Tackling Messaging Fraud
Season 5, episode 1
Listen to the full episode here.
Join us for the second episode of the FinTech Scotland Podcast’s special series on financial crime, produced in collaboration with our strategic partner BT. This episode looks into the growing and sophisticated threat of messaging fraud, a pressing issue in the financial sector.
Charlotte Moir from BT is joined by Kevin Britt, Product Manager for Messaging at BT, and Paul Maskall, Strategic Fraud Prevention and Behavioural Lead Principal at UK Finance. Together, they unpack why messaging fraud is surging, explore why individuals and businesses continue to fall victim despite increased awareness, and reveal innovative measures being developed to stay ahead of the fraudsters.
We also speak about the exciting work happening in FinTech Scotland’s Financial Regulation Innovation Lab in Glasgow. With major financial institutions like Morgan Stanley, HSBC, and Virgin Money setting challenges, fintechs and tech innovators from around the globe are stepping up to collaborate and tackle financial crime.
15 firms selected to tackle financial crime
We’re thrilled to announce the 15 innovative firms selected to progress to the next stage of our Innovation Call on Financial Crime. These firms will work hand-in-hand with industry partners and academic experts to tackle challenges of financial crime head-on.
Each firm brings a unique perspective and solution to the table, showcasing the power of diverse collaboration in tackling one of the most significant issues facing the financial sector today.
In this blog, we spotlight each of these firms, showcasing their vision, solutions, and the impact they’re set to make as they join us in shaping a safer financial future.
Amiqus – amiqus.co
Amiqus is the UK’s most trusted compliance and onboarding platform supporting more than 500 organisations of all size and sectors; including the UK Government, The NHS and FNZ. Over 2.5 million people have been through Amiqus checks to date, and currently in the region of 74,000 checks are run monthly by our clients. We do this through offering a singular platform that can perform the whole ID Verification and onboarding process, end to end.
Amiqus was announced in Deloitte’s annual Fast 50 awards as the fastest-growing technology company in Scotland, the 20th fastest-growing in the UK and the 5th fastest-growing fintech in the UK. This growth has meant that we have the ability to continuously reinvest back into the product and innovate the ID Verification process. We are dedicated to continuous improvement and innovation in this area and would relish the opportunity to do this in conjunction with FRIL and the challenge sponsors.
Argus Pro – https://arguspro.co.uk/
Argus Pro offers the comprehensive FinCrime HealthCheck™, which evaluates the effectiveness of all aspects of anti-financia
l crime (AFC) policies, procedures, processes, controls, and compliance culture, going far beyond traditional assessments. The FinCrime HealthCheck™ identifies gaps across teams, functions, geographies and leadership, aligns with leading regulatory frameworks and best practices outlined in the FCA’s Handbook and Financial Crime Guide, JMLSG, and the Wolfsberg Group’s Principles for Auditing for Effectiveness, and provides tailored recommendations to enhance effectiveness.
Our proposed platform, delivered as part of this Innovation Call, will combine this assessment with cutting-edge tools to deliver bespoke interpretations of current LRG updates, detail specific obligations, and anticipate future regulatory requirements, ensuring firms stay ahead of risks.
Barrier – https://www.barriernetworks.com/
At Barrier, our mission is to help our customers build cyber resilience and develop strategies to defend against cyber-attacks. We are a cyber security service provider and are proud to be associated with 2 global leading identity solution vendors in responding to this innovation challenge:
-V-Key, an end-to-end innovative proposition designed to revolutionize identity authentication and authorisation processes, enhancing both security, efficiency & privacy
-Sumsub, a global identity verification provider, leverages cutting-edge technologies to provide a seamless end-to-end secure identity verification experience.
In participating in FRIL, we will seek to validate our collaborative proposition and its potential to transform the identity verification and authentication landscape with partners engaged in the programme.
Datavillage – https://www.datavillage.ai/
Datavillage empowers organizations to combat financial crime by enabling secure data collaboration and access to fraud cases, flagged companies, suspicious accounts, devices, and more. This approach enhances the detection of fraud patterns, enables the fine-tuning of AI models, and supports advanced analytics for more effective prevention and response.
