Building smarter defences to combat financial crime in APAC

Cybersecurity remains a top concern for leaders across financial circles, with hard-to-detect third-party phishing and AI-led deepfake frauds as key challenges. Every few weeks, a phishing incident follows a familiar pattern: an individual receives a fraudulent call purportedly from a bank, only to realise moments later that the caller was an imposter. Using advanced AI to perfectly mimic tone and phrasing, the fraudster convinces the victim to share sensitive information, leading to a drained account and no recourse. This is a significant concern for banks today — not just because customers are being targeted, but because the banks themselves are being scammed. Such incidents strike at the foundation of consumer banking: trust.

The cyberthreat landscape

Financial institutions are finding themselves in a tough spot. Despite the availability of advanced technology, financial crime prevention in APAC remains a challenge due to the rapid proliferation of digital banking, unique demographics, and varying levels of technological maturity within the financial sector. Three core threats stand out:

  1. Malware, ransomware and third-party risks: Increasing malware infections and third-party risks like supply chain threats are leading to significant financial losses for organisations. These remain a top security concern for 47% of banking CEOs across APAC, according to Accenture’s Pulse of Change Survey 2024. Cybercriminals are exploiting vulnerabilities in the region’s rapidly expanding digital banking infrastructure. 
  1. Lack of consumer awareness and criminal enterprises: APAC is experiencing a surge in tech-savvy cybercriminals employing AI to impersonate individuals, spread disinformation, and extort funds. According to a UN report, hundreds of young people in the region are coerced into online scam operations, such as crypto fraud and money laundering, often recruited under false profiles, including roles advertised as marketing professionals or HR specialists. This issue is compounded by a vulnerable population unaware of the sophistication behind modern fraud schemes. Consumer education as a preventative measure is a critical reprieve.
  1. Rising deepfake attacks and advanced threats: As deepfake technologies become more accessible, the banking sector needs greater awareness and dialogue on this issue. According to the Sumsub Identity Fraud Report 2023, the APAC region recorded a 1,530% increase in deepfake cases between 2022 and 2023, the second-highest globally after North America. Despite this, Accenture research found that only 9% of APAC banking and finance CEOs view it as a top security threat. Quantum threats are also emerging as a concern, with adversaries collecting encrypted data now to decrypt later, potentially undermining security in areas like cryptocurrency and blockchain.

Addressing financial crime: Key strategies

To stay ahead of cybercrime, financial institutions need to enhance their security posture and integrate security throughout their operations.

  1. Leverage advanced technology
    Technology remains a powerful ally in combating financial crime. AI-driven fraud detection systems can analyse transactional behaviour in real time, flagging anomalies before harm is done. Multi-factor authentication and biometrics, such as facial recognition, add an extra layer of security that both protects and empowers customers.

    AI-driven defence technologies, such as red teaming and penetration testing, enable rigorous system testing. Financial institutions should also adopt quantum-safe encryption now, staying ahead of the curve with proactive defences and secure technologies.
  2. Strengthen ecosystem collaboration
    No institution can combat financial crime alone. National initiatives, such as Malaysia’s fraud portal — developed by PayNet and Bank Negara Malaysia to automate fund tracing and identify money mules — or Singapore’s Kill Switch, which lets customers instantly disable accounts during a scam, are examples of large-scale innovation. These initiatives demonstrate how collaboration can enhance national security outcomes.

    At the regional level, partnerships among banks, telecom providers, and regulators must deepen. Australia’s Scam Telecommunications Action Task Force exemplifies how cross-industry cooperation can address complex, technology-driven threats.
  3. Build resilience through governance and awareness
    Cybersecurity must be embedded into all facets of business operations. This includes adopting governance frameworks aligned with global best practices, conducting regular cyber crisis simulations to test response capabilities, and providing training to combat cybersecurity threats. Encouragingly, 6 in 10 financial services organisations across APAC are already investing in training their employees to address deepfake and phishing fraud, according to Accenture research.

Educating customers about phishing techniques, scam red flags, and preventive measures is equally crucial. For example, initiatives like Project PRAISE — a collaboration between the Singapore Police Force and RSVP Singapore The Organisation of Senior Volunteers — raise anti-scam awareness among senior citizens. By equipping them with the knowledge and confidence to protect themselves, such programmes enhance the overall resilience of society against financial crimes.

There is no quick fix for cybercrime prevention, but combining the right technology with investments in people can build the long-term resilience needed to combat emerging threats.