APAC Fraud Insights | "What The Fraud?" Podcast—Singapore WTF? Summit, Part 1

THOMAS TARANIUK: I'm Thomas Taraniuk, and this is What The Fraud?, a podcast by Sumsub where digital fraudsters meet their match. Over the next two episodes, I’m bringing you conversations from Sumsub’s WTF Summit right here in Singapore.

I sat down with the people actually fighting these battles: Coinbase, Mastercard, the FATF, and the Singapore FinTech Association. We talked about crypto security, AI, fraud detection, regulatory enforcement—the whole ecosystem. And here’s what I learned: the criminals are organized, they’re well funded, and they’re tech-savvy. But so are the defenders. So are we. And we might actually be at a turning point. But the question is: will we move fast enough? So let’s dive in. Let’s dive in.

Introducing Hassan Ahmed, the Country Director for Coinbase Singapore. Great to have you on What The Fraud?

HASSAN AHMED: Thanks for having me.

THOMAS TARANIUK: So let’s start. Big crypto is moving from a speculative asset to an actual payment infrastructure for many retail users and business users worldwide. Stablecoins, CBDCs as well—the whole nine yards. How do you innovate yet build trust at that scale, Hassan?

Hassan Ahmed, Country Director and CEO of Coinbase Singapore

HASSAN AHMED: I think the trajectory of crypto started out with Bitcoin, but really it was once Ethereum came around and it was programmable, and then stablecoins became this concept that had been proofed into existence about seven years ago. That’s when we saw this new innovation take off—how do you decouple the volatility that people traditionally associate with crypto assets, stripping that out so you can leverage the underlying technology of real-time settlement with blockchain rails?

Stablecoins today are north of $300 billion in circulating supply. That really implies they’ve found product-market fit, and there’s a lot of transaction velocity happening on these rails as well. If you look at Visa’s dashboard on stablecoins, there’s about $10 trillion of adjusted payments volume. That sets aside the trading activity that happens with stablecoins.

Suggested read: Global Stablecoin Compliance: GENIUS Act, MiCA, Hong Kong, Singapore, and More Key Rules

What that’s suggesting to us is that there is real economic activity happening on stablecoins today—across consumers, businesses, and institutions. So how do you get to this point and then go further while making sure you’re preserving elements of trust?

THOMAS TARANIUK: Right.

HASSAN AHMED: In my mind, it cuts across two directions and substrates. One is sound regulation. This technology is maturing fast and is at a point where you need to address some of the systemic risks that have cropped up with stablecoins in past cycles. That’s being addressed by frameworks regulators are putting down around the world.

The GENIUS Act was a landmark bill that got through the summer. You’re seeing the effect of that—banks, big retailers, large-scale fintech platforms jumping into the fray. Closer to Singapore and Asia, at least four jurisdictions have announced their own stablecoin frameworks as well.

This goes to addressing the underlying risk of: how do I know what’s backing these stablecoins? Core concepts include high-quality liquid assets, custody with a sound custodian, and reasonable guarantees around redemption—so you always know you can cash out one-for-one.

That’s already in place. The second challenge the industry now has to face is fraud risk, scam risk, and other vectors happening across the ecosystem, which are certainly coming to crypto as well.

THOMAS TARANIUK: Excellent to hear. Singapore has become a big poster child for the war on crypto crime and for smart crypto regulation. How is that shaping innovation here versus the rest of APAC and Europe?

HASSAN AHMED: One thing you have to recognize about Singapore is that it’s an open economy. It’s small and dynamic, and it has to stay paranoid but open at the same time to thrive and remain competitively positioned.

After becoming a financial hub, it quickly became a fintech hub and now a digital assets hub. But the reality is that much of the economic activity is pan-regional, if not global, because the domestic economy is small.

They’re very agile in thinking about how new technologies get assimilated into the banking stack, and what guardrails are needed—not just domestically, but cross-border as well.

