Fraud has industrialised; it now demands AI-led defence: Zeenat Hamirani, CRO, L&T Finance
https://etimg.etb2bimg.com/thumb/msid-132160507,imgsize-32516,width-1200,height=627,overlay-etciso,resizemode-75/cybercrime-fraud/ai-transforming-financial-services-combating-industrialized-fraud-with-technology.jpg
Artificial intelligence is transforming financial services at an unprecedented pace, but it is also amplifying the sophistication of fraud. According to Gartner, by 2026, 30% of enterprises will consider identity verification and authentication solutions unreliable when used in isolation because of AI-generated deepfakes, up from less than 5% today. The research firm also predicts that organisations will increasingly shift towards layered identity verification, combining AI-driven fraud detection, behavioural analytics and continuous authentication to counter evolving digital threats.
For lenders, this means risk management is no longer confined to assessing creditworthiness; it now encompasses securing digital identities, detecting synthetic fraud, governing AI models and building cyber resilience. As NBFCs accelerate their digital lending ambitions, the role of the Chief Risk Officer is evolving from safeguarding balance sheets to protecting entire digital ecosystems.
In this interview with ETCIO, Zeenat Hamirani, Chief Risk Officer at L&T Finance, explains how the company is embedding explainable AI into underwriting, tackling industrialised fraud through behavioural intelligence, converging cybersecurity with enterprise risk, and preparing for macroeconomic and geopolitical uncertainties. She also shares why she believes “fraud has become industrialised, demanding AI-led defence.”
Excerpts from the interview:
As L&T Finance scales its digital lending, how has the risk perimeter changed compared to traditional retail banking models?
With the successful culmination of our Lakshya 2026 roadmap transitioning into a digitally agile, AI-led financial institution, we are now moving into Lakshya 2031 with the ambition of becoming India’s pre-eminent “Risk-first, Technology-first” multi-product retail financier.
In traditional retail lending, the risk perimeter was largely confined to physical branches and customer signatures. Today, it has shifted to digital identity, device telemetry and APIs. Rather than evaluating only credit default risk over days, we now validate customer identities and transaction behaviour in milliseconds. The greatest challenge is the speed at which a compromised digital ecosystem can disburse funds before anomalies are detected.
As L&T Finance has achieved 98% retailization, underwriting has evolved from manual scorecards to automated, real-time decisioning. Our proprietary AI-based underwriting platform, Project Cyclops, processes over 1,400 transactions per second and calculates default probability at the point of acquisition. It has contributed to improved portfolio quality by reducing early delinquencies across multiple lending businesses while increasing the proportion of prime borrowers in our two-wheeler portfolio. With over 90% of servicing and originations taking place digitally through the PLANET app, the risk focus now extends to endpoint security, biometric authentication and device integrity.
What systemic controls are you prioritising to counter synthetic identity fraud and mule account networks?
Fraud today is no longer an isolated activity; it has become industrialised. Across the industry, digital frauds are rising rapidly, requiring financial institutions to combine AI-driven detection with strong governance and regulatory discipline.
At L&T Finance, we use a three-layered approach comprising advanced fraud analytics, zero-trust cybersecurity and compliance controls. Our AI models analyse complex behavioural patterns in real time across the lending lifecycle, looking beyond traditional static data to identify organised fraud networks.
Argus, our enterprise AI fraud co-pilot, detects multi-signal anomalies during onboarding, while our underwriting engines evaluate device consistency, location stability, micro-geography indicators and duplicate digital footprints before approving loans. These capabilities are complemented by an independent Risk Control Unit that conducts audits across sourcing, disbursement and collections to reduce identity manipulation and asset fraud.
How is L&T Finance integrating AI-driven alternative data without compromising asset quality?
Alternative data has become an important complement to traditional bureau scores. We combine payment behaviour, geospatial data, banking information and cash-flow analysis to create a richer understanding of borrower risk while maintaining strong governance.
Every AI model operates within our Model Risk Governance and AI Governance frameworks, which require independent validation before deployment and continuous monitoring thereafter. Project Cyclops integrates multiple data sources to improve underwriting accuracy. For example, in farm equipment finance it uses satellite imagery, soil conditions, rainfall and temperature patterns to estimate earning potential rather than relying solely on conventional assumptions.
Asset quality is further supported through annual recalibration of our Expected Credit Loss models, ensuring probability of default and loss estimates remain aligned with evolving portfolio risks.
How do you address the challenge of AI “black boxes”?
I continue to believe that the fundamental principles of lending remain unchanged. Intention and capability to repay will always remain central to underwriting. AI and alternative data are tools that strengthen these assessments, not replace them.
We do not deploy underwriting models that cannot be explained. Instead, we prioritise explainable AI techniques where feature importance can be interpreted using methods such as SHAP values. Project Helios, our underwriting assistant, ensures every recommendation, deviation and credit calculation remains transparent and auditable, allowing credit managers to retain full oversight of final lending decisions.
How has your background in clinical psychology shaped your approach to fraud?
Fraud is fundamentally human behaviour driven by incentives, biases and stress responses. Looking at fraud through the lens of psychology helps us understand not just what fraudsters do, but why they do it.
We examine digital behaviour alongside financial information to detect inconsistencies that may indicate synthetic identities or fraudulent intent. Our patent-pending Lifestyle Index combines structured financial information with unstructured data such as images and videos to evaluate behavioural consistency. AI-driven forensic tools strengthen identity verification, while Project Nostradamus continuously monitors post-disbursal customer behaviour to generate early warning signals and trigger proactive engagement before repayment issues emerge.
What is the biggest risk facing Indian NBFCs moving into the second half of 2026?
The two biggest external risks are climate volatility and geopolitical uncertainty. A severe El Niño cycle could disrupt agricultural incomes and rural cash flows, while geopolitical conflicts could drive inflation, increase funding costs and tighten liquidity.
To mitigate climate risk, we integrate satellite intelligence into Project Cyclops, enabling district-level calibration of credit appetite based on rainfall, reservoir levels and soil conditions. On the liability side, we continue diversifying our funding sources while maintaining strong structural liquidity to safeguard margins against global market disruptions.
How closely are the risk and cybersecurity teams collaborating today?
Cybersecurity and fraud risk are now managed as a unified discipline rather than separate functions. We believe a converged approach creates a stronger defence against digital financial crime.
L&T Finance operates a zero-trust architecture supported by web application firewalls, end-to-end encryption, cloud security controls and board-level governance. Customer data is protected through privacy-by-design principles, multi-factor authentication and compliance with the Digital Personal Data Protection Act and ISO 27701 standards. By integrating cybersecurity with enterprise risk management, we are better positioned to detect, prevent and respond to fraud-driven cyber threats.
Firewall Support Company in India All type of Firewalls Support Provider Company in India












