TL;DR: Crypto-enabled fraud cost victims at least $14 billion globally in 2025, while the UK is shifting from reporting-led fraud handling to prevention-led disruption through reporting reform, overseas enforcement coordination, and AI-assisted controls, according to Chainalysis. The practical implication is that fraud now sits at the intersection of identity verification, transaction monitoring, and access governance, not just investigations.
NHIMG editorial — based on content published by Chainalysis: fraud, crypto tracing, and the UK’s prevention-led response to cyber-enabled crime
By the numbers:
- In 2025, at least $14 billion in cryptocurrency was transferred to addresses associated with scams and fraud.
- The APP Fraud Mandatory Reimbursement Model returned approximately £27 million to victims across 60 payment firms in its first three months.
- Men under 45 submitted over 17,000 reports to Action Fraud in the UK in 2024.
Questions worth separating out
Q: How should organisations stop fraud before a transaction is completed?
A: They should use layered controls that score intent, counterparty risk, device reputation, and account behaviour before authorisation.
Q: Why does fraud now overlap with identity governance?
A: Because modern fraud depends on trusted identities, delegated access, and account recovery weaknesses.
Q: What do teams get wrong about AI-based fraud detection?
A: They often assume the model itself is the control.
Practitioner guidance
- Unify fraud and identity telemetry Correlate identity proofing signals, account recovery events, device reputation, and transaction risk into a single fraud decision layer.
- Add step-up checks before irreversible transfers Require stronger verification for high-risk payments, wallet changes, beneficiary edits, and account recovery actions.
- Feed blockchain intelligence into case management Use wallet clustering, address attribution, and exchange touchpoint data to connect apparently separate fraud reports.
What's in the full article
Chainalysis' full article covers the operational detail this post intentionally leaves for the source:
- How blockchain analytics is used to trace scam proceeds through mixers, exchanges, and cash-out points
- How the UK’s Report Fraud model is designed to triage and correlate reports into actionable intelligence
- How AI-powered prevention tools fit into transaction monitoring and reimbursement-driven fraud controls
- How international enforcement, sanctions, and mutual legal assistance support disruption of overseas scam networks
👉 Read Chainalysis' analysis of fraud, crypto tracing, and UK prevention reform →
Fraud at transaction scale: what should security teams do next?
Explore further
Fraud is now an identity governance problem, not just a financial crime problem. The article shows that trust abuse, account compromise, and transaction authorisation sit at the centre of modern fraud operations. That means verification, entitlements, and transaction controls are increasingly part of the same governance boundary. For identity teams, the practical conclusion is that fraud prevention and access governance now need shared policy and shared telemetry.
A question worth separating out:
Q: Who is accountable when an authorised fraud payment is not blocked?
A: Accountability depends on where the control failure occurred. Under the PSR model described in the article, a PSP can be liable if it failed to apply verification of payee, perform transaction monitoring, or block a suspicious transaction. That makes evidence quality and control execution part of accountability.
👉 Read our full editorial: Fraud is becoming an identity and transaction security problem