This is an excerpt from a Sibos special edition report: The Future of Cross-Border Payments 2026: Strategies for Success.
With the increased importance of security in the new digital payments' environment, how can mounting risks associated with fraud and crime be addressed in the financial marketplace?
The banking landscape keeps changing, but the fraudsters keep coming. As financial institutions adapt to a constantly evolving list of payment types, channels, applications, regulations, and even more wholesale changes proposed for certain payment processes,
so do the criminals.
While technology and innovation continue to enable progress and expansion in the financial world, it is also providing new ways for fraudsters and cybercriminals to capitalise on their illicit trades more effectively. Even stablecoins, using blockchain technology,
will not be immune to nefarious schemes to target the money flows on this rapidly evolving payment rail.
How to defeat the ‘bad guys’ imperiling all this progress in payments? Creativity, technology, smart people, and systems to start, but experts are advocating for a concerted collaboration effort among all cross-border players as the only way to keep momentum
going for those on the right side of industry innovation.
David Rego, global head of payments at Standard Chartered believes this “rising tide of sophisticated fraud and financial crime” demands “a far more proactive and technology-driven approach to security.” He points to how the “instantaneous nature of digital
payments” makes traditional ‘checks’ in the system less effective, compelling financial institutions to adopt new methods, like “advanced AI and machine learning for real-time anomaly detection, sanctions screening, and continuous transaction monitoring.”
Arancha Sánchez, chief technology officer for PagoNxt, agrees, highlighting the advantages of “daily adaptive models,” as the “latest breakthrough in fraud prevention, safeguarding against known risks and proving extremely quick to detect and neutralise
emerging fraud as it happens.”
“In this environment, the old, rule-based systems for spotting fraud are no longer fit for purpose,” concurs Nitin Agarwal, chief revenue officer, FV Bank.
Instead, “Striking the right balance between innovation, compliance, and security will shape the future of cross-border payments."
Frantz Teissèdre, head of public affairs, cash clearing services, Société Générale, emphasises that instant payments are not the “root cause” of fraud and other financial crime. He proposes two “essential” enhancements in the cross-border payments process:
- “Greater sharing of fraud and fraudsters’ data among payment system providers and authorities,” and,
- “All participants (including social networks, telecoms providers, and end users as well) in the payment chain must be held accountable in what he termed “an increasingly interconnected digital world, where recent regulations requiring PSPs to reimburse
defrauded end users are insufficient to abate fraud.”
Katja Lehr, managing director, EMEA payments and commerce solutions for J.P. Morgan Payments, agrees with Teissèdre. Fighting fraud and keeping payment channels safe is a “team effort” among all financial institutions and other players in the cross-border
‘payments game’, she says. “There must be an evolution and harmonisation of regulatory frameworks, including rules on the ability to share data, along with cooperation among all stakeholders in the payment ecosystem. Collaborative efforts are essential to
develop solutions and functionalities to combat fraud in an instant, cross-border payments world.”
Susanne Prager, head of cash management at Austria’s RBI, also believes more than just requiring new tools or targeted tech, every institution must be onboard and committed to the group effort: “The industry will need to invest in smarter, more automated
fraud prevention and AML tools, capable of analysing richer data delivered by new messaging standards.”
This is already happening at his and other banks in various jurisdiction across the globe, insists Carl Slabicki, executive platform owner, treasury services, BNY. “Institutions are embedding AML, sanctions screening, and anomaly detection into product design
while collaborating with regulators and fintechs to modernise controls. Higher sophistication in fraud schemes and regulatory pressures is accelerating the shift to secure, interoperable, and transparent payment infrastructures."
What threats do financial services providers and their clients face in the marketplace?
According to US FBI
IC3.gov crime statistics, 2024 was a “banner year” for perpetrators in the financial services sector, as they rung up $13.7 billion in profits across the globe. Investment scams, the majority involving cryptocurrency, led the way with nearly 100,000 complaints
- more than half the total amount stolen according to victim reports for the year.
The FBI has been tracking internet crime for 25 years now. Their news on nefarious activity is not new anymore, but crime types and fraud methods do vary by region.
For example, the US is still talking about rising
cheque fraud (raising or altering amounts, changing payees, or stealing and fraudulently encashing cheques bearing actual account numbers.) Meanwhile, 'business email compromise' continues to be practised nearly everywhere around the globe: with payments
staff answering “urgent” requests received from “executives” on their own teams or from top vendor contacts to authorise and send payments immediately – except these messages originate from a fraudster or ring of criminals.
Other ‘standard’ schemes which continue to plague the financial world include ransomware attacks that have devastated many individuals and organisations over the
past four decades. When one target refuses demands to pay a prodigious bounty or suffer loss of critical, sensitive data, the thieves find another, more pliable victim in a company.
How about those who ‘invent’ transactions using stolen or artificially manufactured data to initiate high value wire transfers, or
impersonate an authorised user by stealing their credentials to access secure payment systems? Or worse, exploit the aged or young in society via
Authorised Push Payment (APP) scams to commit their crimes legitimately or under threat, duress, emotional manipulation, or trickery.
The industry has seen rapid growth in APP fraud – involving account holders approving payments to fraudulent entities with real accounts (who typically close said accounts soon after). According to ACI Worldwide, losses to APP attacks have
increased every year and are expected to reach $6.8 billion annually by 2027.
What new schemes and scams are emerging on the internet crime landscape?