One thing that’s been really helpful is the work the Singapore Police Force does with their Anti-Scam Centre. They recognize scams are surging domestically, causing huge losses for victims—elderly, working professionals—and they wanted to get ahead of it.

We’ve been working closely with them on the digital asset side: how do we connect data flows on a near-real-time basis with banks so money doesn’t escape the system before a bank even becomes aware?

THOMAS TARANIUK: That collaboration is exciting to see—local regulators, police, and industry. Coinbase is also joining global coalitions like Tech Against Scams. How do these collaborations build trust across the ecosystem?

HASSAN AHMED: It speaks to the fact that this is a global issue. It requires a whole-of-society approach. Flows are fluid and trivial to move across borders, so we have to step up and be part of the solution.

Beyond data sharing, we’re sharing best practices. We’ve built internal tooling and blockchain analytics over many years. As one of the oldest large-scale crypto companies, we have a rich annotated dataset that we can provide to partner financial institutions so they can ingest it into their risk engines.

THOMAS TARANIUK: Absolutely—and one of the most secure as well. Last question: since we’re at the WTF Summit, what fraud trend should crypto and payments watch for in 2026?

HASSAN AHMED: Deepfakes are top of mind. They’re getting better and more realistic. There are counter-technologies emerging, but the industry now needs to focus more attention on scams, fraud, and illicit finance.

Fraud-as-a-service has become trivially easy to access. Anyone can buy these bundles. In Southeast Asia especially, we’ve seen many fraud networks spin up.

In Singapore, we’ve resourced up our payments risk and global intelligence teams to focus on this region. It behooves banks, regulators, and task forces to intensify work here.

THOMAS TARANIUK: Absolutely. Education is critical too.

HASSAN AHMED: One benefit of being a scaled consumer platform is user education. During onboarding, we take users through risk questionnaires—not just digital asset risks, but how to secure their accounts.

THOMAS TARANIUK: Thank you very much, Hassan, for joining us today on What The Fraud?

HASSAN AHMED: Thank you for having me.

Karthik Ramanathan, SVP, Cyber and Intelligence (C&I) Solutions, Asia Pacific at Mastercard

THOMAS TARANIUK: Hassan’s point about ecosystem collaboration—that’s the theme of this entire What The Fraud? Summit. Fraud doesn’t respect industry lines. A scammer hitting crypto exchanges is using the same playbook against banks and fintechs as well, which brings me to the next person whose job it is to protect the pipes connecting the entire financial system across APAC.

Karthik Ramathan is the SVP of Network Services for Mastercard across the entire Asia Pacific. That means data, intelligence, and security for millions of transactions per second. Karthik, welcome to What The Fraud?

KARTHIK RAMATHAN: Thank you. Thank you for having me.

THOMAS TARANIUK: Karthik, you’re seeing fraud patterns in real time that most people have no idea about. What are you focused on right now to keep the network secure?

KARTHIK RAMATHAN: When I look back at the evolution of fraud over the last few years, the interesting thing that struck me—especially as I was looking at the What The Fraud? Summit in Singapore—is that a lot of focus has shifted from fraud on the payment network to real-time scam fraud that happens off-network.

Some of it obviously flows into the payment rails on Mastercard, but a lot of it is actually focused around real-time account-to-account payments. Interestingly enough, as a big participant in the payment ecosystem, we’re constantly asked how we can deploy tools to help in that space as well.

That’s a very interesting space for us because if you look at digital payments as an overall ecosystem, if you’re trying to move customers from cash to digital, anything that undermines trust in that ecosystem impacts us as Mastercard and impacts the broader digital payments ecosystem.

It’s absolutely fundamental that everyone collaborates effectively to keep the ecosystem safe and secure. We’ve been on this journey for quite a few years now. In a previous role, I led a vertical called Cyber & Intelligence Solutions—now the Security Solutions organization.

The role of that unit is very simple: it focuses on a diverse set of capabilities designed to keep transactions on the Mastercard network safe and secure.

