UK fraud losses rise as AI scams drive new warnings

UK Finance has reported a rise in fraud cases and losses across the UK banking sector, prompting industry specialists to warn that mandatory reimbursement and existing controls are not reducing criminal gains.

Fraud cases increased 11% last year to 4.1 million, while authorised push payment (APP) fraud losses rose 19% to GBP £576.4 million in 2025. Victims were reimbursed for 88% of in-scope APP fraud losses.

Experts said the figures reflect a shift in criminal behaviour as banks strengthen traditional payment defences. They also pointed to the rapidly evolving use of artificial intelligence in scams, including cloned voices and agentic AI systems operating under limited human oversight.

Jonathan Frost, Director of Global Advisory for EMEA at BioCatch, said banks now carry much of the financial burden under the UK's APP fraud reimbursement regime.

"Mandatory reimbursement may soften the impact for victims, but it cannot be mistaken for a fraud prevention strategy. Criminals continue to profit, losses continue to rise, and banks are increasingly carrying the cost. The forthcoming independent review must therefore ask a fundamental question: is the regime stopping fraud, or merely reallocating the losses once the damage is done?" said Jonathan Frost, Director of Global Advisory for EMEA at BioCatch.

Frost said organised gangs are shifting their attention to weaker points in the payments chain.

"As banks strengthen controls, organised fraud networks are targeting parts of the ecosystem where visibility is lowest and coordination is weakest. Unauthorised fraud is declining in value because banks control access, but APP fraud is on the rise because fraudsters control intent and the destination of funds. If criminals cannot move or launder their proceeds, fraud stops paying, which is why the industry must place greater scrutiny on receiving accounts to prevent funds from reaching criminal networks," he said.

He pointed to overseas examples of coordinated industry responses.

"The rise in APP losses, particularly for investment and romance scams, points to the successful industrialisation of fraud, yet financial institutions remain siloed. Australia's largest banks have demonstrated the value of collaboration in disrupting scam payments through the world's first inter-bank intelligence-sharing network, while the country's upcoming Scam Prevention Framework will build on this by enforcing shared responsibility across sending and receiving institutions. The UK must look towards an equivalent collaborative approach, otherwise criminals will continue to exploit the gaps between banks," Frost said.

Many scams now begin on social and technology platforms, long before a payment instruction reaches a bank, he said.

"Banks cannot be expected to remain the backstop for fraud that starts on technology platforms. Too many scams begin online, where criminals are able to identify, groom and manipulate victims long before a payment is made. By the time a customer reaches their banking app, the fraud has often already succeeded. With more than two-thirds of APP scams originating online, technology platforms must take greater responsibility for detecting, disrupting and removing scams at source. Preventing fraud means holding every part of the fraud chain accountable," Frost said.

He also warned that agentic AI will sharply increase case volumes.

"Artificial intelligence is already driving rising case volumes by enabling hyper-personalised scam ads, deepfakes and fake conversations at scale. Agentic AI will accelerate this further, allowing agents to continuously learn and adapt at a speed humans are unable to, creating the conditions for an exponential growth in scams as the cost of execution falls dramatically relative to the returns. As automation grows, the challenge for banks will increasingly be distinguishing between human and machine behaviour," Frost said.

Other industry figures focused on the psychological impact of fraud and the need to measure success beyond reimbursement statistics.

"The UK's reimbursement regime has strengthened consumer protection, helping more victims recover their money after falling victim to fraud. But while reimbursement is reducing the financial impact of fraud, it isn't yet reducing the scale of the problem," said Jackie Barwell, Director of Fraud Product Management at ACI Worldwide.

"Behind every fraud case is a person who has been manipulated into transferring their savings, convinced they're speaking to a trusted organisation, or pressured into making a decision they would otherwise not have made. While money can be returned, the stress, anxiety and loss of trust can be much harder to recover from," Barwell said.

She said criminals are adapting their methods as instant payments compress the window for intervention.

"The latest fraud figures show that criminals continue to adapt their tactics, exploiting everything from social engineering to increasingly sophisticated  AI-powered impersonation. As payments move in real time, the window to detect and stop fraud is becoming smaller, making prevention more important than ever," Barwell said.

"With global APP scam losses forecast to reach $7.6 billion by 2028, success should be measured by more than reimbursement rates alone. The real goal is simple: fewer victims, fewer scams and fewer payments reaching criminals in the first place. The most effective fraud strategy isn't one that refunds the most victims after the event. It's the one that prevents them from becoming victims at all," Barwell said.

Artificial intelligence featured prominently in expert reactions, particularly regarding synthetic voice attacks and deepfake-based social engineering.

"I am not surprised by the UK Finance findings. Last year, UK Finance predicted that AI-generated fraud would become the fastest-growing risk. That prediction is now coming true.

"As we have seen from the report, individuals, businesses and increasingly the government are being scammed by ever-evolving AI cloned voice attacks. Those attacks will only become more sophisticated as AI synthetic voice technology advances and grows more convincing. Not surprising that cloned voice is fast emerging as the number one AI cybersecurity threat vector.

"Synthetic voice attacks are not only costly for businesses but also significantly affect individual users. Who can they trust when you cannot trust the voice on the other end of the phone or conference call?  It is incumbent on voice platform providers and social media to embed synthetic voice detection as a fundamental feature of their services. In much the same way that we install spam filters, antivirus software, and firewalls on PCs to deter scammers and hacking attacks, AI-based synthetic voice detection should be mandatory to block scammers and hackers from targeting businesses and individuals through this insidious and evolving cybersecurity threat," said Clive Summerfield, Chief Executive Officer at FARx.