale independently? Consolidation too soon could stall real innovation.
  ‍
• Commoditization risk: In identity/KYC, what was once cutting-edge is now table stakes. We think proprietary data, integrated decision-making and defensible systems will separate winners from the rest.
  ‍
• Platform scope: Will fraud solutions stay limited to onboarding, or expand into transactions, underwriting and collections? In low-switching-cost environments, orchestration may beat breadth.
  ‍
• Future bets: Blockchain and self-sovereign identity remain promising, but the jury’s out. Can they scale across fragmented systems without adding friction?
  
  

Our preliminary vision for the future

The combination of real-time payments, AI and open data ecosystems is creating both threats and opportunities. Fraud is evolving, not just in volume, but in kind. Generative scams, synthetic identities, real-time laundering, and hyper-personalized attacks are already here. But so are the tools to fight back—if we can embed them natively into the financial system.

The next wave of winners will likely share a few things in common:

• Access to proprietary, cross-institution signals, not just good models, but the right data foundation
• Explainable, adaptive AI that learns over time without drifting or overfitting
• Interoperability and orchestration, whether that’s across fraud, identity, credit or user authentication
• Latency-aware infrastructure, capable of scoring, verifying and remediating risks in milliseconds
• And invisible UX, where safety is embedded, not bolted on

In short: we believe the most important fraud and identity companies won’t just detect bad actors. They’ll shape how financial trust is built, verified and maintained at scale.

‍
Summary

Fraud isn’t just a cost issue—it’s a trust issue. And trust is the foundation of financial systems.

We believe Brazil is showing the world what a modern fraud prevention ecosystem can look like: one where identity, authentication, and resolution are part of a shared, intelligent infrastructure. And where regulation, technology, and user experience work together—not at odds.

As AI, real-time payments, and open data reshape financial services, the winners will be those who embed safety into the rails. Those who make it seamless. And those who act before the damage is done.

This is where the next generation of infrastructure companies will emerge.

Let’s build it—together.

‍