Agentforce for Fraud Detection: Lessons from Production

By Suresh Maddela · Published May 14, 2026 · By Suresh Maddela · Published May 14, 2026 · 8 min read

Fraud investigation is a race against time, and most of the delay is triage — figuring out which cases deserve a human's attention right now. When we set out to bring Agentforce into our case-management workflow, the goal wasn't to replace investigators. It was to put the right case in front of the right person faster, with the context already assembled. Here's how that came together, and what I'd do differently.

Frame it as an agent with actions, not a chatbot

Agentforce shines when you give it a clear job and a set of trustworthy actions it can call. We defined a fraud-triage topic whose actions were deliberately small and auditable:

Score risk — combine signals (velocity, geo mismatch, account history) into a risk band.
Summarize case — assemble a concise, investigator-ready brief from related records.
Route & prioritize — set priority and assign to the correct queue.

Each action is backed by deterministic Apex, so the model decides when to act, but the how is code you can test and review.

A custom action is just an invocable method

Exposing logic to Agentforce is refreshingly familiar to any Apex developer — you annotate an invocable method with clear input/output definitions and good descriptions, because those descriptions are what the agent reasons over:

public with sharing class FraudRiskAction {
    public class Request {
        @InvocableVariable(required=true label='Case Id') public Id caseId;
    }
    public class Result {
        @InvocableVariable public String riskBand;   // Low | Medium | High
        @InvocableVariable public String rationale;
    }

    @InvocableMethod(label='Score Fraud Risk'
        description='Returns a risk band and rationale for a case using account and transaction signals.')
    public static List<Result> score(List<Request> requests) {
        List<Result> out = new List<Result>();
        for (Request req : requests) {
            out.add(RiskEngine.evaluate(req.caseId)); // deterministic, unit-tested
        }
        return out;
    }
}

Let the model orchestrate. Keep the consequential logic in Apex you can unit-test, audit, and reason about under load.

Guardrails for a high-stakes domain

Fraud is exactly the kind of domain where a confidently wrong answer is dangerous. A few principles kept it trustworthy:

Human-in-the-loop by default — the agent triages and recommends; it never closes or clears a case on its own.
Explainability — every risk band ships with a rationale and the signals behind it, written to the case for audit.
Grounding over guessing — actions read real records; the model is never asked to invent a number.
Least privilege — the agent runs with a permission set scoped to exactly what its actions need.

Testing an agentic feature

You still test the boring way. The Apex actions get standard unit tests with bulk and edge cases. The agent's behavior gets a curated set of scenario transcripts — known-fraud, known-clean, and ambiguous — that we replay whenever a prompt or action changes, watching for regressions in routing and tone.

The outcome

Investigators stopped spending the first ten minutes of every case assembling context — it was already there, with a recommended priority and a rationale to accept or override. Triage got faster and more consistent, and the audit trail got better because every decision now carried its reasoning.

Working on Agentforce or Service Cloud and want a second set of eyes on the architecture? Reach out.