Monzo, the UK digital bank, has redesigned its fraud prevention platform to keep pace with increasingly sophisticated scams and a growing volume of payments. The reactive system is built to detect fraudulent transactions in real time, enable rapid deployment of new controls, provide detailed performance monitoring, and maintain minimal latency on the payment hot path.
Fraud detection at Monzo is challenged by its highly unbalanced nature, with about 1 in 10,000 transactions being fraudulent. Customers can lose life-changing amounts to fraud, and fraudsters operate at scale, adapting quickly, making static or slow-to-update controls ineffective. As highlighted in Monzo’s blog, UK Finance estimated that losses due to fraud in the UK reached £1.17 billion in 2024 alone. To address this, Monzo’s redesigned platform focuses on four priorities: scaling control complexity, rapid deployment of new controls, performance observability, and ultra-low latency for payment processing.
According to Sam Kesley, Senior Backend Engineer at Monzo Fraud Platform team,
Preventing fraud requires continuously deploying controls to catch suspicious activity. While it sounds straightforward, the landscape moves fast and presents many challenges. Understanding the key problems first is essential before designing the system.
According to the team at Monzo, each transaction passes through a structured four-step process to ensure accurate fraud detection while maintaining real-time performance. First, the system identifies which controls are applicable, taking into account transaction context, user behavior, and risk scores. Next, it loads the necessary features from a dedicated microservice, which provides contextual data such as recent transaction patterns, account history, and historical fraud indicators. Third, the Engine microservice executes the controls, written as pure functions in Starlark, allowing safe testing and back-testing on historical data without affecting live transactions. Finally, the Action Applier enforces decisions and applies safeguards like rate-limits to prevent widespread impact.
Monzo’s high-level fraud detection platform (Source: Monzo Blog Post)
Monzo reorganized controls into three types: Detectors, which flag suspicious activity; Action Controls, which recommend interventions; and Action-Selection Controls, which combine recommendations into final decisions. The system’s modular design reduces the risk of deploying new controls and isolates the impact of changes on the payment flow.
Fraud Control Pipeline (Source: Monzo Blog Post)
Feature computation is handled by a dedicated microservice, separate from control execution, using a Directed Acyclic Graph (DAG) pipeline to manage dependencies efficiently and avoid latency in the payment hot path. The platform supports just-in-time features computed on demand, near-real-time features precomputed and cached, and batch features calculated periodically. This separation ensures low-latency responses, provides rich contextual data to controls, and simplifies back-testing and simulation of new fraud rules before production deployment.
As per Monzo’s engineering team, the platform’s observability relies on BigQuery, which stores metadata from each control execution, including input features, decisions, and control metadata. This allowed teams to measure effectiveness, detect false positives, and refine controls iteratively.
