Blog

What the Singapore NRA Report Means for Your Business

Site Logo
Tookitaki
29 November 2024
read
4 min

The 2024 Money Laundering National Risk Assessment (NRA) from the Monetary Authority of Singapore (MAS) provides crucial and indispensable insights for businesses that are navigating the intricate and often challenging landscape of financial compliance.

This extensive and detailed report illuminates a range of emerging threats and vulnerabilities that are present within Singapore's financial system, highlighting the urgent need for organisations to reassess and potentially overhaul their current approach to Anti-Money Laundering (AML) measures. The report emphasises the importance of staying ahead of these evolving risks to protect the integrity of financial operations.

But what does this mean for your business? How can these insights be translated into actionable strategies that safeguard your operations? Let’s delve deeper and decode the implications to understand how your business can adapt and thrive in this dynamic environment.

Unveiling the Key Risks

The NRA report pinpoints several high-risk areas for financial crime, including:

  • Rapid Pass-Through Transactions: These transactions are characterised by their ability to allow illicit funds to move swiftly across international borders, effectively concealing their origin and making it difficult for authorities to trace the money back to its source. This method is often used by criminals to launder money by taking advantage of the global financial system's complexity and the varying regulatory standards across different jurisdictions. 
  • Misuse of Legal Entities: Shell companies and other legal structures are frequently exploited for illegal purposes, such as money laundering and tax evasion. These entities are often set up with the sole intention of obscuring the true ownership and control of assets, making it difficult for regulators and law enforcement agencies to track financial flows and identify the individuals behind illicit activities. 
  • Cyber-Enabled Fraud: With the rapid rise of digital payments and online financial services, cybercrime has become a critical concern for the financial industry. Cybercriminals exploit vulnerabilities in digital platforms to commit fraud, steal sensitive information, and launder money. The increasing sophistication of cyber-attacks, coupled with the anonymity provided by the internet, makes it challenging for financial institutions to safeguard their systems and protect their customers from financial crime. 
  • Organised Crime: Organised crime groups are continually evolving their methods to exploit financial systems for their benefit. These groups are highly adaptive and often operate across multiple countries, using complex networks to conduct illegal activities such as drug trafficking, human trafficking, and money laundering. Their ability to innovate and leverage new technologies poses a significant threat to the integrity of the financial system. 
  • Complex Cross-Border Transactions: International money transfers pose significant challenges for monitoring and compliance due to the complexity and volume of transactions that occur across different countries. These transactions often involve multiple financial institutions and jurisdictions, each with its own regulatory requirements and standards. The lack of uniformity in global AML regulations makes it difficult to track and monitor cross-border financial flows effectively. 

For businesses, particularly in banking, fintech, and Corporate Service Providers (CSPs), these risks demand a more proactive and technologically advanced approach to AML compliance. This includes investing in cutting-edge technologies, such as artificial intelligence and machine learning, to enhance transaction monitoring and risk assessment processes.

Additionally, businesses must foster a culture of compliance and ensure that their employees are well-trained and aware of the latest threats and regulatory requirements. By adopting a forward-thinking and comprehensive approach to AML compliance, businesses can better protect themselves against the evolving landscape of financial crime.

{{cta-ebook}}

Sectoral Vulnerabilities: A Closer Look

The NRA highlights vulnerabilities specific to key sectors:

  • Banks: High transaction volumes make banks prime targets for rapid pass-through schemes. Enhanced due diligence (EDD) and customer due diligence (CDD) processes are essential to mitigate these risks.
  • Fintech Payment Institutions: Cross-border transactions, often rapid and anonymous, present unique challenges. Institutions need advanced real-time monitoring systems and robust frameworks to combat these threats.

What Businesses Can Do

Understanding the risks is only the first step. Businesses must take action to safeguard themselves:

  1. Adopt Advanced AML Technologies: Platforms like Tookitaki’s FinCense offer end-to-end compliance tools, including real-time transaction monitoring and customer risk scoring. These AI-driven solutions reduce false positives and improve efficiency.
  2. Leverage Collective Intelligence: The Anti-Financial Crime (AFC) Ecosystem, a Tookitaki innovation, allows institutions to share insights and strategies, creating a stronger defence against financial crime.
  3. Invest in Training and Awareness: Regular updates and training ensure your team stays ahead of evolving threats.
  4. Stay Compliant with Evolving Regulations: Align with the MAS recommendations and global AML standards to ensure your operations remain secure and compliant.

