Yes: banks typically monitor spending habits to detect any unusual patterns: out of the ordinary large purchase; the type of purchase (diamonds are a popular purchase for frausters and may create a red flag); merchants charging you twice; and a small purchase followed immediately by a large one (fraudster checking the details stolen work). Some of the techniques that banks use to detect fraud are obviously kept secret: so as to not warn fraudsters of what to avoid. Lloyds bank, in March 2013, guaranteed "to refund your money in the unlikely event you experience a fraud with your Internet Banking" (image shown below). A prime example of fraud detection/protection -- that many online bank customers will have come across -- is when they have attempted to make an unusually large transfer of money -- house deposit, car purchase etc -- and very often this transfer will be investigated by the bank and usually result in a phone call to the customer to verify they have made the transfer.
Pictured: Lloyds bank 2013 fraud protection promise, published on their UK website.
Of course, fraud and security are not always the same thing; if a customer has been extremely lax in their security -- very negligent -- then the bank may investigate and not issue a refund. An example of being very negligent would be giving someone else a PIN number or login details. Up until 2017, bank customers could not issue a complaint/refund to their bank if they were the recipient of a Authorised push payment (APP) fraud: where customers are tricked into sending money to the account of the fraudsters. However, the Financial Conduct Authority (FCA) is considering a change to the complaint handling rules in relation to Authorised push payment (APP) fraud.
Fraud tends to come in the form of: identity theft, stolen details, phishing or authorised push payment (APP). The automatic fraud detection techniques that banks use can help to stop identity theft and stolen details -- when the fraudsters attempt to access and use those details -- but it can be much harder for banks to intervene in authorised push payment (APP) frauds; because the transaction is being authorised by the owner of the account -- probably using the device/location they always have to access their account, therefore not hitting a red flag in the banks fraud detection. In comparison, if a fraudster has stolen bank details via online malware -- keylogger etc -- then attempts to access the account from a new device and location (maybe even a different country) then it is much more likely to be identified by the banks fraud protection.