As technology evolves, government leaders face a dual challenge: modernizing their programs and systems while protecting them from increasingly complex fraud risks. Few understand this balance better than Christy Goldsmith Romero, former Commissioner at the U.S. Commodity Futures Trading Commission (CFTC) and an internationally recognized expert and leader in the financial system, financial regulation, and enforcement, particularly fraud enforcement.

We sat down with Goldsmith Romero to discuss how today’s technologies and emerging trends are transforming both the opportunities and the risks in government fraud prevention. Drawing on her experience leading enforcement, regulating digital assets, and overseeing large-scale emergency programs, she shared practical insights on how agencies can strengthen fraud controls amid the rise of synthetic identities, deepfakes, AI-driven tools, and other emerging or increasing threats, including through the use of technology.

Synthetic identity fraud: Complex threats to verification systems

The risk: 

By blending real and fabricated data, criminals can create new “identities” that pass standard verification checks, allowing them to open accounts, move funds, and exploit public programs undetected. A sophisticated and persistent threat, “Synthetic identity fraud poses a national security risk,” Goldsmith Romero said. “Accounts are being opened by money mules for illicit finance, including money laundering.” It’s critical to tighten eligibility and data validation within program design to prevent fraudulent actors from exploiting gaps.

Action steps:

• Recalibrate identity verification. Expand validation beyond single data points by cross-checking Social Security numbers, physical addresses, and email domains against authoritative databases.
• Monitor anomalies in account activity. Pay attention to dormant accounts, repeated failed login attempts, or access from foreign IP addresses.
• Engage third-party identity analytics. Seek out digital-identity verification firms capable of mapping high-risk profiles, such as addresses or phone numbers associated with known fraud networks.
• Sustain continuous monitoring. Ongoing verification of customer or recipient data helps detect shifts, such as a death record match or a sudden change in address.
  
  

Deepfakes: Promoting trust in a synthetic media age

The risk:

AI-generated “deepfakes” – realistic but fabricated videos, images, and audio – can distort information and undermine institutional credibility. “Trust is eroded when people don’t know if what they’re seeing is real or AI-generated,” Goldsmith Romero said. Public-sector entities face the compounded risk of reputational harm, policy disruption, or misinformation campaigns that manipulate official communications. Agencies must be proactive in reinforcing the integrity of their public communications and maintaining confidence in the authenticity of government information.

Action steps:

• Adopt watermarking protocols. Embed digital signatures in AI-generated content to distinguish authentic from synthetic media. “As an industry standard, watermarking goes a long way toward promoting trust,” Goldsmith Romero said. “If watermarking becomes standard, then people know unlabeled content is authentic, and they can believe what they’re seeing and hearing.”
• Enforce metadata and provenance tracking. Maintain detailed records of the origin, edits, and verification of official media assets to provide accurate and transparent information.
• Develop content verification standards. Create guidelines for validating imagery and communications, particularly those released during emergencies or in public statements.
• Educate teams on information integrity. Train communications and compliance personnel to identify deepfake manipulation and manage incident responses swiftly.
  
  

Digital assets: New tools, new targets

The risk:

Cryptocurrency and blockchain technologies present both innovation opportunities and fresh avenues for fraud. “Whenever there’s hype surrounding something new, there will inevitably be fraudulent scams,” Goldsmith Romero said. Romance scams, investment fraud, and offshore unregistered crypto schemes all continue to evolve. Responsible innovation requires striking a balance between openness to new technology and the protection of customers, sensitive data, and the interests of beneficiaries.

Action steps:

• Leverage blockchain tracing tools. Agencies have grown adept at using blockchain to trace money flows and recover stolen assets faster.
• Strengthen consumer awareness. Educate consumers and encourage vigilance against responding to unsolicited messages, “wrong number” texts, or social media outreach urging crypto investment.
• Promote secure contracting. For agencies adopting blockchain, enforce strict data protections, especially for investigations and enforcement. “The safeguard that must be non-negotiable is protecting agency data, particularly investigation-related data,” Goldsmith Romero said.
  
  

AI in oversight: Responsible use for maximum impact

The risk:

With its powerful analytical capabilities, AI can transform oversight capacity, enabling agencies to prevent fraud at the speed it evolves. But it also introduces new governance challenges, and must be used responsibly. “Agencies have a real tool in AI to fight fraud,” Goldsmith Romero said, “but there must be humans in the loop and over the loop to verify what AI generates.”

Action steps:

• Automate anomaly detection. Use AI to flag irregular transactions and behavior patterns across large data sets in real time.
• Maintain human oversight. Require human oversight of all AI deployment and AI-generated findings to avoid false positives or bias.
• Follow governance frameworks. Models like the NIST AI Risk Management Framework help define governance and performance monitoring and support explainability.
• Prioritize data quality and privacy. Establish protocols to make sure that input data is accurate, current, and unbiased, and safeguard data privacy.
  
  

Resource and workforce limitations: A risk turned opportunity

The risk:

Agencies often lack the necessary tools and staffing to manage investigations independently. But that doesn’t have to be a risk – it can open the door for collaboration. “Agencies with overlapping jurisdictions should cooperate and coordinate,” Goldsmith Romero emphasized. “That allows them to leverage each other’s resources, expertise, and access to documents.” This teamwork can turn fragmented oversight into an integrated oversight system, leveraging resources while strengthening fraud resilience.

Action steps: 

• Form interagency task forces. Coordinate investigative priorities and pool data to identify cross-program fraud patterns.
• Share risk intelligence. Develop standardized fraud indicators and share data to enhance visibility and insight.
• Streamline investigation triage. Align case prioritization based on impact and complexity to protect efficient use of limited resources.
• Focus on prevention. “If the agencies implement effective fraud controls, that can help cut back the fraud so that there’s less fraud to investigate,” Goldsmith Romero noted.
  
  

In conclusion: Build a culture of fraud resilience

Fraud prevention is an enterprise-wide imperative that depends on leadership, education, and technological readiness. By pairing modern tools with robust governance frameworks, interagency coordination and collaboration, strong internal controls, and clear accountability, government leaders can build sustainable fraud defenses that safeguard public resources and strengthen public trust.