Why This Matters

The AFC Ecosystem’s analysis of the NRA’s findings reveals a promising fact: 75% of the risks identified are already addressed by its existing typologies and solutions. By aligning with such frameworks, businesses can strengthen their defences and maintain a competitive edge.

The Singapore NRA report serves as a wake-up call for businesses to refine their AML strategies. With financial crimes becoming more sophisticated, tools like Tookitaki’s FinCense and the AFC Ecosystem can help you stay ahead. By leveraging cutting-edge technologies and collective intelligence, you can ensure your business remains secure and compliant.

To delve deeper into the findings and strategies, download our whitepaper: "Decoding the AML Risk: An In-depth Analysis of Singapore's Money Laundering Risk Assessment 2024." Empower your business with insights and tools to combat financial crime effectively.

By submitting the form, you agree that your personal data will be processed to provide the requested content (and for the purposes you agreed to above) in accordance with the Privacy Notice

success icon

We’ve received your details and our team will be in touch shortly.

In the meantime, explore how Tookitaki is transforming financial crime prevention.
Learn More About Us
Oops! Something went wrong while submitting the form.

Ready to Streamline Your Anti-Financial Crime Compliance?

Our Thought Leadership Guides

Blogs
20 Aug 2025
6 min
read

Ferraris, Ghost Cars, and Dirty Money: Inside Australia’s 2025 Barangaroo Laundering Scandal

In July 2025, Sydney’s Barangaroo precinct became the unlikely stage for one of Australia’s most audacious money laundering cases. Beyond the headlines about Ferraris and luxury goods lies a sobering truth: criminals are still exploiting the blind spots in Australia’s financial crime defences.

A Case That Reads Like a Movie Script

On 30 July 2025, Australian police raided properties across Sydney and arrested two men—Bing “Michael” Li, 38, and Yizhe “Tony” He, 34.

Both men were charged with an astonishing 194 fraud-related offences. Li faces 87 charges tied to AUD 12.9 million, while He faces 107 charges tied to about AUD 4 million. Authorities also froze AUD 38 million worth of assets, including Bentleys, Ferraris, designer goods, and property leases.

At the heart of the case was a fraud and laundering scheme that funnelled stolen money into the high-end economy of cars, luxury fashion, and short-term property leases. Investigators dubbed them “ghost cars”—vehicles purchased as a way to obscure illicit funds.

It’s a tale that grabs attention for its glitz, but what really matters is the deeper lesson: Australia still has critical AML blind spots that criminals know how to exploit.

Talk to an Expert

How the Syndicate Operated

The mechanics of the scheme reveal just how calculated it was:

  • Rapid loan cycling: The accused are alleged to have obtained loans, often short-term, which were cycled quickly to create complex repayment patterns. This made tracing the origins of funds difficult.
  • Luxury asset laundering: The money was used to purchase high-value cars (Ferraris, Bentleys, Mercedes) and designer items from brands like Louis Vuitton. Assets of prestige become a laundering tool, integrating dirty money into seemingly legitimate wealth.
  • Property as camouflage: Short-term leases of expensive properties in Barangaroo and other high-end districts provided both a lifestyle cover and another channel to absorb illicit funds.
  • Gatekeeper loopholes: Real estate agents, accountants, and luxury dealers in Australia are not yet fully bound by AML/CTF obligations. This gap created the perfect playground for laundering.

What’s striking is not the creativity of the scheme—it’s the simplicity. By targeting sectors without AML scrutiny, the syndicate turned everyday transactions into a pipeline for cleaning millions.

The Regulatory Gap

This case lands at a critical time. For years, Australia has been under pressure from the Financial Action Task Force (FATF) to extend AML/CTF laws to the so-called “gatekeeper professions”—real estate agents, accountants, lawyers, and dealers in high-value goods.

