The Enforcement Turn

March 31, 2026 by ThreatMark

March’s developments show fraud being treated less as a downstream banking issue and more as a systemic threat to public trust, national security, and economic stability. Governments are shifting from awareness and reimbursement toward disruption at source, while new data confirms fraud volumes at record levels. Across crypto, payments, telecoms, and public reporting, the pattern is consistent. Fraud is industrial, cross-border, and increasingly AI-enabled.

1. ThreatMark Joins EBA CLEARING’s FPAD Programme

ThreatMark has joined EBA CLEARING’s Fraud Pattern and Anomaly Detection (FPAD) Solution Provider Programme, enabling banks and payment service providers across EU member states to combine ThreatMark’s behavioral intelligence with network-level fraud signals from EBA CLEARING’s pan-European SEPA infrastructures, RT1 and STEP2.

The partnership fuses FPAD’s real-time detection of anomalies in SEPA credit transfers with ThreatMark’s behavioral biometrics, which monitor how users interact across the digital banking journey to detect manipulation and social engineering. This combination is particularly relevant for Authorized Push Payment fraud, where traditional transaction monitoring typically fails because the victim is completing the transaction themselves. The partnership also positions both firms ahead of incoming PSD3 obligations mandating greater fraud prevention and intelligence sharing across payment service providers.

2. Crypto Exchanges Face Growing Pressure on Fraud Responsibility

Crypto exchange MEXC reported more than $4 million in intercepted fraud across January and February 2026, alongside dozens of disrupted cases tied to coordinated criminal activity. The report reflects growing pressure on exchanges to demonstrate active prevention, transparency, and cooperation with law enforcement.

The wider issue extends beyond individual platforms. Impersonation scams, fake domains, and brand abuse continue to drive losses by exploiting user trust rather than technical vulnerabilities. As fraud increasingly operates across multiple platforms and services, calls for shared intelligence and ecosystem-level defense are becoming harder to ignore.

3. US and UK Target Southeast Asia’s Scam Compound Networks

March saw coordinated US and UK action against industrial-scale fraud operations in Southeast Asia. At the Global Fraud Summit in Vienna, the US confirmed sanctions against hundreds of regional targets, a $15 billion bitcoin seizure, and charges against Prince Group Chairman Chen Zhi for directing scam compound operations in Cambodia — the largest forfeiture action in US history. For financial institutions, the key implication is a growing expectation that sanctions compliance keeps pace with rapidly evolving designations.

4. Payment Fraud Industrializes as New Attack Vectors Emerge

Recorded Future’s annual Fraud Intelligence Report finds that while stolen card records available for sale fell by almost 20 percent in 2025, the threat is not receding. Attackers are extracting greater value from less data through automation and increasingly standardized tooling. Magecart attacks alone accounted for 10,500 active hacks in 2025, compromising more than 23 million online transactions.

Looking ahead, the report flags agentic AI commerce, where AI systems make purchases autonomously on behalf of users, as an emerging vulnerability that will complicate fraud detection and raise unresolved liability questions.

5. UK Launches Coordinated Stance on Fraud with New Strategy, Crime Centre, and Record Volumes

The UK government announced both a new Online Crime Centre and its Fraud Strategy for 2026 to 2029 in March, together signaling a clear shift from response to disruption as the organizing principle of national fraud policy. The Centre brings together law enforcement, banks, telecoms providers, and technology firms to target scam infrastructure — domains, phone numbers, mule accounts — through real-time data sharing. The Strategy prioritizes cutting off criminal access to platforms and financial flows, making participation in coordinated disruption a central expectation for banks and payment providers, not an optional extra.

The urgency is underlined by new Cifas figures showing more than 444,000 fraud cases in the UK in 2025 — a record high and a 6 percent increase on the prior year — with identity fraud and account takeover accounting for around 72 percent of cases.

6. Global Fraud Losses Exceed $442 Billion

INTERPOL estimates that financial fraud cost the global economy more than $442 billion in 2025 and assesses overall risk as high. AI‑enabled fraud is a key driver, with increasingly automated systems capable of running end‑to‑end scam campaigns.

At the same time, international cooperation is improving. INTERPOL reports higher levels of shared intelligence, more cross‑border investigations, and increased asset recovery, reinforcing the importance of coordinated action at scale.

7. US Targets Scam Centers with New Executive Order

The White House issued an Executive Order positioning cyber-enabled fraud as a transnational, organized threat rather than a series of isolated crimes. The order directs federal agencies to coordinate enforcement, disrupt scam centers, and strengthen intelligence sharing with international partners and the private sector.

The emphasis is on disruption rather than remediation. While the order does not impose direct obligations on banks, it signals higher expectations around early intervention and collaboration where fraud infrastructure operates across borders.

Banking Threat Bulletin highlights the stories shaping global fraud prevention and customer protection. Stay informed. Strengthen trust. Protect your customers.