The UK government’s latest fraud strategy marks a long-overdue shift in gear in how the country aims to tackle its most prevalent crime.
Fraud is now the most prevalent crime in the UK, accounting for 45% of all recorded offences in the country. Scammers, the tools they use, and the scams they execute have all grown more sophisticated, utilising AI and highly convincing social engineering techniques to exploit victims more effectively.
The new strategy arrives months late, in the shadow of the shelved 2023 plan that brought us the “Stop! Think Fraud” public awareness campaign. That iteration ultimately failed to deliver on its central commitment of reducing fraud in the UK by 10%. The change in government in 2024 disrupted what momentum there was, representing a missed opportunity to move beyond communication and deliver a sustained, measurable reduction in fraud.
Go deeper with GlobalData
Access deeper industry intelligence
Experience unmatched clarity with a single platform that combines unique data, AI, and human expertise.
The new strategy reflects the mounting recognition that fraud is increasingly embedded within the infrastructure of our increasingly digital economy. Fraud is no longer a series of isolated financial crimes, but has instead evolved into a sophisticated, industrialised criminal ecosystem, driven by organised groups that have mastered digital services, automated tools and large-scale social engineering campaigns.
The question now is whether the latest strategy marks a genuine turning point or if it’s just another iteration of familiar ideas.
Success will hinge on the UK’s ability to match the speed, scale and coordination of criminals, and actually follow through.
Social engineering demands a real-time response
The 2025 UK Finance’s annual report recorded £1.17bn in fraud losses in the year prior, with an estimated 3.31 million cases. While the total financial losses remain relatively stable from year to year, the volume of attacks has increased rapidly. This suggests a high-frequency crime model, associated with organised cybercrime groups operating across national borders.
A significant proportion of this fraud has been driven by social engineering and customer manipulation, with UK Finance reporting UK consumers lost more than £450m in authorised fraud losses in 2024. These cases are particularly challenging because they exploit gaps in traditional banking controls.
Approximately 70% of authorised push payment scams originate online, often on social media platforms, digital marketplaces or messaging services rather than within the banking system itself. While banks are frequently held responsible for reimbursing victims, the initial attack vector lies further upstream in the digital ecosystem. The person conducting the transaction is a legitimate account holder using a clean physical device to access their digital bank account, but the session is still compromised.
The government’s proposed £30m Online Crime Centre (OCC) reflects this shift towards understanding fraud as an interconnected ecosystem rather than a series of isolated crimes. However, the structural pillars of intelligence sharing, cross-sector collaboration and use of technology are nothing new.
Sharing threat data, such as scam intelligence, compromised or fraudulent identities, and coordinated mule networks in real-time is a must. This will help level the playing field between criminals and banks and law enforcement. But sharing data ‘instantly’ through collocated staff alone won’t be enough.
The scale of modern fraud demands a fundamentally more automated response. Combatting mule accounts requires detection and intervention to happen in milliseconds, not through manual processes or delayed alerts. As criminals increasingly adopt advanced technologies, including AI, to scale their operations, the UK cannot afford to respond at human speed to machine-driven fraud.
Otherwise, the UK risks rebuilding a system that is structurally slower than the criminals it is trying to stop.
Overcoming data fragmentation
AI is only as effective as the data it is trained on, and if the UK is to rely more heavily on automated detection and response, it must ensure that the underlying data infrastructure is fit for purpose.
Fraud detection remains fragmented, with institutions often monitoring the same fraud patterns independently. This can lead to disparate data that may be inconsistent or poorly validated. Without high-quality, accurate and complete data to underpin decision-making, AI models and intelligence-sharing systems will be fed the wrong information.
Improving these outcomes will require structured mechanisms for sharing fraud intelligence across the financial sector, and potentially with other sectors, such as telecommunications and internet platforms. This is why the government must implement strong incentives, governance and scalable frameworks that ensure data is gathered accurately and shared securely, at scale.
Clear incentives for collaboration, policies that preserve customer privacy and commercial confidentiality, and operational models that ensure the automated sharing of intelligence and subsequent immediate action will be necessary. Without these, the UK will have intent but no impact.
Disrupting economic crime
Fraud is increasingly digital, organised and cross-institutional, and the strategy rightly focuses on disrupting the wider fraud ecosystem. This will require earlier identification mechanisms and stronger collaboration across the financial network. Behavioural intelligence and digital fraud detection tools that assess user intent and not just user identity throughout the entirety of every digital banking session will be vital in doing so. The challenge now is turning this knowledge into action and deployment at scale.
At the same time, greater platform accountability will help root out fraud at its source. The introduction of the Online Safety Act in 2023 has given Ofcom the power to address illegal and damaging content across online platforms, including scam content and fraudulent advertising.
Yet, its implementation has been phased, and provisions targeting fraudulent advertising will not be fully enforceable until 2027. Delaying these risks leaves a major vector of fraud largely unregulated for several years.
The government’s latest fraud strategy contains many of the right components for success, including cross-sector coordination, greater use of technology and a recognition of fraud as a systemic risk. What the UK must do now is turn existing capability into action. If the strategy is not implemented with sufficient urgency, resourcing and accountability to deliver measurable change, there is a risk that this becomes another iteration of familiar ambitions, rather than the turning point it is intended to be.
Jonathan Frost, director of global advisory for EMEA at BioCatch
