Key Takeaways
- TomoCredit's defamation lawsuit against a fintech journalist signals growing tension between lender transparency and public scrutiny in alternative finance.
- When fintech companies resist external examination, it raises legitimate questions about underwriting integrity and verification standards across the industry.
- AI fraud detection for business lending is maturing rapidly, but only works when paired with verifiable source data like live banking sessions rather than static documents alone.
- MCA lenders who invest in auditable, transparent verification workflows position themselves ahead of regulatory pressure and reputational risk.
- Asynchronous bank verification creates a timestamped, reviewable evidence trail that protects both lenders and applicants.
A Fintech Lawsuit That Should Concern Every MCA Lender
When TomoCredit filed a defamation lawsuit against fintech journalist Jason Mikula in early 2026, the immediate story was about one company and one reporter. But the deeper signal matters far more for anyone in alternative lending. AI fraud detection for business lending has become a central concern as the industry scales, and the TomoCredit case exposes a structural problem that goes well beyond a single legal dispute.
TomoCredit, which describes itself as a software company supporting financial literacy, took the unusual step of suing a journalist whose publication, Business Fintech Weekly, has become a widely followed source of fintech industry reporting and commentary. Regardless of how the lawsuit resolves, the broader message is this: fintech companies increasingly face public scrutiny over their lending practices, data handling, and verification standards. Some respond with transparency. Others respond with litigation.
For MCA funders, the question is not whether TomoCredit's claims have merit. The question is what happens to your business when scrutiny arrives at your door. Are your verification records defensible? Can you demonstrate, with timestamped evidence, that your underwriting decisions were based on verified bank data rather than manipulated documents? This article breaks down why the transparency gap in fintech lending creates real risk for MCA operations and how lenders can close that gap before it becomes a liability.
The Transparency Gap in Alternative Lending
Why External Scrutiny of Fintech Lenders Is Increasing
The TomoCredit lawsuit did not happen in a vacuum. Over the past two years, alternative lenders have faced mounting pressure from regulators, journalists, and advocacy groups. California's proposed AB2116 would extend consumer financial protections to businesses generating up to $18 million annually, effectively treating a significant share of MCA recipients as consumers under state law. The Consumer Financial Protection Bureau continues to expand its oversight ambitions into commercial lending territory. Journalists covering fintech, like Mikula, have built substantial audiences by investigating exactly the kinds of practices that regulators are now targeting.
This convergence of regulatory expansion and journalistic scrutiny means that every MCA lender's verification practices are potentially one FOIA request, one whistleblower, or one investigative article away from public examination. The lenders who survive that scrutiny are the ones whose processes produce auditable, verifiable evidence at every step.
The Static Document Trust Problem
Most MCA underwriting still relies heavily on static bank statements, whether PDFs uploaded by applicants or documents forwarded through brokers. The fundamental problem with static documents is that they require trust. You trust that the PDF was not altered. You trust that the broker received it directly from the applicant. You trust that the account numbers, balances, and transaction histories are authentic.
That trust is increasingly misplaced. As we explored in our analysis of the FBI's carroting scam case, sophisticated fraud rings have demonstrated repeatedly that static bank statements can be fabricated convincingly using commercially available tools. PDF metadata can be spoofed. Transaction histories can be constructed from templates. Even watermarks and formatting details can be replicated with enough effort.
AI-powered document analysis tools have improved dramatically at catching some of these manipulations. Machine learning models trained on thousands of authentic and fraudulent documents can flag pixel-level inconsistencies, font mismatches, and metadata anomalies. These tools are valuable. But they share a fundamental limitation: they are analyzing a copy of reality, not reality itself.
Moving from Trust to Evidence
The alternative to trust-based verification is evidence-based verification. Instead of asking whether a document looks authentic, you ask whether you can observe the applicant's actual banking portal in a live or near-live session. This is where the distinction between synchronous and asynchronous approaches becomes critical.
Traditional live verification calls accomplish the goal of seeing a real banking session, but they introduce scheduling friction, time zone misalignment, and significant labor costs. Every call requires an underwriter to be available at the same time as the applicant. For lenders processing hundreds of applications monthly, the math simply does not scale.
Asynchronous verification solves the scalability problem without sacrificing evidence quality. When an applicant records their live banking session on their own time and submits the recording for review, you get the same evidentiary value as a live call. The recording captures the actual banking portal, the actual transactions, and the actual account details in real time. But your underwriting team reviews it when capacity allows, not when the applicant happens to be available.
Exact Balance was built specifically around this principle. Applicants receive a secure link, record their banking portal session with AI-guided step validation, and submit the recording. Your team reviews it on demand, with full activity tracking showing when the link was opened, when recording started, and when submission completed. Every step is timestamped. Every recording is encrypted and stored securely. The result is a verification record that can withstand any level of external scrutiny.
How AI Fraud Detection Strengthens Verification Workflows
AI Vision for Recording Validation
One of the most promising applications of AI in bank verification is not document analysis. It is recording analysis. When you have a video of an applicant navigating their banking portal, AI vision models can validate multiple fraud signals that static documents cannot capture.
For example, AI can verify that the banking portal URL matches expected patterns for the claimed financial institution. It can detect whether the session shows genuine browser navigation behavior or a pre-rendered video playback. It can flag recordings where the banking portal layout does not match known templates for that institution, a potential indicator of a spoofed site. And it can confirm that the applicant navigated to the specific sections requested, such as transaction history for a defined date range, account summaries, or recent deposits.
