Failure to prevent fraud: Friendly fraud no longer only an operational risk

According to the UK's FCA, large businesses must implement reasonable fraud prevention procedures, including comprehensive fraud risk assessments, effective internal controls, regular training programs and executive-level governance and oversight.

Under this new framework, merchants no longer sit at the edge of financial regulation. Where compliance was once the domain of banks, acquirers, and payment service providers, the responsibility now extends to retailers and platforms. This legal shift compounds the existing financial and reputational damage of fraud. Merchants who once absorbed refund losses and chargebacks as a cost of doing business must now rethink their approach or risk prosecution.

Fraud here includes synthetic identities, syndicate activity, bonus and loyalty abuse, returns fraud, chargeback abuse - all tactics of friendly fraud that often operate in tandem.

Fraud is an ecosystem problem

Professional fraudsters operate like organised business: they test vulnerabilities, share techniques, and scale operations using stolen or fake identities. Your business might be targeted by synthetic identities, refund fraud rings and clusters of accounts run by a single fraudster.

If a small group of bad actors is exploiting your return or promo system, it's not a coincidence - it is a coordinated attack.

Banks have long been held accountable for failing to stop financial crime. Now, merchants must match that standard.

So where do merchants begin?

1. Perform a comprehensive risk assessment of business, fraud and payments rules. Friendly fraud starts at acquisition, activates at checkout, and is realised during disputes or refund claims.

2. Analyse historic consumer activity to understand the current distribution and clusters of fraudsters in your business, the activities they’re undertaking and the lost revenue you’ve incurred owing to these actions.

3. Learn from your peers on tactics and to identify known fraudsters in the ecosystem.

4. Define enhanced rules and processes to block the fraudsters and accept more trusted consumers.

5. Designate fraud prevention responsibilities to senior leaders, with board-level oversight.

6. Invest in continuous training and trend analysis to keep up with the evolving nature of fraud.

Not sure where to start?

Trudenty helps merchants map and mitigate friendly fraud through actionable intelligence, privacy-preserving data sharing, and regulatory alignment.

Get in touch before fraud escalates from revenue loss and operational inefficiencies to legal risk.