Chris Oakley is Head of Financial Crime Solutions at Sopra Steria.
Discover top fintech news and events!
Subscribe to FinTech Weekly's newsletter
Read by executives at JP Morgan, Coinbase, Blackrock, Klarna and more
Fraud continues to threaten UK businesses with losses exceeding £1.1bn in 2024 alone. It is therefore no surprise to see a shift in the regulatory landscape, particularly for financial firms where they are expected to not just reimburse victims but demonstrate proactive fraud prevention. For example, the UK’s new authorised push payment (APP) fraud reimbursement regulation which came into effect in October 2024 ruled payment service providers must compensate eligible consumers. Firms are now having to implement operational changes such as enhanced tracking of claims and reimbursement metrics, and deploying smarter fraud detection tools.
The ever-increasing regulations mean financial firms must take fraud prevention more seriously than ever before. This means adopting transparent audit-ready systems that can adjust detection rules in real time in response to false positives and improve existing fraud infrastructure.
Regulation and expectations are rising
More widely PSD3 is the proposed EU directive to strengthen electronic payment frameworks across member states and indirectly the UK. One of its main aims centres on consumer protection and fraud mitigation. In the UK the National Crime Agency has identified fraud as a top priority, highlighting threats from international actors, online platforms, and telecom services. This focus is likely to trigger further increased regulatory scrutiny and reporting obligations from bodies such as the Financial Conduct Authority (FCA) and Payment Systems Regulator (PSR). Crucially, it also opens the door for increased cross-sector collaboration, particularly with the tech and telecoms industries to tackle fraud that spans multiple threats.
A more transparent and accountable fraud ecosystem is taking shape, but many financial firms still rely on legacy fraud systems with rigid rules. For example, some UK retail banks still use outdated transaction monitors to flag payments over a certain limit to new payees which leads to false positives and missed scams. In other instances, firms might only update fraud rules after a major breach or when auditors find flaws. Firms must start to migrate away from these types of reactive approaches and prioritise technologies that can evolve with the threat landscape.
The bridge between compliance and prevention
As compliance demands evolve and transparency becomes increasingly important, firms must find ways to bridge the gap between regulatory obligations and effective fraud prevention whilst ensuring customer centric approaches are prioritised. One approach is to optimise existing fraud systems rather than replace them. This can be achieved through methods such as tuning current rules to reduce false positives or creating targeted rule sets aligned with customer behaviours.
Not only does this deliver faster and more accurate fraud detection, this optimised strategy offers significant compliance benefits. It generates human-readable rules which are clear and can be easily assessed before deployment. This transparency helps alignment with regulatory standards and builds trust across fraud teams, executives, and regulators. AI also has a crucial role to play as AI-driven optimisation can test billions of rule combinations to identify the most effective strategies, matched to compliance goals. The result is a fraud ecosystem that can react faster to emerging threats and provide teams with deeper insight and confidence in their decision-making such as approving high-value transactions or prioritising alerts.
A new way of working
In practice, an optimised approach for fraud teams can transform the way they work, it’s not simply a technical upgrade. It allows teams to respond faster to emerging threats and regulatory shifts without waiting for lengthy system changes. Whether it’s building new mule detection rules to meet APP reimbursement obligations or adapting to new scam patterns, strategies can be created and deployed instantly. This shift is also crucial from a cost-benefit perspective because the cost of non-compliance is not just payouts. It also includes investigation overheads, reputational damage, and operational strain. The question therefore isn’t whether firms can afford to invest in prevention, it’s whether they can afford the cost of falling behind.
The optimised approach also means fraud teams can quickly adjust rule logic and tailor decisions to current risk appetite and operational capacity. This improves responsiveness and helps teams stay aligned with business and compliance goals. Importantly, optimisation removes the impact of legacy bias and ensures decisions are fair and regulator-ready. Teams gain clear understanding into what’s working and where to focus next. This means less firefighting and fraud teams becoming more efficient and better equipped.
Speed and strategy must be front and centre
As fraud evolves and regulation tightens, firms won’t just get ahead through investing in technology, it will be how intelligently it’s applied. The most successful fraud teams will be ones that combine speed with strategy, using optimisation not just to meet compliance, but to lead it. By turning rule logic into a living asset that can adapt to different environments, firms can adopt a forward-looking stance.
