The policy that the system is intended to implement requires suspending customer accounts for detected fraud but not for cases of sabotage, so it needs to judge intent until the policy is changed. I would imagine that the current policy was designed under the assumption that traditional click fraud would be the dominant form of fraud and so making it more difficult would be the highest priority. Simply removing detected fraudulent traffic without enforcing a ban would make it easier to test and iterate on fraud bots without burning as many accounts. I don't think there's an easy answer.
