Most conversations about AI in banking are still speculative. This one isn’t.
Commonwealth Bank of Australia has built an agentic AI system that analyzes more than 80 million daily signals across transactions, card payments, and digital banking activity, hunting for unusual behavior tied to card fraud. What makes it interesting isn’t the scale.
Rather than simply pointing out anomalies, the system proposes entirely new ways to detect fraudulent behavior, and every suggestion goes through human review and approval before it takes effect. Built in-house in just three months, the agent has already contributed to developing or updating roughly three quarters of the bank’s card fraud rules, and CommBank’s detection technology helped drive fraud losses down more than 20% in the first half of its 2026 financial year.
The timing matters. This success story landed right as the Financial Stability Board (FSB), the international body that coordinates financial regulators, published its first governance framework for exactly this kind of AI.
The Case Study: AI That Proposes, Humans That Approve
The logic behind CommBank’s system is simple: let the machine analyze data and do the heavy lifting, but keep a human responsible for the decisions.
Every day, the system evaluates far more transaction, card payment, and online banking data than any human team could manually review. When it recognizes a suspicious pattern, it doesn’t jump to conclusions. Instead, it generates a new fraud detection rule and submits it to the bank’s fraud analytics team, and the rule only activates once a human approves it.
This human-in-the-loop design was deliberate. It’s also one of the more conservative oversight models among those the FSB identifies in its discussion of agentic AI.
The results speak for themselves. The agent has contributed to developing or updating nearly three quarters of all card fraud rules CommBank has in place, and the bank’s fraud detection technology played a role in cutting fraud losses by more than 20% year over year.
That’s a remarkable showing for an in-house build completed in three months.
Why Regulators Are Suddenly Paying Attention
CommBank’s success story isn’t happening in isolation. On June 10, 2026, the FSB published a consultation report outlining 12 “sound practices” for how financial institutions should adopt AI responsibly, with a particular focus on agentic AI.
The FSB defines agentic AI as systems that can plan, reason, and perform complex tasks largely on their own with limited human oversight. That’s a meaningful departure from older, rules-based automation.
According to the report, agentic AI is already in use across fraud detection, anti-money laundering checks, credit risk, customer engagement, and regulatory compliance, and adoption is accelerating. A 2026 survey from the Cambridge Centre for Alternative Finance found that 52% of financial sector respondents are already using agentic AI, with nearly a quarter looking to expand its use.
The FSB’s core concern isn’t that AI doesn’t work. It’s that when AI can act instead of just advise, problems compound quickly.
The report warns that highly autonomous AI agents can create or amplify risks that emerge at speed: unauthorized actions, poor decisions, and disruptions that ripple through connected systems before anyone notices. As the FSB puts it, AI agents pose a unique oversight challenge because they can act faster than people can assess the situation.
Attackers Are Running the Same Playbook
Financial organizations aren’t the only ones putting agentic AI to work. Criminals are increasingly using it themselves to run more sophisticated attacks that prey on a bank’s brand and its customers.
AI-generated images, videos, and other synthetic media now show up inside phishing emails, executive impersonation schemes, fraudulent social media accounts, and fake investment solicitations, among other attack vectors. More importantly, that media rarely operates alone. A fraudulent video of an executive typically travels with a fake website, a lookalike domain, and other supporting infrastructure.
As agentic AI becomes standard in defense against these attacks, security and brand protection teams will need more than tools that verify whether a piece of media was manipulated. They’ll need solutions that connect the dots between the malicious media and the attack infrastructure behind it, so they can investigate and take down the entire campaign, not just one artifact of it.
The 12 Sound Practices, and Why Deepfakes Put Them to the Test
The FSB’s proposed practices cover four broad areas: organization-wide governance, AI lifecycle management, cyber and IT risk, and third-party risk. A few themes stand out, and each one gets sharper when you consider deepfakes specifically.
Human approval for high-risk actions. This is the headline recommendation, and it’s exactly the model CommBank already uses for fraud rules. But deepfakes complicate the principle.
If a “human approval” step relies on a video call or voice confirmation, and that video or voice can itself be synthetically generated, the checkpoint can be compromised at the exact moment it’s supposed to add safety. Human-in-the-loop only works if the human can trust what they’re seeing and hearing.
AI monitoring AI. The FSB’s idea of using AI to supplement human oversight at scale applies directly to deepfakes. Manual review of every suspicious video or voice clip simply doesn’t scale, especially during a live incident.
This is where automated media verification becomes the practical version of “AI monitoring AI”: a first layer of AI-driven analysis flags likely synthetic content before a human ever needs to look at it.
Treating AI agents as “synthetic employees.” If AI agents are given defined roles and boundaries like staff, organizations also need a way to verify who, or what, is actually issuing instructions.
Deepfake voice and video are already being used to impersonate executives and trigger unauthorized actions, and that activity is growing fast. Verifying media authenticity becomes part of verifying that an instruction genuinely came from the person or system it claims to.
Clear boundaries on AI use. Defining what AI is and isn’t allowed to do should extend to defining how incidents involving synthetic media get escalated: who investigates, what tools are used, and how it connects to the bank’s broader fraud and brand protection response.
CommBank’s human sign-off model is a strong foundation. Humans approve every AI-proposed rule before it goes live. But that safeguard only holds if the reviewer can trust what they’re looking at.
As deepfakes get more convincing, a fraud analyst could be shown a fabricated video or voice clip and approve something based on it, simply because it looks real. This is where automated deepfake detection earns its place, not as a replacement for human judgment, but as a check that runs before it, confirming the content a human is about to evaluate is genuine in the first place.
Banks are already moving in this direction, pushing real-time media verification toward the center of fraud prevention.
The Takeaway
A 20% reduction in fraud losses from a system built in three months is the kind of result every bank wants. But the FSB’s new guidelines make a bigger point: outcomes matter, and so does the strategy behind them.
Institutions that pair agentic AI’s speed with genuine human oversight, and that can verify the authenticity of what those humans are reviewing, won’t just stay ahead of the regulatory curve. They’ll have a working model for how AI belongs in financial defense.
Because in a world where both defenders and attackers run agentic AI, detection is only the beginning of the investigation.
If your team is working through what synthetic media and AI-driven impersonation mean for your fraud and brand protection strategy, get in touch with Bolster AI. We’re happy to talk through what we’re seeing across the threat landscape.