Banks have invested heavily in building walls around their institutions. The problem is that criminals no longer need to break through those walls if they can simply trick customers into opening the gates.
In 2024, there was $16.6 billion worth of cybercrime reported to the FBI, 83% of which was cyber-enabled fraud. For most banks and financial institutions, defences remain reactive, designed to catch crime in progress or after it has already happened.
“We have never spent more on cybersecurity in human history, and we’ve never lost more,” says David Shipley, founder and CEO of Beauceron Security.
“While these institutions themselves are often targeted, the losses that are bleeding out of financial institutions are not coming, for the most part, from direct attacks.”
Shipley says banks are, “the hardened castles of the digital world,” but it’s their customers who end up holding the (empty) bag.
“What we still have not studied enough,” he adds. “But we know, anecdotally, is the tremendous emotional and health consequences of fraud on individuals.”
And he’s seen the damage first-hand.
“I’ve sat down next to a senior citizen — a retired veteran who almost gave up $10,000 — and worked with them at my home, because they were a neighbour, and the amount of emotional stress that they went through, and shame, really shook me.”
Shipley believes the system needs a reset.
From Fredericton, New Brunswick, his company launched a consumer-focused fraud awareness platform designed to put prevention tools directly in customers’ hands.
“What we’ve been able to demonstrate, through a decade’s worth of research and then commercialization… [is] that people don’t have to be the problem in cyber, they absolutely can be part of the solution,” he says.
Why fraud defences need a reset
Fraud prevention today relies heavily on customer alerts, marketing campaigns, and one-off training sessions. The problem, Shipley argues, is that these approaches gather necessary data, but fail to facilitate change.
“Financial institution fraud and cyber awareness efforts usually involve one-way communications to clients,” he says in the company’s announcement of the solution. “These approaches suffer from a lack of meaningful engagement and feedback.”
For institutions, this model is increasingly unsustainable.
Rising fraud losses erode trust in banks, drain community wealth, and create an opening for organized criminal networks. In a digital economy built on trust, that’s a risk institutions can’t ignore.
Shipley’s critique is straightforward in that prevention that begins only when a criminal act is already in motion is not prevention at all.
People don’t think that they have a role to play in protecting themselves,” he says. “If people don’t think they’re a target and they don’t think they’re responsible for it, they click up to 37% more on phishing.”
Banks can offer protection, but they unfortunately aren’t all-encompassing shields for every new scam and fraud trick around.
From awareness to measurable prevention
The core of Beauceron’s new approach is something called the Cyber Wellness Score. Embedded directly into online banking apps and portals, it gives customers a real-time picture of how prepared they are to spot and avoid fraud attempts. It is designed to close the loop between information and behaviour.
“The scores do for cybersecurity and fraud awareness what smartwatches have done for fitness,” says Shipley. “They show people how they’re doing and how they can improve.”
Customers can see where they’re vulnerable and receive coaching on steps to strengthen their defences.
Fraud awareness has traditionally been difficult to measure. Campaigns may boost clicks or video views, but those numbers don’t prove that customers are any less likely to transfer money to a scammer.
Shipley frames it as moving from passive instruction to active partnership.
“Unlike most anti-fraud tools, which detect crime only during or after an attack, Beauceron’s solution works proactively to reduce risk before fraud occurs,” he says.
For banks and credit unions, the promise is more than better-educated customers. It’s a chance to reduce fraud losses at scale, strengthen trust, and align with regulators who are increasingly focused on consumer protection in digital banking.
Fraud prevention as part of everyday banking
Beauceron is not new to this model. The company first launched an employee-focused cyber risk scoring platform in 2017.
That platform now supports more than one million users worldwide. Extending the idea to consumers was a natural evolution, though Shipley says it required rethinking how to integrate with the everyday banking experience.
The solution is designed to live inside existing digital banking experiences rather than sit alongside them. Beauceron built the Cyber Wellness Score to be embedded directly into online banking apps and portals through digital banking providers, an approach Shipley says is meant to make fraud prevention part of everyday banking rather than. a separate education exercise that customers ignore once the warning banner disappears.
“The technological responses to fraud only work once the transaction’s actually started, but they’re only so good once someone’s already down that path,” Shipley says.
“This is the proactive, preventative approach, and it doesn’t replace security tools, because humans are humans,” he explains.
Extending fraud prevention beyond the institution also forces a clearer conversation about responsibility. Banks can invest heavily in controls, monitoring, and detection, but those measures only go so far once a customer has been convinced to act.
Shipley says the shift Beauceron is pushing is about being explicit with customers about where institutional protection ends and where personal vigilance still matters, especially as fraud tactics become more sophisticated and emotionally manipulative.
“[People] have strong feelings about how technologically advanced the banks are, and more that, ironically, banks do a really, really good job at improving security and trying to fight scams,” he adds. “The more people go ‘well, the bank’s got this,’ the more likely they are to not pay attention. So we’ve got to balance the scales.”
What success could look like
Shipley is careful not to frame the solution as a silver bullet. Fraud is constantly evolving, and criminals are quick to adapt. But he says he sees a clear path forward in reshaping how responsibility is shared.
“Banks have historically carried the burden of fraud prevention on their own,” he says. “That model doesn’t work anymore. The best way forward is to make customers active participants.”
Success, in his view, is measured on several fronts: fewer losses, more resilient communities, and customers who feel empowered rather than fearful. It also means moving the industry conversation away from damage control and toward proactive resilience.
With fraud on the rise, the need for system-level innovation in financial services is no longer optional. Canadian institutions have an opportunity to lead not just by investing in better detection tools, but by redefining the role customers play in defence.
As Shipley says, “we need to turn people from the targets to the fraud fighters.”
Final shots
- If fraud prevention remains solely a back-office function, banks will continue to absorb losses that could have been avoided. Treating customers as part of the defence system forces a shift in budgets, training, and strategy.
- Regulators are moving from asking how many customers received awareness campaigns to asking whether those campaigns changed behaviour. Institutions that can prove measurable impact could set the bar for compliance and trust.
