When criminals collaborate, so must financial institutions

By John Martin, CEO, Plutus Consulting Group, and Chris Anderson, Managing Partner, Financial Crime Solutions, CubeMatch

The financial crime problem facing institutions today is not only one of technological limitations. It is also one of siloed perspective. Fraud, money mule activity, APP scams, and laundering schemes are inherently networked; they span social media platforms, telecoms, synthetic identities, and accounts held across multiple firms simultaneously.

Yet most detection and investigation still operate institution by institution, team by team, or case by case.

This mismatch between how crime is organised and how it is countered is now a material risk. UK APP fraud losses exceeded £450 million in 2024, with mule networks routinely spanning several institutions before detection. Total fraud losses exceeded £1.17 billion.

The mismatch between organised criminal tactics and fragmented defensive measures is a critical risk, with £1.17 billion stolen through fraud in the UK during 2024.

While Authorised Push Payment (APP) fraud losses slightly declined to £450.7 million, other forms of crime, particularly remote purchase fraud surged as criminals pivoted to exploit new vulnerabilities.

Behind each of those numbers is a firm that had transaction monitoring, KYC, and fraud controls in place; but was still exposed because the relevant signal existed somewhere else in the system.

Traditional AFC tools were designed for a different threat environment. They are inward-facing by nature; strong on internal signals, limited on distributed patterns.

That is not a criticism of those tools; KYC, transaction monitoring, and sanctions screening remain essential. But they were not built to spot a mule cycling funds across different payment service providers, or a synthetic identity appearing under multiple variations at competing institutions.

The structural gap between where intelligence lives and where it needs to be is widening.

Why collaboration has remained so difficult

Financial institutions have understood the value of cross-firm intelligence sharing for years.

The barriers have not been a lack of intent. They have been legal defensibility, data governance, liability exposure, inconsistent data standards, and perhaps most underestimated; the organisational friction involved in aligning fraud teams, AML functions, legal, compliance, and operations around a shared workflow.

Bilateral information-sharing arrangements exist but are narrow, slow, and difficult to scale. The result is a system where investigators at different firms may be working the same case from different directions, with no visibility of each other’s signals. Investigator time is consumed by dead ends that a shared alert would have resolved in minutes. The operational cost is significant; the risk cost is higher.

The PSR’s reimbursement mandate has shifted the commercial calculus decisively.

Prevention is no longer just the right thing to do, it carries a direct and quantifiable financial return. Firms that previously tolerated the cost of reactive controls are now facing a structural incentive to invest in earlier, more coordinated detection.

Sharing intelligence to prevent fraud is significantly less expensive than insurance claims which carry a significant “excess” component.  Legal risks are also high because each fraud is treated independently and cannot be bundled under a single claim.

What a more effective model looks like

The direction of travel is towards privacy-preserving, structured, opt-in collaborative intelligence; a model where institutions can contribute to and benefit from shared signals without exposing raw customer data or compromising their governance obligations. The technical mechanisms to enable this now exist. Hashed-signal matching, federated models, and auditable query architectures allow institutions to establish whether a suspicious identity or behaviour pattern has been flagged elsewhere, without any raw data leaving either party’s environment.

This is meaningfully different from unrestricted data sharing. It is a governance-first approach: participation is defined, audit trails are maintained, and every match is defensible. For MLROs and compliance heads, that distinction matters enormously. The question is no longer whether the technology can support this model, it is whether institutions can organise themselves to adopt it.

From compliance cost to strategic capability

The institutions investing in collaborative intelligence are not doing so purely out of regulatory obligation. They are doing so because the commercial case is becoming clear.

Proactive cross-firm detection reduces reimbursement liability, lowers the volume of false positives consuming investigator capacity, and reduces the reputational exposure that comes from being publicly associated with fraud facilitation, as several major institutions have experienced at significant cost.

There is also a competitive dimension. Firms that build demonstrably stronger fraud and AML capabilities attract better partners, better talent, and greater customer confidence. In a market where PSR obligations are evolving and regulatory expectations around information sharing are rising, early movers gain an organisational advantage that is difficult to replicate quickly.

Financial crime will continue to evolve faster than any single institution can track independently. The structural response is not more sophisticated siloed detection; it is coordinated, governed, privacy-preserving intelligence that reflects how the threats actually operate and identify the networks behind them.

That shift is underway. The question for institutions now, is not whether to participate, but how soon.

The role of AECIS

CubeMatch is the provider of AECIS, the Assimilated Economic Crime Intelligence System which is a practical enabler of this collaborative model.

AECIS is not a replacement for existing AFC infrastructure. It operates alongside transaction monitoring, case management, and fraud platforms; extending their reach by enabling cross-institution signal matching that those systems cannot provide alone.

In pilot deployments across multiple banking environments, the platform has demonstrated meaningful improvements in mule network detection, identifying patterns that remained invisible to each institution individually.

AECIS is built for banks, fintechs, and payments firms, with the flexibility to extend to telecoms and digital platforms, sectors where scam enablement increasingly originates.

To Learn More

Chris Anderson is Managing Partner at CubeMatch Ltd, and creator of AECIS, with extensive experience deploying financial crime intelligence platforms across Tier 1 banking environments.

Mobile no. 07926 949 461

Email: Chris.Anderson@cubematch.com

John Martin is CEO of Plutus Consulting Group, advising financial services firms on growth strategy, M&A due diligence, and regulatory positioning across AFC and payments.

Mobile no. 07773 774 917

Email: john@plutusconsgroup.com

If you’d like to know more about CubeMatch services, get in touch with our team today!

Citation:

UK Finance. (2025, May 27). Annual Fraud Report 2025. Retrieved from https://www.ukfinance.org.uk/policy-and-guidance/reports-and-publications/annual-fraud-report-2025