As of 2025, these obligations are still not fully in place. The expansion is only scheduled to take effect from July 2026. Until then, large swathes of the economy remain outside AUSTRAC’s oversight.

The Barangaroo arrests underscore what critics have long warned: criminals don’t wait for legislation. They are already steps ahead, embedding illicit funds into sectors that regulators have yet to fence off.

For businesses in real estate, luxury retail, and professional services, this case is more than a headline—it’s a wake-up call to prepare now, not later.

ChatGPT Image Aug 19, 2025, 01_54_51 PM

Why This Case Matters for Australia

The Barangaroo case isn’t just about two individuals—it highlights systemic vulnerabilities in the Australian financial ecosystem.

  1. Criminal Adaptation: Syndicates will always pivot to the weakest link. If banks tighten their checks, criminals move to less regulated industries.
  2. Erosion of Trust: When high-value markets become conduits for laundering, it damages Australia’s reputation as a clean, well-regulated financial hub.
  3. Compliance Risk: Businesses in these sectors risk being blindsided by new regulations if they don’t start implementing AML controls now.
  4. Global Implications: With assets like luxury cars and crypto being easy to move or sell internationally, local failures in AML quickly ripple across borders.

This isn’t an isolated story. It’s part of a broader trend where fraud, luxury assets, and regulatory lag intersect to create fertile ground for financial crime.

Lessons for Businesses

For financial institutions, fintechs, and gatekeeper industries, the Barangaroo case offers several practical takeaways:

  • Monitor for rapid loan cycling: Short-term loans repaid unusually fast, or loans tied to sudden high-value purchases, should trigger alerts.
  • Scrutinise asset purchases: Repeated luxury acquisitions, especially where the source of funds is vague, are classic laundering red flags.
  • Don’t rely solely on regulation: Just because AML obligations aren’t mandatory yet doesn’t mean businesses can ignore risk. Voluntary adoption of AML best practices can prevent reputational damage.
  • Collaborate cross-sector: Banks, real estate firms, and luxury dealers must share intelligence. Laundering rarely stays within one sector.
  • Prepare for 2026: When the law expands, regulators will expect not just compliance but also readiness. Being proactive now can avoid penalties later.

How Tookitaki’s FinCense Can Help

The Barangaroo case demonstrates a truth that regulators and compliance teams already know: criminals are fast, and rules often move too slowly.

This is where FinCense, Tookitaki’s AI-powered compliance platform, makes the difference.

  • Scenario-based Monitoring
    FinCense doesn’t just look for generic suspicious behaviour—it monitors for specific typologies like “rapid loan cycling leading to high-value asset purchases.” These scenarios mirror real-world cases, allowing institutions to spot laundering patterns early.
  • Federated Intelligence
    FinCense leverages insights from a global compliance community. A laundering method detected in one country can be quickly shared and simulated in others. If the Barangaroo pattern emerged elsewhere, FinCense could help Australian institutions adapt almost immediately.
  • Agentic AI for Real-Time Detection
    Criminal tactics evolve constantly. FinCense’s Agentic AI ensures models don’t go stale—it adapts to new data, learns continuously, and responds to threats as they arise. That means institutions don’t wait months for rule updates; they act in real time.
  • End-to-End Compliance Coverage
    From customer onboarding to transaction monitoring and investigation, FinCense provides a unified platform. For banks, this means capturing anomalies at multiple points, not just after funds have already flowed into cars and luxury handbags.

The result is a system that doesn’t just tick compliance boxes but actively prevents fraud and laundering—protecting both businesses and Australia’s reputation.

The Bigger Picture: Trust and Reputation

Australia has ambitions to strengthen its role as a regional financial hub. But trust is the currency that underpins global finance.

Cases like Barangaroo remind us that even one high-profile lapse can shake investor and customer confidence. With scams and laundering scandals making headlines globally—from Crown Resorts to major online frauds—Australia cannot afford to be reactive.

For businesses, the message is clear: compliance isn’t just about avoiding fines, it’s about protecting your licence to operate. Customers and partners expect vigilance, transparency, and accountability.

Conclusion: A Warning Shot

The Barangaroo “ghost cars and luxury laundering” saga is more than a crime story—it’s a preview of what happens when regulation lags and businesses underestimate financial crime risk.

