error
Subscriptions are not available for this site while you are logged into your current account.
close
Skip to main content
Submit RFP

      A snapshot of today’s fraud landscape

      UK Finance released its latest Annual Fraud Report in June, revealing that £1.17 billion was stolen in 2024 through unauthorised and authorised fraud. While the overall amount remained broadly unchanged from 2023, the underlying trends warrant attention. There were over 3.13 million confirmed cases of unauthorised fraud reported in 2024, representing a 14% increase year-on-year. The growing number of cases indicates a rise in high-volume, lower-value frauds, which due to the number of transactions can be very hard to detect and can often take longer to uncover and report.

      Authorised payment fraud has declined, with Authorised Push Payment (APP) fraud cases falling by 20% in 2024 – a positive sign of progress and reflects how banks have improved detection tools and targeted customer education messaging to reduce fraud losses. However, this has been offset by a sharp rise in card fraud, particularly remote purchase fraud, which has surged by 22% and is now the most common form of unauthorised fraud. This shifting battlefield is not a victory in the fight against fraud, rather it highlights the evolving nature of criminal tactics: as defences strengthen in one area, fraudsters quickly pivot to exploit new vulnerabilities.

      Ignatius Adjei
      Ignatius Adjei

      Partner, Financial Crime Transformation

      KPMG in the UK

      Undoubtedly, the UK Finance Fraud facts report show that more needs to be done across the wider ecosystem to prevent fraud, from payment providers, telecoms and technology platforms. Let’s not shy away from the fact that this is the 4th year in row of losses in excess £1bn and a major phase shift is needed to see a significant drop due to the high attack rate and involvement of many threat actors. However, there remains untapped opportunities to leverage complementary disciplines and there is a pressing need for a more holistic approach of fraud prevention within financial institutions.

      Key steps firms should consider

      As fraud becomes more opportunistic, dispersed and technology-enabled, there is the need to shift from reactive case management to proactive risk prevention. The financial services industry should continue to progress the move towards a more strategic and integrated fraud prevention model which has been accelerated in some organisations by the introduction of mandatory APP reimbursement. We believe there are three key areas that firms should focus on to bolster their fraud risk management framework:

      1. Building a holistic fraud strategy, not just more technology

      The landscape as we see it

      Many banks continue to approach fraud prevention in a reactive way with a top-level focus on reducing fraud losses and deploying the latest fraud technology to plug a gap – ‘fire-fighting’ to dampen down the latest hotspot. Often, they lack a cohesive, long-term strategy that spans the entire customer journey. This piecemeal response limits progress – tackling fraud at the point of attack rather than addressing the root causes and week points across systems. On the positive side, we’ve seen a standout example from a large European bank that tackled rising fraud losses through a well-executed three-year fraud strategy. Faced with fragmented efforts and increasing case volumes in excess of 40,000, the bank took a holistic approach: consolidating technology platforms, aligning fraud teams across payment, cards and lending and embedding data driven decision making throughout the process. Unfortunately, for many mid-tier and FinTech firms this approach is an outlier rather than the reality and they are at risk of becoming the weakest link in the fraud chain with more fraud attacks coming their way if they do not adopt more strategic approach in the fight against fraud.

      What we believe you should do about it

      • Shape a fraud strategy that balances loss reduction, customer protection, operational efficiency and business value.
      • Think holistically about your fraud strategy where you need to invest across people, process and technology. Consider what risk scenarios need to be in place, and what controls are most relevant. Many fraud attacks would be quite easy to detect if fraud strategies were embedded in the business more holistically.
      • Explore strategic enablers in your thinking such as intelligence-sharing frameworks, external partnerships and alignment with peers, regulators, telecoms and law enforcement.

