Beyond reimbursement: ACI’s Jackie Barwell on stopping APP scams while the money is still in flight

A victim is talked into moving money to an account they believe is safe. The funds land somewhere, often in an account opened for exactly that purpose, and move on within minutes. For years the bank receiving that money carried none of the cost when the payment turned out to be a scam. The loss sat with the sending bank, or with the victim. That single fact shaped where the industry spent its effort, and where it had little reason to.

Jackie Barwell has spent more than twenty-five years on the prevention side of that problem. She ran global fraud management at Citigroup, then led fraud and risk work at First Data and financial crime products at Actimize, and for the past fourteen years she has been at ACI Worldwide, where she is director of fraud product management. Ahead of her panel at Payments Unleashed EMEA, she makes a case more hopeful than the headlines usually allow. The rules that shifted the cost of scams, she says, have quietly changed how banks behave, and the industry is closer than it has ever been to stopping fraud while the money is still moving. It is simply not there yet.

Ask Barwell whether reimbursement has reduced scams and she gives the honest answer first. It has not cut the number of attempts, and it has not slowed the rise in attacks, in either volume or variation. What it changed is where banks look. Since October 2024, under the Payment Systems Regulator, the cost of an authorised push payment scam is split fifty-fifty between the sending and the receiving bank, up to £85,000, putting a real incentive on the receiving end for the first time. Before that, the receiving bank was not on the hook for any share of the loss. “Now it is on the hook for fifty percent of every loss. And that hurts.”

The figures bear out the first half of her answer. UK Finance, the banking trade body, reported that APP scam losses in the UK rose 19 percent to £576.4 million in 2025, with cases up to 248,070, even as banks reimbursed £354.3 million, about 61 percent of those losses on a UK Finance measure that captures more than the mandatory regime alone. Reimbursement changed the economics of who pays. It has not, on its own, shrunk the scam economy.

That pain, in her view, has done useful work. It pushed banks toward stronger onboarding controls, because, as she puts it, an account may be “dodgy” from the start, opened purely to receive stolen funds. It drew the anti-money-laundering teams, who watch for mule accounts, into much closer work with the fraud teams. And it turned analytical tools that had always been pointed at money leaving an account onto money arriving in one, creating the ability to question and even refuse incoming funds “in a way that’s never happened before.” The number of attempted scams keeps climbing. The number that succeed, she believes, now sits below where it would have without that shift.

The same shift gave every fraud team a richer picture of its own customers, not just how, when and where they spend money, but how, when and where they receive it. And if one team is sitting on that kind of detail, Barwell points out, so is every other bank. Each is sitting on its own goldmine. The prize is being able to share that intelligence in real time, while a transaction is still in flight, rather than comparing notes after the money has gone. The industry, she says, is so close to that. What stands in the way is the absence of a fast, trusted way to move the signal between institutions at the moment it matters. Until that exists, her verdict is blunt: “the fraudster will continue to have the upper hand.”

On whether banks and telecoms firms are finally pulling together, Barwell is measured. The mindsets are aligned, she says, and telecoms providers already do a great deal of work on fraud and scam prevention. But the intelligence and the strategy are still worked in silos, and the reason is accountability. Accountability for the cost of a successful scam still sits primarily with the financial institution, even where it can be shown that a telecoms channel played a large part in it. Until that changes, collaboration stays harder than it should be. Her prescription is direct. The industry, she argues, has to “remove the competitive edge when it comes to fraud prevention,” so that everyone is finally on “a level playing field with the fraudster.”

What does good fraud prevention look like when the decision has to happen in milliseconds? Barwell thinks the industry is on the edge of it, because several things have arrived at once, a “perfect storm” in her phrase. The first is technology. The ability to analyse data has never been stronger, and AI now builds unsupervised, self-learning models that turn raw activity into “signals,” and those signals can be shared in ways designed to stay within data-protection rules, which she sees as lifting an old barrier to collaboration. The second is real-time payments themselves, where one part of the payment is controlled entirely by the account holder, and it is exactly that piece of “control” the fraudster has become expert at weakening. The third is the reimbursement rules. The fourth is a genuine desire among banks to know what the bank on the other side knows at the moment of the transaction. And the fifth is regulation catching up.

The legal piece is the most concrete of the five. Since January 2024, the Economic Crime and Corporate Transparency Act has given banks a firm legal footing to share customer information for the purpose of preventing and detecting economic crime, including fraud, either directly or through a shared platform, easing the old worry about breaching confidentiality. The footing exists. What is still missing, Barwell says, is the rail. The industry needs the shared infrastructure on which this exchange can actually happen, perhaps something central, that strips out the competitive barriers and lets every party, large or small, swap real-time intelligence and stop frauds while they are still in flight. The new sharing powers are still not being used at their full potential, and that gap is precisely the distance between so close and there.

Jackie Barwell joins Banking Breakout 3, Beyond Reimbursement: scams, AI, and shared liability in a real-time world, at Payments Unleashed EMEA. The event opens with an evening reception on 29 June at 12th Knot, Sea Containers, and continues with a full day of content on 30 June at the Hilton London Bankside, bringing senior payments leaders from across EMEA together for sessions on real-time payments, fraud and scam liability, sovereignty in European payments, and the shift to always-on banking.

Every piece is finally on the table, she argues: the technology, the payments, the rules, the will, and now the law. What is missing is the shared rail to carry the signal while the money is still moving. Build that, and the upper hand starts to change sides.