Experts at Risk Ready APAC 2026 warn that AI enabled scams are moving faster than legacy compliance and enforcement models can respond.

The systems designed to prevent financial crime are being overtaken by the speed and scale of modern scams, as organised criminal networks deploy artificial intelligence (AI) and cross‑border alliances to move faster than banks, regulators and law enforcement can respond, industry executives and officials warned in Singapore last week.

Once episodic and opportunistic, financial crime has evolved into a coordinated, industrial‑scale enterprise, compressing the window between first contact and financial loss from weeks to hours and exposing the limits of compliance and enforcement models built for a slower era.

The warnings emerged at the Risk Ready APAC 2026 conference hosted by LexisNexis Risk Solutions on 5 February and carry particular weight in Singapore, where regulators have pushed outcomes-based supervision, shared responsibility frameworks and closer operational coordination between financial institutions and law enforcement – approaches increasingly viewed as a regional benchmark.

From fraud to ‘crime as a service’

Sungyong Kang, a criminal intelligence officer at INTERPOL’s Financial Crime & Anti-Corruption Centre, described the rise of what he termed “crime as a service”.

“Criminals are cooperating between each other, and it’s becoming more and more industrialised,” he said, outlining an ecosystem in which scammers buy victim data from hackers, outsource laundering to networks of money mules, and operate from organised scam compounds across parts of Southeast Asia.

“These compounds are not only committing scams, but also many different types of serious crimes,” he said, citing cases involving human trafficking, torture and physical violence – developments he argued are pushing financial fraud beyond compliance and into the realm of national security.

Generative AI is accelerating the threat by enabling highly convincing, personalised and multilingual scams at scale. Vijay Nagarajan, director of payments market planning at LexisNexis Risk Solutions, noted that the danger lies not just in volume but in quality, with generative AI creating “near perfect” phishing emails and enabling sophisticated “data assimilation” to build convincing profiles of targets.

Brian Hanley, APAC director at the Global Anti‑Scam Alliance (GASA), warned that investment scams now account for 60 percent of losses in Southeast Asia, with attackers sustaining longer and more credible engagement with victims.

“We’re moving from a period where initial contact to irreversible economic damage is a matter of hours rather than days or even weeks,” he said.

Traditional processes no longer adequate

To counter the pace and cross-border nature of modern scams, INTERPOL has deployed tools designed to expedite the information sharing to complement traditional mutual legal assistance processes, which Kang said are no longer suited to crimes that move at digital speed.

One such initiative, I‑GRIP – INTERPOL’s Global Rapid Intervention of Payments – allows authorities in a victim’s country to rapidly alert counterparts in a beneficiary jurisdiction, relying on the voluntary cooperation of financial institutions or the authority of local financial intelligence units to freeze funds before they are dissipated.

INTERPOL has also expanded I-Checkit, allowing trusted private‑sector partners to screen customers against INTERPOL databases of stolen and lost travel documents and Red Notices, extending law‑enforcement intelligence directly into onboarding and due‑diligence processes.

Collaboration versus fragmentation

Speakers at the event repeatedly warned that institutional fragmentation remains one of the greatest advantages enjoyed by organised criminal networks.

Kimberly Sutherland, global head of fraud and identity at LexisNexis Risk Solutions, pointed to a 61 percent year-on-year rise in human-initiated attacks in APAC, arguing that consortium-based intelligence sharing is becoming essential rather than optional. “Fraudsters are already sharing with each other,” she said.

Hanley described data sharing as the “number one solution” to combating scams and helping victims, but warned that progress remains constrained by siloed structures across banks, governments, telcos and online platforms.

To provide a platform for increased data sharing, GASA helped launch the Global Signal Exchange in January 2025, which now sees more than one million scam signals exchanged daily, Hanley said.

When compliance collides with commercial reality

Inside financial institutions, structural tensions continue to slow responses. Jee Meng Chen, head of financial crime at CIMB, pointed to a persistent conflict between revenue and compliance. Ekta Singh, chief compliance officer at payments firm Pyvio, described a “love and hate” dynamic between business and risk functions, with compliance often forced to draw “a very thin line between business and good business”.

Chen argued that unified KPIs tying front‑office incentives to financial crime outcomes could help reframe compliance as a shared responsibility, alongside scenario‑planning and war-gaming exercises that allow teams to test responses without live revenue pressure.

The same tension is evident in customer experience. As real-time payments become the norm, institutions must intervene quickly without undermining trust. Rather than reflexively blocking transactions and “creating much more unhappiness”, Singh said her firm increasingly engages customers to understand context.

Some banks have started to embed real-time warnings into payment journeys to give customers a chance to reassess suspicious transfers. One speaker described this as a “cognitive jolt” for the customer.

The AI arms race

As criminals rapidly adopt AI, institutions are being drawn into what Hanley described as an “asymmetric war” and a “tactical arms race” – one complicated by regulatory demands for explainability and control. He warned that while large multinational banks can afford to invest heavily in AI defences, smaller regional players risk being left behind, creating weak points in the ecosystem that criminals will inevitably target.

This dynamic creates a significant challenge for firms trying to justify technology investment to cost-conscious boards. Claire Franklin, a partner in forensic and financial crime at Deloitte, said boards often need to frame AI investment as a trade-off between “a known spend versus an unknown loss”. While labour-intensive models may still appear viable in low-cost jurisdictions, she argued that AI is increasingly essential for credibility and brand protection.

She highlighted practical applications that use AI for adverse media screening, source‑of‑wealth analysis and network link analysis. But Franklin cautioned that many tools remain opaque, underscoring the importance of governance and explainability as regulators increasingly focus on whether controls work in practice.

AI-driven tools are also being deployed against new threats, such as crypto-specific scams where fraudsters use malicious QR codes to gain access to crypto wallets, according to Richard Carrick, chief compliance officer at Bitstamp, He emphasised the importance of having a “human in the loop” to review AI-driven alerts, conducting regular “assurance reviews” to test if the models are performing correctly, and looking beyond traditional metrics to measure success.

Are institutions running out of time?

The discussions in Singapore underscored that financial institutions face a narrowing window to adapt. Several participants warned that institutions that fail to do so risk falling out of step with supervisory expectations, as regulators place greater emphasis on demonstrable outcomes rather than merely the existence of controls.

As scams become faster, more personalised and more industrialised, the question is no longer whether firms should invest in AI, collaboration and new operating models, but whether they can do so quickly enough – and in a way that remains defensible to regulators, boards and the public.

Technology, speakers agreed, is necessary but insufficient. Without organisational change to break down silos and align incentives across the business, even the most advanced tools risk falling behind adversaries that have already learned to operate at an industrial scale.

--

Disclosure: Regulation Asia was a supporting partner of the Risk Ready APAC 2026 event and assisted with speaker outreach and event promotion.