      2. Cyber-Fraud convergence and adapting operating models

      The landscape as we see it

      Mature banks are continuing to adapt their operating models and over the last couple of years, we’ve seen many firms centralise 1st line activity into a ‘shared service’, starting to break down ‘siloes’ by product and process which is helping to drive greater consistency and efficiency in execution. There is now closer collaboration between counter-fraud and anti-money laundering (AML) teams. For example, the integration of AML checks with fraud detection processes at onboarding. The use of the term ‘FRAML’ – to denote a combination of fraud and anti-money laundering processes and systems is becoming more common place and reflects the trend among financial institutions of the overlap between the disciplines.

      Several leading banks have gone beyond shared tools and processes and are building fully integrated fusion centres across, cyber, fraud and AML where cross disciplinary teams actively co-develop detection strategies, share intelligence in real time and jointly respond to emerging threats. A strong example of Cyber Fraud Fusion is those that have invested in the Fraud Kill Chain framework as part of their broader fraud prevention strategy. By adopting this structured approach, the institutions are mapping the lifecycle of fraud from reconnaissance to monetisation and pin-point vulnerabilities in their controls. The payoff? Tangible reductions in fraud losses, disruption of fraud, one leading bank claims disruption of tens of millions, faster response times and a level of internal coordination that is catching up with the speed of modern fraud.

      What we believe you should do about it

      To continue to keep pace with the convergence of cyber, AML and fraud, more banks need to move from coordination to true integration – in mindset, operations and technology. This means breaking down silos not just structurally but strategically.

      A few examples include:

      • Adopt a unified threat framework – use models like the Fraud Kill Chain to align cyber, fraud and AML teams on common language, shared typologies and join response protocols;
      • Build fusion capabilities – Establish cross functional teams with shared KPIs, centralised intelligence and collaborative tooling; and
      • Focus on change management – integration is as much cultural as technical; leaders need to align incentives, language and workflows across historically separate teams.

      3. Build a unified view of customer risk through orchestration layer

      The landscape as we see it

      Despite the continued investment in technology from AI driven analytics to biometric authentication, many financial institutions still struggle to view customer activity across all channels, products and touchpoints. Without an integrated view, suspicious behaviours, such as inconsistent transaction patterns, unusual device usage or mismatch between risk ratings and activity can go unnoticed.

      Leading institutions are addressing this by consolidating data into orchestration layers to unify KYC data, behavioural signals, device intelligence and transaction alerts into a single system. This creates a 360-degree customer view that enables real-time decisioning and faster risk detection. Our latest KPMG Scam Survey revealed that while orchestration is seen as a priority, nearly two in five respondents have yet to implement such a system, pointing to a clear opportunity to enhance detection capabilities.

      Across the industry, we see a clear divide in maturity of the fraud technology landscape. Leading banks have made considerable investments in technology and analytics engines over the past three years. Many are now focused on extracting more value from these systems by refining their use of data, improving integration with external intelligence sources and enabling faster, more consistent decision-making. In contrast, mid-tier banks and Fintechs often have more agile technology environment but are still in the process of building foundational controls, particularly in areas such as holistic monitoring, inbound/outbound transaction coverage to stitch together a full view of customer activity.

      What we believe you should do about it

      • Invest in data interoperability - integrate customer, transaction, device and behavioural data across disciplines to enable holistic risk views.
      • Consider what is achievable based on risk appetite and exposure. Orchestration isn’t a complete rebuild of the data environment but smaller steps that pull the right data into different places and allow closer interoperability between systems and sharing of information without the need to a radical redesign of systems.

      How can we help?

      At KPMG, our global organisation of financial crime, cyber security and fraud professionals offer a multidisciplinary view of risk. Helping you to protect your organisation, so you can anticipate tomorrow, move faster, and get an edge with secure and trusted technology.

      Please get in touch if you would like to receive any further information on this and book a free of charge initial meeting.

      Our accounting and finance insights

      Something went wrong

      Oops!! Something went wrong, please try again

      Get in touch

      Read enough? Get in touch with our team and find out why organisations across the UK trust us to make the difference.

      Contact us
      Person smiling whilst using a mobile phone