TrustSphere
 

Authorised Push Payment fraud has moved from the fringes of fraud reporting to the centre of regulatory attention. With the UK's Payment Systems Regulator now enforcing 50-50 liability sharing between sending and receiving payment service providers, and similar consumer-protection proposals under active consideration in the EU and across Asia-Pacific, financial institutions face a structural shift in how fraud losses are allocated. Controls built for an era of caveat-emptor p

Reimbursement reform has changed the economics of Authorised Push Payment fraud, but it has not changed the underlying scam. With sending and receiving banks now sharing liability across an expanding set of jurisdictions, the strategic question for fraud leaders is no longer whether to reimburse — it is how to disrupt scams in real time before the money moves.

The Wolfsberg Group's 2026 refresh of its core principles signals the most substantive evolution in correspondent banking guidance in several years. The update consolidates lessons from recent enforcement actions, recognises the operational reality of cross-border payment modernisation, and pushes member banks toward more risk-sensitive, data-driven due diligence. The implications extend well beyond the thirteen Wolfsberg members. Because non-member banks typically adopt Wolf

The sanctions designation of Tornado Cash was supposed to be a turning point in the fight against on-chain money laundering. In practice, it accelerated the diversification of obfuscation techniques rather than eliminating them. The mixer ecosystem of 2026 looks materially different from that of 2022, and compliance teams need an updated mental model. Criminals have adapted in four directions: decentralised alternatives, cross-chain bridges, privacy-preserving layer-2 protoco

The Economic Crime and Corporate Transparency Act has now been in force long enough to assess its real-world impact. The reforms to Companies House, the failure-to-prevent fraud offence, and the expanded identity verification requirements represented the UK's most ambitious anti-economic-crime reform package in decades. Two years on, the picture is mixed. Transparency has improved in measurable ways. Enforcement capacity has expanded. But structural weaknesses in verification

Banking-as-a-Service has transformed how fintechs, retailers, and gig-economy platforms deliver financial products. The model has also exposed a recurring structural weakness. The sponsor bank holds the licence and the regulatory accountability, while the customer experience, onboarding decisions and monitoring rules sit largely with the platform partner. When fraud or money laundering controls fail in this model, the consequences land squarely with the bank. Recent enforceme

The first half of 2026 has produced some of the largest sanctions enforcement actions on record. Regulators on both sides of the Atlantic have moved decisively against institutions whose screening controls failed to keep pace with the rapid expansion of sanctions perimeters since 2022. The pattern of failure is remarkably consistent. It is rarely the absence of a screening tool that drives enforcement. It is almost always the quality of the data feeding that tool, the calibra

Hong Kong's Stablecoin Ordinance has moved the territory from permissive experimentation to one of the world's most detailed regulatory regimes for fiat-referenced stablecoin issuance. The HKMA now licenses issuers, sets reserve and redemption standards, and imposes direct financial crime obligations on a new class of regulated entity. For global banks, payment providers and fintechs with Asia-Pacific operations, the ordinance is not merely a local compliance exercise. It cre

Handling politically exposed persons in emerging markets remains one of the most nuanced challenges in financial crime compliance. List-based PEP screening tools have become commoditised, yet enforcement actions continue to highlight cases where screening was technically completed but the underlying risk was not meaningfully assessed. The gap is not the technology. The gap is the interpretive judgment that connects a name match to an understanding of the political, legal and

Reusable verified credentials represent one of the most consequential shifts in consumer identity infrastructure in a generation. The vision is simple: an individual proves their identity once to a trusted issuer, and that verified credential can be presented to any relying party without repeating the underlying verification process. For financial institutions, this promises meaningful reductions in onboarding friction, cost and abandonment. For regulators, it offers a path t

Ransomware has long been treated as a cyber problem with a financial crime tail. That framing is no longer tenable. With ransom payments increasingly routed through regulated financial institutions, sanctions exposures embedded in the threat-actor ecosystem, and disclosure rules tightening on both sides of the Atlantic, ransomware now sits squarely on the AML and sanctions risk register.

Real-time payment rails have become the default in major economies, and authorised push payment scam losses have followed them upward. When funds settle in seconds, the window for traditional rules-based monitoring collapses, and the receiving bank's ability to identify mule behaviour at first deposit becomes the most important control in the chain. The control stack must move at the speed of settlement.

The UK's mandatory APP-scam reimbursement regime has been in force since October 2024, and the scheme data is finally giving us a clean picture of what works at the point of payment and what does not. The headline finding is straightforward — Confirmation of Payee, in its first-generation form, was a useful but porous control, and the 50/50 reimbursement liability split between sending and receiving PSPs has placed real economic pressure on both sides to do better. Confirmati

Agentic commerce — autonomous AI agents researching, negotiating and transacting on behalf of consumers and businesses — has crossed from novelty to measurable share of e-commerce volume in 2026. Visa Intelligent Commerce, Mastercard Agent Pay and the OpenAI Operator and Anthropic Claude integrations now collectively process meaningful daily transaction volumes. The merchant-side and issuer-side fraud frameworks for these flows are still catching up. The harder problem, incre