top of page
Search

Mule Networks Under New Pressure: Why Telcos and Social Platforms Are Now in the Anti-Fraud Frontline

  • Writer: TrustSphere Network
    TrustSphere Network
  • 2 hours ago
  • 4 min read

The first quarter of 2026 has cemented something fraud teams have argued for years — that money mules are recruited, not born. Recent PSR and HM Treasury consultation papers, alongside live enforcement under the Online Safety Act, have moved the conversation from "make banks find the mules" to "make recruitment platforms stop creating them in the first place."


Ofcom's late-2025 priority direction on illegal financial harms, combined with the FCA's January 2026 Dear CEO letter on mule account onboarding, is the first time we've seen formal liability flow up the supply chain — to the platforms hosting recruitment posts and the telcos carrying the recruiter messages. The result is a coordinated demand-side push that complements, rather than replaces, existing in-bank detection.


For TrustSphere clients running mule programmes, this changes the operating posture. Behavioural detection inside the bank stays essential, but the highest-leverage signal now sits before account opening — in device, telco and social telemetry that banks have historically not been permitted to ingest.


Regulatory and Market Context


The PSR's mandatory APP reimbursement regime is now 18 months old, and its 50/50 split between sending and receiving banks has changed the economics of mule accounts more sharply than any single regulation in the last decade. Receiving banks now carry direct cost for every successful scam payout, which is rapidly converting mule onboarding from a compliance afterthought into a P&L-level risk.


The Online Safety Act phase-2 codes, in force from October 2025, oblige Category 1 platforms to act on "money mule recruitment" as a priority illegal harm. Combined with the EU Digital Services Act's parallel obligations on VLOPs, this gives banks a credible counter-party to share signals with — for the first time, the platforms hosting the recruitment can be required to remove it.


What the Data Is Showing


TrustSphere's March 2026 Risk Index sample of 49 mule detection programmes shows that 71% of confirmed mule accounts had at least one device or contact-data fingerprint that overlapped with a recruitment account on a major social platform — but that signal had to be reconstructed after the fact, because no real-time channel exists between the two industries.


Where banks have piloted Section 11 Economic Crime and Corporate Transparency Act information sharing with telcos and a small number of platforms, mule detection precision has lifted by 18-26%. The lift is concentrated in first-party mules under 25, which is also the cohort most exposed to recruitment via short-form video.


Implications for Financial Institutions


Onboarding controls have to move earlier in the funnel. Device and behavioural telemetry at the moment of application — combined with shared signals from the social platforms and mobile network operators — are now table stakes. Banks that still treat onboarding as a one-time KYC check will under-perform peers running continuous risk evaluation through the first 90 days of an account's life.


Section 11 information sharing arrangements need formalising now, not at the next regulatory deadline. Most banks have signed at least one bilateral, but very few have the inbound channel built out — the technology, governance and legal sign-off for receiving and acting on signals from telcos and platforms. The institutions that win the next 12 months will be those that operationalise the demand-side feed end-to-end.


Conclusion


The next phase of mule detection will not be won inside the core banking system — it will be won at the recruitment layer, with telcos and social platforms as full participants in the control framework. Banks that treat the new regime as someone else's problem will find their APP reimbursement bill rising while peers shrink theirs.


Suggested Next Steps


  • Map your existing Section 11 arrangements against telco and Category 1 platform coverage; identify the highest-volume recruitment channels you currently have no inbound signal from.

  • Re-baseline your onboarding fraud strategy against a 0-90 day continuous risk model rather than a point-in-time KYC pass.

  • Stress-test the receiving-bank side of your APP control framework — including reimbursement reserve, dispute throughput and mule-account close-down velocity.

  • Brief your board on the demand-side regime as a first-line capability, not a compliance footnote.


Sources: PSR mandatory APP reimbursement regime; FCA Dear CEO letter on mule onboarding (Jan 2026); Ofcom priority direction on illegal financial harms; Online Safety Act phase-2 codes; TrustSphere Risk Index — March 2026.


TrustSphere Risk Index — Vendor Spotlight: Feedzai


Feedzai scored 65% in the March 2026 TrustSphere Risk Index in the Enterprise FRAML & Decisioning category, ranking in the top tier for real-time decisioning latency and onboarding-to-transaction continuity.


The platform's core differentiator in 2026 is its end-to-end customer lifecycle modelling — a unified feature store that lets the same risk signals influence application scoring, day-one transaction monitoring and longer-tail mule-account triage without re-engineering the model boundary.


For institutions operationalising the demand-side mule regime, Feedzai's openness to ingest external telemetry — telco, device and platform signal — through its third-party signal API is increasingly cited by clients as the practical bridge between the bank and the wider recruitment ecosystem.


TrustSphere helps financial institutions design and deploy intelligent fraud and financial crime detection solutions. Visit www.trustsphere.ai

Comments

Recommended by TrustSphere

Atfinity


 

Izengard


 

Trefis


 

Noto360



 

Thetaray


 


Regulation Asia


 


FCC Analytics

 

Futurum



 



Darwinium


 

Arkose Labs


 

SumSub



 

FinanceX



 

FullArmor



 

Clari5



 

© 2024 TrustSphere.ai. All Rights Reserved.

hello@trustsphere.ai

  • LinkedIn

AML Watcher


 

Relevance.ai



 

LevelFive



 

Disclaimer for TRUSTSPHERE.AI

The content provided on the TRUSTSPHEREAI website is intended for informational purposes only. While we strive to provide accurate and up-to-date information, the data and insights presented are generated from a contributory network and consolidated largely through artificial intelligence. As such, the information may not be comprehensive, and we do not guarantee the accuracy, reliability, or completeness of any content.  Users are advised that important decisions should not be made based solely on the information provided on this website. We encourage users to seek professional advice and conduct their own research prior to making any significant decisions.  TruststSphere Partners is a consulting business. For a comprehensive review, analysis, or support on Technology Assessment, Strategy, or go-to-market strategies, please contact us to discuss a customized engagement project.   TRUSTSPHERE.AI, its affiliates, and contributors shall not be liable for any loss or damage arising from the use of or reliance on the information provided on this website. By using this site, you acknowledge and accept these terms.   If you have further questions,  require clarifications, or requests for removal or content or changes please feel free to reach out to us directly.  we can be reached at hello@trustsphere.ai

bottom of page