Approved fraud ($500)
Your payment processing pipeline approved 40,000 orders last month. Your Exception Review team caught 312 suspicious ones before they shipped. But your chargeback report just landed: 87 orders that looked clean, passed every Quality Gate, and turned out to be fraudulent. That is $43,500 in losses you already booked as Revenue - and now you are giving it back. Welcome to approved fraud.
Approved Fraud is the dollar cost of fraudulent transactions your system approved - the ones that passed every Quality Gate and Exception Review without triggering a flag. You cannot eliminate it to zero without destroying Throughput, so you manage it as a budgeted line item on your P&L, calibrated by your risk appetite.
Approved fraud is a specific failure mode: a bad transaction that your detection system classified as good. It passed your Quality Gates. It did not route to Exception Review. Your team never saw it. You only find out when the real customer disputes the charge, or the goods vanish, or the chargeback hits your account.
The Error Cost here is the full face value of the fraudulent transaction - typically the product cost, the selling costs you already incurred (shipping, payment processing fees), plus a chargeback penalty from your payment processor. A $500 order might actually cost you $575 once you add the penalty and lost product.
This is distinct from detected fraud, which your Exception Review team caught before fulfillment. Detected fraud costs you review Labor but saves you the Error Cost. Approved fraud costs you the full amount because nobody intervened.
Approved fraud hits your P&L in three places simultaneously:
The painful part: approved fraud is invisible until after you have spent the money. Unlike a defect rate you catch in Quality Control, this is a defect rate you discover weeks later in your Financial Statements.
For an Operator running a P&L, approved fraud is not a security problem. It is a Cost Structure problem. You need to budget for it, measure it, and decide how much you are willing to tolerate - which is a risk appetite decision, not a technical one.
Think of your fraud detection pipeline as a Scoring Model with a threshold:
Here is the tradeoff:
| Threshold | Exception Review volume | Approved Fraud rate | Throughput |
|---|---|---|---|
| Score > 20 | Very high (many false positives) | Very low | Slow - your team is drowning |
| Score > 50 | Moderate | Moderate | Reasonable |
| Score > 80 | Very low | High - you are letting bad ones through | Fast |
Lowering the threshold catches more fraud but floods your Exception Review queue with legitimate orders. That costs Labor, slows Throughput, and creates opportunity cost from delayed good orders. Raising the threshold lets more fraud through but keeps operations fast.
The math follows directly from Expected Value:
Expected Approved Fraud Cost = (Number of approved transactions) x (fraud rate among approved transactions) x (Error Cost per fraudulent order)
If you approve 40,000 orders/month, your fraud rate among approved orders is 0.22%, and each incident costs $500:
40,000 x 0.0022 x $500 = $44,000/month
That is your approved fraud budget. Now compare it to what it would cost to tighten the threshold - more reviewers, slower Throughput, more false positives annoying real customers (which hits CSAT and Churn).
You should explicitly model approved fraud as a P&L line item whenever:
The decision rule for how aggressively to fight approved fraud:
The mature operator does not try to hit zero fraud. They try to hit the point where the marginal dollar spent on prevention equals the marginal dollar saved in fraud losses - the break-even on fraud investment.
You run fulfillment for an e-commerce business. Average order value: $120. Average Error Cost per approved fraud incident: $155 (product + shipping + $25 chargeback fee). You process 50,000 orders/month. Current threshold sends top 3% to Exception Review (1,500 orders). Your 4-person review team catches 200 fraudulent orders/month. But 95 fraudulent orders still slip through as approved fraud.
Current approved fraud cost: 95 x $155 = $14,725/month
Your team proposes lowering the threshold from top 3% to top 6% - doubling the review queue to 3,000 orders/month. You would need 4 more reviewers at $4,200/month each = $16,800/month in additional Labor.
The team estimates the tighter threshold would catch 60 of the 95 missed fraudulent orders, reducing approved fraud to 35 incidents: 35 x $155 = $5,425/month. Savings: $14,725 - $5,425 = $9,300/month.
Compare: you spend $16,800/month to save $9,300/month. That is a negative ROI of -$7,500/month.
Instead, you propose investing $3,000/month in a better Scoring Model (additional data signals). Your vendor estimates this catches 40 of the 95, reducing approved fraud to 55 incidents: 55 x $155 = $8,525/month. Savings: $6,200/month for $3,000/month cost = positive ROI of $3,200/month.
Insight: The first instinct - throw more reviewers at it - had negative ROI because Labor scales linearly with volume. The better Scoring Model costs less and catches more because it improves the quality of your Exception Review routing, not the quantity. Always check whether the fix is a capacity problem or an accuracy problem before spending.
You are building next quarter's Budget for a subscription box company. Historically, 0.3% of approved orders are fraudulent. You project 120,000 orders next quarter at an average Error Cost of $85 per fraudulent order (product cost + shipping - you eat it, no chargeback fee because you switched to a processor that absorbs that but charges a higher Net Rate).
Expected fraudulent approved orders: 120,000 x 0.003 = 360 orders
Expected approved fraud cost: 360 x $85 = $30,600 for the quarter, or ~$10,200/month
You add a line item to your Operating Statement under Cost Structure: 'Approved Fraud Reserve - $10,200/month'
Your CFO asks why you are not trying to reduce it. You show the Sensitivity Analysis: reducing the fraud rate from 0.3% to 0.15% requires a $8,000/month Scoring Model upgrade. That saves 180 x $85 = $15,300/quarter = $5,100/month. Net benefit: $5,100 - $8,000 = negative $2,900/month. The current fraud rate is actually optimal given your cost of prevention.