Through participating in the Financial Regulation Innovation Lab, we would like to leverage insights and feedback from industry partners to refine and scale solutions for broader commercial deployment.
DX Compliance – http://dxcompliance.com/
Our proposed solution uses Generative AI that offers a unique opportunity to address these challenges by automating the repetitive aspects of alert reviews, enhancing the decision-making process, and providing more nuanced risk assessments. The core proposition involves developing an AI-powered system that leverages large language models (LLMs), deep learning, and natural language processing (NLP) to support and augment human decision-making not only along the KYC processes.
We look forward to working with partners across the Financial Regulation Innovation Lab to deepening our understanding across the challenge statements and broader financial crime domain.
Encompass – https://www.encompasscorporation.com/
Encompass enables fast, accurate identity validation and verification of corporate customers and a gold standard approach to KYC. Our award-winning corporate digital identity (CDI) platform incorporates real time data and documents from authoritative global public data sources and private customer information to create and maintain digital risk profiles.
With encompass the world’s leading banks improve customer experience and increase business opportunities through consistent regulatory compliance and risk mitigation.
Through close collaboration with FRIL partners, we want to explore how our existing corporate identity platform can develop further to benefit organisations and their specific requirements for their Know Your Business onboarding and maintenance processes.
Haelo – https://haelo.io/
HAELO is a RegTech innovator transforming Governance, Risk, and Compliance in
Financial Services. Our Horizon Scanning solution, REGENESIS, delivers instant access
to regulatory updates at a glance providing early detection of changes and empowering management to mitigate risk and avoid costly breaches.
Our IO (Intelligence Overlay) platform is at functional prototype stage and is designed to work in concert with REGENESIS to create a golden thread connecting regulation with obligations, controls and personal accountabilities. Through the FRIL programme, we would like to work with industry partners to develop our approach in the application of this platform and its role in the financial crime domain.
Lasting Asset – https://lastingasset.com/
LastingAsset is a Trust-tech on a mission to stop fraud. Our core solution is a cryptographic device-to-device encryption protocol that tackles the growing menace of impersonation fraud. By combining advanced cryptography with decentralised identity management, it enables individuals and organisations to authenticate counterparties with unparalleled accuracy and privacy.
During the programme we will also pursue our innovation on fraud information sharing via a decentralised fully homomorphic encrypted network.
Pytilia – https://pytilia.io/
Pytilia propose to address the ‘strengthening operational efficiencies in alert dispositioning’ challenge to optimise the manual review of KYC-related alerts, powered by our “always learning” feedback loop engine. We have successfully used a solution blueprint combining rules-based & AI-powered logic to identify anomalies/alerts and present these for inspection & action by human analysts in our:
•winning pitch for FRIL’s inaugural Innovation call on “Simplifying Compliance”;
•PoC solution for the FCA’s recent Market Abuse TechSprint;
•Innovate UK-funded Cyber-AI Hub project (demonstrating its cross-domain applicability)
During the FRIL programme, guided by this previous experience, we propose to focus on the feedback loop aspect of such hybrid systems. We look forward to working with partners to demonstrate KYC alert filtering, prioritisation and reinforcement learning using scenarios/data relating to the alert review process.
SenGuard – https://senguard.co.uk/
SENGUARD protects older adults from financial fraud by using real-time data analysis to detect and prevent scams before they happen.
SENGUARD’s innovative approach to financial crime prevention combines cutting-edge technology with a deep understanding of vulnerable users’ needs. Our solution not only addresses current financial crime patterns but is designed to evolve and adapt as new threats emerge.
With support from partners in the FRIL programme, we can enhance our capabilities and scale our impact in protecting vulnerable users from financial crime.
Serene – https://www.myserene.io/
Serene leverages AI-driven insights to identify vulnerable consumers at heightened risk of scams, helping financial institutions prevent financial crime proactively. By using real-time detection, tailored interventions, and scalable integrations, we align with regulatory frameworks like FCA Consumer Duty and PSR reimbursement requirements, ensuring compliance while enhancing customer protection.
Through participating in the Financial Regulation Innovation Lab, we would like to collaborate with partners and validate Serene’s predictive model for identifying scams through Vulnerable Characteristics.
