Instant payments have revolutionised the way we move money, offering greater speed and convenience. However, this speed comes with a significant caveat: the faster the payments, the faster the fraud.

In the UK alone, criminals stole £1.17bn through unauthorised and authorised fraud in 2023. And these figures continue to rise. By 2028, Authorised Push Payment (APP) fraud losses in the UK are expected to reach £636m. With APP fraud losses through instant payments specifically expected to peak at £500m, according to ACI’s latest Scamscope report. As fraudsters continue to refine their tactics, it becomes increasingly difficult for those working in fraud prevention to keep pace.

So, how can institutions detect and prevent fraudulent activity in a matter of seconds?

The short answer is: we need to change and evolve our approach.

As an industry, we must now use the power of technology, particularly data, to help prevent fraud. There are three crucial steps financial institutions must take.

Firstly, make the most of the ISO 20022 payment messaging standard. Secondly, take advantage of the swathes of third-party intelligence available within the industry. Thirdly, use AI and machine learning to enable better decision-making that will reduce fraud risk and improve the client experience.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

View profiles in store

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData

Submit

UK USA Afghanistan Åland Islands Albania Algeria American Samoa Andorra Angola Anguilla Antarctica Antigua and Barbuda Argentina Armenia Aruba Australia Austria Azerbaijan Bahamas Bahrain Bangladesh Barbados Belarus Belgium Belize Benin Bermuda Bhutan Bolivia Bonaire, Sint Eustatius and Saba Bosnia and Herzegovina Botswana Bouvet Island Brazil British Indian Ocean Territory Brunei Darussalam Bulgaria Burkina Faso Burundi Cambodia Cameroon Canada Cape Verde Cayman Islands Central African Republic Chad Chile China Christmas Island Cocos Islands Colombia Comoros Congo Democratic Republic of the Congo Cook Islands Costa Rica Côte d"Ivoire Croatia Cuba Curaçao Cyprus Czech Republic Denmark Djibouti Dominica Dominican Republic Ecuador Egypt El Salvador Equatorial Guinea Eritrea Estonia Ethiopia Falkland Islands Faroe Islands Fiji Finland France French Guiana French Polynesia French Southern Territories Gabon Gambia Georgia Germany Ghana Gibraltar Greece Greenland Grenada Guadeloupe Guam Guatemala Guernsey Guinea Guinea-Bissau Guyana Haiti Heard Island and McDonald Islands Holy See Honduras Hong Kong Hungary Iceland India Indonesia Iran Iraq Ireland Isle of Man Israel Italy Jamaica Japan Jersey Jordan Kazakhstan Kenya Kiribati North Korea South Korea Kuwait Kyrgyzstan Lao Latvia Lebanon Lesotho Liberia Libyan Arab Jamahiriya Liechtenstein Lithuania Luxembourg Macao Macedonia, The Former Yugoslav Republic of Madagascar Malawi Malaysia Maldives Mali Malta Marshall Islands Martinique Mauritania Mauritius Mayotte Mexico Micronesia Moldova Monaco Mongolia Montenegro Montserrat Morocco Mozambique Myanmar Namibia Nauru Nepal Netherlands New Caledonia New Zealand Nicaragua Niger Nigeria Niue Norfolk Island Northern Mariana Islands Norway Oman Pakistan Palau Palestinian Territory Panama Papua New Guinea Paraguay Peru Philippines Pitcairn Poland Portugal Puerto Rico Qatar Réunion Romania Russian Federation Rwanda Saint Helena, Ascension and Tristan da Cunha Saint Kitts and Nevis Saint Lucia Saint Pierre and Miquelon Saint Vincent and The Grenadines Samoa San Marino Sao Tome and Principe Saudi Arabia Senegal Serbia Seychelles Sierra Leone Singapore Slovakia Slovenia Solomon Islands Somalia South Africa South Georgia and The South Sandwich Islands Spain Sri Lanka Sudan Suriname Svalbard and Jan Mayen Swaziland Sweden Switzerland Syrian Arab Republic Taiwan Tajikistan Tanzania Thailand Timor-Leste Togo Tokelau Tonga Trinidad and Tobago Tunisia Turkey Turkmenistan Turks and Caicos Islands Tuvalu Uganda Ukraine United Arab Emirates US Minor Outlying Islands Uruguay Uzbekistan Vanuatu Venezuela Vietnam British Virgin Islands US Virgin Islands Wallis and Futuna Western Sahara Yemen Zambia Zimbabwe Kosovo

Industry * Academia & Education Aerospace, Defense & Security Agriculture Asset Management Automotive Banking & Payments Chemicals Construction Consumer Foodservice Government, trade bodies and NGOs Health & Fitness Hospitals & Healthcare HR, Staffing & Recruitment Insurance Investment Banking Legal Services Management Consulting Marketing & Advertising Media & Publishing Medical Devices Mining Oil & Gas Packaging Pharmaceuticals Power & Utilities Private Equity Real Estate Retail Sport Technology Telecom Transportation & Logistics Travel, Tourism & Hospitality Venture Capital

Tick here to opt out of curated industry news, reports, and event updates from Electronic Payments International.

Submit and download

Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

ISO 20022: unlock the power of the payment message

ISO 20022 represents more than just an industry standard; it’s a tool with the potential to transform fraud prevention. Banks are only beginning to scratch the surface of its potential to improve the data and transaction insights they monitor. This standard not only allows for smoother payments but also helps banks to conduct more thorough compliance monitoring and risk assessments.

