The Fraud That Looks Like a Good Customer

Published: Sat, 03/14/26

Why first-party fraud is quietly eating portfolios while lenders keep chasing the wrong threat.

Most lenders think fraud wears a mask.

In subprime, it usually shows up with a driver’s license, a real bank account, and a payment history good enough to make you feel smart right before it punches a hole in your portfolio.

That is the mistake.

Operators keep buying tools built to catch impostors, while the real damage often comes from borrowers who are exactly who they say they are.

They do not break in.

They walk through the front door, build credibility, increase exposure, and default on their terms, not yours.

You verified the identity.

Great.

Now verify the behavior.

Because in this business, the borrower who knows how to earn your trust can cost you a lot more than the one who fails your ID check.

Most operators are solving the wrong problem.

They bought ID verification, device fingerprinting, bank statement pulls.

All solid tools. All aimed at the wrong threat.

Third-party fraud: someone pretending to be someone else.

First-party fraud: someone being exactly who they are and playing you.

Here's what it looks like in your portfolio:

Loan size escalation. A borrower who starts small, repays clean, then doubles the ask. They're building your trust on purpose.
Application timing clusters. Loans taken at the end of a pay cycle, when a stressed borrower runs out of options. Or a strategic one runs their play.
Repayment cadence breaks. Three clean payments. Then the pattern cracks. Not one late. The whole cadence shifts.
Pre-default silence. No login activity before the due date. No inbound contact. No payment arrangement attempt. Just nothing.

These patterns are in your data right now.

Most operators aren't looking for them.

They ran a credit check and called it underwriting.

They ran an ID check and called it fraud prevention.

That's not underwriting.

That's documentation.

Real fraud prevention in this market is behavioral.

It's watching what a borrower does, not just verifying who they are.

If you can't name the behavioral indicators you're actually monitoring, you don't have a fraud model.

You have a prayer.

Pull your last 12 months of charge-offs.

Sort by product, channel, and loan age at first missed payment.

You'll see it.

If you want to work through what you find, book a free 15-minute call. Bring your numbers.

Jer Ayles

Trihouse Consulting

TheBusinessOfLending.com

How to Loan Money to the Masses
Jer - 702-208-6736 Cell
Jer@theBusinessOfLending.com
https://theBusinessOflending.com

Trihouse Consulting:
Cash advances, installment loans, car title lending, payday lending

Lenders, Teachers, Resources, Knowledge, Connections, Introductions

601 Lido Park Drive,
Unit 3A
Newport Beach California 92663
US

Unsubscribe | Change Subscriber Options