With AUSTRAC set to extend AML coverage in 2026, industries like real estate and luxury retail must act now. Waiting until the law forces compliance could mean walking straight into reputational disaster.

For financial institutions and businesses alike, the smarter path is to embrace advanced solutions like Tookitaki’s FinCense, which combine scenario-driven intelligence with adaptive AI.

Because at the end of the day, Ferraris and Bentleys may be glamorous—but when they’re bought with dirty money, they carry a far higher cost.

Ferraris, Ghost Cars, and Dirty Money: Inside Australia’s 2025 Barangaroo Laundering Scandal
Blogs
30 Jul 2025
5 min
read

Cracking Down Under: How Australia Is Fighting Back Against Fraud

Fraud in Australia has moved beyond stolen credit cards, today’s threats are smarter, faster, and often one step ahead.

Australia is facing a new wave of financial fraud—complex scams, cyber-enabled deception, and social engineering techniques that prey on trust. From sophisticated investment frauds to deepfake impersonations, criminals are evolving rapidly. And so must our fraud prevention strategies.

This blog explores how fraud is impacting Australia, what new methods criminals are using, and how financial institutions, businesses, and individuals can stay ahead of the game. Whether you're in compliance, fintech, banking, or just a concerned citizen, fraud prevention is everyone’s business.

The Fraud Landscape in Australia: A Wake-Up Call

In 2024 alone, Australians lost over AUD 2.7 billion to scams, according to data from the Australian Competition and Consumer Commission (ACCC). The Scamwatch program reported an alarming rise in phishing, investment scams, identity theft, and fake billing.

A few alarming trends:

  • Investment scams accounted for over AUD 1.3 billion in losses.
  • Business email compromise (BEC) and invoice fraud targeted SMEs.
  • Romance and remote access scams exploited personal vulnerability.
  • Deepfake scams and AI-generated impersonations are on the rise, particularly targeting executives and finance teams.

The fraud threat has gone digital, cross-border, and real-time. Traditional controls alone are no longer enough.

Talk to an Expert

Why Fraud Prevention Is a National Priority

Fraud isn't just a financial issue—it’s a matter of public trust. When scams go undetected, victims don’t just lose money—they lose faith in financial institutions, government systems, and digital innovation.

Here’s why fraud prevention is now top of mind in Australia:

  • Real-time payments mean real-time risks: With the rise of the New Payments Platform (NPP), funds can move across banks instantly. This has increased the urgency to detect and prevent fraud in milliseconds—not days.
  • Rise in money mule networks: Criminal groups are exploiting students, gig workers, and the elderly to launder stolen funds.
  • Increased regulatory pressure: AUSTRAC and ASIC are putting more pressure on institutions to identify and report suspicious activities more proactively.

Common Fraud Techniques Seen in Australia

Understanding how fraud works is the first step to preventing it. Here are some of the most commonly observed fraud techniques:

a) Business Email Compromise (BEC)

Fraudsters impersonate vendors, CEOs, or finance officers to divert funds through fake invoices or urgent payment requests. This is especially dangerous for SMEs.

b) Investment Scams

Fake trading platforms, crypto Ponzi schemes, and fraudulent real estate investments have tricked thousands. Often, these scams use fake celebrity endorsements or “guaranteed returns” to lure victims.

c) Romance and Sextortion Scams

These scams manipulate victims emotionally, often over weeks or months, before asking for money. Some even involve blackmail using fake or stolen intimate content.

d) Deepfake Impersonation

Using AI-generated voice or video, scammers are impersonating real people to initiate fund transfers or manipulate staff into giving away sensitive information.

e) Synthetic Identity Fraud

Criminals use a blend of real and fake information to create a new, ‘clean’ identity that can bypass onboarding checks at banks and fintechs.

20250730_2107_Cybersecurity Precaution Scene_remix_01k1dzk8hwfd4t9rd8mkhzgr1w

Regulatory Push for Smarter Controls

Regulators in Australia are stepping up their efforts:

  • AUSTRAC has introduced updated guidance for transaction monitoring and suspicious matter reporting, pushing institutions to adopt more adaptive, risk-based approaches.
  • ASIC is cracking down on investment scams and calling for platforms to implement stricter identity and payment verification systems.
  • The ACCC’s National Anti-Scam Centre launched a multi-agency initiative to disrupt scam operations through intelligence sharing and faster response times.

