The Opportunity Most Banks Are Missing
Here is an uncomfortable truth: 79% of businesses experienced actual or attempted payments fraud in 2024. Yet most fraud conversations at banks still happen one of two ways — either as a generic warning buried in a newsletter, or as a reactive scramble after a client has already been hit.
Neither approach builds trust. Neither generates revenue. And neither actually protects your clients in any systematic way.
The banks that are winning in Treasury Management fee income right now are not the ones with the most products. They are the ones that have turned fraud reviews into a structured, repeatable quarterly motion that deepens client relationships and generates predictable non-interest fee income in the process.
This post gives you the exact framework to do that, as early as your next client call.
Section 1: Why Most Fraud Conversations Go Nowhere
If you have ever walked out of a client meeting feeling like the fraud conversation went well but nothing actually changed, you are not alone. Most fraud discussions at the banker-client level fail for one of three reasons:
They are too generic. Saying "fraud is a real risk and you should make sure you have controls in place" is not actionable. The client nods, agrees, and moves on. No gap is identified, no product is recommended, and certainly no follow-up is scheduled.
They are reactive. The conversation only happens after an incident — a fraudulent ACH debit, a wire gone wrong, a phishing attempt that almost worked. At that point, the client is stressed, trust is strained, and the bank is playing defense instead of offense.
They have no structure. No agenda, no question framework, no gap identification process, no clear next step. The RM and TM officer leave with good intentions but no commitment from the client and nothing documented in the CRM.
The result is the same in all three cases: a missed opportunity to protect your client and grow Treasury Management fee income simultaneously.
Section 2: The Mindset Shift — From Warning to Value Review
The fix starts with how you frame the conversation — both internally and with your client.
Stop calling it a fraud warning. Start calling it a Treasury Management fraud review or a controls alignment review. The reframe matters because it signals to the client that this is a structured, value-driven service your bank provides, not a reaction to bad news.
The data makes this framing easy to support without resorting to fear-mongering:
· Business Email Compromise drove approximately 50% of wire fraud targeting businesses in 2024. A single successful BEC attack on a mid-market company averages over $125,000 in losses.
· ACH debits were among the top three most targeted payment types for fraud in 2024, yet ACH filter adoption among business clients at community and regional banks remains significantly below where it should be.
· 74% of financial institutions only require positive pay after a client has already been victimized — meaning the conversation typically happens too late.
· Recovery rates on fraudulent wire transfers and ACH debits are typically under 30%, meaning most fraud losses are permanent.
You do not need to lead with scary headlines. Two or three industry-relevant, anonymized examples are enough to establish context. The goal is to show clients that what you are doing is proactive, specific to their situation, and grounded in real patterns. These are not unnecessary money-grabs for some generic, nebulous threats.
The message is simple: "We are here to make sure your controls match your risk profile before something happens, not after."
Section 3: The 45-Minute Quarterly Fraud Review Agenda
This is the engine of the whole approach. Once you have this structure, every fraud review runs consistently, efficiently, and productively regardless of which RM or TM officer is running it.
Minutes 0–10: Landscape and Context
Open with a brief, specific fraud landscape overview relevant to the client's industry. Two or three examples of fraud patterns affecting similar local businesses is the right level of specificity.
Opening script:
"Thank you for making time for this. We conduct these reviews quarterly with our key clients to make sure the controls you have in place match your current risk exposure. Our goal today is to walk through your setup, identify any specific gaps, and recommend one or two enhancements that would strengthen your protection. This is not about a specific incident — it is about being proactive."
Keep this section tight. You’re not lecturing your clients; you’re giving them enough context to understand the importance of the following conversation.
Minutes 10–25: Current Controls Assessment
This is the most important segment. Walk through five categories of controls using open-ended questions:
User Access and Entitlements
Who has access to initiate payments? When was the last time the user access list was reviewed? Is there a process for removing access when an employee leaves or changes roles?
Approval Controls
What are the current dual control thresholds? Who serves as secondary approvers? How are urgent or same-day payments handled?
Payment Controls
Are ACH filters or blocks enabled? Is positive pay active for checks? Are there dollar limits by payment type? Is wire callback verification in place?
Monitoring and Alerts
Does the client receive daily alerts or exception reports? Who reviews them and how quickly? What is the escalation process when an alert is triggered?
Training and Awareness
How often are employees trained on fraud awareness? Do staff know how to identify phishing or social engineering attempts?
Listen carefully. The gaps will surface naturally through this conversation without you having to make accusations or assumptions.
Minutes 25–35: Gap Identification and Recommendations
Synthesize what you heard into two or three specific, named gaps. Be concrete. Vague observations do not convert to action.
