By Caroline Wells, Founder, Iris Anticipa Ltd
UK banks lost £450.7 million to authorised push payment fraud in 2024 per the UK Finance Annual Fraud Report 2025, and the FCA is running out of patience. Most current commentary still frames the question as legacy rule sets versus generative AI, and that binary is wrong. Here are five shifts actually transforming fraud detection in 2026, and one that isn’t.
The shifts in UK fraud detection are coming from the regulatory direction of travel, not from product launches: the FCA’s APP fraud regime, the Children’s Wellbeing and Schools Act 2026, and the slow realisation inside large banks that the next decade of fraud loss is a compliance liability, not a customer-experience metric. The Act, which received Royal Assent on 30 April, sits in the same architectural family as APP fraud: signal aggregation upstream of harm, with statutory accountability for who is permitted to look.
1. The actual upgrade is deterministic ML with confidence scoring.
Rule-based fraud detection has hit its ceiling. The temptation has been to swing the other way and pour transactions into a large language model. That is the wrong tool. LLMs sample: same input, different output. They will not tell you why they reached a conclusion in language an FCA reviewer can audit, and they will, on a cold day, hallucinate a regulation that does not exist. The architecture quietly winning inside banks is signal-processing engines with confidence scoring: deterministic, auditable, every decision traceable back to the rulebook entries that fired. One UK high-street bank is already running confidence-thresholded ML where above-threshold flags are trusted without human review. That is the production stack of the next decade, not “we asked GPT”.
2. Real-time monitoring is moving from transactions to signals.
Anomaly detection at the transaction layer catches the spike but misses the shape. APP fraud, romance-investment scams, safe-account instructions and money-mule recruitment all unfold across multiple conversations on multiple channels before money moves. The architectural problem is the same one Sir Adrian Fulford identified in his Phase 1 Southport Inquiry report, published 13 April 2026: no lead agency and no one looking at the whole. Fraud has a shape long before it has a payment, and the next generation of monitoring sits upstream, aggregating the signals that no single agency, app or product currently sees together. The mathematics is the easy bit. What stops it is the lawful basis for cross-institutional pattern aggregation, the question my MP, Greg Stafford, and I will be working through at our June meeting as the post-Southport legislative response takes shape.
3. The deepfake threat sounds like a relative on the phone.
The synthetic-identity story isn’t really a face-swap story. The frontier in 2026 is the deepfake-on-call: a relative’s voice cloned during a “safe account” instruction, an AI-generated romance partner three weeks into a conversation, a SIM-swap impersonating a bank advisor. Pixel-checks on a video feed are looking at the wrong layer. The signal sits in the architecture of control across the conversation: pacing, isolation, urgency manufacture, financial concession patterns. Behavioural-signal detection, not biometric detection. That is where the next wave of synthetic-identity prevention lands, and where the bulk of my work at Iris has gone for the last three years.
4. False positives are a regulatory question, not an engineering one.
Every fraud team knows the false-positive rate is the friction tax on the customer base. What the next eighteen months will change is who carries the legal weight of getting it wrong. The FCA’s APP fraud regime now requires demonstrable reasoning behind any block, freeze or refusal to process. Confidence-scored deterministic systems can meet that bar because the rulebook, the threshold and the reasoning chain are all on the page. Black-box generative classifiers leave the regulator with nothing to inspect. Westminster has been pushing UK AI strategy towards sovereign infrastructure, but the deeper point for fraud is portability of audit. Whether the engine runs in London, Dublin or a Crown Dependency, the FCA reviewer needs to inspect it and the customer who was wrongly flagged needs to be able to challenge it. The audit chain is the test, not the postcode of the server.
5. The “prevention versus customer experience” trade-off is the wrong frame.
The industry talks about “balancing” fraud prevention against customer friction. That framing has produced a decade of customers who feel interrogated by their own bank and an APP fraud loss landscape that won’t shift below half a billion pounds a year. The right frame is narrower and more useful. Did we protect the right person? Confidence-scored systems make that visible. A high-confidence flag of “this customer is being coerced by a third party” warrants a different intervention from a high-confidence flag of “this customer is making a free if regrettable choice”. Friction targeted at the right person is service. Friction sprayed at everyone is procurement theatre.
The shift that isn’t happening yet
The five changes above are real and underway. What hasn’t yet caught up is the move from “AI for good” as a brand promise to AI for good as an operating specification: stated detection problem, named protected population, deterministic engine, audit chain to the regulator, confidence threshold, named accountable officer. That is what AI for good looks like when it leaves the marketing deck and arrives in the operating manual. It is what serious fraud detection in 2026 will have to look like everywhere.
Predictable is what good looks like.
About Abuthor:
Caroline Wells is the founder of Iris Anticipa Ltd and has 25 years’ experience in financial services. She writes here in a personal capacity.
