Sampled fraud detection is a rational response to an infrastructure constraint. When inference compute was expensive and the authorisation latency window was fixed, scoring every transaction was not operationally feasible. The solution was a coverage layer: rules that identify which transactions most likely warrant AI scrutiny and route those to the scoring model while passing others through on lighter controls. The model performs well on what it sees. Coverage rules determine what it sees.
That architecture has a cost that is rarely calculated explicitly. The cost is not primarily the fraud that occurs in the unobserved population, though that is real. The cost is the operational complexity of maintaining the coverage architecture itself, and the gap between what the system appears to provide and what it actually provides.
The operational burden of selective observability
A sampled detection system requires two systems to function: the AI model that detects fraud within the scored population, and the coverage logic that determines which transactions reach the model. Both require maintenance. Both degrade over time if not actively managed. And the coverage logic is frequently the less visible of the two.
Coverage rules are typically calibrated at deployment based on the transaction profile and risk characteristics of that period. As transaction patterns shift, new merchant categories emerge, and cardholder behaviour evolves, the coverage logic requires updating to remain representative. A coverage rule that correctly identified the highest-risk transactions two years ago may no longer be routing the right population to the model today, not because the rule was incorrectly designed but because the underlying patterns it was designed to capture have changed.
The maintenance burden compounds with the adversarial dimension. Sophisticated fraud operations adapt their transaction patterns to the coverage boundary. As they succeed in moving attack volume into the unobserved population, the effective fraud rate in the scored population may appear stable while the aggregate fraud rate increases. The coverage logic must be continuously updated to account for this adaptation, which requires ongoing analytical investment that most fraud operations teams do not have explicit capacity for.
The result is a detection architecture that appears comprehensive but requires continuous calibration of both its AI layer and its coverage layer to remain effective. Each layer degrades independently, interacts with the other in ways that are difficult to observe, and requires separate governance.
What universal observability changes
Complete coverage replaces this architecture with a simpler one. Every transaction is scored. There is no coverage layer. There is no population outside the model’s observation.
The operational simplification is significant and underappreciated in most discussions of complete coverage. Removing the coverage layer eliminates the maintenance burden of the coverage rules, the degradation risk of the coverage logic, and the governance complexity of managing two interacting systems. The detection system is the model. The model’s performance is the system’s performance. The gap between what the system appears to provide and what it actually provides is the gap between model performance and complete transaction observability, which is dramatically smaller than the gap introduced by a coverage layer.
The governance consequence is equally important. A detection system with universal observability is auditable in a way that a sampled system is not. Every transaction was scored. Every score can be retrieved. The coverage question, which transaction types were excluded and why, does not exist. For regulated institutions subject to model risk governance examinations, the absence of a coverage boundary simplifies the compliance evidence considerably.
The false positive dimension also shifts. A sampled system typically concentrates high-sensitivity scoring on the transactions the coverage logic identifies as elevated risk, which means the false positive burden is also concentrated in that population. Universal observability allows the scoring sensitivity to be calibrated across the full transaction population, with the possibility of applying lighter initial scoring to lower-risk populations and reserving higher sensitivity for the transactions where it adds most value. That calibration is structurally impossible in a sampled architecture because the coverage layer pre-determines which transactions receive any AI attention at all.
The feasibility architecture
Complete coverage at payment network scale requires inference that executes within the authorisation latency window, at the throughput of the full transaction volume, without requiring a network round trip to an external inference service. For a large payment network processing hundreds of millions of transactions per day, that is a computational requirement that external inference architectures requiring network round trips cannot satisfy within the available latency budget while maintaining acceptable availability.
IBM Z’s Telum II processor provides on-chip AI inference that executes within the transaction processing environment, within the authorisation latency envelope, without an external call. The inference runs where the transaction runs. The throughput is the throughput of the platform processing the transactions, not of an external service that must scale independently to meet demand spikes.
The shift this enables is not incremental. It is architectural. The question changes from which transactions can the model afford to score to how well does the model score every transaction. That is a different design problem, a different governance problem, and a different operational economics problem from the one that sampled architectures were built to solve.
The executive economics
The business case for complete coverage is typically framed around fraud loss reduction. That framing is correct but incomplete. The fuller economic picture includes three components that the fraud loss reduction figure alone does not capture.
Coverage rule maintenance cost is the ongoing analytical and engineering investment required to keep the sampling logic representative as transaction patterns and adversarial behaviour evolve. For most large fraud operations teams, this cost is embedded in general operational overhead rather than attributed to the coverage architecture specifically. It is real, it is continuous, and it disappears when the coverage layer does.
False positive concentration cost is the revenue impact and customer friction of false declines concentrated in the population the coverage logic routes to high-sensitivity scoring. Expanding observability to the full transaction population, with appropriately calibrated scoring thresholds, typically reduces false positive concentration in the currently over-scrutinised population while extending lighter scrutiny to the currently unobserved one.
Governance simplification value is the reduction in compliance overhead from auditing a detection system with no coverage boundary. A coverage layer introduces questions that universal observability eliminates: which transactions were excluded, why, how has the exclusion logic evolved, and what is the fraud rate in the excluded population. Eliminating those questions reduces examination preparation burden and reduces the evidentiary complexity of demonstrating that the detection architecture is operating as intended.
The complete coverage investment case that includes all three components alongside fraud loss reduction is typically larger than the fraud-only case, and the differential favours complete coverage more strongly as the organisation’s operational scale and governance burden increase.