You document this as a deliberate risk appetite decision in your Financial Statements notes, not an unmanaged risk.
Insight: Putting approved fraud in the Budget as a named line item transforms it from a surprise into a managed cost. When it comes in at $9,800 one month and $11,400 the next, you are evaluating Variance against a baseline - not panicking. The operator who budgets for fraud sleeps better than the one who pretends it will not happen.
Approved fraud is the Error Cost of transactions your system approved that turned out to be fraudulent - you only discover them after the money is spent
The optimal approved fraud rate is almost never zero. It is the point where your marginal cost of prevention equals your marginal fraud savings - a break-even calculation, not a perfection goal
Budget it as a named line item on your P&L. Surprise fraud is a crisis. Budgeted fraud is a managed Cost Structure decision calibrated to your risk appetite
Treating approved fraud as a security team problem instead of a P&L problem. Security builds the Scoring Model, but the threshold is a business decision. The Operator owns the tradeoff between Throughput, customer experience (CSAT), and fraud losses. If you delegate the threshold to your security team, they will optimize for zero fraud at the expense of everything else - because that is their incentive.
Tightening the threshold without modeling the false positive cost. Every legitimate order that gets flagged for Exception Review adds delay, risks Churn, and costs reviewer Labor. If your false positive rate doubles to save $5,000/month in fraud but you lose $12,000/month in customer Lifetime Value from the friction, you made your P&L worse. Always model both sides.
Your marketplace processes 25,000 transactions/month. Your Exception Review team reviews the top 5% (1,250 transactions) and catches 180 fraudulent ones. An additional 60 fraudulent transactions slip through as approved fraud. Each costs $320 in Error Cost. A vendor offers a better Scoring Model for $4,500/month that they claim will catch 40 of those 60. Should you buy it?
Hint: Calculate the current approved fraud cost, the projected approved fraud cost with the new model, and compare the savings to the $4,500/month price tag.
Current approved fraud cost: 60 x $320 = $19,200/month. With the new model, approved fraud drops to 20 incidents: 20 x $320 = $6,400/month. Savings: $19,200 - $6,400 = $12,800/month. Cost: $4,500/month. Net benefit: $8,300/month. ROI: $8,300 / $4,500 = 184%. Yes, buy it - you recover the cost almost 3x over. But verify the vendor's claim with a pilot first - that '40 out of 60' estimate is their sales pitch, not a guarantee. Run a 30-day backtesting period on historical data before committing.
You are arguing with your CEO who wants zero approved fraud. Your current rate is 0.4% of approved transactions (200 incidents/month at $150 each = $30,000/month). Getting to 0.1% would require 12 additional reviewers at $4,000/month each. Getting to 0% would require reviewing every single transaction - all 50,000 - which would need 40 reviewers. Build the cost comparison table and identify the optimal point.
Hint: Calculate the total cost (reviewer Labor + remaining approved fraud cost) at each threshold. The optimal point minimizes total cost, not fraud alone.
At 0.4% (current, 0 additional reviewers): Fraud cost = $30,000. Reviewer cost = $0 incremental. Total = $30,000/month.
At 0.1% (12 additional reviewers): Fraud cost = 50 x $150 = $7,500. Reviewer cost = 12 x $4,000 = $48,000. Total = $55,500/month.
At 0% (40 reviewers, full review): Fraud cost = $0. Reviewer cost = 40 x $4,000 = $160,000. Total = $160,000/month.
The current state ($30,000/month total) is actually the cheapest option. Tightening to 0.1% costs an additional $25,500/month for $22,500 in fraud savings - net negative. Going to zero costs $130,000 more to save $30,000 in fraud.
Present this to your CEO as: 'We can eliminate fraud entirely for an extra $130,000/month. Or we can budget $30,000/month in approved fraud and invest the $130,000 difference in growth.' That reframes it from a risk conversation to a Capital Allocation conversation.
Approved Fraud builds directly on your two prerequisites. Error Cost gave you the dollar figure per incident - here, that is $500 per fraudulent approved order. Exception Review gave you the mechanism that creates the possibility of approved fraud in the first place: because you only review flagged items, unflagged fraudulent items sail through. Approved Fraud is what happens at the boundary between those two ideas - it is the residual Error Cost that Exception Review, by design, does not catch. Downstream, this concept feeds into broader P&L management: once you budget approved fraud as a line item, you are practicing the same discipline as any other Cost Structure decision. You will see it connect to Quality Gates (where you set the threshold), risk appetite (how much fraud you tolerate), and Sensitivity Analysis (how changes in your threshold ripple through both fraud costs and operational costs simultaneously). The core lesson is that rational Operations means choosing your losses deliberately, not pretending you can avoid all of them.
Disclaimer: This content is for educational and informational purposes only and does not constitute financial, investment, tax, or legal advice. It is not a recommendation to buy, sell, or hold any security or financial product. You should consult a qualified financial advisor, tax professional, or attorney before making financial decisions. Past performance is not indicative of future results. The author is not a registered investment advisor, broker-dealer, or financial planner.