Job Description
Flex is building the AI-native private bank for business owners.
We’re re-architecting the entire financial system for entrepreneurs—from the first dollar a business earns to how that value compounds, moves, and is ultimately spent in real life. Banking, credit, payments, personal finance, and financial operations—rebuilt from the ground up as a single, intelligent system. Flex is the full financial home for ambitious owners.
Since launching publicly in September 2023, Flex has scaled from zero to nine-figure annualized revenue, with a clear path to profitability by late 2026. We move fast, ship relentlessly, and operate with extreme ownership.
Our customers are affluent business owners ($3–$200M in revenue)—the backbone of the economy and one of the most underserved segments in finance. They’re stuck with outdated banks and fragmented tools. We’re replacing all of it. The opportunity is massive: a ~$1T+ revenue market hiding in plain sight. Our ambition is to build a product that is fundamentally better—not incrementally improved.
Flex Fuels Ambition.
The Fraud Risk Management Lead is a key member of the Flex Risk Management Leadership Team (reports to the Chief Risk Officer) who will have the opportunity to take the Fraud Risk Management function at Flex to a level that rivals the best in class.
Core Responsibilities
Own end-to-end fraud risk management for Flex’s credit card and DDA product portfolio across consumer and small business segments; end-to-end meaning full lifecycle coverage, from pre-acquisition through post-disbursement:
- Acquisition & onboarding fraud: analyze application fraud patterns by channel and source; assess identity signal quality, document authenticity rates, and synthetic identity indicators at the population level; monitor approval flow for anomalous approval rate shifts that may signal policy exploitation
- Identity & entity verification performance: maintain analytical visibility into match rates, challenge rates, and step-up conversion across KYC and KYB verification layers in partnership with compliance; identify where the verification stack may be generating friction for good applicants or gaps for bad ones — and surface those findings as inputs to joint policy discussions
- First-party fraud: monitor behavioral signals associated with intentional default — spend acceleration, balance build without payment intent, cash advance abuse, and bust-out patterns; distinguish first-party risk from credit deterioration analytically
- Third-party fraud: track unauthorized transaction patterns, account takeover indicators, card-not-present abuse, and compromised credential signals; maintain segment-level views of dispute and chargeback rates by fraud type
- Synthetic identity fraud: build and maintain detection frameworks for synthetic identities — thin-file manipulation, credit piggybacking, fabricated entity structures — with particular attention to SMB applicants where bureau data is sparse and entity verification is harder
- DDA-specific fraud vectors: monitor ACH manipulation, payee substitution, unauthorized external transfer attempts, and check fraud patterns within the DDA product; maintain visibility into funds flow anomalies that may indicate account misuse or laundering behavior
- Authorization & transaction monitoring: analyze real-time and near-real-time authorization patterns for velocity anomalies, geographic inconsistencies, merchant category abuse, and card testing signals
- Dispute, chargeback & recovery: own the analytical view of dispute resolution patterns; identify chargeback abuse and friendly fraud at the segment and merchant level; track recovery rates by fraud type and loss emergence timing
Build and maintain fraud detection frameworks that surface emerging attack patterns before they scale — distinguishing signal from noise across high-volume transaction and behavioral data
Synthesize data across sources — device, IP, identity, bureau, transaction, and behavioral — to construct a layered fraud risk view; capable of identifying coordinated fraud rings and correlated anomalies that don’t surface in single-signal models
Lead periodic fraud risk reviews: design the analytical narrative, own the underlying loss and dispute data, and present findings with clear exposure implications to risk committees and senior leadership
Develop fraud segmentation — by fraud type, acquisition channel, product, obligor type, and attack vector — to enable more precise detection tuning, policy intervention, and loss reserve calibration
Partner cross-functionally with credit, legal & compliance, financial crimes, operations, and product to ensure fraud risk visibility is embedded in product design and upstream decisioning, not bolted on reactively
Contribute to scenario analysis and stress testing for fraud loss: model exposure under elevated attack conditions and translate into concrete loss and operational cost estimates
Serve as the internal SME on fraud analytics — establishing detection standards, taxonomy, and measurement frameworks as the product portfolio scales
Qualifications
- This role sits in the foundational build path of core risk management disciplines, and we expect significant upward potential for the right candidate. The emphasis is on finding colleagues with a strong foundation more than a ‘minimum number of years’ constraint. We can work with folks who have 7–15 years of hands-on fraud risk management experience with direct ownership of detection and loss management across consumer and small business products; experience spanning both a bank or regulated card program and a fintech strongly preferred
- Deep subject matter expertise across all three fraud typologies — first-party, third-party, and synthetic identity — with the ability to distinguish them analytically, not just definitionally; understands how each manifests differently in a credit card versus DDA context
- Fluent in the fraud signal stack: device fingerprinting, IP intelligence, identity graph analysis, behavioral biometrics, velocity rules, and ML-based anomaly detection — knows which tools to reach for and when rules-based logic outperforms models
- Understands DDA fraud vectors at a product level: ACH origination and return abuse, check fraud, Reg E dispute dynamics, and the intersection of payment fraud with account takeover
- Analytically self-sufficient: proficient in SQL and Python or R; capable of building detection logic, cohort analysis, and loss attribution from raw data rather than consuming pre-built dashboards
- Familiar with the regulatory and compliance overlay on fraud: SAR filing thresholds, Reg E obligations, FCRA considerations for adverse action, and BSA/AML red flags that overlap with fraud patterns
Mindset
- Operates at a senior thinking level relative to peer cohort — brings a point of view on emerging attack vectors, challenges detection assumptions, and drives the fraud agenda without waiting to be directed
- Instinctively thinks from the other side of the table: models how a bad actor would exploit a product, policy gap, or verification weakness — and builds detection logic accordingly
- High quantitative aptitude with strong intuition for when loss or dispute trends don’t pass the smell test; catches pattern shifts early and escalates with evidence, not just instinct
- High-energy, end-to-end owner who thrives in environments where detection infrastructure is still being built and the threat landscape is actively evolving
- Effective communicator who can translate complex fraud dynamics — ring structures, synthetic identity clusters, bust-out cohorts — into crisp narratives for risk committees, product teams, and senior leadership
$150,000 - $250,000 a year
We believe in the culture of ownership at Flex. All employees are given Equity in the company in addition to the Base Compensation.
Flexbase Technologies Inc.