THOMAS TARANIUK: Okay.

KARTHIK RAMATHAN: To give you an example, we started with card-present transactions—the introduction of the chip and enhanced card capabilities. But the world quickly moved online, shifting the focus to authentication and identity verification.

Around 2017–2018, we saw a major shift of fraud toward cybersecurity. We began looking at what enables this fraud—and most of it comes down to cybersecurity failures: data breaches, improper data storage, or unexpected data leakage.

When you operate a network of 30, 40, 50 million merchants and billions of customers, how do you ensure every ecosystem participant is protected from a cybersecurity perspective and that data is kept safe?

THOMAS TARANIUK: Billions rely on your networks. Mastercard’s AI-driven fraud systems like TRACE and Consumer Fraud Risk can detect scams in real time. Detection isn’t prevention—so how does connected data across the network help stop fraud before money moves?

KARTHIK RAMATHAN: If you look at the challenges with scam flows, you have a customer transferring money from their account to another account—often across banks or even jurisdictions.

The sending bank only knows its own customer. That’s the problem. If I open a mule account and receive 10,000 transfers of $10 each, the only bank with visibility is the one holding my account.

The other 10,000 sending banks don’t know where the money is going. Then you have the exit route—moving funds into crypto and across borders—which makes law enforcement tracking much harder.

What we do, and this is live in the UK, is monitor transactions across the ecosystem in real time—both sending and receiving sides. If money moves from a compromised account, we know at the moment of the transaction. If we see high volumes or unusual patterns—like someone making a $150,000 transfer for the first time—those transactions are flagged. Banks can then contact customers, understand the transaction, and stop the fraud before the money moves. Once it moves, it layers quickly—into crypto and back into banking—making it much harder to track.

THOMAS TARANIUK: Certainly. With Mastercard’s ambitions around crypto card issuing, where do you see the biggest challenges moving forward?

KARTHIK RAMATHAN: From a card-rails perspective, crypto is essentially another currency. As long as it’s embedded within fraud controls and tracked end to end, it can be reasonably secure.

The challenge arises when transactions move off-card rails—onto account rails or wallet rails—where different entities and restrictions apply. Those entities need the same data to control insecure transactions. That’s where the industry challenge lies.

THOMAS TARANIUK: Fraud cuts across banks, fintechs, crypto, telcos, and more. What does real cross-industry collaboration actually look like?

KARTHIK RAMATHAN: Mastercard is a founding chairperson of the Global Anti-Scam Alliance in Singapore. It brings together everyone involved in the scam chain who wants to fight this battle.

It’s about creating a common understanding and working with law enforcement and government agencies to ensure legal frameworks support data exchange for the right reasons—not trading off privacy for security, but finding the right balance.

There’s no single entity that decides liability, so collaboration is essential. Dialogue helps each participant understand what steps they need to take to slow fraud down.

THOMAS TARANIUK: How do you balance innovation, speed, transparency, and consumer protection with regulators?

KARTHIK RAMATHAN: We’re fighting an unequal battle. Fraudsters can freely run across rails using every tool available. The industry’s job is to present regulators with a cohesive plan explaining why data exchange beyond current limitations is necessary, specifically to stop scams.

Regulators understand this imbalance. One team plays by the rules; the other doesn’t even know which game it’s playing. The solution lies in working through associations like GASA to define responsible data-sharing models and tools that enable scam prevention.

THOMAS TARANIUK: As fraud becomes more organized and AI-driven, what shapes the next phase of prevention?

KARTHIK RAMATHAN: AI use in fraud prevention is encouraging—we need powerful tools. But five years out, fraudsters will also be using AI aggressively.

The industry needs to move faster and educate consumers. Even I sometimes struggle to tell AI-generated content from real content. Fraudsters creating videos to access funds will be highly sophisticated.

