Gaming the system has always been a frontline risk in MCA. What’s changed is how fast it happens and how costly it is when it slips through.
A single bad approval now shows up everywhere – your P&L, your financing partner check-ins, and in the way ISOs talk about you. The balancing act between security and speed has never been harder.
Tightening too much and cleaning files stalls.
Loosen up, and fraud-loss % climbs, repayment trouble hits earlier, and your cost of capital goes up.
Digging deeper showed us two shifts that raised the stakes:
i) Generative AI (tools that can instantly create text, images, or documents) has made fraud cheaper and faster. A fake bank statement or ID that once took hours to forge can now be spun up in seconds.
ii) Borrowers are gaming the process directly. From circular deposits that mimic revenue & stacked loans hidden in the fine print, to altered IDs and self-submitted industries that don’t match reality – the weak spots in underwriting are being targeted head-on.
This means your riskiest cases often aren’t the obvious bad ones – they’re the ones that look almost too perfect to question.
When “too perfect” files turn into million-dollar frauds
Let’s imagine a hypothetical (yet very possible) scenario.
An ISO sends you a clean package. It has the required three months of statements, smooth revenue patterns, and low non-sufficient funds (NSF). It all looks perfect, and you decide to fund them.
However, two weeks after funding, the automated clearing house (ACH) pulls a bounce. The money is gone.
That’s exactly how Jonathan D. Strohm, a Mississippi man, and his co-conspirators ran a multimillion-dollar play. They set up shell companies, forged bank statements, and used stolen identities to obtain advances from Caymus Funding Inc., an MCA provider based in Georgia.
By the time repayments failed and ACH pulls bounced, Caymus had lost more than $6 million. Strohm pled guilty in 2023 to conspiracy to commit wire fraud and money laundering, and faces up to 20 years in prison (Source). The takeaway is simple: fraudsters do their homework. They know exactly what an underwriter wants to see, and they package their applications to look spotless. That’s why a file that feels “too clean” should sound some alarms. Without stronger checks, even the best-run businesses can get caught off guard.
Four ways borrowers game the system
The Strohm case is a reminder that fraud doesn’t always look messy. Sometimes it looks cleaner than the real thing. Borrowers don’t need to outsmart every step of your process – they only need to find one weak spot and push through it. And those weak spots usually fall into a handful of predictable buckets.
1. Circular routing of money
One of the oldest tricks in the book. Borrowers move the same dollars around between accounts to make revenue look steadier than it is. On a bank statement, the inflows check out. In reality, there’s no new money – just the same funds cycling until the advance lands.
2. Loan stacking
This is the classic timing play. A merchant applies with multiple funders at once, leaving obligations off the application. ACH pulls reveal the truth only after funding, when you realize three other advances are hitting the same account. By then, the cash flow is already stretched too thin.
3. ID fraud
Sometimes it’s stolen, sometimes it’s synthetic. Fraudsters stitch together bits of real and fake data to create identities that pass basic checks. The paperwork looks legitimate, but the person or the business was never real in the first place.
4. Industry disguising
Not every high-risk business calls itself what it is. A vape shop becomes a “convenience store.” A long-haul trucking outfit registers as “logistics consulting.” On paper, it looks like a safer bet. In practice, the risk profile hasn’t changed – it’s just been relabeled.
Borrowers are finding ways to bend your process just enough to get funded. The surface tricks – doctored PDFs, synthetic IDs, disguised deposits – keep changing. But the buckets stay the same. And most MCA shops already have controls in place to catch some of this. The question is – are those defenses strong enough for the pace and scale of today’s attacks?
The defenses MCA shops rely on today – and where they fall short
Before we get to what MCA lenders can do to ensure maximum security against such cases, we need to take a look at what is currently being done in most places.
Most MCA shops already use a mix of manual reviews, system rules, and point tools – checking state filings, liens, bank data, and document formats. On paper, it looks solid, but in practice, cracks still show. On paper, this toolkit looks solid. Unfortunately, this is not enough to be as secure as possible. There are cracks in this system that cannot be ignored:
- Rules are brittle: A slightly altered PDF or new bank template can slip past your document verification checks. That’s how circular routing and fake deposits sneak in, looking like clean cash flow.
- Borrowers adapt: Once they know what gets flagged, they change the story. ACH pulls get renamed in statements to hide stacking, or a business relabels itself as a proclaimed/ industry to get funded.
- The pressure doesn’t let up: Fraud attempts don’t slow down, even when rules get stricter. Altered bank statements and synthetic IDs keep showing up in volume – and analysts end up chasing more files instead of fewer.
Bottom line: The current tools are useful – they’re just not enough on their own. Which is why many funders are looking at newer, AI-powered solutions to plug the gaps.
Emerging, AI-driven fraud defense mechanisms
These AI tools aren’t here to replace people or processes. They’re here to make both sharper – taking on the grunt work and leaving judgment to your team. You see the difference most clearly when you compare how things are handled today with how AI changes the workflow.
Circular routing of money
- Today: Most tools just skim the page – they just run OCR, read deposits as text, and call everything “revenue.” If money is simply moving in circles between accounts, it still shows up as clean flows of cash.
- With AI, the system automatically follows the trail. If the money is cycling back and forth, it highlights that pattern, so the “revenue” doesn’t fool you.
Loan stacking
- Today: Analysts usually uncover stacking when someone finally digs through a long CLEAR® report, or after manually going through large credits and recurring debits in bank statements.
- With AI: Those 50-page reports are condensed for easy analysis. UCC filings, and recurring lender debits are all pulled to the surface, so you see the crowding upfront instead of after funding.
Identity manipulation
- Today: An ID that looks decent on the screen usually passes. A shifted font, an odd shadow, or even deepfakes still slip through because the check is only surface-level.
- With AI: Subtle edits are caught easily, and the identity can be checked against outside signals like address history or phone and email age. A profile that looks safe but has no real footprint gets flagged before funding.
Industry disguising
- Today: A “convenience store” or “consulting firm” often sails through with nothing more than what’s written on the form.
- With AI: It doesn’t just take the industry code at face value. It looks at the shopfront, maps listing, website, reviews and the account transactions themselves. If a vape shop spends like a vape shop but calls itself a corner store, the mismatch shows.
All of this can sound impressive, but it’s worth keeping perspective. AI won’t replace judgment, and it won’t stop a rogue ISO or a borrower determined to disappear. What it can do is take the busywork off your team’s plate – flagging recycled deposits, hidden obligations, and thin identities – so your underwriters spend their time where it really matters: the gray calls that need people.
Staying sharper and faster than fraud
Fraud is evolving fast, and so must the way MCA providers defend against it. The answer isn’t more complexity – it’s simple habits done well, paired with tools that adapt as quickly as the fraudsters do.
Protecting capital, keeping ISOs confident, and winning trust from funders all come down to one thing: staying faster and sharper than the fraud you face.
And if you want a set of helping hands, team HyperVerge is just a call away.
