As the ongoing mortgage fraud probe deepens, regulators and payment chiefs have warned that Australia’s fragmented defences must be drastically bolstered.
Regulators and industry leaders have said Australia’s banks, non-banks, and intermediaries must overhaul how they think about fraud and financial crime, with the Australian Transaction Reports and Analysis Centre warning that reactive “crisis management” is no longer enough.
Opening a session on financial crime at the Fintech Data Horizon Summit in Sydney on Friday (8 May), attended by The Adviser, AUSTRAC director of regulatory supervision, Faranaz Alam, outlined that while fraud was not new, its methods were constantly shifting.
“Fraud is not new – it just happens in different forms, methodologies adapt over time,” Alam said, adding that the real question for banks and lenders was if they were “resilient enough to respond to this threat”.
Alam said AUSTRAC routinely saw institutions slipping into short‑term damage control when a problem was identified as opposed to designing durable solutions.
“From a regulatory context, when we engage and we’ve identified an issue, there is a tendency to react to want to crisis manager out of it, but you also have an option to respond,” she said.
“Choose the latter because if you’re vested in the long term success of your business, the response is more important than the reaction itself.”
She also quantified the scale of the challenge now facing Australian institutions.
“I’ll put a price tag on it, it’s $82 billion, that’s how much illicit finance is in Australia at the moment,” Alam said.
She also stressed that this money moved through dense networks of firms and infrastructure, as opposed to a single institution’s balance sheet.
“You’ve got so many parties involved. You’ve got intermediaries, infrastructure, systems, clearing houses,” she explained.
She urged companies to sharpen their understanding of specific financial‑crime exposures, rather than burying them inside generic enterprise‑risk frameworks.
“Firstly, businesses must understand that enterprise risks are not the same as non‑financial, money laundering, terrorism financing and proliferation financing risk. Please distinguish that,” Alam said.
Alam noted that the distinction had to flow through to product design and distribution, with firms needing to be clear on where they are most vulnerable.
“Those risk controls, need to calibrate with the changing landscape that we live in,” Alam said, noting that “disruption and prevention is your best bet”.
“There are a lot of forums that help you exchange a lot of data, sometimes it is about the patterns rather than the actual transactional pieces that can make a meaningful shift.”
Digital identity reforms seen as key to disrupting fraud
Meanwhile, Australian Payments Plus managing director, digital trust, Andrew Black, zeroed in on the technology and regulatory changes needed to reduce fraud volumes.
“The key question is that how do you make sure that the regulatory requirements keep up with the technology?” Black asked.
“We’re seeing that across different jurisdictions, different industries have made some really good progress with that, the telcos in particular, and allowing telcos to accept digital ID.”
Black said the federal government’s long‑awaited AML Tranche 2 reforms, which extend anti‑money laundering and counterterrorism financing obligations to additional gatekeeper professions, should be seen as a turning point.
“As part of reforms it includes the ability for mortgage brokers to accept digital ID, that’s a step in the right direction,” he said.
“Another example of this is the pilot the government is conducting on the use of digital ID in rental applications to enhance security.”
The aim, he explained, was to strengthen the quality of data moving through the system while reducing reliance on outdated, easily compromised documentation.
“The key reasons we took forward that pilot, which was undertaken by the department of finance was to highlight where the regulations need to keep up – to allow brokers to accept stronger forms of identity,” he said.
Black also said the ConnectID network that Australian Payments Plus operated with the four major banks was showing positive results.
“What we’ve seen with Connect ID is tangible reductions in fraud,” he said.
“The reasons for that is because you’ve got a really strong, high quality grade piece of data. You’ve got strong authentication, a point of login as well your consent and data minimisation, but you’ve also got an ongoing network sharing intelligence below the hood to help notify and share that ongoing life cycle of identity.”
Economic crime has become one fused threat, payment industry body says
Andy White, CEO of AusPayNet, the industry association for Australian payments systems, explained how different types of economic crime had converged – and why that mattered for how banks responded to the threat.
He said criminals no longer treated fraud, scams, cyber intrusions, and money laundering as separate activities.
“We now have this nexus, which is really unhelpful, between fraud, scams, cyber, money laundering and the bad actors,” White said.
“Bad actors now look at all of those things holistically, and they think about them as tools in their toolkit. So, it’s sort of unhelpful that they can use these tools interchangeably in different ways.
“Technology and AI is just accelerating the way that they can do that, and the potential impact that it has on consumers and businesses.”
On practical steps, he said greater data sharing between institutions was essential – but should be seen as a foundation for earlier intervention.
“With data sharing – which is key to proactively mitigating fraud, I think the banks have a lot more access, and there’s a lot more ability to share between banks,” he said.
“But I think to the point with the telcos combining different data sets is going to be so important to really having a bigger impact – but that’s really going to be the detection, the reactive type controls.”
He said that the next phase had to focus on shutting fraudsters out of payment and credit ecosystems altogether.
“I think we need to move more towards the preventative controls. How do we stop them getting into the ecosystem in the first place,” he said.
[Related: When fraud is found, innocent brokers should not become collateral damage]
Want to see more stories from trusted news sources?
Make The Adviser a preferred news source on Google.
Click here to add The Adviser as a preferred news source.
