Record fraud, money mules and rising regulatory pressure

A record 444,993 cases were filed to the National Fraud Database in 2025, according to the latest CIFAS Fraudscape report, including more than 242,000 cases of identity fraud. Although identity fraud filings fell by 3% year-on-year, it remains the most common case type, accounting for over half of all reports.

Criminals are deploying AI to create synthetic identities, generate convincing impersonations and run scams on an unprecedented scale. Two trends in particular stand out from this year’s report.

The first is the growth of fraud-as-a-service, which is lowering the barrier to entry for criminals. In the past, running large fraud campaigns required genuine technical expertise. Now phishing kits, malware and account takeover tools can essentially be rented, meaning more actors are involved and attacks are becoming more coordinated.

The second is the continued rise of money muling, with more than 22,000 cases linked to scams and recruitment schemes that deliberately target financially vulnerable people.

Crucially, these are no longer isolated problems. Identity fraud, mule accounts and payment scams are increasingly the entry point for wider money laundering networks.

The growth in money muling is a particular concern because it often targets vulnerable individuals: students, people facing financial hardship or those approached through social media recruitment schemes. Awareness campaigns play a role, but they are not sufficient on their own. Firms need to strengthen behavioural monitoring to catch mule activity earlier, before accounts are fully exploited.

Unusual account usage patterns, rapid movement of funds and connections between seemingly unrelated accounts can all provide early warning signals, but only if firms are looking in the right places at the right time. Traditional static checks and point-in-time identity verification at onboarding are becoming less effective against threats that evolve after a customer relationship begins.

The shift that is needed is from point-in-time controls to continuous monitoring. That means looking at behavioural patterns, device intelligence and network connections as an ongoing discipline not a one-off assessment. Sharing intelligence across institutions is equally important. The patterns that are not visible within a single firm can become obvious when information is pooled across the industry.

There is also a broader question about how firms organise their financial crime functions. Many are moving towards a more consolidated position, albeit slowly, even where operational processes and regulatory obligations differ. Smaller firms often have a more joined-up view of their financial crime landscape, largely because limited resources mean tackling fraud and AML separately is not an option. Greater integration across fraud and AML functions looks increasingly like the direction of travel.

Just last week, the FCA warned that professional body AML supervisors may not have sufficient powers to deter breaches. In its latest report from the Office for Professional Body Anti-Money Laundering Supervision (OPBAS), several recurring weaknesses were identified: inconsistency between supervisors, under-use of enforcement tools and gaps in intelligence sharing.

The direction of travel is clear. There is a growing expectation that moving towards the FCA as a single AML and CTF supervisor for professional services could bring greater consistency across the financial, legal and accountancy sectors.

Greater consistency in supervision could be a positive step, bringing clearer standards and more consistent enforcement. However, it will likely also mean higher expectations and greater scrutiny for firms across the professional services sector.

The Payment Systems Regulator has fined the Bank of Ireland £3.7 million for implementing Confirmation of Payee (CoP) checks 14 months after the regulatory deadline. During that period, payments to more than 1.1 million new payees went through without the protection CoP is designed to provide.

What makes this case significant is not the size of the fine, but what it signals. Regulators are now treating fraud controls as regulatory obligations with enforceable consequences, not simply best practice guidance. The failure to implement a fraud safeguard on time is being treated, in effect, as a financial crime control failure.

That is a meaningful shift. Firms that have historically viewed fraud prevention and compliance as running on parallel tracks need to recognise that the tracks are merging.

Financial institutions are being asked to go beyond detecting and reporting suspicious transactions and move to actively disrupting fraud ecosystems before money even enters the financial system. The real opportunity, and challenge, is shifting from reactive detection to proactive disruption.

Achieving that requires better use of data, stronger collaboration between institutions and leveraging technologies like network analytics and AI to identify connections between seemingly unrelated events.

This blog accompanies the March 2026 episode of ThirdEye View, hosted by Claire Rees and Phil Roberts,  from ThirdEye.  Claire brings extensive expertise in financial crime prevention as Global Financial Crime Regulatory Specialist, whilst Phil serves as Business Development Manager for ThirdEye in the UK, helping organisations navigate complex regulatory landscapes.