I get a certain satisfaction from spotting and avoiding a SIM-swap scam, phishing attempt or the smooth patter of a romance hustler. Yet I can’t shake the feeling that one day I’ll slip, that a moment’s distraction will cost me dearly. Friends sharper than I have been caught. My parents have lost thousands, as have plenty of others like them. And with AI turbocharging the scammer’s toolkit, the odds are worsening.

We keep treating fraud as a passing headline: a bigger number, a new scam, another warning. Then we move on. But fraud isn’t a glitch at the edge of the financial system anymore. It’s baked in. We put money on a superhighway – instant, borderless, mobile-first – and then act surprised when criminals use the same lanes.

The scale is sobering. The South African Banking Risk Information Centre (Sabric) says digital banking fraud incidents in SA surged 86% in 2024, with losses climbing 74% to nearly R1.9 billion. Telecom-linked fraud is estimated at R5.3 billion a year, with an estimated 60% of mobile-banking breaches tied to SIM swaps. Globally, the FBI says Americans lost $16.6 billion to cybercrime in 2024, while UK banks logged more than £1.1 billion. The scams range from deepfake video calls to endless phishing texts. All of which are being polished by AI.

It’s not as if banks, telcos and platforms are doing nothing. Sabric highlights the investments: in-app alerts, fraud detection powered by machine learning; blocks if remote-access apps are detected on a device; SIM-swap checks tightened with biometric voiceprints and ID scans; advertiser verification for financial services. And yet the fraud numbers keep climbing. Institutions are fighting hard, but effort on its own isn’t enough. Until liability is shared across banks, telcos and platforms, prevention will remain patchy, and criminals will keep finding the weakest link. Shifting liability isn’t about punishing banks or anyone else; it’s about ensuring everyone with the power to stop fraud has skin in the game.

Right now, when a client is tricked into paying a fake supplier or a fraudster, the victim usually swallows the loss. Everyone is sorry, but mostly no entity is financially accountable. Flip that, and the system changes. If sending banks are on the hook when they don’t add friction

to a risky first-time payment, they’ll add more smart checks. If receiving banks must share losses when mule accounts slip through, they’ll invest more in shutting them down. If telcos pay when SIM swaps enable fraud, swaps will take longer and be harder to fake. If platforms that profit from dodgy ads must reimburse victims, those ads will diminish. Once the losses occur, controls get very creative very quickly.

We know this works. In the UK, regulators have made reimbursement mandatory for most authorised push-payment scams, splitting the cost between the sending and receiving banks. Singapore has gone further, creating a shared-responsibility framework that ropes in banks and telcos. Even in the US, some payment networks have started reimbursing victims of imposter scams after pressure from lawmakers. SA, by contrast, still leaves most of the bill with the victim.

Alongside shifting liability, we need something simpler for consumers themselves. Let’s call it ‘guardian mode’. It isn’t new tech, just a way of bundling together existing protections. Banks already offer bits and pieces such as daily transfer limits, card freezes and biometric logins, but they are buried in menus. Guardian mode would simply gather them into one switch. ‘On’ means safer defaults: passkeys instead of SMS codes, a delay for new payees, a call-back if you change bank details and a freeze button if something feels wrong, for example. None of this would slow everyday payments to your usual accounts, but it would add guardrails at the exact places criminals exploit: urgency and secrecy.

For most, this all lands on the mobile phone. If the phone is the battleground, we must fix the trenches: no sideloaded support apps, no approvals while you are on a call with a stranger,

no easy bypass of biometrics for convenience. Guardian mode should be the default. This will add cost and friction, but the alternative is worse: rising fraud losses that tax every trans-action, discourage digital adoption and erode confidence in financial institutions. Personal responsibility still matters – a lot. But strong systems give ordinary people leverage. The point is to make the safe action the easy action.

Scammers will adapt and AI will keep arming them, but finance can become more resilient if we spend innovation budgets on trust, not just speed. Keep reporting the numbers, but ask, what are we willing to slow down, and share liability for, to buy back trust? If we can answer that, our financial system will be stronger.

By Sasha Planting