Sopra Steria – https://www.soprasteria.co.uk/
Our innovative solution called the Optimised Decision Engine (ODE), leverages our unique and patent pending AI engine to generate and optimise human-interpretable rulesets for business decisioning, particularly in detecting fraud, scams, and money laundering. Unlike traditional black-box AI solutions that often lack explainability, ODE prioritises transparency, trustworthiness, and auditability, ensuring that its outputs are clear and comprehensible.
Through participating in the Financial Regulation Innovation Lab, we look forward to working with partners to exploring the calibration of the tool with a wide range of data volumes and types, understanding the optimal configuration for each dataset.
Swordbreaker – https://www.swordbreaker.co.uk/
Ingenious protection against ransomware with minimal access to the systems and no access to the data it protects. The product we are building doesn’t just raise the alarm; it actively disrupts cyber criminals as they try to steal your data and sabotage your systems.
Swordbreaker’s solution can protect any operating system, including legacy and Operational Technology (OT) from bulk data theft and file encryption. It works on its own or alongside existing security tools to reduce your risk from ransomware.
We would like to work with FRIL partners to deepen our understanding of their risks in financial crime and their regulatory requirements to help us shape our first solution and design Swordbreaker’s product suite for the future.
Threat Fabric – https://www.threatfabric.com/
ThreatFabric enables safe & frictionless online customer journeys by integrating industry-leading threat intel, behavioural analytics, advanced device intelligence and over 10.000 adaptive fraud indicators. We will be seeking to progress two propositions centred around 1) Data-driven, Digital Fraud and Scam Detection and 2) Proactive Mobile Threat Intelligence (MTI).
As part of the FRIL programme, we would like to explore whether new data sources can be used to provide further coverage for the hardest-to-detect fraud and work with partners across data such as telecommunications, smshing and location data.
VeriFoxx – https://verifoxx.com/
Verifoxx enables financial institutions to share verified intelligence, to tackle financial crime and fraud, but without any data ever leaving its owner, reducing privacy and commercial risks. Leveraging Privacy Enhancing Technologies such as Zero Knowledge Proofs (ZKPs), Multi-Party Computation (MPC) and Trusted Execution Environments (TEEs), Verifoxx addresses the critical challenge of how different companies can collaborate and connect data points, but without ever exposing their data.
Through the Financial Regulation Innovation Lab, we would like to explore with partners how the financial services and telco sectors could exchange intelligence to investigate or even stop a scam from happening.
Promoting Fairness and Exploring Algorithmic Discrimination in Financial Decision Making Through Explainable Artificial Intelligence
In this white paper a comprehensive toolbox is developed, grounded in an ethical “rights to
explanation” framework, deploying state-of-the-art machine learning/artificial intelligence models,
through the lens of explainability.
Harnessing these explainable artificial intelligence algorithms within the toolbox, we propose implementing an ensemble of model-agnostic techniques, to improve fairness in financial decision making, with a particular focus on US home mortgage loan applications with a granular public dataset.
We also highlight variability in these techniques, imposing various pragmatic scenarios that explore real-world decision making, alongside equality of opportunity and equality of outcome conditions. We highlight potential pitfalls, nuances, and possible innovations in applying these techniques, while providing the ability to simultaneously assess the impact of any specific variable in decision making, and a model’s performance in such decision making, with established machine learning criteria.
Furthermore, we showcase the trade-off between fairness and model performance optimization with a protected characteristic (age) that might form the basis of plausibly discriminatory practices in such a context. Our study aims to be in the spirit of Agarwal, Muckley, & Neelakantan (2023), Kelley, Ovchinnikov, Hardoon, & Heinrich, (2022), Kozodoi, Jacob, & Lessmann (2022), and Kim & Routledge (2022), among others. We lastly identify areas for future research.
Fairness and Discrimination in Lending Decisions: Multiple Protected Characteristics Analysis
We build upon the comprehensive toolbox developed in Jain, Bowden and Cummins
(2024), extending its applicability to multiple protected characteristics.
