How Banks and Nations Can Stop Scams: A Framework for Coordinated Defense

A Growing National Security Threat

Scams are no longer just a banking issue—they’re a growing national security threat. While banks have invested heavily in controls, fraudsters are evolving faster. Outseer's latest whitepaper, Consumer Scam Controls, which I co-authored with Ken Palla, outlines a coordinated framework to stop scams across the entire ecosystem.

The UK was the first country in the world to flag scams as a National Security Threat, which led to controls being deployed earlier. Other countries are now having the same realization, and forging forward with new perspectives on the problem.

What Does Great Look Like?

Due to the rapidly evolving nature of the attacks, it can be difficult to know what detection mechanisms best work together. These issues are fundamental to all fraud fighters, whether in a financial institution or elsewhere, and there is a need for a list of best practices to benchmark themselves against.

Ten Key Learnings

1. Controls are effective at different parts of the Scam

The whitepaper includes a Scam Attack Chain which looks at five different stages. We cover not just the transaction, but what happens before and after it.

2. Regulated or Legislative Controls

Government or regulator mandated controls give a level playing field. Customers are less likely to be disadvantaged dependent on their choice of bank.

3. Reimbursement

Reimbursement is not necessarily the answer, as Australia has shown a whole ecosystem approach means all parties involved improve. The UK has financial institutions reimburse putting the onus on banks and losses have not declined as much.

4. The Earlier the Better

To reduce the volume of attacks controls need to be effective earlier in the chain before the scam itself. Telcos, tech companies and social media need to improve as well as the banks.

5. English Speaking World Led Controls But Has Fallen Behind

UK and Australia originally took the lead in controls due to scam attacks. Asia is now rapidly catching up and exceeding them with innovative controls.

6. Intelligence is the Key

Data sharing is needed to improve controls learning from when scams get through. Learn what goes wrong and share actionable intelligence (see our Data Sharing whitepaper on this).

7. Some Areas Need to Do Better

The USA and Europe are lagging in controls compared to the leaders. Their citizens are disadvantaged and losing the most money.

8. One Size Does Not Fit All

Controls now need to consider customer demographics in a digital age. Elderly or vulnerable customers end up more at risk due to them not being experienced in the channel.

9. The AI Arms Race is Real

AI is being used by the attackers, with GenAI being widely deployed with deepfake images, voice and videos. Defenders need to make full use of AI in their controls to counter this industrialization.

10. Co-Ordination Gives Better Capability

National Anti-Scam centers will speed up country level responses by bringing together all parties. Global capability via industry associations (e.g., GSMA), global tech companies (e.g., Google) and scam specific organizations (e.g., GASA).

Failure to Respond Means Tragic Consequences

We’re building this list into a living resource for Fraud Leaders. There are emerging capabilities, especially in crypto, to recover the stolen monies that have not been documented yet.

Inaction at any point in the Attack Chain means the bad guys win, and people will continue to fall victims to the epidemic of attacks that currently shows no sign of slowing down. At Outseer we are building on our heritage with new novel capabilities being developed; we see the human side of fraud as the next challenge to focus on, with AI already changing the world as we know it faster than anyone expected.

To explore the detailed Scam Attack Chain model and practical controls your institution can implement today to stop scams, download the full whitepaper from Outseer.