Most banks can't survive rapid margin compression. Here's why.

Written By William Morales

GUEST POST by: Tony Kueh, COO at DataVisor

Banking has never been a business of certainty. Interest rate swings, credit cycles, regulatory shifts have always been part of the equation. But now constraints hit your bottom line faster than ever.

Consider the recent conversation around a 10% credit card interest rate cap. Whether it becomes a reality is beside the point. Proposals like this come alongside other margin pressures - from instant payment liability shifts, increasing fraud threats, to evolving fee restrictions—and they are arriving faster, overlapping more frequently, and leaving less room for gradual adjustment.

The traditional playbook was built for a different pace. You'd see regulatory changes coming years out. You'd model scenarios. You'd adjust pricing, shift risk appetites, renegotiate vendor contracts. The timeline gave you options.

That timeline is gone.

I work with banks and fintechs on fraud prevention and risk infrastructure: the institutions positioned to weather this environment aren't the ones with the most sophisticated lobbying strategies or the deepest capital. They're the ones whose technology stack can move at the speed their margin pressures require.

When external forces limit what you can charge, the only sustainable response is getting more efficient—and more precise—about what you spend and lose. Your fraud platform isn't just a compliance function. It's one of the few places you still have control.

The math forces a reckoning

When an issuer's P&L needs immediate rebalancing, there are three levers: grow volume without blowing out risk, cut fraud and credit losses, or reduce friction for good customers to compete on experience rather than pricing.

Notice what's missing: hope that things stabilize, wait for the next rate cycle, or lobby harder. Those aren't operational responses.

This pressure arrives when consumers are carrying heavier debts at higher rates. We're seeing stress from auto loans to credit cards—higher losses and charge-offs, tighter underwriting standards, pressure to grow responsibly in segments with healthy risk-reward profiles. Risk appetite needs to get more granular when economics are under pressure.

For most banks, their fraud and risk infrastructure can't execute these strategies fast enough.

The rigidity problem

Most institutions manage fraud and compliance risk with legacy batch-based systems that detect fraud after the fact, hard-coded rules buried in systems, and siloed tools for different channels—card, ACH, wires, real-time payments, card-not-present.

That model fails in a dynamic macro environment for three reasons.

First, speed. When rules live in code, every strategy change becomes a mini-software project. Regulatory shock or a new attack pattern on Friday turns into a quarterly business review slide in April.

Second, precision. Banks may want to tighten controls on high-risk segments while reducing friction for their best customers, but their tools only let them pull levers across the portfolio.

Third, completeness. Fraudsters easily move across channels and products. Bank systems don't. Point solutions and fragmented data mean fraud falls through the cracks, and legitimate customers absorb unnecessary friction.

When the world was more stable, banks could mask those weaknesses with staffing and manual processes. In a real-time world, hiring more analysts doesn't solve architectural problems.

Why a flexible risk stack becomes strategic

If average APR drops, the P&L needs to rebalance. The fraud and risk stack must become a margin engine, not just a control function.

A flexible platform doesn't just catch more fraud. It lets banks lower false positives so they don't turn away profitable customers, experiment with new products and segments because they can dial in controls quickly, and shift risk appetite dynamically as the macro picture changes without breaking operations.

When regulators, markets, or politics take something off the table, a flexible risk stack gives banks more ways to put value back on.

This isn't about technology for its own sake. It's about restoring control to the people closest to the risk. When a fraud or risk leader can adjust strategy for specific segments in specific geographies under specific conditions—and can implement that change the same week—the institution can flexibly respond to external shocks.

The compounding problem

A rate cap doesn't happen in isolation. It lands in an environment where sanctions lists and cross-border payment rules are changing faster, where data localization and sovereignty rules are splintering architectures, and where emerging markets are leapfrogging into real-time payments rails with uneven regulatory maturity.

Each new region, partner, or payment rail introduces its own combination of regulation, fraud typologies, and operational constraints. If risk controls are hard-wired into product code or scattered across point solutions, every regulatory shift feels like a system rewrite.

Banks whose infrastructure can handle continuous regulatory and geopolitical volatility will adapt. Those running rigid systems will struggle.

Where to start

If I were leading fraud, risk, or P&L for a major issuer, I'd be asking where we're rigid. List every place where a risk strategy change requires engineering work, vendor tickets, or months of planning. That's where macro shocks will hurt most.

I'd identify where we're blind—the channels, products, and geographies where the bank relies on lagging indicators instead of real-time detection.

I'd want to know the profit recovery plan for a margin shock. If pricing is compressed tomorrow, what specific fraud and risk levers can be pulled in 30 days to offset it?

The most important question is whether fraud, AML, and credit risk are orchestrated from a common, real-time backbone, or stitched together from tools that don't share data, rules, or context. That architecture determines how fast the bank can move.

The window Is closing

Economic volatility is inevitable. Rigidity is optional.

Regulatory shock, geopolitical fragmentation, and shifting consumer risk are not temporary anomalies. They're the new operating environment.

Banks can't control the headlines, but they can control how quickly they turn headlines into precise, real-time changes in risk strategy.

The institutions that succeed won't just have better models or more data. They'll have systems that let them express judgment at the speed of the macro environment, with the flexibility to rebalance profitability and risk appetite in days, not quarters.

That's what determines which banks can survive rapid margin compression and which can't.

About the author: Tony Kueh is a visionary tech leader with a track record of scaling transformative innovations across some of the world’s most respected tech giants. As Chief Operating Officer at DataVisor, the leading AI-powered fraud and risk platform, Tony is driving the company’s mission to outpace ever-evolving financial crime with real-time intelligence and precision.

With over two decades of leadership experience spanning enterprise software, cybersecurity, cloud, and AI, Tony has held key executive roles at VMware, Qualcomm, SAP, and Microsoft. Known for his bold approach to product strategy and operational excellence, he has repeatedly turned complex challenges into market-shaping opportunities.

Tony is passionate about building high-performing teams, delivering customer-centric solutions, and applying the power of data and AI to solve global problems.

At DataVisor, he’s helping financial institutions and fintechs modernize their fraud and AML defenses—proving that the best offense is a smarter, faster defense.

A frequent keynote speaker and strategic advisor, Tony brings unparalleled depth, candor, and foresight to conversations about the future of technology, risk, and innovation.

William Morales
Previous

Why Does Everything Feel So Urgent in a Small Business?
Next

The Real Risk Private Investors Miss in Trading