But even regulators acknowledge: compliance alone won't stop fraud. Prevention needs smarter tools, better collaboration, and real-time intelligence.

A New Approach: Proactive, AI-Powered Fraud Prevention

The most forward-thinking banks and fintechs in Australia are moving from reactive to proactive fraud prevention. Here's what the shift looks like:

✅ Real-Time Transaction Monitoring

Instead of relying on static rules, modern systems use machine learning to flag suspicious behaviour—like unusual payment patterns, high-risk geographies, or rapid account-to-account transfers.

✅ Behavioural Analytics

Understanding what ‘normal’ looks like for each user helps detect anomalies fast—like a customer suddenly logging in from a new country or making a large transfer outside business hours.

✅ AI Copilots for Investigators

Tools like AI-powered investigation assistants can help analysts triage alerts faster, recommend next steps, and even generate narrative summaries for suspicious activity reports.

✅ Community Intelligence

Fraudsters often reuse tactics across institutions. Platforms like Tookitaki’s AFC Ecosystem allow banks to share anonymised fraud scenarios and red flags—so everyone can learn and defend together.

✅ Federated Learning Models

These models allow banks to collaborate on fraud detection algorithms without sharing customer data—bringing the power of collective intelligence without compromising privacy.

Fraud Prevention Best Practices for Australian Institutions

Whether you're a Tier-1 bank or a growing fintech, these best practices are critical:

  1. Prioritise real-time fraud detection tools that work across payment channels and digital platforms.
  2. Train your teams—fraudsters are exploiting human error more than technical flaws.
  3. Invest in explainable AI to build trust with regulators and internal stakeholders.
  4. Use layered defences: Combine transaction monitoring, device fingerprinting, behavioural analytics, and biometric verification.
  5. Collaborate across the ecosystem—join industry platforms, share intel, and learn from others.

How Tookitaki Supports Fraud Prevention in Australia

Tookitaki is helping Australian institutions stay ahead of fraud by combining advanced AI with collective intelligence. Our FinCense platform offers:

  • End-to-end fraud and AML detection across transactions, customers, and devices.
  • Federated learning that enables risk detection with insights contributed by a global network of financial crime experts.
  • Smart investigation tools to reduce alert fatigue and speed up response times.

The Role of Public Awareness in Prevention

It’s not just institutions—customers play a key role too. Public campaigns like Scamwatch, educational content from banks, and media coverage of fraud trends all contribute to prevention.

Simple actions like verifying sender details, avoiding suspicious links, and reporting scam attempts can go a long way. In the fight against fraud, awareness is the first line of defence.

Conclusion: Staying Ahead in a Smarter Fraud Era

Fraud prevention in Australia can no longer be treated as an afterthought. The threats are too advanced, too fast, and too costly.

With the right mix of technology, collaboration, and education, Australia can stay ahead of financial criminals—and turn the tide in favour of consumers, businesses, and institutions alike.

Whether it’s adopting AI tools, sharing threat insights, or empowering individuals, fraud prevention is no longer optional. It’s the new frontline of trust.

Cracking Down Under: How Australia Is Fighting Back Against Fraud
Blogs
29 Jul 2025
6 min
read

The CEO Wasn’t Real: Inside Singapore’s $499K Deepfake Video Scam

In March 2025, a finance director at a multinational firm in Singapore authorised a US$499,000 payment during what appeared to be a Zoom call with the company’s senior leadership. There was just one problem: none of the people on the call were real.

What seemed like a routine virtual meeting turned out to be a highly orchestrated deepfake scam, where cybercriminals used artificial intelligence to impersonate the company’s Chief Financial Officer and other top executives. The finance director, believing the request was genuine, wired nearly half a million dollars to a fraudulent account.

The incident has sent shockwaves across the financial and corporate world, underscoring the fast-evolving threat of deepfake technology.

