Cross-bank data sharing is giving Australian lenders a new way to spot scam payments before the money leaves a customer’s account
A new data-sharing experiment among Australia’s largest banks is trying to answer one of the hardest questions in scam prevention: what if the sector stopped looking only at the customer sending the payment, and started scrutinising the account receiving it too?
According to BioCatch’s Digital Banking Fraud Trends in Australia report, a real-time intelligence network piloted with five banks, including the country’s four largest institutions, now assesses the risk of beneficiary accounts using behavioural and device data before a transfer is completed.
Early results point to a meaningful uplift in detecting scams that traditional, sender-focused tools miss, but they also raise wider questions about how fraud data should be shared, governed and funded in an instant payments world.
The report describes how the network, launched in November 2024, ingests more than 3,000 behavioural and device indicators, from keystroke and mouse activity to touchscreen behaviour, to assess the “trustworthiness” of the account receiving funds. Suspicious beneficiary activity is shared with the sending bank in real time so payments can be paused and investigated.
In Australia, the network now covers more than 85% of the banked population and processes millions of transactions per day. Between July and September it analysed more than 180 million payments worth in excess of $330bn, including more than $60m in fraudulent payment attempts.
Crucially for banks grappling with soaring scam losses and rising reimbursement expectations, the report says the network can uniquely detect as much as 30% of social engineering scams that had previously gone unnoticed by sender-side controls. In more than 70% of transactions it can retrieve a profile of the beneficiary, allowing banks to identify whether the recipient appears to be a potential bad actor.
A$103 that unmasked a mule network
The strongest argument for beneficiary-side intelligence in the report is a detailed case study of a low-value purchase scam.
A long-standing customer at “Bank A” initiated a payment of A$103 to a new beneficiary, labelled Account 1. The victim’s account had been open for more than two years, with typical monthly outflows of between A$1,000 and A$2,000. The amount was small and the only apparent risk flag was that the payee was new.
Viewed through traditional controls focused on the sender’s behaviour, this would be classified as a low-risk transaction. From the network’s perspective, however, the beneficiary had recently been involved in other high-risk transactions. What looked harmless from the victim’s side became clearly suspicious once payee-side risk was factored in.
When the analysis widened out, the picture changed again. The same network effect that exposed Account 1 also revealed six additional mule accounts at the same institution, all linked to the same operator or mule handler. Across these seven accounts, funds were flowing in from seven different banks and dozens of payers.
Individually, each payment appeared uneventful. In aggregate, they pointed to a coordinated purchase-scam operation using multiple collection accounts to disguise the flow of stolen money. The report concludes that without cross-bank visibility and beneficiary profiling, both the A$103 scam and the wider mule network would likely have remained undetected.
Reading the fraud trends behind the experiment
BioCatch’s analysis of Australian institutions using its tools shows that social engineering scams remain the most prevalent fraud type, with phone and purchase scams the most common. Customers at those banks reported an 8.1% decrease in social engineering scam attempts in the first half of 2025 compared with the second half of 2024, a trend the report partly attributes to seasonality.
Other threats are moving in the opposite direction. Account takeover activity surged in late 2024 and, despite stabilising this year, case volumes in the second half of 2025 remain more than double those seen in the first half, underlining continued interest from organised criminal groups.
Investment scams appear to be shifting towards older Australians. While overall attempts declined in 2025, the banks in the dataset saw 30% fewer investment scam attempts against customers aged 36 and under, and an 18% increase among those aged 56 and over.
There are pockets of progress. Money mule activity and use of remote access tools both fell by around 20% at Australian banks deploying BioCatch solutions, which the report interprets as an early sign that stronger controls and disruption efforts are starting to bite.
Safety by design and the role of shared data
Alongside beneficiary-side analytics, the report leans heavily on the concept of “Safety by Design” as a missing third pillar in modern payment systems, sitting alongside the more familiar ideas of Privacy by Design and Security by Design.
Toby Evans, head of economic crime at Australian Payments Network, frames Safety by Design as putting user safety at the centre of payment infrastructure and embedding protections from the outset instead of bolting them on later.
On the service-provider side, the report highlights several measures that are already being deployed by banks and payment firms:
- In-app security, with institutions replacing SMS verification with authentication inside their own apps, backed by device and facial biometrics, to harden communication channels and reduce exposure to account takeover and impersonation scams.
- Behavioural risk scoring and machine learning, using real-time analysis of customer interactions and device attributes to generate risk scores before money leaves an account. When those scores are shared across institutions, they can support an ecosystem-wide defence rather than isolated controls.
- Strategic limits, such as risk-based transaction caps, daily transfer thresholds and first-time payment holds, particularly for higher-risk destinations like cryptocurrency exchanges or newly added payees.
The report also points to measures that empower users directly. Account name verification services warn customers if the account name they enter does not match the name on file at the receiving bank. Commonwealth Bank of Australia’s NameCheck solution, for example, is credited with preventing more than $370m in mistaken payments and $40m in scam losses in one year.
Similarly, Westpac’s Verify system combines prompts and risk analytics to interrupt suspicious payments. According to the bank, it has stopped 200,000 payments, blocked $194m in likely fraud and prevented around 300 mistaken payments each day.
What links these examples to the cross-bank beneficiary network is each relies on high-quality data, carefully designed customer friction and clear rules on how far providers should go to stop customers from sending money into harm’s way.