Alongside financial consumer protection and financial education approaches, collaboration among public authorities is an important strategy to combat financial scams and frauds. This chapter discusses how public authorities collaborate within their jurisdiction and across borders with stakeholders in the anti-fraud ecosystem to encourage information sharing and foster co-ordinated responses.
Protecting Consumers from Financial Scams and Frauds
Abstract
Alongside financial consumer protection and financial education approaches, cross-sectoral collaboration is a common strategy. Indeed, 78 respondents collaborate with other stakeholders in their jurisdiction on matters relating to financial scams and frauds, while 53 collaborate with cross-border stakeholders (Figure 5.1).
Number of respondents who collaborate with domestic and cross-border stakeholders
Source: OECD Questionnaire on Protecting Consumers from Financial Scams and Frauds
As shown in Figure 5.2, collaboration most frequently happens with other regulatory authorities, law enforcement and/or private sector actors. Collaboration with consumer representatives was less common among respondents, which might point to an opportunity to increase engagement. Other stakeholders, where increased collaboration could be beneficial, included academic institutions (e.g. the Vienna University of Economics and Business in Austria), industry associations (e.g. the representative body of Hungarian banks and the Brazilian Federation of Banks) and public authorities responsible for cybersecurity (e.g. in Luxembourg). For 51 respondents, such collaboration is underpinned by a formal arrangement, such as a Memorandum of Understanding (MoU).
Number of respondents who collaborate with a variety of other stakeholders in their jurisdiction
Source: OECD Questionnaire on Protecting Consumers from Financial Scams and Frauds
Often, such collaboration entails multiple authorities, as institutions such as the central bank and financial market regulator(s) co-ordinate with police, law enforcement and authorities responsible for AML/CFT (see Box 5.1) to gather information, share data, and even develop joint consumer awareness or financial education campaigns. For example:
In Australia, the National Anti-Scams Centre (NASC) was established in 2023 to co-ordinate government, law enforcement and private sector efforts in tackling scams. In 2023, ASIC established a capability to take down investment scam and phishing websites, supporting the work of the NASC; as of February 2026, ASIC reported that the website takedown service was shutting down an average of 230 investment scam websites a week, having co-ordinated the removal of more than 25 000 scam websites and 1 100 investment scam social media advertisements (Australian Securities and Investments Commission, 2026[62]).
In Hungary, for instance, the previously mentioned KiberPajzs (“CyberShield”) project is a collaboration between multiple authorities and government ministries; this project aims to increase user awareness around financial security risks and to facilitate the exchange of information and experiences among financial institutions, law enforcement agencies, and other authorities involved in financial operations, and jointly develop and implement effective protection measures to increase the effectiveness of the fight against fraud and abuse.
Similarly, in Malaysia, the National Scam Response Centre is a joint venture between the National Anti-Financial Crime Centre, the Royal Malaysian Police, Bank Negara Malaysia, the Malaysian Communications and Multimedia Commission, as well as the financial and telecommunications industries.
Additionally, the Philippines established the Consumer Protection and Education Committee of the Financial Sector Forum, which is comprised of the country’s financial regulatory bodies: Bangko Sentral ng Pilipinas, Insurance Commission, Philippine Deposit Insurance Corporation, and the Securities and Exchange Commission. This committee co-ordinates and undertakes financial education and consumer protection initiatives in the country.
Given the number of authorities and agencies in the anti-fraud ecosystem, Singapore established an Inter-Ministry Committee on Scams that is chaired by the Ministry of Home Affairs to co-ordinate the whole-of-government approach towards financial scams and frauds.
Another example of collaboration is in Spain, where the Financial Fraud Action Plan (Plan de Acción contra el Fraude Financiero – PAFF) was launched in April 2022 and brings together 24 public and private stakeholders, including the Banco de España, the CNMV, the First-Vice presidency, the Ministry of Economy, Trade and Business, the Ministry for Digital Transformation, law enforcement authorities (such as the National Police), and banking associations.
Across respondents, collaboration with AML/CFT and financial crime authorities is common and takes several structured forms, often embedded in multi-agency frameworks combining financial supervisors, financial intelligence units (FIUs), law enforcement and cybersecurity bodies. At the international level, respondents noted engagement with the Financial Action Task Force (FATF), an independent inter-governmental body that promotes policies to protect the global financial system against money laundering, terrorist financing and the financing of the proliferation of weapons of mass destruction; FATF Recommendations represent the international standard for AML/CFT and provide a comprehensive framework to help jurisdictions detect and disrupt illicit financial flows (Financial Action Task Force, 2025[63]).
A number of respondents highlighted direct co-operation with AML/CFT institutions, for example the Capital Market Authority of Montenegro reports fraud cases to its Financial Intelligence Unit and keeps it informed throughout investigations. Similarly, Banco Central do Brasil highlighted engagement with the National Strategy to Combat Corruption and Money Laundering and the Financial Activities Control Council (Coaf) alongside police and regulators.
