Skip to main content
ComplianceFinancial Fraud

Improve Collaboration: Best Must-Have Steps to Beat Fraud

Improve Collaboration: Best Must-Have Steps to Beat Fraud

When fraud rises, who should speak first — banks, telecoms, government, or the tech firms that power our lives? The dilemma is not rhetorical: criminals thrive on delay and secrecy; defenders need speed and openness. Industry body techUK has urged real-time intelligence sharing across sectors as a way to close that gap, but moving from call to action requires more than goodwill — it demands practical steps, shared standards and cultural change.

Fraud today plays out across devices, networks and institutions. Attackers use stolen credentials, misconfigured cloud services, social engineering and open-source intelligence to piece together opportunities that cross organizational boundaries. As one analysis notes, human behavior and cloud misconfiguration amplify technical weaknesses: temporary shares become permanent exposures, and permissions creep opens lateral pathways for attackers to do greater harm .

Why real-time, cross-sector sharing matters: many fraud schemes span payment systems, identity providers, communications platforms and public records. A bank may see a pattern of account takeovers; a telco may notice SIM-swap activity; an online marketplace may flag suspicious listings. If those signals remain siloed, the adversary moves undetected from one domain to another. techUK’s recommendation for live intelligence exchange is rooted in closing precisely that visibility gap — enabling defenders to act faster and coordinatedly before losses multiply.

Background: calls for greater sharing are not new. Law enforcement, regulators and industry groups such as CISA and national CERTs have long advocated collaboration, but practical obstacles persist. Legal limits on data sharing, privacy concerns, inconsistent formats, and the risk of revealing sensitive counter-fraud methods slow the pace. Moreover, organizational cultures often treat data as proprietary competitive advantage rather than a public good in the fight against fraud.

What a must-have playbook for collaboration looks like in practice — concrete steps that organizations can implement now:

  • Inventory and intent: Map where sensitive data and signals live, who has access, and why. Know which repositories, logs and partner feeds are relevant to fraud detection and response .
  • Automate short-lived access: Use expiring links and short-lived tokens for cross-organization sharing so that a temporary collaboration does not become a persistent exposure .
  • Harden identity and access: Enforce multi-factor authentication (MFA), conditional access, and least privilege for systems that handle fraud telemetry; limit guest privileges and require re-authentication for sensitive actions .
  • Monitor, classify and alert: Deploy automated discovery and classification to find risky shares and data leakage; push relevant indicators to partner channels in standardized formats to enable rapid triage .
  • Embed ownership and governance: Assign data stewards, conduct regular access reviews and bake approval gates into collaboration workflows so responsibilities are clear and auditable .
  • Share actionable, sanitized intelligence: Exchange indicators of compromise (IoCs), tactic descriptions and behavioral patterns in machine-readable, privacy-preserving formats — not raw personal data — to respect legal and ethical boundaries.
  • Train with real cases: Use anonymized breach case studies to teach front-line staff when and how to share, reducing accidental exposure and improving judgement under pressure .

These steps combine technical controls with culture and process. Technology alone — even advanced telemetry and machine learning — cannot close the loop if people don’t know what to share, with whom, and how long access should last. A layered approach that includes policy, education and tooling aligns incentives and reduces the chance that well-intentioned collaboration becomes a vector for fraud.

Policy and legal perspectives: policymakers can help by clarifying lawful pathways for intelligence sharing, standardizing data formats and safe-harbor protections for entities that share in good faith. Regulators can also encourage minimum security baselines — for example, mandating token expirations or default restrictions on external sharing — while balancing privacy and civil liberties. Industry bodies like techUK act as neutral conveners to define interoperable standards and best practices; their call for real-time sharing is an example of industry-led policy shaping.

Technologists’ view: engineers emphasize standardized APIs, schema (such as STIX/TAXII for threat intelligence), and automation to reduce human latency. Machine-readable feeds let defenders operationalize intelligence at scale, but they require common ontologies and trust frameworks. Without trust anchors — mutual authentication and accountability — rapid sharing risks abuse or inadvertent leakage.

Users and consumers: everyday users benefit when institutions collaborate effectively — faster disruption of fraudulent transactions, fewer false positives, and quicker remediation. Yet users worry about privacy and mission creep. Transparency about what is shared, why, and how long it is retained will be critical to maintaining public confidence.

Adversaries’ advantage: fraudsters count on delay, ambiguity and fragmented defenses. They exploit stolen credentials, exposed links and slow communication between victim organizations. Real-time sharing erodes the window in which attackers can monetize access, but only if the shared signals are timely, trustworthy and acted upon.

Implementation challenges and mitigations:

  • Legal and privacy constraints — mitigate with anonymization, aggregation, and legal frameworks that permit limited sharing for fraud prevention.
  • Standards fragmentation — mitigate by adopting established formats (threat intelligence standards) and participating in industry consortia to agree on schemas and semantics.
  • Trust and governance — mitigate with signed feeds, mutual non-disclosure agreements tailored for incident response, and audit trails that show how shared intelligence was used.
  • Free-rider and cost issues — mitigate by demonstrating ROI through pilot programs and shared platforms that lower the marginal cost of participation.

In short, beating fraud at scale requires a culture shift from “protect everything in silo” to “protect together.” Organizations must pair technical measures — MFA, conditional access, automated discovery and short-lived sharing tokens — with governance: clear stewardship, periodic audits and staff training that focuses on when and how to share safely .

As techUK and others push for faster cross-sector exchange, the toughest questions are not technical: they are about trust, law and how to balance speed with privacy. Can institutions build the shared frameworks needed to move intelligence in real time without exposing new vectors of harm? The answer will determine whether collaboration becomes the fraudster’s foil or another instrument for exploitation.

Source: https://www.infosecurity-magazine.com/news/collaboration-hit-back-rising/