We explore a way in which several characteristics can be simultaneously considered for multi-dimensional fairness promotion and potential mitigation of plausibly discriminatory practices. In the spirit of Jain, Bowden and Cummins (2024), once again we do this with a particular focus on US home
mortgage loan applications with a granular public dataset.
Finally, we address a prior deficiency, namely a worse overall model accuracy/performance as measured by Area Under the Curve (AUC). The improved AUC can be attributed to a better True Positive Rate of correctly classified loan acceptances, which is achieved with the aid of hyperparameter tuning.
Specifically, we use Stratified K-Fold Cross-Validation combined with overfitting- robust hyperparameter tuning facilitated with the aid of a Grid Search. These were discussed but not explicitly implemented in the use case of Jain, Bowden and Cummins (2024). We document that even a narrow set and range of hyperparameters (mitigating the computational cost of employing the Grid Search) is sufficient to elicit these improvements.
Lastly, we provide recommendations on the implications of our results including where a
human-in-the-loop
Enhancing Financial Crime Detection By Implementing End-to-end AI Frameworks
Economic crime, encompassing money laundering, fraud, scams, and various other
illegal financial activities, continues to evolve with the emergence of sophisticated Artificial
Intelligence (AI) technologies.
This white paper explores the dual-edged nature of AI in the financial sector. While AI tools are increasingly being exploited by criminals to commit financial crimes, they also hold the key to more robust and effective detection and prevention strategies.
This paper delves into the array of AI techniques currently leveraged by malicious criminals, including deepfake technologies, phishing and spear phishing, automated social engineering, credential stuffing, synthetic identity fraud and others.
Furthermore, it provides a comprehensive analysis of AI techniques capable of countering
these threats. Key focus areas include Neural Networks for unusual patterns and behaviours,
gradient boosting algorithms for risk assessment, reinforcement learning for optimisation of
decision making, Markov chains for temporal patterns and anomalies over time, Naïve Bayes
for real-time classification and decision trees for interpretable detection.
The culmination of this paper is the presentation of a state-of-the-art end-to-end AI-driven solution that integrates AI technology to offer a holistic and dynamically adaptable approach to financial crime detection and prevention. By implementing this framework, financial institutions can significantly enhance their capabilities to identify, mitigate, and prevent financial crimes, ensuring a more secure financial ecosystem.
Using Automation and AI toCombat Money Laundering
Money laundering, which is the criminal activity of processing criminal proceeds to disguise their origin is one of the gravest problems faced by the global economy, and its size is growing rapidly. It is estimated that 2- 5% of the global GDP or US$800 billion to US$2 trillion is being laundered every year across the globe.
Banks have begun to understand that their legacy rules-based systems cannot effectively mitigate risks related to money laundering. There is a need to embrace advanced technology that can effectively solve their problems of getting involved in money laundering cases. This white paper outlines a case study focusing on the effectiveness and limitations of Artificial Intelligence (AI) in detecting and preventing money laundering activities. It will provide an overview of the design, architecture, implementation, and testing of such a strategy.
ESG Greenwashing And Applications of AI For Measurement
“ESG greenwashing” refers to the strategic communication tactics firms use to
selectively disclose their ESG conduct to stakeholders.
ESG greenwashing strategy, while it may attract and satisfy stakeholders at the beginning, may cause different issues for firms later, such as adverse publicity, lobbying, or boycott campaigns by consumer or pressure groups or divestment by socially responsible investors. The complex impacts of ESG
greenwashing underscore the imperative of discerning and quantifying instances of such practices. We aim to consolidate recent literature reviews of ESG greenwashing, methodologies to measure ESG greenwashing and developing applications of AI, text analysis and machine learning models to advance such measurement.
This white paper makes significant contributions to policy developments, such as the greenwashing regulations of the UK FCA and the European Parliament.
Simplifying Compliance through Explainable Intelligent Automation
We discuss how explainability in AI-systems can deliver transparency and build trust
towards greater adoption of automation to support financial regulation compliance among
banks and financial services firms.
