Financial Fraud: The Growing Threat to Regulated Firms

Financial fraud has undergone a fundamental transformation.

What was once focused largely on internal threats now spans a fast-moving range of external, cyber-enabled and collusive fraud - backed by industrial-scale criminal networks and increasingly sophisticated technology. Regulated firms face a more demanding fraud compliance landscape than ever before.

In this article, Bruce Viney examines the scale of the threat, the typologies most likely to affect financial services firms, and what the FCA now expects firms to do about it.

How Big is the Global Fraud Problem?

The scale of the problem is significant. Recent figures make it clear that financial fraud is now one of the most serious crime threats facing regulated firms.

• A 2026 Nasdaq Verafin report (which explores how the fraud landscape has evolved from 2023 to 2025) puts global losses from fraud scams and bank fraud schemes at around $500 billion, up more than 19% on the previous period.

• The Crime Survey for England and Wales reports that fraud now accounts for 45% of all crime in the UK, with 1 in 4 UK businesses experiencing fraud in 2024.

• The 2026 Interpol Global Financial Fraud Threat Assessment now ranks financial fraud among the five most prevalent global crime threats - alongside cocaine, heroin, synthetic drug trafficking, and money laundering.

For Heads of Compliance and MLROs, these figures have a direct effect: fraud has become a major part of the overall Financial Crime Governance Framework, and regulators expect firms to treat it accordingly.

Types of Fraud Affecting Financial Services Firms

Fraud is a broad and expanding spectrum of criminal methods, ranging from highly complex attacks to simpler but equally damaging scams:

• Business email compromise attacks
• Advanced payment fraud
• Impersonation and identity fraud
• Investment fraud and romance scams

Smaller in scale but highly prevalent, mandate fraud, SSI (Standing Settlement Instruction) scams and account takeovers may appear less complex, but they are among the most frequently occurring typologies in financial services, and the harm they cause when controls are absent should not be underestimated.

Why is Fraud Evolving so Quickly?

Over the past decade, fraud has shifted from a specialised area focused mainly on internal threats to one of the major financial crime compliance challenges for regulated firms.

Several interconnected factors are driving this evolution:

• Digitalisation - expanding the attack surface for cyber-enabled and cyber-dependent fraud
• Artificial intelligence - enabling deepfakes, synthetic identities, and automated fraud at scale
• Industrialisation of facilitative activities - large-scale document forgery and counterfeiting, serial fraud networks, and international scam farms
• Freely available tools and training - lowering the barrier to entry for would-be fraudsters

The risk for firms is that internal thinking and fraud risk assessments lag behind the pace at which fraudsters are evolving.

What do Regulators Expect from Firms?

The FCA’s most recent Financial Crime Guide is clear: ‘We expect a firm to consider the full implications of the breadth of fraud risks it faces, which may have wider effects on its reputation, its customers and the markets in which it operates.’

It is essential for firms to take a risk-based approach, built on a firm-wide fraud risk assessment, proportionate controls, training and ongoing monitoring.

The Economic Crime and Corporate Transparency Act strengthened the UK legal framework with the introduction of the corporate offence of failure to prevent fraud. This strict-liability offence applies to large organisations where an associated person (e.g. an employee, agent, contractor or subsidiary) commits one of the base fraud offences listed in the Act, intending to benefit the organisation (directly or indirectly) or a client/customer. Putting in place fraud prevention procedures is a key defence under the Act.

For guidance on how to review your existing fraud and control framework considering ECCTA's corporate offence, see our article.

The requirement for reasonable and proportionate fraud prevention procedures is simultaneously a regulatory expectation, a legal defence and a matter of best practice. This is not an area where firms can afford to treat compliance as a tick-box exercise.

The Challenges of a Fraud Risk Assessment

One of the more challenging aspects of a risk-based approach is identifying the full range of fraud risks facing a firm. Given the volume of fraudulent typologies and the rapidly evolving supportive technology, risk assessments can quickly become incomplete or outdated. For practical guidance on strengthening your risk assessment process, see our article FCA Risk Assessment Review: What are the key actions for firms? 

Fraud is no longer the less sophisticated sibling of money laundering. Fraud has grown into a large and complex area of financial crime, which demands equally rigorous, innovative and current thinking and compliance.

Why is Fraud Training so Important?

Understanding the fraud threat is one thing - ensuring that the right people across the firm can recognise, respond to and report it is another.

Effective fraud training needs to be role-specific, practical and current; given the pace at which typologies are evolving, training that reflected the threat landscape even two or three years ago may already be out of date.

Our complimentary fraud webinar will address some of these issues and offer ways of moving forward in this complex and highly dynamic field of crime.  Secure your place below.

Webinar: Current Fraud Risks within Financial Services: AI, BECs and VECs and SSI Frauds

Date: Tuesday 23rd June 2026
Time: 10:00 pm - 10:45 am
Delivery: Virtual, Zoom
Presenters: Bruce Viney

Sign up below to secure a complimentary place on this webinar.