W K
GoBD-compliant §203 StGB-compliant Q2

Fraud Detection Agent

Detect duplicate invoices, phantom vendors, expense fraud and AI-fake invoices.

Detects duplicate invoices, phantom vendor patterns, unusual posting patterns, AI-generated fake invoices, expense fraud and round-tripping via ML analysis and escalates suspected cases to the compliance officer.

Score Dashboard

Agent Readiness 71-78%
Governance Complexity 31-38%
Economic Impact 74-81%
Lighthouse Effect 41-48%
Implementation Complexity 41-48%
Transaction Volume Daily

What This Agent Does

Fraud in financial accounting causes billions in damages worldwide. Methods are becoming more sophisticated: beyond classic duplicate invoices and phantom vendors, AI-generated fake invoices are increasingly used - deep-fake PDFs indistinguishable from real invoices at first glance.

The Decision Layer combines rule-based and ML-based detection. Exact duplicates and segregation-of-duties violations are detected rule-based. Phantom vendor patterns (vendor without genuine business relationship), unusual posting patterns (Friday evening, threshold splitting), expense fraud and round-tripping use ML anomaly detection. AI-generated fake invoices are detected by LLM analysis of document authenticity.

The result: every transaction receives a risk score. Suspected cases are escalated to the compliance officer. False positives are assessed by humans - the investigation decision always remains with the human.

Micro-Decision Table

Human
Rules Engine
AI Agent
Each row is a decision. Expand to see the decision record and whether it can be challenged.
Detect duplicate invoices Is there a duplicate or slightly varied invoice? Rules Engine Vendor

Exact duplicates = R, variants (slightly changed vendor) = A

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Vendor

Phantom vendor detection Are there vendors without genuine business relationships? AI Agent Vendor

Pattern analysis of order history and vendor activity

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by: Vendor

Unusual posting patterns Are there postings at unusual times or with threshold splitting? AI Agent Auditor

ML anomaly detection against historical behaviour patterns

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by: Auditor

Detect AI fake invoices Is the document an AI-generated forgery? AI Agent Vendor

LLM analysis of document authenticity, metadata check

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by: Vendor

Detect expense fraud Is there a duplicate submission or inflated amount? Rules Engine Employee

Rule violations = R, pattern recognition = A

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Employee

Round-tripping detection Are there circular money flows? AI Agent Auditor

Network analysis of payment flows

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Challengeable by: Auditor

Segregation-of-duties violations Is the requester, approver and payer the same person? Rules Engine Auditor

Authorisation matrix matching

Decision Record

Rule ID and version number
Input data that triggered the rule
Calculation result and applied formula

Challengeable: Yes - rule application verifiable. Objection possible for incorrect data or wrong rule version.

Challengeable by: Auditor

Calculate risk score How high is the fraud risk of this transaction? AI Agent

ML-based scoring from all detection modules

Decision Record

Model version and confidence score
Input data and classification result
Decision rationale (explainability)
Audit trail with full traceability

Challengeable: Yes - fully documented, reviewable by humans, objection via formal process.

Alert to compliance officer Must a suspected case be investigated? Human Auditor

Investigation decision requires human judgement

Decision Record

Decider ID and role
Decision rationale
Timestamp and context

Challengeable: Yes - via manager, works council, or formal objection process.

Challengeable by: Auditor

False positive assessment Is this a genuine suspected case or a false alarm? Human

Judgement in assessing the overall picture

Decision Record

Decider ID and role
Decision rationale
Timestamp and context

Challengeable: Yes - via manager, works council, or formal objection process.

Decision Record and Right to Challenge

Every decision this agent makes or prepares is documented in a complete decision record. Affected parties (employees, suppliers, auditors) can review, understand, and challenge every individual decision.

Which rule in which version was applied?
What data was the decision based on?
Who (human, rules engine, or AI) decided - and why?
How can the affected person file an objection?
How the Decision Layer enforces this architecturally →

Prerequisites

  • Access to transaction data from ERP (postings, orders, payments)
  • Access to vendor master data and order history
  • Authorisation system with SoD matrix
  • Configured thresholds for risk scores and escalation

Governance Notes

GoBD-compliant §203 StGB-compliant

GoBD-relevant: fraud detection processes tax-relevant transaction data. The results - especially suspected cases and investigation outcomes - are sensitive data and must be treated confidentially.

For professional secrecy holders (Paragraph 203 StGB), suspected cases must not be disclosed to third parties. LLM inference for document authenticity checking must run in EU data centres. The agent reports suspected cases exclusively to the internal compliance officer. The investigation decision always remains with the human.

§203 StGB-relevant data is encrypted end-to-end and never passed to AI models in plain text.

Process Documentation Contribution

The Fraud Detection Agent documents for the GoBD procedural documentation: which detection modules are active, which thresholds are configured, which suspected cases were identified and how they were assessed. The documentation itself is part of the ICS evidence.

Infrastructure Contribution

The Fraud Detection Agent is the most A-intensive agent in the entire catalog. It uses the anomaly detection of the ICS Monitoring Agent and transaction data from all AP/AR agents. The ML scoring framework is reused for risk assessments in other domains. The document authenticity check becomes the standard for all incoming documents.

Builds Decision Logging and Audit Trail used by the Decision Layer for traceability and challengeability of every decision.

Related Pages

Decision Layer
Governance layer between AI agent and target system. Every decision documented and challengeable.
GoBD Compliance
GoBD, §203 StGB, and tax audit readiness as architecture constraint.
Finance AI Agents
All Finance agent services at a glance.

Related Agents

ICS Monitoring Agent

Monitor internal control system - four-eyes, segregation of duties, detect control gaps.

Q2
W K
Readiness: 66-73%
Economic: 68-75%
Governance: 31-38%
Micro-Decisions: 10
Daily

Procedural Documentation Agent

Keep procedural documentation automatically current - detect changes, generate drafts, close gaps.

Q2
K D
Readiness: 61-68%
Economic: 58-65%
Governance: 28-35%
Micro-Decisions: 8
Daily

Annual Statement Preparation Agent

Prepare annual financial statements - orchestrate checklist, draft notes, answer auditor queries.

Q4
W K
Readiness: 42-49%
Economic: 68-75%
Governance: 51-58%
Micro-Decisions: 15
Yearly
Back to Catalog

Frequently Asked Questions

How high is the false positive rate?

In the initial phase, the false positive rate is typically 15-25%. With increasing training volume and feedback loops, it drops to 5-10%. Human assessment of every suspected case ensures no unjustified consequences are drawn.

Can the agent also detect internal fraud cases?

Yes. Segregation-of-duties checks, threshold splitting and posting time analysis explicitly target internal patterns. Round-tripping detection identifies money flows potentially used to conceal internal transactions.

Are detected suspected cases automatically reported to authorities?

No. The agent reports suspected cases exclusively to the internal compliance officer. The decision on further steps - internal investigation, criminal complaint, reporting to supervisory authorities - remains with the human. For Paragraph 203-relevant cases, additional confidentiality requirements apply.

Implement This Agent?

We assess your finance process landscape and show how this agent fits your infrastructure.