In the first half of 2025, UK fraud losses exceeded £629 million, up around 3% on the same period last year, with confirmed fraud cases rising by about 17% to more than 2 million incidents. Much of this loss is driven by social engineering, particularly Authorised Push Payment scams.
In many cases, these scams begin outside the banking environment. Telecom impersonation, spoofed calls and SIM-based attacks are often the trigger, changing customer behaviour long before a payment is initiated. From a bank’s perspective, the issue only becomes visible when the customer reaches the payment screen, at which point options to intervene are already constrained.
But this is starting to change.
New collaboration across UK telecom networks is generating real-time insight that can be fed directly into financial crime systems. When telecom-layer intelligence is combined with existing fraud and credit risk models, firms are able to intervene while a scam is unfolding, instead of responding after the loss has occurred.
For Chief Risk Officers, this is a major change in how fraud risk can be managed.
|
Key takeaways from this article:
|
The telecom data points that support early fraud detection
Not all telecom data is equally useful for fraud prevention. The most effective inputs are those that provide information before a transaction takes place, or while it is in progress. From experience, any telco data that offers this pre-transaction view is valuable for early detection.
This includes:
- SIM swap activity
- Real-time network anomalies
- Device-related information
The aim is to provide banks with pre-transaction intelligence that can be used alongside existing fraud and credit risk models. These inputs help identify conditions commonly associated with account takeover attempts and Authorised Push Payment scams at the time they occur.
Let’s take SIM swap activity as an example. On its own, a SIM swap does not indicate fraud. When it occurs shortly before a high-risk action, it adds context about the likelihood of compromise or coercion. The same applies to network anomalies or unexpected device changes, which can indicate that something has altered in the customer’s environment even if credentials appear valid.
Where telecom and banking collaboration works today
In practical terms, the most effective collaboration between telecoms and banks focuses on real-time information sharing. The priority is providing banks with additional context while a transaction is being considered.
From experience, the most valuable collaboration points are:
- Real-time sharing of SIM swap alerts
- Network intelligence on call spoofing, including numbers already associated with fraudulent activity
These inputs give banks visibility they would not otherwise have at the point a decision is being made. Knowing that a SIM swap has recently occurred, or that a customer is currently on a call linked to spoofed activity, changes how risk can be assessed during that interaction.
What makes this approach workable is how the information is used. Telecom data is not presented as a verdict on whether a transaction is fraudulent. Instead, it provides additional context that sits alongside existing fraud and credit risk controls. The bank remains responsible for the decision, but with a broader view of the conditions surrounding it.
What the UK telecom initiative changes for financial services
The government’s AI-powered telecom fraud initiative, which brings together BT, Vodafone, Three, and Virgin Media O2, introduces a new intervention for financial services. From a fraud-prevention perspective, the key point is that it enables action at the point a scam is initiated, rather than after a payment has already been made.
The value comes from how telecom information can be shared and used in real time. For example, knowing that a customer is currently on a suspicious, spoofed call to a number that has already been flagged for fraudulent activity can be fed directly into a bank’s fraud model as the transaction is taking place.
This allows banks to respond while the scam is still underway. Instead of relying on post-transaction analysis, firms can introduce positive friction or step-up authentication during the interaction itself. The decision remains with the bank, but it is informed by information that was previously unavailable at that moment.
To sum up: The initiative provides a way to connect what is happening on the telecom network with what the customer is doing in a banking channel, early enough to influence the outcome of a transaction.
Where do banks and lenders underuse telecom data?
Despite progress in collaboration, banks and lenders still underuse several types of telecom information that could support earlier fraud detection. In particular, network-level behavioural analytics and core device and account velocity data are not consistently integrated into fraud and credit risk workflows.
These data points provide insight into changes in a customer’s environment that are not always visible from banking activity alone. Suspicious device changes, unusual call patterns, or sudden changes in how an account is accessed can indicate elevated risk before a payment is initiated.
Used in real time, this information can help reduce both APP scams and Account Takeover fraud. By identifying unusual behaviour earlier in the journey, banks have more scope to intervene before a transaction is completed.
The limitation is not the availability of telecom data, but how selectively it is used. Without network-level behaviour and device velocity in view, banks are often left to assess risk based on a narrow slice of the customer’s activity. Incorporating these inputs earlier provides a more complete view of the conditions leading up to a payment decision.
How cross-industry collaboration supports the FCA’s “smarter risk” agenda
Regulatory expectations increasingly reflect the way fraud actually occurs, with activity spanning telecoms, financial services and digital platforms rather than sitting within a single firm.
Smarter risk compliance
The FCA’s approach to “smarter risk” places more emphasis on outcomes. Cross-industry collaboration between telecoms and financial services supports this by addressing risks that do not sit within the control of any one organisation.
Making foreseeable harm visible
Plus, under Consumer Duty, firms are expected to avoid foreseeable harm. Telecom intelligence makes certain risks visible earlier. For example, knowing that a customer is currently on a call with a number already associated with spoofing activity provides context that is not available from banking data alone.
Acting before loss occurs
Access to this information allows banks to take action before funds move. Fraud prevention moves away from a reliance on reimbursement after the event and towards interruption of scams while they are underway. The techniques used by fraudsters may remain the same, but the point at which firms can intervene changes.
↪ Further reading: Smarter risk to unlock growth: turning regulatory intent into practical action
Spotlight on governance: Considerations when using telecom intelligence
Using telecom intelligence within fraud and credit risk workflows requires careful handling of consent and explainability. Telecom data is subject to GDPR, and operators need explicit consent for defined use cases, which banks must reflect in how the data is permissioned and applied.
There is also an explainability requirement. If a payment is paused or blocked based on telecom input, firms need to be able to explain the decision to a genuine customer without disclosing detailed fraud logic that could be exploited. Clear data lineage and documented use cases help ensure telecom inputs can be defended as part of a wider control framework.
How telecom-enabled fraud is likely to evolve
Over the next 12–24 months, telecom-enabled fraud is expected to continue moving away from basic number spoofing and towards more convincing forms of impersonation. Essentially, the techniques themselves are not new, but how they are delivered is changing.
Key developments expected include:
- Faking the person rather than the number, with fraudsters focusing on sounding or appearing legitimate
- Greater use of AI voice bots to impersonate trusted organisations or individuals
- More approaches via WhatsApp and other secured messaging channels, which can feel more credible to customers
- Increased use of eSIM porting, which can happen more quickly than physical SIM swaps
These developments will likely reduce the time available to identify unusual behaviour and reinforce the need for telecom data to be available during the customer interaction, not just after a transaction has completed.
What this means for Chief Risk Officers
Building telecom intelligence directly into fraud and credit risk models has practical benefits that go beyond a single control or fraud type.
For CROs, this approach supports:
- Reduced scam losses, particularly for APP scams and account takeover
- Fewer false positives, as decisions are informed by additional context, instead of blunt rules
- Better customer experience, with less unnecessary friction for genuine customers
- Improved reputational protection, by preventing harm rather than responding after the event
- More informed risk decisions on thin-file customers, supported by wider behavioural context
And as telecom-enabled fraud continues to shape customer behaviour before transactions reach the bank, firms may want to review whether their fraud and credit risk frameworks reflect this reality. Assessing how telecom-layer intelligence can be used alongside existing controls is a practical next step.