Prevention must move from the moment of transaction to everyday monitoring. Scams don’t begin at the transaction—they begin when mule accounts are created or accounts are taken over.

THOMAS TARANIUK: Very strong points. And I think what we can conclude here today is a willingness, of course, within industry—within crypto and TradFi together, cross-industry, and also with regulators—to share big data and figure out all of the fraud networks. Identifying the key pieces is super important to stopping what is a growing industry, right?

KARTHIK RAMATHAN: I think this industry is going to continue growing, and at some level I always say this: you just need to make sure that the cost of doing business becomes very high for the fraudsters and disrupts most of their flows. So I think the industry wants to do more around this particular space. That gives me a lot of comfort and confidence that we are on the right track.

THOMAS TARANIUK: I’m so glad to hear it. And that’s what we want to do at the What The Fraud? Summit and on the What The Fraud? Podcast—educate people and bring together those who want to make the change.

KARTHIK RAMATHAN: Congratulations on an awesome event. It’s been beautiful so far.

THOMAS TARANIUK: Wonderful to hear. But I won’t take all the credit. Wonderful to have you, Karthik, on the podcast today.

Caryn Leong, Regional AML Director, APAC at ACAMS

THOMAS TARANIUK: Fraud isn’t hyperbole—it’s reality. If you’re a financial institution in APAC, regulatory expectations are tightening every quarter. My next guest is Caryn Leong, Regional AML Director for APAC at the Association of Certified Anti-Money Laundering Specialists. Caryn, thank you for joining us.

CARYN LEONG: Thank you for having me.

THOMAS TARANIUK: Where are institutions feeling the strongest pressure to evolve AML and sanctions programs, and what’s driving that?

CARYN LEONG: That’s right. Yeah. So you’re just trying to keep everything up in the air all at the same time.

Now, what I do think financial institutions are feeling pressure points around, potentially, is client due diligence because of the complexity of structures. You’re also looking at clients with more digital asset wealth coming online—how do you corroborate that? You’re also looking at cross-border clients because of a lack of transparency. How do you do all your regular client due diligence, right? You need to be fairly exhaustive and creative at the same time.

There’s also sanctions screening. Sanctions screening used to be fairly black and white—you are SDN, you’re not SDN. I think those days are gone. It’s not black and white; it’s many, many shades of grey. And sometimes it feels like you’re trying to do a jigsaw puzzle but you don’t have the picture on the box.

I think it’s challenging, right? Because you’re just trying to look for that needle in the haystack. And then sometimes you wonder, am I identifying a needle, or did I just create more hay? So that’s quite difficult for compliance professionals.

There’s also the technology uplift. I just came back from our Hong Kong conference—we were talking to regulators about it. A lot of the conversation circles around technology, not just legacy systems. What about new technology? But also: is your technology working, and is it working today? We talk about effectiveness. How are you deploying it in the right way? How do you evidence that it’s working in the right way, right?

All of this coming together means there’s a lot happening. Do you have big teams that can help you manage it? Do you have small teams that have to do all of that? It depends on the size of the financial institutions or organizations dealing with this now.

To your point—the question is, what’s driving the shift? A combination of factors. Of course, we talk about high-velocity fraud, right? It’s scale and speed. It’s difficult to get on top of it. It’s also a matter of geopolitics—it changes all the time. You wake up in the morning, you don’t know what’s happening, and there’s something new and interesting in the news. Then before you know it, your lists get updated, and you’ve got a volume of alerts you have to get through. It’s all very challenging.

THOMAS TARANIUK: From the point of view of fraud and AML converging really fast across APAC—where are you seeing that most clearly? Because you identified it as almost like a jigsaw puzzle, where you don’t know the end picture and you’re finding a needle in a haystack. How can smarter data sharing help you on that journey as a business?

