Field note

Fine-tuning is engineering with probabilistic outcomes

The vendor demo makes fine-tuning look like installing software - upload data, train, deploy. The real distribution of outcomes is brutal, most of the work is data preparation, and the model you trained for wire fraud can quietly forget how to read ACH. For financial services, guessing is not an option.

Oct 6, 2025 · Navin Agrawal · Payments · 3 min read

Fine-tuning is engineering with probabilistic outcomes

Visual brief

Visual brief

Fine-tuning is engineering with probabilistic outcomes

As of October 2025

Fine-tuning demos for fraud detection look flawless - upload transaction data, train, ship. Then you run the actual numbers, and the gap between the demo and a model that meaningfully improves in production is enormous.

The instructor’s framing from hands-on training puts it bluntly: for every text-model fine-tune that genuinely helps, thousands of attempts produce no useful change or actively degrade the model. Visual models fare better, but the lesson holds - this is closer to a lab experiment than a software install.

Where the time actually goes is the first surprise. Roughly 80 percent of fine-tuning effort is data preparation - cleaning transaction logs, formatting compliance documents, removing bad examples, labeling edge cases - and only a sliver is running the training code. The easiest part of the job is the part the demos show.

Fine-tuning is engineering with probabilistic outcomes (as of October 2025): roughly 80 percent of fine-tuning time goes to data preparation rather than training; LoRA cuts trainable parameters by up to about 10,000x versus full fine-tuning and GPU memory by about 3x (Hu et al., 2021); you still need 100 to 1,000 high-quality verified examples even with LoRA; and catastrophic forgetting is real, so a model trained on wire fraud can overwrite how it handles ACH (Kirkpatrick et al., 2017).
The training code is the cheap part. Knowing what to train on, and whether it worked, is the job.

Data prep

~80%

of fine-tuning time goes to data preparation, not training - the practitioner rule of thumb.

LoRA

~10,000x

fewer trainable parameters than full fine-tuning, with GPU memory down about 3x (Hu et al., 2021).

Examples

100-1000

high-quality, verified examples you still need even with LoRA (practitioner range).

The cheap part

Running the training code. That is the step the vendor demo shows, and it is the least of the work.

The expensive part

Knowing what to train on and whether it worked. Catastrophic forgetting is real - train a model to spot wire-fraud patterns and it can overwrite how it handles ACH, because fine-tuning overwrites rather than adds (Kirkpatrick et al., 2017). LoRA cuts the trainable parameters by orders of magnitude, but you still need 100 to 1,000 curated examples with verified outcomes. Real projects run three months and hundreds of experiments, and you only learn retrospectively which checkpoint actually worked.

Was this useful?

Choose once.

Related Posts

View All Posts »
Under a second is the right answer to the wrong question

Under a second is the right answer to the wrong question

At an AWS Bedrock AgentCore Payments session the question was what happens at a thousand transactions a second, and the answer was settlement in under a second. Both are true and they answer different questions. The right frame for one payment crossing a trust boundary is the wrong frame for a million events a day inside one agent fleet, where the chain fee stacks up before anything else does.

Payment modernization stalls at security review, not architecture

Payment modernization stalls at security review, not architecture

Payment modernization projects do not stall at the architecture layer. They stall at the security review layer - threat models built for monoliths, questionnaires written for general software, cycles tuned for annual releases. The teams that ship on time put security in the room before design, not after.

Stablecoin custody and issuance converge on one charter

Stablecoin custody and issuance converge on one charter

Two US regulatory threads just lined up. The GENIUS Act created a federal pathway to issue payment stablecoins, and the OCC's new rule lets national trust banks hold digital assets in non-fiduciary custody - then conditionally chartered Coinbase as one. Issuance and custody can now sit inside the same federally regulated counterparty.

A chartered bank just put a stablecoin on card settlement

A chartered bank just put a stablecoin on card settlement

SoFi Bank put SoFiUSD on Mastercard's settlement layer. Authorization still rides the card rails and the merchant sees nothing change, but the interbank fund movement happens on-chain, around the clock, with no batch window and no correspondent float. For the first time, issuers and acquirers get to choose their settlement medium.