How to Build a fraud detection Agent Using AutoGen in Python for lending

A fraud detection agent for lending reviews an application, pulls signals from multiple sources, and decides whether the case should be approved, rejected, or sent to manual review. It matters because lending fraud is not just a loss problem; it affects underwriting quality, compliance exposure, and the cost of servicing bad accounts downstream.

Architecture

• •Application intake service
  • •Receives borrower data, device fingerprint, income docs, and bureau attributes.
• •Evidence retrieval layer
  • •Pulls KYC/KYB results, sanctions hits, prior application history, and internal fraud scores.
• •AutoGen agent coordinator
  • •Orchestrates a fraud analyst agent and a policy/compliance agent using AssistantAgent.
• •Decision engine
  • •Converts evidence into one of three outcomes: approve, reject, or refer to manual review.
• •Audit logger
  • •Stores the full reasoning trace, inputs used, and final decision for model risk and compliance review.
• •Case management output
  • •Pushes the result to the lending workflow system with a structured JSON payload.

Implementation

1) Set up AutoGen agents with explicit roles

Use autogen.AssistantAgent for each responsibility. Keep the fraud reasoning separate from policy enforcement so you can audit both.

import os
import json
from autogen import AssistantAgent, UserProxyAgent

llm_config = {
    "config_list": [
        {
            "model": "gpt-4o-mini",
            "api_key": os.environ["OPENAI_API_KEY"],
        }
    ],
    "temperature": 0,
}

fraud_analyst = AssistantAgent(
    name="fraud_analyst",
    llm_config=llm_config,
    system_message=(
        "You are a fraud analyst for a lending platform. "
        "Review application evidence for identity theft, synthetic identity, "
        "income manipulation, device abuse, and velocity patterns. "
        "Return concise findings with a risk score from 0 to 100."
    ),
)

policy_agent = AssistantAgent(
    name="policy_agent",
    llm_config=llm_config,
    system_message=(
        "You are a lending compliance reviewer. "
        "Apply policy rules only. Do not invent facts. "
        "Focus on adverse action requirements, explainability, auditability, "
        "and data residency constraints."
    ),
)

user_proxy = UserProxyAgent(
    name="orchestrator",
    human_input_mode="NEVER",
)

2) Send structured case evidence into the fraud analyst

Keep the input as JSON. That makes it easier to log, replay, and validate in production.

case = {
    "application_id": "LN-1048821",
    "borrower_name": "Jordan Lee",
    "ssn_last4": "4821",
    "email_domain": "mailbox-proxy.example",
    "device_fingerprint": "dfp_9a2c1f",
    "ip_country": "NG",
    "income_monthly_claimed": 12500,
    "income_monthly_verified": 5400,
    "bureau_thin_file": True,
    "prior_applications_30d": 7,
    "kyc_result": "partial_match",
}

prompt = f"""
Analyze this lending application for fraud risk.

Return:
1. Key fraud indicators
2. Risk score (0-100)
3. Recommendation: APPROVE | REJECT | MANUAL_REVIEW
4. Short rationale suitable for audit logging

Evidence:
{json.dumps(case, indent=2)}
"""

fraud_result = user_proxy.initiate_chat(
    fraud_analyst,
    message=prompt,
)

3) Add policy review before making the final decision

In lending you do not want raw LLM output driving decisions directly. Run the fraud summary through a policy agent that checks whether the rationale is supportable and compliant.

fraud_summary = fraud_result.chat_history[-1]["content"]

policy_prompt = f"""
Review this fraud assessment for lending policy compliance.

Check:
- Is the recommendation supported by stated evidence?
- Is the language suitable for adverse action documentation?
- Does it avoid unsupported claims?
- Does it mention any data residency or privacy concerns if applicable?

Fraud assessment:
{fraud_summary}
"""

policy_result = user_proxy.initiate_chat(
    policy_agent,
    message=policy_prompt,
)

print(policy_result.chat_history[-1]["content"])

4) Convert outputs into a deterministic decision payload

Use your own thresholds outside the model. That keeps underwriting behavior stable across model updates.

def decide_from_score(score: int) -> str:
    if score >= 80:
        return "REJECT"
    if score >= 50:
        return "MANUAL_REVIEW"
    return "APPROVE"

decision_payload = {
    "application_id": case["application_id"],
    "fraud_score": 82,
    "decision": decide_from_score(82),
    "fraud_reasoning": fraud_summary,
}

print(json.dumps(decision_payload, indent=2))

Production Considerations

• •Deploy behind a synchronous decision service
  • •Lending decisions need bounded latency. Put AutoGen behind an API with timeouts and fallback rules when the agent fails or returns malformed output.
• •Log every prompt and response
  • •Store inputs, retrieved evidence, model version, and final decision in an immutable audit trail. This is mandatory for disputes and model governance.
• •Enforce data residency and PII controls
  • •Redact SSNs, bank account numbers, and document images before sending data to the model. Keep regional processing aligned with jurisdictional requirements.
• •Add hard guardrails outside the model
  • •Use deterministic rules for sanctions hits, duplicate identity matches, and velocity thresholds. The agent should explain decisions, not replace policy.

Common Pitfalls

• •Letting the model make final credit decisions
  • •Don’t do that. Use the agent to classify risk and produce evidence-backed recommendations; keep approval logic in code or policy rules.
• •Sending raw sensitive data into prompts
  • •Mask PII first. Replace full identifiers with tokens and only pass what is necessary for analysis.
• •Skipping replayable audit logs
  • •If you cannot reconstruct why an application was rejected six months later, your implementation is not production-ready.

Keep learning

• •The complete AI Agents Roadmap — my full 8-step breakdown
• •Free: The AI Agent Starter Kit — PDF checklist + starter code
• •Work with me — I build AI for banks and insurance companies

By Cyprian Aarons, AI Consultant at Topiax.