With its unified data model, ISO 20022 introduces a more streamlined structure that enhances communication across payment systems, carrying much more information about a payment than older formats.

For example, the new messages include more space to add the full details of payees and payers. They also have ‘purpose of payment codes’. These four letters show the reason for a payment. Other information includes ‘legal entity identifiers,’ ‘type of account’ and other standardised fields that help banks identify red flags. There’s even space to add in details about the device on which a payment is initiated, how a consumer interacts with that device and the IP address it’s linked to.

This really matters, because it can carry telltale signs of fraud. For example, suppose someone opens their banking app and begins copying and pasting new payee details from other sources. In that case, it might be a sign that they’re about to make a payment to a scammer pretending to be a family member or friend in an APP fraud. Or, if they’re more hesitant than normal, it might be a sign of doubt, which could signify fraud is about to take place. With additional data, it’s possible to increase the precision and accuracy in predicting fraud before a transaction is completed.

Despite the new standard’s potential, many financial institutions are still in the nascent stages of using this capability. Although regulatory requirements have driven adoption, ISO 20022 offers untapped advantages that go well beyond mere compliance. The structured data available allows institutions to gain deeper insights into transaction patterns and significantly enhances the security of instant payments.

The key lies in their willingness to make full use of its potential.

Third party data: insight from trillions in payments

Access to robust data, like ISO 20022 message insights, is just the beginning. Real-time fraud prevention requires understanding the patterns within vast networks of payments. Let’s just stop and consider how much money changes hands every day. ACI Worldwide alone processes £11trn in payments for more than 5,100 organisations every 24 hours.

The trends and insights to be realised from these transactions are immense. ACI calls it ‘network intelligence’, and it incorporates payment information from banks, merchants, billers and central infrastructures. For example, patterns in how a user interacts with a payment device or the timing and location of transactions might reveal subtle signs of fraudulent activity that single-institution data alone would miss.

This network intelligence is invaluable, but there’s a catch: data privacy. Owing to data protection laws and regulatory concerns, banks are understandably cautious about using third-party data. To address this, ‘signal sharing’ rather than direct data sharing is key. Signal sharing simply means banks securely share anonymised transaction data with a third party, which sends back an anonymised risk score or alert if something unusual is detected. This way, banks swiftly gain valuable insights without risking user privacy.

Just imagine the potential of using insights beyond financial data, too. Sharing negative data among entities marks an important step toward enhancing security. ACI’s network intelligence, for example, identifies suspicious payment patterns, while collaborations with other entities, such as social media platforms, can reveal if a user has a history of fraudulent behaviour or other red flags. This collaborative approach offers a broader perspective that a single entity might not uncover alone. By combining insights across the payment ecosystem, banks can block scams in real time, enhancing the security of instant payments.

Despite its benefits, the adoption of network intelligence and signal sharing has been limited. In the UK, banks will be able to pause suspicious payments for up to four days to investigate fraud, a measure that, while protective, undermines the very concept of instant payments and fails to take advantage of signal sharing techniques. This approach could reduce the convenience that consumers expect from instant payments and may also complicate interoperability with the EU. With the enormous volume of data that banks must now process daily, signal sharing can help financial institutions detect fraud without unnecessary delays.

To address this, the UK and EU must work together on standardised fraud prevention methods. Achieving this requires the industry to update outdated processes and overcome hesitations around the complexity of data-driven intelligence. Yet, with the sheer volume of transactions rapidly increasing, banks must find a way to keep pace without sacrificing security.

This is where AI and machine learning come in.

A real-time fraud prevention solution

AI and machine learning powered solutions are now essential in detecting and preventing fraud by processing vast amounts of payment data and identifying suspicious patterns as they emerge. Fraud prevention solutions powered by AI can analyse and interpret data in real-time, providing insight into whether a transaction is potentially fraudulent. By comparing current activity with historical transaction data, AI-powered solutions can quickly detect and signal what could be fraud.

In fact, AI’s effectiveness in fraud prevention isn’t just theoretical – it’s proven in practice. The US Treasury recently recovered more than £3.1bn in improper payments, with £784,000 million attributed to directly using AI. With techniques like anomaly detection and risk scoring, AI pinpoints irregular transactions instantly, including those that would otherwise go unnoticed, providing financial institutions with a proactive approach to preventing financial losses. In the case of the US Treasury, for example, AI has a clear ROI, too.

With fraud tactics evolving and data becoming more vital to transactions, AI’s continuous learning capacities ensure that systems stay up-to-date and in control of new threats. By layering AI models with vast datasets, including anonymised insights from across the industry that use ISO 20022, this three-step approach offers a solution that can quickly identify both legitimate and potentially fraudulent transactions. The result? Fewer false positives and a seamless experience for financial institutions and customers alike.

Securing the future of instant payments

As instant payments transform the financial landscape, they bring both opportunity and risk. By using the three elements together and embracing the power of technology, banks can create a robust defence against increasingly sophisticated fraud tactics – instantly.

When financial institutions commit to these tools and adopt a collaborative approach with the industry and third parties, they don’t just minimise risk, they unlock the full potential of instant payments. Embracing this ensures that instant payments can become the most secure way to move money in an increasingly connected world.

Amanda Mickleburgh is director of fraud product management at ACI Worldwide