Other countries rely on formal inter-agency committees or task forces that include AML/CFT bodies, such as the committee established in Thailand under the Royal Decree on Measures for the Prevention and Suppression of Technological Crimes (which includes the Anti‑Money Laundering Office, police and regulators) or Nigeria’s Inter-Ministerial Committee on AML/CFT.
Collaboration may also take the form of institutionalised information sharing and joint enforcement mechanisms linked to financial crime frameworks. For example, the Financial Services and Markets Authority (FSMA) of Belgium noted its legal authority to transfer certain fraud files to other authorities, including its FIU (CTIF). In the Netherlands, for example, the Financial Expertise Centre brings together supervisory, investigative and prosecutorial bodies to safeguard financial system integrity, including the Dutch Authority for the Financial Markets (AFM), the Dutch Central Bank (DNB) and the Financial Intelligence Unit of the Netherlands.
Several jurisdictions also demonstrate collaboration through cybersecurity and financial resilience frameworks, highlighting joint intelligence-sharing and operational responses to fraud risks, often combining AML/CFT, cybercrime, and consumer protection perspectives.
Collaboration may also include private sector actors, including market participants, either as part of the implementation of financial consumer protection frameworks or through ad-hoc co-ordination efforts. For instance, in Italy, CONSOB collaborates with Google through the company’s “Financial Services Verification”, which requires advertisers of financial services on Google platforms to demonstrate that the advertised services are authorised by the local competent authorities (e.g. CONSOB and others in the case of Italy). CONSOB also submits to Google requests for removal of content (e.g. websites or applications attributable to unauthorised subjects) on Google Play apps and on YouTube. Given the spread of abusive activities, including across borders, CONSOB noted that this collaboration was only a first step and should be strengthened and extended to other Big Tech companies, such as Meta, X and LinkedIn. In Thailand, for example, the SEC Thailand held an on-site training session in April 2025 with Meta and Facebook to facilitate companies in the capital and digital asset markets in applying for tools like Brand Rights Protection and Meta Verified. Another example is in Romania, where the Financial Supervisory Authority works with the National Institute for Research and Development in Informatics (ICI Bucharest) to block domains linked to fraudulent websites. The Dutch Authority for the Financial Markets (AFM Netherlands) also shares information with and obtained from private parties on investment fraud, which includes taking fraudulent websites offline.
Collaboration across public authorities and law enforcement agencies to encourage information and data sharing is often underpinned by a Memorandum of Understanding (MoU). These MoUs provide a framework to ensure data sharing is co-ordinated, while safeguarding the careful and lawful handling of personal data as defined in domestic laws. For example:
In Belgium, the Financial Services and Markets Authority (FSMA) has the legal authority to transfer certain fraud files to other authorities.
In France, the AMF noted that information sharing with other agencies is crucial because their mandate and competence limit their ability to directly pursue scammers, which means they must forward any information they receive onward to the proper oversight authority.
In Hong Kong (China), the Financial Intelligence Evaluation Sharing Tool (FINEST) was launched by the Hong Kong Association of Banks with support from the HKMA and HKPF in 2023 as a bank-to-bank information sharing platform that helps banks communicate to detect and disrupt fraud and financial crime. The HKMA, HKPF and the banking industry together also launched the Suspicious Account Alert mechanism, under which alerts will be sent to customers when a payee’s account number, mobile phone number, and/or email address are labelled as high risk in the HKPF’s scam search engine, Scameter.
In Italy, under co-operation agreements between CONSOB and the Italian Financial Police (Guardia di Finanza), CONSOB may ask to acquire data, news and information. In addition, under its arrangements with the Italian Judicial Authority, to which it must report any financial scams and frauds detected during its supervisory activities, CONSOB often receives requests for information, as financial fraud is a criminal offence in Italy.
Also in Italy, two committees foster ongoing dialogue between authorities and the financial industry. CERTFin, a public-private co-operation initiative co-chaired by the Banca d’Italia and ABI (the Italian Banking Association), co-ordinates threat intelligence sharing among banks, PSPs and other entities and promotes sector-wide initiatives such as awareness campaigns.1 Comitato Pagamenti Italia (CPI) ensures continuous engagement with the industry on payment-related matters.
In Thailand, a framework has been developed to facilitate information sharing and co-ordination among digital asset service providers, banks, police units and other relevant agencies with the objective to effectively prevent the outflow of funds through money mule accounts, where “money mules” are person(s) who transfer or move illegally acquired money on behalf of someone else (Federal Bureau of Investigation, 2026[64]).
Financial scams and frauds are frequently cross-border in nature and may be orchestrated across several digital channels involving actors, infrastructure and intermediaries in multiple jurisdictions. Public authorities therefore face numerous challenges and enforcement limitations when fraudulent activity originates outside of their jurisdictions, particularly through unregulated digital channels. Challenges with addressing cross-border digital scams or frauds include difficulties obtaining evidence from foreign platforms, jurisdictional boundaries when attempting to pursue scammers or fraudsters based abroad, and barriers to recovering funds that are routed across multiple jurisdictions. These challenges intensify when fraud proceeds are rapidly converted into crypto-assets and moved through offshore or lightly regulated virtual asset service providers, decentralised platforms or peer-to-peer channels. Once funds enter crypto ecosystems, authorities may face constraints related to jurisdictional reach, data availability and technical capacity for transaction tracing and asset recovery.