These capabilities go beyond what even the best PDF analysis can achieve. You are not asking a model to determine whether a document was altered. You are asking it to confirm that a real person navigated a real banking portal and displayed real account information. The evidentiary bar is fundamentally higher.
Pattern Detection Across Applications
AI fraud detection for business lending also becomes more powerful when applied across a portfolio of verification recordings rather than to individual applications in isolation. Machine learning models can identify patterns that individual reviewers would miss: applicants using the same browser fingerprint across multiple supposedly unrelated applications, recordings submitted from IP addresses associated with known fraud clusters, or banking sessions that follow suspiciously identical navigation patterns suggesting scripted behavior.
This kind of network-level analysis is something we discussed in the context of network-aware lending and MCA stacking fraud detection. The principle applies equally to verification recordings. When your verification data is structured and digital rather than scattered across PDFs and phone call notes, pattern detection becomes feasible at scale.
Balancing Automation with Human Review
A critical point that often gets lost in AI hype: automated fraud detection does not replace human judgment. It augments it. The most effective verification workflows in 2026 use AI to flag anomalies and surface high-risk applications, then route those flagged cases to experienced underwriters for manual review.
This tiered approach matters for defensibility. If a regulator, journalist, or litigant asks how you made a particular funding decision, your answer should be that an AI system identified relevant risk signals, a trained underwriter reviewed the evidence, and a decision was made based on defined criteria. That is a defensible process. "We looked at the PDF and it seemed fine" is not.
Building a Verification Process That Survives Scrutiny
The TomoCredit lawsuit is a reminder that fintech companies exist in a glass house. Journalists, regulators, competing lenders, and applicants themselves can all demand visibility into your processes. The MCA lenders who thrive in this environment are those who treat verification not as a checkbox but as a core competitive advantage.
Consider what a fully defensible verification workflow looks like. Every applicant receives standardized, professional communication with clear instructions. Every banking session is recorded with browser-based capture, requiring no software installation. Every recording is encrypted, timestamped, and stored with a complete activity log. Every review decision is documented. And the entire chain is available for audit at any time.
This is not theoretical. It is exactly the workflow that Exact Balance enables. When an underwriter at your firm marks a verification as complete, they are not relying on memory or informal notes. They are working from a recorded, timestamped, AI-validated artifact that documents the applicant's banking reality at the moment of recording.
Compare this to the standard practice at many MCA shops: a broker emails a PDF, an underwriter eyeballs it, maybe runs it through a document analysis tool, and makes a judgment call. There is no recording. There is no activity log. There is no chain of custody. If that decision is later questioned, the underwriter's defense is their recollection of what they reviewed and when.
In an industry facing increasing regulatory scrutiny, as we detailed in our coverage of CFPB regulation costs for MCA lenders, the gap between these two approaches will increasingly determine which lenders survive and which face enforcement actions, lawsuits, or reputational damage.
Frequently Asked Questions
What is AI fraud detection for business lending?
AI fraud detection for business lending uses machine learning models and computer vision to identify fraudulent patterns in loan and MCA applications. This includes analyzing bank statements for document manipulation, reviewing verification recordings for spoofed banking portals, detecting network-level patterns like stacking fraud across multiple applications, and flagging behavioral anomalies in applicant submissions. Unlike manual review alone, AI systems can process hundreds of signals simultaneously and identify subtle inconsistencies that human reviewers might miss.
How does asynchronous bank verification prevent fraud?
Asynchronous bank verification prevents fraud by capturing a live recording of the applicant navigating their actual banking portal, rather than relying on static documents that can be fabricated. The recording provides video evidence of real account data, real transaction histories, and real navigation behavior. AI-guided recording coaches ensure applicants display the specific information requested, while timestamps and activity logs create a complete audit trail. This makes it nearly impossible for applicants to submit manipulated bank statements, because the verification captures the banking session itself rather than a document that could have been altered afterward.
Why do MCA lenders need audit trails for bank verification?
MCA lenders need audit trails because regulatory scrutiny of alternative lending is increasing rapidly. California's AB2116, CFPB expansion into commercial lending, and state-level disclosure requirements all create scenarios where lenders may need to demonstrate exactly how and when they verified an applicant's financial information. A complete audit trail, including timestamped recordings, activity logs, and reviewer documentation, provides defensible evidence that verification was conducted thoroughly. Without it, lenders face compliance risk, reputational exposure, and potential legal liability.
Can AI fully replace manual bank verification for MCA?
AI cannot fully replace manual bank verification, but it dramatically improves efficiency and accuracy when layered on top of human review. The most effective approach in 2026 combines AI-powered anomaly detection and recording validation with experienced underwriter judgment. AI handles pattern recognition at scale, such as flagging unusual browser behavior, metadata inconsistencies, or network-level fraud signals. Human reviewers then evaluate flagged cases using contextual judgment that AI models cannot reliably replicate. This tiered approach reduces fraud rates while keeping verification workflows scalable.
Conclusion
The TomoCredit lawsuit is a symptom, not an anomaly. As alternative lending grows, so does the intensity of external scrutiny from regulators, journalists, and the market itself. MCA lenders who rely on trust-based verification, static PDFs, and undocumented review processes are building on a foundation that will not hold.
The path forward is evidence-based verification with full audit trails, AI-powered fraud detection layered on top of human review, and workflows that produce defensible records at every step. That is exactly what Exact Balance delivers: asynchronous bank verification that captures live banking sessions, validates them with AI-guided recording, and stores every interaction with encrypted, timestamped documentation.
Visit exactbalance.ca to see how async verification fits into your underwriting workflow and gives your team the evidence standard that today's market demands.