Notifications
Clear all
Topic starter
10/06/2026 10:40 pm
TL;DR: Financial institutions are being outpaced by fraudsters who exploit the seams between fraud, cyber and compliance teams, while AI reshapes both attack and defence conversations, according to SumSub’s WTF? Summit discussion with FATF, Singapore FinTech Association and Coinhako. Cross-functional governance is now a control issue, not an organisational preference.
NHIMG editorial — based on content published by SumSub: a live WTF? Summit discussion on fraud, cyber and compliance silos in financial crime
Questions worth separating out
Q: How should financial institutions break down fraud, cyber and compliance silos?
A: They should start by aligning identity, case and escalation data across the three functions.
Q: Why do siloed fraud operations create more risk than separate teams seem to suggest?
A: Because attackers do not need to defeat every control, only the gaps between controls.
Q: How can teams tell whether AI is helping financial crime operations?
A: AI is helping when it shortens case triage time, improves signal correlation and increases the quality of analyst decisions without hiding why a case was prioritised.
Practitioner guidance
- Map shared fraud-cyber-compliance control points Identify where identity, transaction and device signals are reviewed separately, then define the exact handoff points where one team must be able to escalate into another team’s workflow without re-entering the case.
- Create a common suspicious-activity taxonomy Use one set of severity levels, evidence fields and disposition rules across fraud, cyber and compliance so teams describe the same event the same way before they attempt cross-border sharing.
- Assign explicit ownership for AI-assisted triage Document who approves model use, who reviews disputed outputs and who is responsible when AI-driven prioritisation changes a case outcome or regulatory filing.
What's in the full article
SumSub's full discussion covers the operational detail this post intentionally leaves for the source:
- The live discussion on how fraud, cyber and compliance leaders should coordinate evidence and escalation.
- The panel’s practical examples of where AI can strengthen financial crime operations and where it can mislead analysts.
- The ASEAN-specific discussion of data-sharing constraints and how they shape cross-border response.
- The speaker perspectives from FATF, the Singapore FinTech Association and Coinhako on operational readiness.
👉 Read SumSub's discussion on fraud, cyber and compliance silos in financial crime →
Fraud, cyber and compliance silos: what financial institutions miss?
Explore further
11/06/2026 2:47 am
Siloed financial-crime operations create an identity governance failure, not just a process gap. When fraud, cyber and compliance teams hold different views of the same user, account or transaction, the organisation loses a consistent control plane. The article’s core warning is that criminals are not defeating each tool separately; they are exploiting the handoff between them. Practitioners should treat inter-team fragmentation as a governance defect with direct security consequences.
A few things that frame the scale:
- 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to the Ultimate Guide to NHIs.
- Only 20% have formal processes for offboarding and revoking API keys, which shows how often identity governance still stops at the handoff point.
A question worth separating out:
Q: Who is accountable when fraud, cyber and compliance teams miss the same threat?
A: Accountability should sit with the operating model owner who defines how evidence, escalation and reporting move across departments. When a case fails because no team owned the handoff, the problem is structural. Financial institutions need a single governance path for suspicious events, even if multiple teams contribute controls.
👉 Read our full editorial: Fraud, cyber and compliance silos are widening financial crime gaps