Background of the Scam

According to Singapore police reports, the finance executive received a message from someone posing as the company’s UK-based CFO. The message requested an urgent fund transfer to facilitate a confidential acquisition. To build credibility, the fraudster set up a Zoom call — featuring multiple senior executives, all appearing and sounding authentic.

But the entire video call was fabricated using deepfake technology.

These weren’t just stolen profile photos; they were AI-generated likenesses with synced facial movements and realistic voices, mimicking actual executives. The finance director, seeing what seemed like familiar faces and hearing familiar voices, followed through with the transfer.

Only later did the company realise that the actual executives had never been on the call.

What the Case Revealed

This wasn’t just another phishing email or spoofed WhatsApp message. This was next-level digital deception. Here’s what made it chillingly effective:

  • Multi-party deepfake execution – The fraud involved several synthetic identities, all rendered convincingly in real-time to simulate a legitimate boardroom environment.
  • High-level impersonation – Senior figures like the CFO were cloned with accurate visual and vocal characteristics, heightening the illusion of authority and urgency.
  • Deeply contextual manipulation – The scam leveraged business context (e.g. M&A activity, board-level communications) that suggested insider knowledge.

Singapore’s police reported this as one of the most convincing cases of AI-powered impersonation seen to date — and issued a national warning to corporations and finance professionals.

Impact on Financial Institutions and Corporates

While the fraud targeted one company, its implications ripple across the entire financial system:

Deepfake Fatigue and Trust Erosion

When even video calls are no longer trustworthy, confidence in digital communication takes a hit. This undermines both internal decision-making and external client relationships.

CFOs and Finance Teams in the Crosshairs

Finance and treasury teams are prime targets for scams like this. These professionals are expected to act fast, handle large sums, and follow instructions from the top — making them vulnerable to high-pressure frauds.

Breakdown of Traditional Verification

Emails, video calls, and even voice confirmations can be falsified. Without secondary verification protocols, companies remain dangerously exposed.

ChatGPT Image Jul 29, 2025, 02_34_13 PM

Lessons Learned from the Scam

The Singapore deepfake case isn’t an outlier — it’s a glimpse into the future of financial crime. Key takeaways:

  1. Always Verify High-Value Requests
    Especially those involving new accounts or cross-border transfers. A secondary channel of verification — via phone or an encrypted app — is now a must.
  2. Educate Senior Leadership
    Executives need to be aware that their digital identities can be hijacked. Regular briefings on impersonation risks are essential.
  3. Adopt Real-Time Behavioural Monitoring
    Advanced analytics can flag abnormal transaction patterns — even when the request appears “approved” by an authority figure.
  4. Invest in Deepfake Detection Tools
    There are now software solutions that scan video content for artefacts, inconsistencies, or signs of AI manipulation.
  5. Strengthen Internal Protocols
    Critical payment workflows should always require multi-party authorisation, escalation logic, and documented rationale.

The Role of Technology in Prevention

Scams like this are designed to outsmart conventional defences. A new kind of defence is required — one that adapts in real-time and learns from emerging threats.

This is where Tookitaki’s compliance platform, FinCense, plays a vital role.

Powered by the AFC Ecosystem and Agentic AI:

  • Typology-Driven Detection: FinCense continuously updates its detection logic based on real-world scam scenarios contributed by financial crime experts worldwide.
  • AI-Powered Simulation: Institutions can simulate deepfake-driven fraud scenarios to test and refine their internal controls.
  • Federated Learning: Risk signals and red flags from across institutions are shared securely without compromising sensitive data.
  • Smart Case Disposition: Agentic AI reviews and narrates alerts, allowing compliance officers to respond faster and with greater clarity — even in complex scams like this.
Talk to an Expert

Moving Forward: Facing the Synthetic Threat Landscape

Deepfake technology has moved from the realm of novelty to real-world risk. The Singapore incident is a wake-up call for companies across ASEAN and beyond.

When identity can be faked in real-time, and fraudsters learn faster than regulators, the only defence is to stay ahead — with intelligence, collaboration, and next-generation tech.

Because next time, the CEO might not be real, but the money lost will be.

The CEO Wasn’t Real: Inside Singapore’s $499K Deepfake Video Scam