Sally Felton has worked in fraud risk for over three decades, across banking, consulting and industry bodies. Her roles have covered everything from frontline operations through to policy and oversight, including senior positions at HSBC, KPMG, BDO, Cifas and most recently Monzo.
This mix gives her a view most fraud specialists don't have. She's seen the same problems from inside global banks, from digital challengers, and from an industry body that sees trends across its hundreds of members at once.
Sally is now consulting with Jaywing as a fraud subject matter expert. We asked her what 30 years has taught her about where firms are still exposed. Here are her top six lessons.
Lesson 1. Frameworks fail when fraud teams work in silos
The best fraud frameworks share a few common features:
- Collaboration across fraud, cyber and financial crime.
- A view of the whole problem with the ability to drill into specifics.
- And leadership from the top.
Sally has seen what happens when those things aren't in place;
"Speed of reaction is critical, and failure to respond effectively to new threats is something I have seen many times over the years."
Identifying weak controls and fixing them quickly is what separates firms that hold their position from firms that lose ground to organised fraud. This has to be led from the top, with fraud, cyber and financial crime teams operating as one function… rather than three.
UK Finance makes the same point in different words. As mandatory reimbursement rules have closed off some authorised push payment fraud, criminals have moved to remote purchase fraud, which jumped 22% in 2024. The threats move quickly, and frameworks that can't move with them lose ground.
There's also the customer side of the equation. Sally talks about the balance between AI-driven decisioning and giving customers proper access to staff when something has gone wrong. Disjointed teams add to the frustration of customers who've already been defrauded, which compounds the reputational damage.
One last point worth holding onto. A fraud framework should cover every fraud a business might face, from customers and threat actors through to staff, suppliers and third parties. Most frameworks don't.
➡️ Related reading: Smarter fraud and AML convergence: Escaping the silos
Lesson 2. Digital banks face the same fraud at higher speed
Fraud typologies haven't changed much in the past decade. But what has changed is the speed and scale at which they happen. Sally adds;
"There aren't many fraud typologies which banks aren't experiencing, whatever their size and business model, but they may be experiencing things on different levels."
Traditional banks built friction into their operations without setting out to do so. Slower payment cycles, manual reviews, and human intervention all added small delays that gave fraud teams time to catch things before they escalated.
Challenger and app-based banks don't have that friction. Remote onboarding and digital authentication make them more exposed to synthetic identities, account takeovers, SIM swaps and deepfake-enabled fraud. Money moves faster, too, which gives criminals less reason to slow down once they're inside.
|
Sumsub's 2025-2026 Identity Fraud Report found that sophisticated fraud, which combines several advanced techniques in a single verification attempt, rose 180% globally in 2025. UK deepfake attacks doubled in the same period. Synthetic identities now appear in roughly one in five first-party frauds. |
Online-only customer relationships create a second problem. When every interaction happens through a digital channel, social engineering and authorised push payment fraud become easier to pull off. (The customer never speaks to anyone who might notice the warning signs.)
Digital banks need controls built for when fraud can happen in seconds, rather than days. That changes what good looks like at every stage, from onboarding through to dispute resolution.
Lesson 3. First-party fraud is fraud
There's a pretty big gap between banks and retailers when it comes to low-level first-party fraud. The "I didn't buy that item" type of claim. Retailers often hold useful information about these disputes that never reaches the banks, and the relationships that could be built from that data is unexplored.
The deeper problem is that people don't always recognise first-party fraud as fraud at all. As Sally puts it;
"Rationalising fraud is a critical element for fraud to occur, and as a society, we shouldn't accept that 'everyone is doing it, so it'll be ok' or 'no one will notice, it's only a small amount'."
Cost-of-living pressure is making this worse. People worried about prices are more likely to make bad decisions, and a small fraudulent claim can feel like a reasonable way out of a tight month. That rationalisation is exactly what allows the behaviour to spread.
|
The data supports her view. Cifas, where Sally previously worked, has tracked a clear rise in admitted first-party fraud over the past few years. Two years ago, one in 12 people said they'd committed at least one first-party fraud in the previous year. That figure has now risen to one in eight. The National Crime Agency's 2025 assessment makes the link explicit, attributing the rise in return and refund frauds against businesses to continued cost-of-living pressure. |
Banks should feel confident in challenging suspicious claims. Asking questions when something doesn't add up is part of the job. Sally's view is that robust, firm challenges to fictitious fraud reports must be acceptable, and that the industry has been too quiet about this for too long.
Lesson 4. Most firms only see the fraud they expect to see
Sally has a question she asks every client who comes to her wanting to talk about fraud:
"The first thing I ask a client when they ask to speak about fraud is 'what type of fraud are you/do you think you are referring to?'"
The answer tells her a lot. In banks, the response is almost always customer fraud. Occasionally internal fraud. Almost never supply chain fraud. In other sectors, it reverses. Firms outside financial services often think only about supply chain fraud because they can't see how a customer could defraud them, or they have limited experience of it happening.
The reality is that all of it happens. Customer fraud, internal fraud, supply chain fraud, threat actors, third parties. Every category is live in every business… whether the business has planned for it or not.
|
The UK government's Economic Crime Survey 2024 backs Sally's reading. Of businesses that experienced fraud and chose not to report it, 68% said the most recent incident was too insignificant to bother reporting. Small frauds go unrecorded, which means they don't accumulate into a view that leadership can act on. |
This costs firms outside financial services the most. Banks are good at spotting and addressing fraud, even the types they don't focus on first. Other industries often don't see fraud coming until it's already done the damage.
➡️ Related reading: Identifying hidden fraud networks: Why fraud detection needs a network-based approach
Lesson 5. One of the biggest misalignments is between fraud and product (in banking)
Most people assume the friction inside a fraud function comes from within the bank’s fraud team itself. Sally's experience says otherwise;
"Teams tasked with income generation and teams tasked with loss prevention often have different ways of thinking."
The historic problem was marketing and product teams launching new products, or changing existing products, without referring those decisions to fraud or risk. The result was sudden spikes in particular fraud types, followed by reactive investigation work to find out what had happened and why.
This has improved. Fraud teams are now more involved in product decisions than they were 10 or 15 years ago. The underlying tension hasn't gone away, though. Income generation and loss prevention pull in different directions, and they always will.
Within fraud teams, alignment tends to be good. Where clashes do happen, they're usually about capacity and resource allocation rather than the fraud itself. Disagreements about how to address a specific fraud issue, not about whether it should be addressed.
Lesson 6. Good consulting focuses on delivery
Sally has been clear about why she's working the way she does now.
"I am a delivery director, I am not a salesperson… I just want to help clients stop fraud, and train the next generation of fraud leaders."
She started her career in customer services and collections before moving into fraud in 1990. Her words: "I came over to the dark side." Three decades on, she wants to leave fraud risk management in better shape than she found it.
That's what makes her current role at Jaywing such a good fit. She works flexibly as a fraud subject matter expert, focused on practical client work rather than revenue targets. The output is what counts. Stopping fraud, fixing weak controls, and bringing the next generation of fraud leaders up to a standard that holds when she eventually steps back.
There's something useful in that for clients, too. The people most worth listening to on fraud risk are usually those who've spent a career doing the work rather than selling it.
Key takeaway
Over 30 years, Sally's view has remained consistent. Firms catch the fraud they design for. The exposure sits in the supply chain risk a bank doesn't consider, the first-party claim no one challenges, the product launch fraud teams hear about after go-live, and the new threat that takes too long to reach the people who can act on it.
That's the work. And it's the work Sally and the wider Jaywing team are here to help clients do.