Fraud is no longer a distant or abstract risk. It is a growing and very real concern for payment users, financial institutions and policymakers alike. Regulatory frameworks play a vital role in protecting consumers and safeguarding trust in the financial system. Yet some compliance requirements are unintentionally making it harder to respond to fraud in a coordinated and effective way.
As fraud continues to evolve, the industry and policymakers need to align on shared priorities and create space for collaboration across the ecosystem. Without that alignment, even the best individual efforts risk falling short.
Payment fraud is increasing rapidly, both in volume and in complexity. Criminals operate across multiple channels, using phishing, social engineering, fake merchants, account takeovers, AI-driven scams and QR code fraud, to name just a few.
The shift of fraud from card-based to account-to-account payments is particularly worrying. Losses per incident for these incidents are typically higher, and the impact often extends beyond a single transaction. Fraudsters now have access to vast amounts of personal data and increasingly advanced technology, which significantly improves their success rates. Organised networks amplify this effect even further.
Instead of stealing credentials, criminals increasingly manipulate individuals into authorising payments themselves.
Fraud has also changed in nature. Instead of stealing credentials, criminals increasingly manipulate individuals into authorising payments themselves. New technologies, including agentic AI, are already being deployed offensively. These tools are evolving faster than most defensive capabilities can realistically be implemented.
In response, the payments industry continues to invest heavily in technology, data and operational capacity. To remain effective, however, investment alone is not enough. The industry also needs new forms of collaboration that match the scale and speed of the threat.
It is no surprise that this evolution is heightening concern among consumers and policymakers. Banks are under increasing pressure to act, and liability shifts that require full customer reimbursement are becoming more common. While these measures strengthen consumer protection, they can also significantly increase costs for the industry.
Initiatives such as Threat Intelligence-based Ethical Red Teaming testing are raising expectations around institutional resilience.
At the same time, initiatives such as Threat Intelligence-based Ethical Red Teaming testing are raising expectations around institutional resilience. Together, these developments prompt an important question: are current compliance frameworks helping the fight against fraud, or are they unintentionally holding it back?
Regulation and supervision remain essential for trust and stability. That said, several compliance requirements can also unintentionally limit how effectively financial institutions can respond to fraud in practice.
Data sharing restrictions: Uncertainty around how transaction data can be shared, especially across institutions and borders, continues to be a major barrier. While these safeguards were designed to protect consumers, they now limit the ability to detect fraud patterns at network level. As a result, detection efforts often remain siloed within individual organisations rather than benefiting from shared intelligence.
Constraints on AI usage: Expectations around explainability, transparency and automated decision-making can slow the deployment of advanced fraud detection tools. Fraudsters face no such constraints. This creates an uneven playing field, where defensive innovation struggles to keep pace with offensive use of technology.
Competition rules limiting collaboration: Unclear antitrust boundaries can discourage banks from working together on key fraud topics. Sharing sensitive data or jointly blocking suspicious accounts may feel risky from a compliance perspective, even when it would clearly strengthen the collective response to organised fraud networks.
Open banking and operational obligations: Requirements linked to open banking, instant payments and third-party access can limit a bank’s ability to intervene in a timely fashion. Adjusting transaction limits or stopping suspicious payments instantly is not always straightforward. Detailed technical and legal obligations can further stretch already pressured fraud teams.
Customer protection mechanisms: Strong consumer protection is essential. However, frameworks that place almost all liability on financial institutions may unintentionally reduce end-user vigilance. A more balanced approach can help maintain protection while reinforcing shared responsibility.
Policymakers are well placed to act as conveners, creating a safe and structured environment for collaboration. Several markets, including the United Kingdom, the Netherlands and Singapore, already show what is possible through shared fraud prevention initiatives that bring together banks, technology providers, payment infrastructures, regulators and law enforcement.
Practical steps could include:
In a fast-moving and increasingly complex fraud landscape, fragmented responses are no longer enough. Fraudsters collaborate, scale and innovate quickly, often outpacing the efforts of individual institutions.
To regain the upper hand, banks, specialised providers and policymakers need to move towards a more integrated and cooperative model.
To regain the upper hand, banks, specialised providers and policymakers need to move towards a more integrated and cooperative model. That means continuing to invest in technology, while also re-examining regulatory frameworks to ensure they enable collective action rather than constrain it.
Acting together, and acting early, will be critical to staying ahead of the next wave of fraud.
Established in 2006, Projective Group is a leading financial services consultancy.
We are recognised across the European industry for turning complex challenges and emerging themes into clear, pragmatic solutions. With deep roots and trusted relationships in financial services, we bring hands-on expertise across key domains. We support the full journey of change: shaping strategy, delivering complex transformation or building long‑term capability through managed services, staffing and training. Our purpose is simple: to empower financial services to shape the future of wellbeing, prosperity, and innovation.