Fifty-three respondents therefore engage in cross-border collaboration with other stakeholders to further facilitate information sharing and exchange. Cross-border collaboration is under development in seven respondents. Sometimes, this collaboration is with neighbouring jurisdictions. For example, Myanmar, China and Thailand collaborate to address online scams and illegal gambling.
Numerous respondents mentioned participation and engagement in the International Organisation of Securities Commissions (IOSCO), regional Financial Action Task Force (FATF) meetings, the European Securities and Markets Authority (ESMA), the OECD, the European Central Bank (ECB), the International Consumer Protection and Enforcement Network (ICPEN), the North American Securities Administrators Association (NASAA), and INTERPOL.
For instance, IOSCO recently launched I-SCAN, the International Securities & Commodities Alerts Network, a global real-time database of supervisory alerts on unauthorised firms or investments to improve the protection of clients and investors and to fight financial fraud. Platform providers have the opportunity to connect automatically to I-SCAN to more effectively block, warn against or eliminate illegal investment offerings from their platforms. I-SCAN can also be used by payment service providers to mitigate the risk of fraudulent payments. Another example is the econsumer.gov platform, an initiative of ICPEN where consumers can file a complaint regarding an international financial scam or fraud. The secure platform is hosted through the Consumer Sentinel Network of the U.S. Federal Trade Commission, allowing law enforcement to share and access consumer complaint data and helping consumer protection agencies spot trends and work together to prevent international scams (Federal Trade Commission, 2026[65]).
The National Financial Regulatory Administration of China noted that a collaboration with INTERPOL dismantled 1 770 fraud hubs and intercepted over USD 50 million in illicit funds during a three-month period from March to June 2022. In general, respondents underlined that participation and engagement in international fora help them monitor emerging trends and share information with relevant stakeholders.
As previously discussed in this report, effectively combatting financial scams and frauds involves co-operation from and with telecommunications providers, social media and online platforms. Co-operation between telecommunications providers, social media and online platforms, and other actors in the anti-fraud ecosystem, such as financial regulatory authorities and law enforcement agencies, highlights the importance of encouraging these providers to help prevent fraud on their platforms. Specifically, social media and online platforms can mitigate potential consumer or retail investor harm from financial scams and frauds that are orchestrated on their platforms through user-generated content and/or paid advertisements. These efforts can include removing advertisements by entities that are not authorised by, or are the subject of warnings from, the relevant public authority, removing fraudulent content and/or profiles following internal identification, and improving proactive monitoring processes to better identify fraudulent content.
Such measures have not necessarily been taken consistently by social media and online platforms across jurisdictions. For example, IOSCO is taking initiatives to engage with social media companies, search engines and internet providers to advocate for the restriction and monitoring of harmful or fraudulent content; in 2025, IOSCO issued a Statement on Combatting Online Harm and The Role of Platform Providers (IOSCO, 2025[31]). This statement calls on social media and online platforms to consider adopting a variety of measures, as consistent with local law, that can help disrupt online harm involving financial misconduct. These measures include conducting due diligence on unauthorised offerings (including by using I-SCAN), rigorously enforcing applicable terms of service by monitoring and swiftly removing investment scam content or advertisements that violate platform policies, developing and regularly updating anti-fraud internal processes, ensuring compliance with all applicable local laws and regulators where the company operates, and establishing active communication channels with financial regulators and governmental authorities.
In Singapore, for example, the Shared Responsibility Framework assigns explicit duties to banks and telecommunications providers (Monetary Authority of Singapore, 2024[66]). Under this framework, the Monetary Authority of Singapore (MAS) and the Infocomm Media Development Authority of Singapore (IMDA; the telecommunications regulator) act jointly; guidelines on the Shared Responsibility Framework clarify the allocation of responsibility for losses that arise from a defined scope of phishing scams. In the European Union, one of the key innovations of PSR is also co-operation and information exchange with telecommunications providers and digital platforms. In Thailand, for instance, the Emergency Decree on Technology Crime Prevention and Suppression (No. 2), B.E. 2568 (2025), which took effect in April 2025, imposes mandatory duties on key operators such as telecommunications, social media platforms, banks, payment service providers, and digital asset exchanges – enforced by the Bank of Thailand, SEC Thailand, the National Broadcasting and Telecommunications Commission of Thailand, and the Electronic Transactions Development Agency (ETDA). Non-compliance resulting in financial damages subjects operators to shared liability for both unauthorised payment fraud and authorised push payment (APP) fraud.
← 1. The CERTFin’s mission is to enhance the capacity of financial operators to manage cyber risk and to strengthen the cyber resilience of the Italian financial system, source: https://www.certfin.it/en/.