Some problems with using individual user behavior analysis for fraud detection:

• Low ROI
• High false signals
• Bad user experiences

IMHO, it makes more sense to just give the user the means to protect themselves.  Allow user to move functionalities to areas with the desired protection level and set thresholds to the level suitable for them.

For example, divide up functions into three boxes, representing three levels of required authentication, and let the user move functions between boxes.  I would keep transaction history at far left and move money transfer to the far right which will result in e-mail confirmation for each transaction.

Much of the user chores can be alleviated by offering a set of standard account configuration packages.  For premium accounts, additional boxes could be added for more intimate verifications like a personal call from the account manager.  Hi, Don.  Are you sure you want to transfer half of your account to a russian bank?