How invisible risk teams save Nigerians from online fraud- a chat with Christopher Gunias
AI
BASED
IDTT
WHEN
Z
Behind every smooth digital transaction lies an invisible war against fraud. While users tap to pay, risk and compliance teams work around the clock to stop millions in potential losses before anyone notices.
Christopher Gunias, Compliance Chief at VitalSwap, knows this battlefield well. Based in the US but working with fintech operations globally, he offers a rare glimpse into what it takes to keep digital money safe in an age where scammers are weaponising artificial intelligence.
The numbers tell a troubling story. Fraud attempts have surged dramatically in recent months, driven by a fundamental shift in how money moves across borders and between people.
“We’re no longer in the days of Western Union, where you walk into a store as a person and you put cash down on the table,” Gunias explains. “Everything is done online, electronically, and the scammers are getting incredibly good at using AI, fake images, or doctored ID cards to upload information.”
The sophistication of these attacks has caught even seasoned compliance professionals off guard. Artificial intelligence has transformed what used to be crude forgeries into nearly perfect replicas of legitimate documents. When automation systems review these documents, they often catch the fakes. But human reviewers face a different challenge entirely.
“When a human is involved, it’s much more difficult for them to be able to spot a fake driver’s licence or national ID card, bank statements, and so forth,” Gunias says. The result is a cat-and-mouse game where fraudsters probe for weaknesses in both technological and human defences.
But document forgery is only part of the problem. The real goldmine for criminals lies in the vast amount of personal information people freely share online.
Social media has become an unwitting accomplice to identity theft.
It’s very easy to get people’s information on social media. Everybody is posting stuff on social media. There are tons of personal information that can be very easily obtained, Gunias notes.
“They find this information, they find images of you, they use AI to create fake driver’s licences and open up fake bank accounts, and then they use that to launder funds or to get into your actual bank account and take whatever money you have there.”
When pressed for numbers, Gunias estimates the increase at around 25% compared to just a couple of years ago. That’s a substantial jump in an industry already grappling with trust issues and regulatory scrutiny.
The fight against fraud happens in layers, each with its own challenges and solutions. The first line of defence comes during onboarding, when someone tries to open an account.
“At onboarding, presenting fake documents, trying to get an account, that area is easier to stop because we do have technology that can identify fake identification,” Gunias explains. “And we have humans that also look for red flags in the way that items are presented or the way that they look. That’s the easiest way. That’s also where we see the most increase, but that’s the easiest way to stop the fraudulent activity.”
The second battlefront is far trickier. It involves customers who passed initial screening, either through genuine documents or exceptionally sophisticated fakes, and are now using the platform for illicit purposes.
“Maybe they actually used real identification, and now they’re using fraudulent information for someone they’re sending to or someone they’re receiving funds from once they already have an account,” Gunias says. “That is definitely more difficult because they’re already in the system.”
These actors often stay below detection thresholds, conducting small transactions that don’t trigger automated alerts. But greed typically becomes their undoing. “Once they start getting greedy and start increasing those numbers of transactions or values of transactions, and it starts triggering our rules, that’s when we see it, we’re able to look, gather more information and shut the activity down.”
The complexity multiplies when verification systems go offline. In Nigeria, where the National Identity Management Commission (NIMC) system is critical for KYC processes, downtime creates a dilemma: maintain security or maintain service.
“If you’re using a system from a third-party vendor and they go down, the only option is to go manual,” Gunias explains. Most third-party systems have backups and return within minutes or hours. But homegrown systems can take days to restore, forcing difficult decisions.
For straightforward cases, teams switch to manual review. For complex applications, they choose caution over speed. “We will actually just let the customer know, hey, we’re experiencing delays, and this may take a little bit of time before we can complete this application process. Because it’s more important to make sure that we’re getting it right.”
This approach risks losing customers to competitors, but Gunias is unapologetic about the tradeoff. The alternative, letting bad actors into the system, poses far greater risks to everyone involved.
Interestingly, legitimate customers rarely create friction during the verification process. Most people understand that proving your identity is simply the cost of doing digital business in 2025. The ones who push back often reveal themselves through their resistance.
“Usually the ones that give us a really hard time actually raise red flags for us because, like, why are you pushing so much?” Gunias says. “That’s usually an indicator that they’re a bad guy because the bad guys use that urgency and that sense of you’re going to lose me as a customer if you don’t do X, Y or Z immediately.”
The threats escalate quickly. Some claim to be social influencers who will damage the company’s reputation. “I’m a social influencer, and I’m going to badmouth you to my 10,000 followers. Those are red flags, because most legitimate people understand that there is a process that has to go through to protect the company as well as them.”
When asked what single change would make Nigeria’s fintech space safer from fraud, Gunias doesn’t point to regulations or technology. He points to mindset.
“I don’t know if there’s any particular regulation I would change, but the mindset of the customer, to understand that to protect them, we must know who they are,” he says. The data requests that sometimes feel invasive, ID cards, bank accounts, and proof of address, serve a protective function, not a surveillance one.
We are not asking for this information because we want to spy on you. We’re not asking for this information to sell your information. We’re asking for it to protect both you and us as the company.
It’s a message that bears repeating in an era where data privacy concerns are high and trust in institutions is fragile. Compliance teams, often viewed with suspicion as the enforcers of bureaucratic rules, see themselves quite differently.
“I think a lot of people feel that compliance is just one of these shadow kind of background groups that we like to spy on people, and that’s the furthest from the truth,” Gunias says. “We just are doing this to protect them [from fraud].“
As Nigeria’s fintech sector continues its rapid expansion, these invisible teams remain the unsung guardians of digital trust.
Their work happens in the background, in algorithm alerts and manual document reviews, in late-night escalations and threshold adjustments. Users never see the fraud attempts that get stopped, never know about the sophisticated schemes that unravelled before they could cause harm.
That invisibility is precisely the point. When compliance works, users experience seamless, secure transactions. The battle against fraud rages on, but for legitimate customers, digital money just works. And somewhere behind the scenes, teams like Gunias’s are making sure it stays that way.
