Using early signals to disrupt money mules: webinar insights

3-minute read time

What do leaders from Mastercard, UK Finance and Synectics think about detecting mules earlier - and why has this become a critical financial crime priority?

Our recent webinar, Using early signals to manage the fraud risk you can’t decline, explored how broader, lifecycle-wide risk intelligence makes a real difference in how the industry disrupts money muling.

The session brought together new insights, real examples and open debate - highlighting where current approaches are being challenged, but also the shared ambition to tackle financial crime.

Read the key takeaways from our panellists, Adam, Kathryn and Osman below:

We can all learn from each other – no matter our sector or size

There’s a mismatch between how fraudsters and industry operate. Criminals collaborate seamlessly across sectors in a way industry hasn’t yet been able to replicate.

Cross-sector risk data has never been more valuable in closing this gap, yet its “network effect” remains underutilised. Making headway in this area is a priority and requires learning from one another through consortium fraud data and collaborating beyond sector boundaries.

There are benefits to getting more comfortable with friction

In response to increased industry awareness of social engineering and tighter controls, mule herders have adapted. They’re recruiting more from long-term, on-book customers and combining traditional honeypotting with decoy tactics, such as moving genuine funds to obscure intent.

This requires expanding where and how friction is applied, using more contextual understanding about a customer, and becoming more comfortable with applying friction.

It may be time to revisiting our definition of “low risk”

True risk frequently only becomes visible when information about a customer is viewed over time and across all organisations they interact with.

As a result, gauging intent - especially around whether a mule is willing or unwitting - is considerably more difficult, which poses not just AML risk but challenges to Consumer Duty.

This means a holistic, lifecycle-based view of a customer is now essential and, for some organisations, may trigger a fundamental shift in how risk is defined and monitored.

Intelligence can be used to influence customer behaviour, too

Mules often arrive under a spell, having been socially engineered in the digital sphere. In these cases, the same “complete picture” risk intelligence an institution uses to make decisions can help the customer make a good choice, too.

This multilayered approach presents an opportunity to intervene constructively, even when a decline is not justified or intent isn’t clear cut.

Synthetic identities as the persistent threat throughout

Synthetic IDs now underpin a growing share of serious financial crime, with many appearing credible in isolation. They are built over time - often using low-scrutiny products and across multiple sectors - making them difficult to detect without a broader view.

Cross-sector data, combined with continuous treatment strategies, is critical to identifying a threat designed to appear low risk at a single point in time or within a single dataset.