Notifications
Clear all
Topic starter
10/06/2026 10:32 pm
TL;DR: AFASA is pushing Philippine banks toward real-time fraud detection, stronger authentication, and fund-recovery workflows, while Sumsub reports a 180% year-on-year rise in multi-step coordinated fraud globally and a 61% rise in deepfake attacks in the Philippines in 2025. The governance challenge is no longer detection alone, but whether transaction monitoring can intervene fast enough to stop suspicious activity before settlement.
NHIMG editorial — what this means for NHI practitioners
By the numbers:
- Sumsub’s Identity Fraud Report 2025-2026 recorded a 180% year-on-year increase in multi-step coordinated fraud globally.
- In the Philippines, deepfake attacks grew 61% year on year in 2025.
Questions worth separating out
A: Banks should map fraud controls to the last reversible point in each payment flow, then use rules for clear abuse and scored review for ambiguous activity.
Q: Why do hybrid fraud controls work better than a single detection layer?
A: Hybrid controls work because fraud signals are uneven.
Q: What do security teams get wrong about real-time fraud detection?
A: Teams often treat real-time detection as a reporting problem rather than a control problem.
Practitioner guidance
- Map transaction decision points to reversibility: Identify the exact point in each payment flow where a hold, rejection, or escalation is still effective.
- Separate hard-stop rules from scored reviews: Use deterministic rules for clear fraud indicators such as blacklist matches and automation, then route ambiguous cases into a scored review queue with explicit thresholds.
- Join identity, device, and transaction evidence: Feed KYC, device intelligence, and behavioural context into the same case record so investigators can see whether the session matches the account profile.
What's in the full announcement
Sumsub's full article covers the operational detail this post intentionally leaves for the source:
- The specific AFASA-oriented bundle design and how the hybrid model handles rule triggers versus scoring.
- The announced integration points with Device Intelligence, Case Management, and KYC/KYB workflows.
- The Philippine compliance context around fraud prevention and fund recovery by June 2026.
- The vendor’s framing of how thresholds, action logic, and decision flows can be configured for different risk appetites.
👉 Read Sumsub’s analysis of AFASA fraud monitoring and fund recovery controls →
AFASA fraud management bundles: what changes for banks now?
Explore further
11/06/2026 2:36 am
Real-time fraud governance is becoming an identity problem, not only a payments problem. AFASA pushes institutions to decide whether a transaction is ordinary, suspicious, or recoverable while the money is still moving. That shifts fraud control into the same operational space as identity assurance, privileged access, and step-up verification. The practitioner conclusion is clear: fraud response now depends on how fast identity and transaction signals can be joined.
A few things that frame the scale:
- Only 1.5 out of 10 organisations are highly confident in their ability to secure NHIs, compared to nearly 1 in 4 for securing human identities, according to The State of Non-Human Identity Security.
- Lack of credential rotation is cited as the top cause of NHI-related attacks by 45% of organisations, followed by inadequate monitoring and logging at 37% and over-privileged accounts at 37%.
A question worth separating out:
Q: Who is accountable when transaction monitoring decisions affect customer funds?
A: Accountability should sit with the institution that owns the payment flow, but decision rights need to be explicit across fraud, operations, and compliance. Each control path should define who can hold a transfer, who can approve release, and who can trigger recovery. Without named ownership, real-time monitoring becomes operationally ambiguous.
👉 Read our full editorial: AFASA fraud controls raise the bar for transaction monitoring