We uniquely propose the concept of Explainable Intelligent Automation as the next generation of Intelligent Automation. Explainable Intelligent Automation seeks to leverage emerging innovations in the area of Explainable Artificial Intelligence. AI systems underlying Intelligent Automation bring considerable advantages to the task of automating compliance processes. A barrier to AI adoption though is the black-box nature of the machine learning techniques delivering the outcomes, which is exacerbated by the pursuit of increasingly complex frameworks, such as deep learning, in the delivery of performance accuracy.
Through articulating the business value of Robotic Process Automation
and Intelligent Automation, we consider the potential for Explainable Intelligent Automation
to add value. The solution framework sets out the Explainable Intelligent Automation
framework, as the interface of Robotic Process Automation, Business Process Management
and Explainable Artificial Intelligence. We discuss key considerations of an organisation in
terms of setting strategic priorities around the explainability of AI systems, the technical
considerations in Explainable Artificial Intelligence analytics, and the imperative to evaluate
explanations.
Explainable AI For Financial Risk Management
We overview the opportunities that Explainable AI (XAI) offer to enhance financial risk
management practice, which feeds into the objective of simplifying compliance for banking and
financial services organisations. We provide a clear problem statement, which makes the case for
explainability around AI systems from the business and the regulatory perspective.
A comprehensive literature review positions the study and informs the solution framework proposed. The solution framework sets out the key considerations of an organisation in terms of setting strategic priorities around the explainability of AI systems, the institution of appropriate model governance structures, the technical considerations in XAI analytics, and the imperative to evaluate explanations.
The use case demonstration brings the XAI discussion to life through an application to AI based credit risk management, with focus on credit default prediction.
Financial Regulation Innovation Lab – Exploring the intersection of quantum computing and the finance sector
As part of the 4th FRIL theme focusing on innovation to address financial crime, the FRIL team along with Alliance for Research Challenge in Quantum Technologies (Quantum ARC) and Technology Scotland hosted a roundtable to explore and catalyse the opportunities present now and in the near-future between quantum computing and the finance sector.
The discussion spanned a broad range of topics at the intersection of quantum and finance, with various opportunities and risks highlighted. Within these opportunities and risks, the discussion emphasised the critical need in thinking in relation to economic crime and fraud, which we look forward to progressing through the 4th FRIL programme currently live focusing on ‘innovation to address financial crime’.
What is Quantum Technology and the risks it presents?
McKinsey states quantum technology could create value worth trillions of dollars within the next decade with the finance sector identified as a sector that could see the earliest impact, however the concept remains relatively unknown to most. The term quantum technology broadly relates to science that applies quantum mechanics to a given field of technology, and refers to a subset of fields such as quantum computing, quantum sensing, quantum imaging, or quantum communications.
For the purposes of this blog, we will be focusing on quantum computing, which utilises qubits, concisely summarised by the World Economic Forum as –
Quibits are the equivalent of a classical bit, and the most fundamental unit for encoding information. Where a bit can be in a state of either on or off (0 or 1), a qubit can be in either 0 or 1 – or a combination of both. This is because of a superposition effect in quantum theory, which means that particles can exist simultaneously in multiple states.
In practice, this means not only can quantum computing provide a significant performance boost in processing, but it also has the potential to solve complex problems much faster than even the most powerful supercomputers today.
Whilst this kind of revolutionary power could deliver numerous opportunities for the finance sector, the risk rapidly materialises when considering public-key cryptography (PKC), which the security of nearly all Internet communications today is based on. The underpinning security of PKC relies on the difficulty of the mathematical problems and the challenge in which classical computers have in solving them. However, solving these mathematical problems with a general purpose quantum computer is considered easy, with Shor’s algorithm demonstrating this capability back in 1994, the challenge being that the power capabilities of a quantum computer to run the algorithm do not yet exist.
As highlighted by the NCSC, although advances in quantum computing technology continue to be made, quantum computers today are still limited, and suffer from relatively high error rates in each operation they perform. For organisations, however, this risk remains a priority for the thinking of today as bad actors are adopting a ‘harvest now, decrypt later’ approach to collect valuable, sensitive data in anticipation of power capabilities being on the horizon.
What is the current regulatory landscape at the intersection of quantum computing and the finance sector?
Regulatory agencies worldwide are battling with the balance between technology readiness levels and appropriate regulation or standard setting in relation to developments.