CARYN LEONG: I think with the convergence we’ve been talking about for the last two or three years, where I really see it coming together, is the scam-to-laundering pipeline. That’s when fraud proceeds move very quickly onto mule accounts, into fintech rails, and then off into digital assets very quickly. Faster cross-border layering, the use of high-velocity wallets, and increasing reliance on social engineering to bypass traditional controls. Because now, with social engineering, you’re the one authorizing the transaction—but to a fraudster. So controls need to keep up with that.

Criminals are also arbitrating between AML frameworks and fraud prevention frameworks.

To your question around smarter data: smart data is not a silver bullet, unfortunately. Financial crime is very complex—there isn’t a single silver bullet.

But smarter data sharing does help. It helps with cutting off criminal activity, hopefully at the midpoint. As I mentioned, the scam-to-laundering pipeline typically goes from a scam or fraud into an account, then into another bank account, potentially into a fintech, or into a crypto exchange, then into DeFi—and then it gets lost.

If you can share information within the ecosystem, hopefully you can cut off that transfer before it’s lost completely. The goal is to share information so everyone gets together and tackles it upfront.

THOMAS TARANIUK: You’ve said fighting scams requires a Justice League approach. What does collaboration look like in practice?

CARYN LEONG: It looks like weekly calls, monthly meetings, exchanging data protocols, sharing red flags—sometimes even crisis management. There are a lot of nuts-and-bolts, rudimentary things that go into collaboration.

The strongest models we’ve seen in APAC typically have three traits. One: everybody brings their superpower to the table. Banks see payments. Telcos see calls. Platforms see social engineering. Regulators and FIUs see patterns. When they come together, it all makes sense—you can’t do it separately.

There’s also a willingness to act very quickly. It’s a three-minute or thirty-minute sprint, not a thirty-day consultation. You don’t have time for information requests—you need to act fast.

The other key element is trust. Trust is difficult to build, but organizations share more information when they believe the red flags they raise won’t be second-guessed or punished. A safe haven is very much appreciated.

THOMAS TARANIUK: How does education help move from compliance theater to real protection?

CARYN LEONG: With training, people often think it’s about passing an exam or taking a quiz. But the best training is meaningful—when you understand why you’re doing it. It moves from being a process to something you genuinely want to do. That understanding helps professionals spot red flags proactively.

THOMAS TARANIUK: Everything’s changing year on year. Fraud types change, vectors change—defenses and training must change too. From 2025 to 2026, what’s one fraud or financial crime trend institutions in APAC should prepare for?

CARYN LEONG: Taking it from Roger Kumar’s keynote this morning—AI-enabled fraud scaling faster than controls. Fraudsters are getting faster, bigger, and better. And conversely, those fighting financial crime need to get faster, quicker, and better too.

THOMAS TARANIUK: Excellent slogans. Faster, bigger, better. Are there unique fraud dynamics in APAC compared to other regions?

CARYN LEONG: There are variances. In the US, check fraud is the number-one typology.

THOMAS TARANIUK: Huge.

CARYN LEONG: In Asia—when was the last time you saw a check?

THOMAS TARANIUK: I can’t remember.

CARYN LEONG: So there are nuances. But the lifecycle of fraud almost always starts with social engineering, creating urgency. It’s like a sales funnel.

THOMAS TARANIUK: Like a business.

CARYN LEONG: Exactly. They’ve got it down pat. So we need to get ahead of the game and be more proactive.

THOMAS TARANIUK: You’re certainly fighting the good fight. But on the other side, fraud networks are training others through fraud-as-a-service. It really becomes a battle of good versus evil.

CARYN LEONG: It does. We talk about smarter data sharing—but bad actors are doing it too, and often better, because they don’t have data protection or privacy regulations.

THOMAS TARANIUK: True.

CARYN LEONG: So we need to get smarter—within the rules.

THOMAS TARANIUK: Exactly.

CARYN LEONG: And think out of the box.

THOMAS TARANIUK: Absolutely. Karen, thank you so much for joining us on the What The Fraud? podcast here at the What The Fraud? Summit.

CARYN LEONG: Thank you for having me.