Closing the fraud gap

Over the past decade, digital banking has redefined the financial landscape across the Middle East. Customers now expect seamless, mobile-first services and financial institutions have delivered. As banks and their regulators race to innovate, fraudsters are evolving just as quickly.

Many of today’s most damaging scams such as SIM swaps, phishing and account takeovers, rely not only on weaknesses in financial systems but also on vulnerabilities in telecom infrastructure. Combating these threats requires more than sector-specific solutions; it calls for a coordinated, cross-industry response.

Digital fraud trends and the case for collaboration

While digital transformation in banking has significantly enhanced customer experience, it has also introduced new risks. A recent Lexis Nexis report revealed that 42% of UAE organisations have experienced an increase in online fraud year-on-year.

Across Europe, the Middle East and Africa, digital channel fraud now accounts for over half of total fraud losses. These figures highlight the urgent need to revisit and enhance fraud prevention strategies – moving beyond internal investments to encourage industry-wide collaboration.

Banks and telecom providers rely on personal data for onboarding and monitoring customers, yet the lack of integration between these industries creates exploitable gaps. Fraudsters use these weaknesses to deceive customers and bypass controls.

To effectively shut down these fraud schemes, banks and telecom providers must combine their strengths, linking identity systems, sharing threat intelligence and coordinating fraud response protocols. Collaboration is no longer a competitive advantage, it’s a necessity.

The role of convergence in combating fraud

Anti-fraud efforts across banking and telecom often remain fragmented and fraudsters exploit the gaps. For instance, an SIM swap may allow a criminal to intercept one-time passwords and drain a victim’s bank account before anyone notices.

Without real-time data sharing, these attacks often slip through undetected and telecom companies may be unaware that a customer has been blacklisted by a bank. Here are some of the prevalent digital fraud trends and how better integration between sectors could close these gaps.

SIM swap fraud
SIM swap attacks involve fraudsters persuading telecom operators to transfer a victim’s phone number to a new SIM card. Once completed, the fraudster can intercept all calls and text messages, including one-time passwords (OTPs) used for banking transactions. This allows fraudsters access to all the calls and texts meant for the original owner, including one-time passwords.

The OTPs give them access to sensitive accounts like banking, email, or social media, often before the victim even notices anything is wrong. This global fraud type has risen over 1,000%+ in countries such as the UK. Better coordination between banks and telcos, such as real-time SIM swap alerts, would, therefore, allow financial institutions to flag and halt suspicious account activity immediately.

Social engineering, job offer and investment scams
Scammers trick victims into providing confidential information by impersonating as government officials or bank employees. This allows them to access personal accounts through the OTPs and web meetings. Social engineering scams have risen by over 2,000% (assisted using AI and deepfake technologies). Job offer scams are on a similar trajectory.

Additionally, ‘Pig butchering’ investment scams continue to command large loss sizes, often facilitated by crypto and human trafficking. Better integration could help here as well – a telco-run blacklist of numbers linked to fraud complaints, shared with banks, could trigger heightened monitoring of accounts linked to those numbers.

Mule account networks
Criminals frequently use ‘money mules’ or individuals who allow their accounts to be used to receive and transfer stolen funds. Some are complicit, others are unaware. These mule accounts often appear legitimate on the surface, making detection difficult.

Joint data analytics between the banks and telecom companies would allow for the speedy detection of unusual mobile communication patterns tied to suspicious financial transfers, enabling quick freezing of the accounts and SIMs involved.

Sudden SIM swaps, changes in location, or other changes to the user’s activity pattern can be notified by the telecom companies to the banks through a joint working committee set up between the two, with oversight from regulatory authorities, enabling real-time communication exchange that could assist in identifying mule accounts.

KYC manipulation and account takeovers
Advances in AI tools have made it easier to forge highly convincing ID documents and bypass Know Your Customer (KYC) checks. Stolen KYC documents or forged KYC documents can be used by fraudsters to recover/reset accounts, thereby changing the profile details of the customer, including email address, phone numbers and passwords.

