A new FATF report warns that AI-driven deepfakes have "industrialised" cyber-enabled fraud globally
In Singapore, scam cases surged 61% in two years, with 15% of the global adult population now victimised
Cybercriminals use Mule-as-a-Service (MaaS) to fragment and launder illicit funds
In early 2024, a video began circulating online showing Sachin Tendulkar promoting a gambling app, on which his daughter had made easy returns. It was unmistakably his high-pitched boyish voice with the pauses and gestures one would instantly identify with the cricketing legend. Except that it was a high-quality deepfake that Tendulkar himself called out as fake. In the same period, fraudsters used deepfakes to impersonate senior management of an engineering firm during a video call, convincing an employee in Hong Kong to authorise several fraudulent transfers.
These cases were early signs of a new era of cybercrime. Cybercrime is as old as the internet, and cyber-enabled fraud should have grown in tandem with digital banking. But, as noted in a paper released by the Financial Action Task Force (FATF) in February 2026, innovations in recent years have drastically amplified the scale, speed, and sophistication of fraud, empowering criminals to operate seamlessly across borders.
2 March 2026
Get the latest issue of Outlook Business
The Industrialization of Deceit
A decade ago, the threat vector arose from small hubs like Jamtara, where neighbours got together to practice the art of the fraudulent phone call. As Law Enforcement Agencies (LEAs) learnt the tricks and struck back, the hubs decentralised. At the same time, corporate-style call centers sprouted up in urban centres, which were dismantled by frequent LEA raids.
Soon, the hustle evolved again. Gangs operated what came to be known as ‘scam compounds’ in lawless Special Economic Zones across South-East Asia. These fortified complexes are often located in border regions and protected by local militias. They optimise their profits by leveraging on cheap forced labour and economies of scale.
While a clear solution to the problem of scam compounds is not in sight for affected countries, potentially even these brick-and-mortar fortresses may already be disrupted by small groups of "techie" scampreneurs. Owing to the democratisation of deepfakes, a few individuals can now mount a complex social engineering campaign that once required a hundred-man floor. Even a hoodie-wearing (apologies for the stereotype) geek with an evil mind can mount a large scam raid on unsuspecting netizens.
As new fraud typologies are getting invented, the older ones are not going out of vogue. As a result, we see a multi-dimensional onslaught of fraud on the global community. As per an estimate in the FATF report, up to 15% of the adult population has fallen victim to scams. It cites the case of Singapore, where scam cases have increased by 61% in the last two years.
The Laundromat in a Box
While scamming a victim is the front end of the operation, moving the loot and concealing its illicit origin constitute the back end. The back end has been enabled by the rise of cryptocurrencies and cross-border payment channels with insufficient guardrails. Scammers may also mix-and-match these with traditional laundering tools such as trade manipulation and hawala. As per the FATF report, 90% of jurisdictions explicitly identify fraud as a major money-laundering risk.
Scammers often outsource the back-end operations to third-party professional launderers. Organized crime syndicates have contracted Mule-as-a-Service (MaaS) to gain control of mule accounts for moving funds. The modern scammer operates in an ecosystem serviced by professionals who offer plug-and-play laundering solutions.
MaaS providers maintain a fleet of mule accounts, which they have opened using digital credentials leased to them, wittingly or unwittingly. The moment a victim’s funds are transferred, they are instantly shattered into thousands of fragments, layered through mule accounts, and converted into no-KYC cryptocurrencies before being reintegrated into the legitimate system.
No quick fix
There are broadly three strategies to address the problem: increase citizen awareness; trace and recover the assets in real-time; and dismantle the scam networks, the physical compounds, MaaS, etc. With the wide variety of scams, evolving at a breakneck pace, it is difficult for citizens to internalize the high volume of citizen awareness content. It is especially difficult for senior citizens. With deepfakes, citizens have to judge the reality itself. One common AI-driven scam typology involves cloning a person's voice from social media and calling their parent to inform them of the arrest, and requesting payment for ‘bail’.
With the increasing availability of solutions for cross-border fund transfers, it has become easier to move funds stolen in cyber scams across borders. Most often, the scam syndicates and professional launderers are also based overseas. It is also increasingly difficult to devise red flags for social engineering scams due to the infinite creativity with which they can be deployed.
The FATF report identifies many ways to mitigate the rising risks from cross-border scams, on which it has worked over the last few years. These include payment transparency, standards for asset recovery in the golden hour, regulation of crypto assets, domestic and international partnerships, and technological solutions for Financial Intelligence Units (FIUs) to detect flow of scam proceeds.
Many national anti-scam commands can now recover between 15% and 20% of stolen funds by tracing and freezing assets in real time. A majority of what cannot be recovered represents funds that have already moved cross-border. FATF states that effective inter-agency cooperation ‘across borders can significantly enhance the detection, disruption, and investigation of transnational fraud and scam networks.’ But cross-border cooperation has always faced bureaucratic delays. Tracing of scam proceeds needs to happen in real-time.
Probably the need of the hour is to have an international anti-scam command, on the lines of national anti-scam commands; an international semi-automated centre for coordinating amongst national FIUs and anti-scam commands 24*7 and in real-time. This may seem like a tall order requiring consensus amongst about 195 jurisdictions with differing systems. But a good start would be to explore a system for linking up affected countries and international financial centres, and to develop tech solutions for seamless asset tracing across borders.
Good news is that some platforms are already emerging to address the coordination problem. For instance, FRONTIER+ is a cross-border collaboration platform for anti-scam commands from eleven jurisdictions in the Asia-Pacific region, aimed at facilitating real-time intelligence sharing, joint operations, and coordinated enforcement against transnational scams.
The Tendulkar deepfake was a warning shot. In a world where AI tools can synthesise reality, our only defence is a coordinated, high-tech, and borderless response.
The writer is author of ‘The Great Indian Fraud’ (Bloomsbury, 2020) and co-chair of FATF’s working group on risks. Views are personal.