Here are three examples of how to frame a gap clearly:
"You mentioned your user access list has not been reviewed in over a year. We typically find that 10 to 15 percent of entitlements become stale in that timeframe, meaning users who have left or changed roles but still have payment access. That is a material risk we can address quickly."
"Your ACH approval threshold is currently set at $25,000, but based on your transaction volumes you are regularly processing payments above that. We would recommend moving dual control down to $10,000 to match your actual risk exposure."
"You do not currently have ACH filters enabled, which means any company with your account number could attempt a debit. ACH filters and positive pay working together block the vast majority of unauthorized transactions before they ever clear."
Then present one or two specific protection bundles matched to the gaps you identified. Do not present every possible product. Two focused recommendations close far better than five scattered ones.
Minutes 35–45: Pricing, Next Steps, and Close
Present your recommended bundle clearly and position it as an investment, instead of a cost:
"The package we are recommending (ACH filters, dual control below $10,000, and daily alerts) runs $[X] per month. Think of this as business continuity insurance for your operating cash flow. It costs a fraction of what one incident would cost, and it works every single day in the background."
Then nail down the next steps before leaving the room:
1. Send a one-page written summary within 24 hours.
2. Schedule a follow-up call in five to seven days.
3. Set a target implementation date if the client is ready to move forward.
4. Document everything in your CRM and alert Treasury Management operations.
Closing script:
"I will send you a summary of what we covered, the specific gaps we identified, and the recommended bundle with pricing. Let's reconnect next week to answer any questions and get this moving. Does that work for you?"
Section 4: Turning Gaps Into Bundle Conversations
The most common mistake after a strong controls assessment is making a generic product recommendation. Clients do not buy products — they buy solutions to specific problems they now recognize they have.
Here are three gap-to-bundle scenarios you can use as templates:
Gap: No ACH filters
Bundle: ACH Security Add-On (ACH debit blocks, ACH positive pay, ACH transaction limits)
Script: "Right now any company with your account number could attempt an ACH debit. This add-on lets you pre-approve which companies can pull funds and blocks everything else. Setup takes about 15 minutes."
Gap: Stale user entitlements
Bundle: User Management Add-On (quarterly entitlement reviews, deprovisioning workflow, access recertification)
Script: "Rather than waiting for an annual review that may or may not happen, we build a quarterly entitlement review into your Treasury Management setup so access is always current. We facilitate it; all your team does is approve the changes."
Gap: High wire volumes with no callback verification
Bundle: Wire Fraud Prevention Add-On (callback verification procedures, dual approval for wires above threshold, wire beneficiary whitelisting)
Script: "BEC scams work by sending fake wire instructions that look exactly like they come from a legitimate vendor or executive. A callback procedure to a pre-verified number (not a number in the email) stops most of these attempts before money ever moves."
Section 5: Building This Into Your Quarterly Rhythm
A fraud review that happens once is a conversation. A fraud review that happens every quarter is a program, and programs generate consistent, predictable revenue.
Here is how to build it into your operating cadence:
Tiering your portfolio: Start with your top 25 to 50 Treasury Management relationships by deposit balance or fee income. These are the accounts where a fraud incident would do the most damage and where the bundle upsell opportunity is largest.
Scheduling cadence: Aim for quarterly reviews with your top tier and semi-annual reviews with your mid-tier. Build this into annual relationship planning so it does not become an ad hoc ask.
Rotating systematically: Track completion rates by RM and by quarter. If reviews are only happening when an RM remembers to schedule them, you are leaving revenue on the table.
Tracking what matters: The metrics that tell you whether this motion is working are the following: number of reviews completed per quarter, percentage of reviews that identify at least one actionable gap, and conversion rate from review to bundle sale. If your gap identification rate is high but your conversion rate is low, the issue is in the recommendation or pricing conversation, not the assessment.
Conclusion: Your Next Step
The fraud review motion works because it serves two goals simultaneously: genuinely protecting your clients and creating a natural, low-pressure path to Treasury Management fee income growth.
It does not require a script that feels salesy. It does not require fear tactics. It requires structure, consistency, and the discipline to run the same agenda every quarter until it becomes second nature for your team.
The banks that build this into their quarterly rhythm now will have a compounding advantage over the next two to three years as fraud threats continue to evolve and clients increasingly expect their bank to be a proactive partner in protecting their business.
Ready to run your first fraud review next week?
Contact us today for a no-obligation discussion with our experts. Discover the framework that fits your institution the best.
Related Reads for You
Discover more articles that align with your interests and keep exploring.