By synchronising KYC and eKYC processes across banks and telecoms, organisations can cross-validate identity information, flag discrepancies and reduce onboarding risk. Shared data and AI tools can also be used to detect signs of document tampering or unusual registration behaviour. This would not only mitigate the use of falsified KYC documentation but would also crack down on account takeover and identity theft fraud, which have impacted the telecom and banking industries.

Unlocking the power of collaboration

While fraudsters often stay one step ahead, banks and telecom providers must respond with an equally agile, collaborative approach. Key areas where convergence can drive meaningful impact include:

All-in-one identity verification
Telecom operators leverage customer data through mandatory SIM registration processes, including government-issued ID verification. Banks can leverage this verified data to strengthen their onboarding processes. For example, matching SIM registration details with account creation records can prevent impersonation and fraudulent account openings.

Additionally, real-time alerts from telecom companies when a SIM swap occurs can enable banks to automatically hold or flag transactions until further authentication is completed.

Unified customer awareness campaigns
Customer education remains a frontline defence against digital fraud. While financial institutions have made significant strides in this area, a coordinated effort with telecom providers can expand reach and effectiveness. Joint awareness initiatives using SMS, email and applications can help customers recognise red flags, avoid scams and maintain digital hygiene. Tailoring these messages to specific customer segments ensures relevance and resonance.

In the Middle East, several regulators have already issued directives and frameworks requiring financial institutions to implement fraud awareness campaigns and a unified approach between banks and telecoms could amplify their impact and reach even further.

Shared risk intelligence platform
A shared platform for real-time threat intelligence would allow banks and telecom operators to exchange signals such as backlisted phone numbers, fake or compromised IDs and behavioural indicators, which include frequent SIM swaps among others.

A recent introduction of shared intelligence can be seen in India, where the Department of Telecommunication introduced India’s Financial Risk Indicator (FRI), where telecom providers send risk signals to financial institutions based on analytics and cybercrime inputs.

These risk insights allow banks and fintech companies to apply additional safeguards before processing high-risk transactions. The FRI is a risk-based model that classifies a mobile number to have been associated with medium, high or very high risk of financial fraud by leveraging inputs from cybercrime agencies.

Fintech companies in India have already started integrating FRI alerts in their systems, configuring multi-step authentications if such mobile numbers are involved in a financial transaction.

Considerations for the convergence

While collaboration between banks and telecom operators presents a powerful opportunity to combat digital fraud, it also presents important challenges. The following considerations are critical to ensuring that any collaboration is both effective and sustainable, while meeting regulatory, operational and cybersecurity standards.

Data protection and privacy issues
Sharing customer information for fraud prevention purposes raises valid concerns from consent and data sovereignty to regulatory compliance. With growing cyber threats and the proposed exchange of information between banks and telecom companies, responsible data sharing is essential. To make convergence sustainable, both industries must align on privacy standards, cybersecurity protocols and third-party risk frameworks.

Regulators in both sectors should establish a baseline security framework for any shared platforms or databases, ensuring consistent compliance across the board.

Establishing accountability
Defining clear roles and responsibilities is essential to ensure that no fraud case falls through the cracks. A success story in establishing this framework can be seen in Southeast Asia – Singapore. The Monetary Authority of Singapore (MAS) and Infocomm Media Development Authority of Singapore (IMDA) had come out with a Shared Responsibility Framework (SRF) last year to tackle phishing scams.

The SRF calls out the individual responsibilities of both telecom companies and financial institutions to determine accountability for fraud cases. The entity that fails to fulfil its duty as per SRF will be held accountable and will have to compensate the customers for the fraud loss incurred. Similarly, regulators across the region will have to draft a framework that details clear accountability and escalation protocols to ensure a successful partnership.

Interoperability between sectors
Both industries operate based on separate regulations, organisational culture and technological systems. Bridging these differences requires regulatory alignment, leadership support and strong cross-industry governance. Policymakers and C-suite executives from both sectors must work in tandem to ensure that systems, processes and policies are interoperable, secure and scalable across jurisdictions.

Conclusion

Fraud is an ever-evolving, ever-changing concept. The future of fraud prevention is not just about reacting to yesterday’s scams; it’s about anticipating the threats of tomorrow, adapting to them in real time and building a unified defence strong enough to dismantle them.