In October 2024, the UK Govt agreed with recommendations made by the Regulatory Horizons Committee (RHC – commissioned by DSIT to review the future needs of quantum technologies regulation to support innovation and growth) ‘that it is too early to establish regulatory requirements and legislation for quantum technologies at this stage given the nascency of the sector, but sustained action is required now to increase regulatory capability and enable a sector- and application-specific approach to regulating quantum technologies in the future’. When considering the finance sector specifically, the UK’s Financial Conduct Authority has demonstrated its position as a leading voice in the quantum security domain through collaborative initiatives with the World Economic Forum, where research was published offering guidance for businesses and regulators to ensure a collaborative and globally harmonised approach to quantum security.
Looking further afield at the international landscape, momentum continues to evolve at pace, and earlier this year we also saw the US agency National Institute of Standards & Technology (NIST) finalised several post quantum encryption standards. With these standards, NIST encouraged large organisations, including those across the finance sector, to begin transitioning to the new standards as soon as possible. Regulatory authorities in Singapore have also recently launched a ‘Quantum Track’ within their Financial Sector Technology & Innovation Scheme (FSTI 3.0), with an additional S$100 million earmarked to support innovation in quantum and AI.
Despite this progress, participants in the discussion broadly agreed there is still a long way to go when assessing the regulatory and standard setting landscape of quantum.
How can we collectively progress successful collaboration around the exploration of quantum technologies?
The consensus of the discussion emphasised that the fundamental principles for continued collaboration span across the triple helix of engagement from industry, academia and regulatory colleagues, mirroring the principles that underpin the Financial Regulation Innovation Lab. Here at FRIL we will continue to actively convene stakeholders across these groups on topics that present both opportunities and risks in financial regulation, exploring how innovative propositions and ways of working can be progressed across the ecosystem.
Across the FinTech Scotland cluster there are various collaborative projects exploring the beneficial and responsible exploration of quantum technologies. One of which, highlighted by roundtable attendees, is the BT Quantum Key Distribution project. The NCSC outlines that Quantum Key Distribution (QKD) mitigates the quantum threat to key agreement using properties of quantum mechanics, rather than hard mathematical problems, to provide security. We look forward to continuing to engage with our partners in the BT team on their learnings throughout this programme and sharing insights across the cluster.
Challenges were highlighted around accessing and sharing data, which continues to be a barrier for innovators and researchers in this area. Discussion touched on the potential of synthetic data in aiding progress for development activities, and reference to the success of regulatory initiatives such as the FCA Digital Sandbox in already going some of the way to knock down these barriers. Risks were also highlighted around the danger that advancements in quantum could be dominated by existing major players in the market, further emphasising the importance of initiatives that support democratising the playing field for innovators in this space to enable competition and avoid monopolisation.
What’s next in the intersection of quantum and finance?
Reflections were made on the rapid evolution of AI, and the opportunities to respond differently as we look forward to the evolving risks and opportunities that quantum presents. These lessons range from the debate around explainability, and the potential opportunities quantum presents in this field, through to the pace at which regulation and standard setting is struggling to keep up with the technology.
There was a broad agreement across attendees that priority use cases for the finance sector in regards to quantum computing need refinement, with possibilities spanning from the use of quantum technologies by bad actors through to organisational adoption of quantum technologies. Attendees also highlighted the opportunities that can be explored with quantum technology as we look to areas such as open finance and the value that can be derived from this data to create beneficial and responsible innovation.
The FRIL Innovation to Address Financial Crime programme lays the foundations to begin testing some of this thinking, as evidenced through the roundtable and also the broader innovation call series, and we will continue to engage with experts across the ecosystem in the long term roadmap of FRIL focus areas. We are looking forward to engaging with innovators across the industry led use cases in this programme, exploring where potential quantum computing advancements may provide opportunities to more effectively tackle financial crime risks.
Interested in exploring more? The key contacts across the Financial Regulation Innovation Lab on this topic are:
- Lauren Cassells, Research and Innovation Programme Manager (lauren.cassells@fintechscotland.com)
- Gemma Milne, Research Associate, University of Glasgow (gemma.milne@glasgow.ac.uk)