One troubling trend with APP scams’ evolution, for example, is their perpetrators’ growing and effective use of nascent real-time payment networks, as their very short execution timelines discourage attempts to recover funds sent illegitimately, even if
discovered immediately after the transaction is completed.
“In an increasingly digital global economy, the growing risks of fraud and financial crime are significantly influencing the future of cross-border payments. The speed of instant transactions reduces the window for intervention, making them more susceptible
to sophisticated schemes such as APP fraud, synthetic identities, and crypto-based laundering,” says Ellen Kumwenda-Mtine, head of sales cash management, transactional banking for the Absa CIB, headquartered in South Africa.
According to Simone Loefgen, global head of payment platforms at Commerzbank, in our current and emerging digital-first world, fraud and financial crime are escalating, “potentially making the global cybercrime economy equivalent to the third-largest GDP
globally, after the US and China.” Emerging schemes such as “AI-driven deepfakes” and “enhanced fraud tactics,” further exacerbate these risks.
Annelinda Koldewe, global head of payments and cash management at ING, asserts that corporates will need solutions like Verification
of Payee in the Single Euro Payments Area (SEPA), “to enable them to quickly assess that beneficiary accounts are indeed the correct
accounts to pay into. Important is the cooperation between the private and the public sector, eliminating frictions in cross border traffic with the goal to harmonise, based on international AML and anti-terrorist financing rules.”
"The increase in fraud is not due to a flaw in the instant payments product itself,” she asserts, “but to a combination of external factors that have intensified in recent years,” including “increased economic pressure making individuals more vulnerable,
more sophisticated cybercrime tools (e.g., phishing, malware, deepfakes), and [the emergence of] organised crime groups targeting victims with advanced scams, such as investment fraud, impersonation, or romance scams.”
The mounting speed and scale of cross-border payments means “criminals continue to evolve” alongside the industry, laments Jonathan Adams, executive, National Australian Bank Payments, operating across borders and exploiting vulnerabilities across jurisdictions.
That’s why, Adams said, structures like Australia’s incoming
Scam Prevention Framework - which expands information fields within payment systems, enriches the data attached to each transaction, and facilitates better payment tracking and verification – are so valuable.
“The whole-ecosystem approach it uses brings together telecommunications, digital platforms, and banks, is critical, as scams rarely originate in banking channels.” This, explains Adams, increases transparency and “not only speeds up reconciliation but also
plays a significant role in mitigating fraud and other financial crimes [...] especially important in cross-border contexts.
Local partners on the ground, who ‘know the territory’ can also help to secure international payment flows. Indeed, while some of the markets Crown Agents Bank serves, Kirsty Garrett, its global head of sales explains, “are in the highest-risk bracket for
fraud and financial crime.”
Garrett continues: “When we partner with correspondent banks in those jurisdictions, we prioritise sharing best practice and the compliance standards necessary for servicing clients on the ground. We also ask them to supply us with the same level of information,
insight, and oversight a developed market clearing systems partner would require.”
Being newer and nimbler helps as well. Since opening in 2020, ZA Bank in Hong Kong has leveraged numerous digital solutions into its client and systems protection schemes, with half of them developed in-house, and all tools running 24/7. James Chan, the
company’s head of payments, notes one advantage of being ‘app-based’ is the bank can display “real-time warnings and certain fraud-prone scenarios (e.g., when a user initiates a large overseas transfer, or when a user first transfers to a new payee) and uses
strong authentication (biometric logins, one-time passwords) to prevent account takeovers.”
What solutions are combatting financial crime in the evolving payments landscape?
Marcus Mølleskov, chief risk and compliance officer for Danish-based crypto infrastructure partner Januar, emphasises that stablecoins have built-in protections. Transacted on public blockchains, they “create an auditable trail of every transaction. Combined
with real-time analytics, this makes it possible to detect and stop financial crime far earlier than traditional systems allow.”
Here's where AI comes in as well, points out Mostapha Tahiri, executive VP and chief operating officer for State Street. Though AI “is also used by bad actors to execute more sophisticated cyber-attacks,” this in turn “drives risk management (in banking)
even deeper into product design, i.e. real-time monitoring, automated checks, and adaptive safeguards, with risk and control considerations integrated into every step of the product development process.”
ZA Bank’s Chan echoes Tahiri’s and Mølleskov’s optimism about banks’ chances to “outpace” fraudsters in the crypto arena, and he’s especially bullish on the encryption and speed stablecoins bring to the payments table. While he recognises the persistent
innovation of fraudsters, the development of technology and regulatory frameworks for stablecoins around the world, he asserts, opens new doors for compliance capabilities and fraud protection.
“We do see the potential of stablecoin in powering next-generation cross-border payments,” says James Chan, head of payments, ZA Bank.
Chanis heartened by how blockchain, AI, and machine learning are all being used to monitor and flag suspicious transactions in real-time, enhance predictive analytics to detect fraud patterns and unusual behaviour, and strengthen KYC processes, ensuring
compliance without compromising user privacy. In the cross-border arena, for example, “implementing the FATF’s "travel rule" through interoperable compliance solutions ensures transparency across jurisdictions.”
“Prevention,” Chan insists, “is better than the cure,” and the best medicine to ensure healthy cross-border transactions includes collaboration between industry players. The continued success and security of international payments, he concludes “will depend
on how effectively institutions can anticipate and neutralise threats before they reach the end customer,” with best practices he and other experts termed “proactive intervention” rather than “reactive response.”