As generative AI slashes the cost of committing fraud, the payments industry is rethinking where in the chain it fights back, and who needs to share what
Fraud has always been a professional industry. The phishing kits, the money mule networks, the social engineering playbooks – none of this is new information. What has changed, at disorienting speed, is the economics behind it.
“The cost of committing fraud is at its lowest levels,” says Dal Sahota, Head of Trusted Payments at LSEG’s Risk Intelligence division. “The barrier to entry is approaching zero as AI becomes more accessible and cheaper.”
Speaking at MoneyLIVE Summit 2026, Bradley Elliott, CEO of RelyComply, said in one documented case, 100 stolen identities were used to attempt 160,000 fraudulent transactions. “You cannot do that without generative AI,” he said.
“In some instances, fraudsters are jailbreaking phones, bypassing SDKs and manipulating images in the identity verification space – thousands of times in half an hour – to penetrate those barriers.”
For Sahota, the implications run across the entire payments journey. Fraud, he notes, is five times more likely to be committed at the authentication stage than at onboarding – which means verification schemes are a critical part of a response that has to hold at every point in the chain.
Verification across the journey
But there has been success with the launch of such schemes. The rollout of confirmation of payee (CoP) in the UK and verification of payee (VoP) in Europe, as well as LSEG’s own global account verification product, are making a difference. Both the UK and European schemes have gone beyond the baseline standards set by the Financial Action Task Force (FATF).
The European Banking Authority (EBA) is also integrating transactional insights into the verification layer, rather than simply matching a name to an account number, something Sahota describes as still coming down the line.

But not every market is moving at the same pace, and the resulting regulatory fragmentation creates pockets for fraudsters to strike across borders. The US is a notable example of this fragmentation because it has no domestic equivalent of confirmation of payee. And cheque fraud – a typology the UK and European schemes are not designed to address – remains its dominant fraud problem, a reflection of how differently the two markets have evolved.
“Fraudsters feed off fragmentation,” Sahota says. “It opens vulnerabilities they can exploit.” The US Consumer Financial Protection Bureau’s (CFPB) Section 1033 open banking rule – which might have provided a framework for greater data interoperability – was effectively shelved when the Trump administration dissolved the bureau in early 2025.
Cross-border payments present their own gap, because no national fraud reimbursement scheme currently extends to international transfers, so once money moves overseas, victims have little formal recourse.
For example the UK’s authorised push payment reimbursement scheme, which now covers victims up to £85,000 in line with Financial Services Compensation Scheme (FSCS) savings thresholds, applies only to domestic transactions. “Fraudsters know that if money goes cross-border, there is no reimbursement scheme,” Sahota says. “Once it’s gone, it’s gone.”
The data the industry isn’t sharing
Notwithstanding their effectiveness, verification alone cannot close the fraud loop. Sahota notes the telco sector holds fraud signals the financial system is not widely accessible.
For example, a phone number being used thousands of times per hour to execute phishing calls is a pattern telcos detect long before any bank sees it. “If you can share that level of pattern detection when you connect it with a bank account and other individual indicators, you start building a more holistic picture,” Sahota says.
The data-sharing problem runs deeper than cross-sector gaps. Speaking on the panel Fraud as the first fully automated criminal economy at MoneyLIVE 2026 in March, Leon Ifayemi, Board Member at Digital Leaders, identified offboarding as a specific structural failure.
When a bank exits a bad actor and files a suspicious activity report, there is no guarantee the next institution that actor approaches can access that information in a usable form. “When data sharing is done in silos, you don’t get a full enough picture of who someone is or what a company is doing,” he says.
His preferred fix (politically sensitive, he acknowledged), is a mandated digital ID infrastructure drawing from authoritative government sources, removing the manual touchpoints in today’s onboarding process that are, in his words, “massively interceptible by bad actors.”
The UK’s new fraud strategy, published on the morning of MoneyLIVE 2026 (9 March 2026), pointed in the same direction. Its central mechanism is an online crime centre due to launch in April, bringing together fintechs, banks and public sector bodies around a shared data infrastructure.
What AI can and cannot do

The infrastructure is also what determines how much AI inside institutions can actually achieve. Adam McLaughlin, Director of Financial Crime at Fenergo, said: “You can’t assess fraud or money laundering with insular data points. You have to look at it as a collective ecosystem, and that’s where AI starts coming in to assess big data much better than any rules engine or human ever can.”
Without verification schemes and cross-sector data flows, investigators are working with an incomplete picture regardless of how sophisticated their tools are.
Inside financial institutions, the most immediate application of AI is to offer efficiencies for investigators. “With all transaction monitoring, if you’re going at about a 5% effectiveness rate, you’re doing pretty well,” said Felim O’Donnell, Director of Financial Crime Operations at Starling Bank.
“Models and AI have changed the game in that sense – you’ve gone up to 40% plus effectiveness rate in terms of what comes to you to review.”
He added: “There’s a satisfaction factor for the person working those cases. If 95 out of 100 cases are dead ends, that’s demoralising. When 40 out of 100 are genuine hits, the work becomes meaningful.”
There are particular governance challenges that banks should be especially wary of when using AI to counter financial crime. Models trained on historical data accumulate bias and agentic systems can still hallucinate.
Colin Whitmore, Strategy, Innovation and Design, Financial Crime Compliance at NatWest Group made the case for keeping rules-based systems running alongside AI models – not as the primary detection engine, but as a safety net. “How do you know you’re not missing something? The rules engine captures the known unknowns in a way a pure AI system cannot.”
Regulators are also sharpening their focus on explainability. Black-box AI systems present challenges for model risk committees, and O’Donnell drew a comparison to the Sarbanes-Oxley era – compliance processes that generate assurance without necessarily producing better outcomes. The more useful discipline, he said, is keeping humans in the loop, because human oversight remains the most reliable mechanism for knowing whether the system is doing what it is actually supposed to do.
As Whitmore said: “Criminals know we’re using AI, so they’re countering what we’re doing. It’s an AI battle.”
The adversarial dynamic
Rish Tandapany, Group COO of Purple Group, which operates Easy Equities, explains what that ‘battle’ means for financial institutions. “You really have to do what the fraudsters are doing. You can’t take a moral high ground and expect to win,” he says. His organisation had been examining how fraud prevention is considered within UI and UX design from the outset, rather than treated as a back-office function.
Sahota points to where that threat is already moving in newer payment rails. Stablecoin fraud – particularly investment scams – is an emerging area of concern, partly because funds move quickly and traceability is limited.
In the UK, 40% of all crime is fraud. Globally, less than 1% of financial crime is successfully identified and disrupted. “Fraud prevention and AML prevention – it’s a team sport. No one player is going to achieve success alone,” Sahota says. The detection models, the governance frameworks and the human oversight inside institutions are all built on top of the verification schemes and data-sharing infrastructure.
Each depends on the other, and fragmentation, whether in regulation, data or institutional thinking, remains the fraudster’s most reliable advantage.