Fraudsters across the Asia Pacific are increasingly exploiting advanced artificial intelligence and deepfake technologies, making it harder for organisations to defend against financial crime.

As a result, many companies are tightening security controls, but in doing so risk locking out legitimate users, a growing issue known as digital exclusion.

Businesses are now being urged to adopt multilayered strategies that combine continuous, adaptive fraud monitoring with more inclusive verification systems.

Industry leaders say the challenge is no longer simply stopping fraud, but doing so without cutting genuine customers out of digital services.

There’s no way around it: The Asia Pacific is falling behind in its battle against fraud.

According to the 2025 Global Fraud Index by global verification and anti-fraud firm Sumsub, APAC has dropped from third to fourth place globally in fraud protection, trailing Europe, the Middle East, and the Americas.

This decline is reflected in the rankings of some of the region’s leading digital economies. Singapore, which was the global leader in fraud protection in 2024, has plummeted to 10th place.

Other nations have fallen further, with Malaysia dropping 52 spots to 86th place, and Indonesia slipping 11 places to rank at 111.

“This points to a critical challenge for the region,” says Penny Chai, vice president of APAC at Sumsub.

“The accelerating pace of digital growth is outstripping the implementation of effective fraud prevention strategies, putting both businesses and individuals at greater risk and eroding trust throughout APAC and beyond.” she said.

The widening cracks in APAC’s defences are being driven by increasingly accessible fraud tools, which allow criminals to exploit gaps in security and compliance systems.

According to Chai, deepfake fraud alone has jumped 194% year on year in APAC, while the average global business lost around US$300,000 per fraud incident in 2024.

This creates a fast-moving technological arms race between fraudsters and organisations, compounded by inconsistent regulatory and security frameworks across the region. The result is a fragmented defence environment that is easier for malicious actors to exploit.

As companies respond by tightening controls, a secondary issue is emerging: digital exclusion. This refers to the unintended blocking of legitimate users from accessing essential online services due to increasingly strict verification systems.

Sumsub’s Greenflag white paper suggests that more than 627 million people globally are excluded from digital services as a result of heightened security measures.

The group, if considered collectively, would represent the world’s third-largest “country” and an estimated US$1.7 trillion in lost economic opportunity.

The study highlights several key barriers. Around 70 million people are excluded due to country of origin restrictions, 96 million because their appearance no longer matches identity documents, and 243 million due to non-standard or outdated identification records.

According to Chai, many organisations still rely on one-size-fits-all risk models and legacy systems that fail to account for demographic diversity and evolving identities.

“As such, many businesses default to ‘reject first, ask questions later,’ prioritising fraud prevention over inclusion, and thus leaving entire communities out,” she notes.

The consequences can be severe.

The report shares the case of Jesus, a man from Spain who was locked out of his brokerage account after a car accident permanently altered his facial appearance, preventing facial recognition systems from verifying his identity and denying him access to his own funds.

“To truly close this gap, we need to shift from fear-based approaches to inclusive, adaptive verification that welcomes every genuine user without sacrificing security,” Chai says.

To address both fraud and exclusion, organisations are being encouraged to adopt layered, adaptive defence models.

Chai advocates “cyber-fraud fusion,” where cybersecurity and anti-fraud teams work more closely together to share intelligence and strengthen resilience.

This approach is becoming more urgent as 76% of fraud takes place after onboarding, making ongoing monitoring essential rather than optional.

At the same time, regulatory expectations are increasing, with measures such as Singapore’s Protection from Scams Bill set to place greater responsibility on platforms to prevent user losses.

Technology is also evolving to support more inclusive verification. Document-free systems, for example, allow users to verify identity through alternative data points rather than traditional identification documents.

Sumsub’s Non-Doc verification solution enables users to log in using document numbers or bank accounts, followed by a liveness check to confirm they are physically present.

Their identity is then verified against government-authorised databases, often within 4.5 seconds, significantly faster than traditional document-based processes.

The company reports that this approach can reduce processing time by up to 53 per cent and increase customer pass rates by 35 per cent.

Still, Chai says broader collaboration is required. “Building a safer and more inclusive digital infrastructure requires continued collaboration among policymakers, businesses, and verification providers,” she says.

Looking ahead, organisations are being urged to embed fraud prevention more deeply into their operations rather than treating it as a compliance function.

“Ensuring anti-fraud strategies succeed begins with clear leadership and fostering collaboration across cybersecurity, compliance, and onboarding teams,” Chai says.

“Fraud is always advancing,” Chai said. “The strongest teams stay ready by investing in both people and intelligence.”