APAC igaming suspicious transaction volumes down by 45% since 1Q24: fraud report
A new report indicates that Asia Pacific has seen the sharpest fall in igaming suspicious transaction volumes of any region since 2024, down 45% – from 3.49% in 1Q24 to 1.92% in 1Q26.
According to verification platform Sumsub’s latest 71-page iGaming Fraud Report, there has simultaneously been an 18% year-on-year increase in igaming fraud globally.
APAC’s notable improvement is attributed to the introduction of stricter regulations in the Philippines, Australia and New Zealand, but the region remains above the global average of 1.53%.
The most vulnerable jurisdictions in the APAC region are Cambodia (6.8%), American Samoa (6.3%), Singapore (4.8%), South Korea (3%), Bangladesh (2.8%) and Japan (2.8%).
Increasing sophistication
The APAC region experiences peak fraudulent activity between the hours of 8pm and 10pm GMT, earlier than the Americas (10 pm – 1am) and the EU and UK (1am – 3am), which Sumsub suggested was because it’s when security teams are off duty.
The platform found that attempts have become more sophisticated over the last two to three years. In APAC specifically, selfie fraud and deepfakes account for about 66.15% of fraud, with 76% of attempts in the region now occurring after initial onboarding.
“Fraudsters in APAC are increasingly creating identities designed specifically to clear initial onboarding filters. In fact, professional regional syndicates are among the most adept globally at creating synthetic videos capable of passing a one-camera check, designed with the intent of executing far more damaging, long-term fraud once inside a platform,” Sumsub Vice President, APAC, Penny Chai said.
The global fraud rate has increased from 1.1% in 2024 to 1.53% in 1Q26, equating to an almost 40% increase in two years. Sumsub found that the time fraudsters spend on verification has doubled since last year, taking 4.6 times longer than legitimate players, and making an average of 20–30% more attempts than honest players.
AI-enhanced attacks
“Right now, the industry is seeing a huge amount of AI-generated or AI-assisted fraud content. An ‘industry-wide DDoS attack of AI-slop,’ if we’re willing to put it into stronger terms. That includes: synthetic faces, edited documents, templated identities, and mass-generated applications,” explained Kris Galloway, iGaming Product Evangelist at Sumsub. “Even when many of these attempts are low-quality individually, together, they create enormous operational pressure on verification systems, manual review teams, and fraud operations. AI dramatically lowers the cost and effort required to commit fraud at scale, and professional fraud groups are already taking advantage of it.”
Sumsub advised operators to move beyond one-time KYC to continuous monitoring, and said IP, device, email, phone, and fraud network signals should be combined into a single risk score to identify high-risk users at registration. Meanwhile, player onboarding should include liveness checks, and the use of official records from national digital identity systems and other authoritative data sources.
The Sumsub 2026 iGaming Fraud Report is based on anonymized internal verification data, drawn from millions of identity checks conducted across the industry between Q1 2024 and Q1 2026, as well as more than 30 interviews with industry experts, fraud and compliance specialists.
Verticals:
Sectors:
Topics:
Dig Deeper
Related stories
2025/04/22: United Nations warns of US$40 billion in Asian gambling and fraud scams
2026/05/13: International Betting Integrity Association becomes Alberta’s suspicious betting activity monitor ahead of igaming launch
2026/01/09: Chen Zhi detained in China over online gambling and fraud allegations
2025/07/03: Optimove expands into APAC with new operator partnerships
2025/04/22: United Nations warns of US$40 billion in Asian gambling and fraud scams
2026/05/13: International Betting Integrity Association becomes Alberta’s suspicious betting activity monitor ahead of igaming launch
2026/01/09: Chen Zhi detained in China over online gambling and fraud allegations
2025/07/03: Optimove expands into APAC with new operator partnerships
The Backstory
Regulators push fraud below recent peaks
Asia-Pacific’s sharp drop in suspicious igaming transaction volumes reflects a regulatory cycle that has been building across the region for more than two years. The decline from 3.49% in the first quarter of 2024 to 1.92% in the first quarter of 2026 suggests that tougher oversight in the Philippines, Australia, New Zealand and Macao has had a measurable effect on platform risk. But the figure remains above the global average, underscoring that enforcement has reduced exposure rather than solved the problem.
The latest data lands at a moment when governments, operators and integrity vendors are reassessing the region’s risk profile. APAC has long been viewed as one of the world’s most dynamic online gambling markets, driven by high mobile adoption, fragmented legal frameworks and strong consumer demand. Those same features have also made it attractive to fraud networks that can exploit gaps between regulated, gray-market and illegal gambling channels.
The result is a more complicated picture than a headline decline in suspicious transactions might suggest. Stricter rules appear to be limiting some forms of abuse, but fraud tactics are shifting deeper into the player life cycle. Sumsub’s finding that most APAC fraud attempts now occur after onboarding points to a market where criminals increasingly try to pass initial checks before exploiting accounts, bonuses, payments or identity credentials later.
Illegal gambling pressure shaped the enforcement response
Regional enforcement has intensified partly because online gambling fraud is no longer treated as a narrow gaming compliance issue. Authorities increasingly link it to cybercrime, trafficking, money laundering and organized fraud. That connection was made explicit when the United Nations warned that illegal gambling, fraud and money laundering tied to Asian scam networks had grown into a US$40 billion Asian scam industry.
The U.N. report described industrial-scale scamming centers in parts of Laos, Myanmar, Cambodia and the Philippines, with criminal groups expanding into Africa and South America as enforcement pressure rose in Asia. That geographic spread matters for igaming operators because fraud networks rarely confine themselves to one product or jurisdiction. The same infrastructure used for online scams can support identity abuse, payment laundering and illegal betting activity.
The Philippines has become a central example of the policy shift. After years in which Philippine offshore gaming operators, known as POGOs, drew scrutiny over alleged links to crime, the government moved to ban the sector and dismantle associated networks. Lawmakers have pushed for measures designed to stop POGO-like operations from reappearing or relocating. That enforcement climate helps explain why regional compliance expectations have tightened, even for operators not directly tied to the offshore industry.
Japan shows a different version of the same pressure. Online gambling remains illegal, yet authorities have identified rising use of offshore casino sites. Japanese police reported a record tally of online casino users and dealers in 2024, with cases tripling from the previous year. The National Police Agency has also focused on payment providers used to exchange yen for deposits and withdrawals, signaling that transaction trails are becoming a primary enforcement tool.
Fraud has moved past the sign-up screen
The APAC figures show why regulators and operators are moving beyond basic know-your-customer checks. Traditional onboarding controls can block low-grade document fraud, underage play and simple duplicate accounts. They are less effective against synthetic identities, deepfakes and coordinated networks that can generate large volumes of plausible applications, then wait to exploit accounts after approval.
That shift changes the cost structure for operators. Fraud prevention can no longer be concentrated at registration. It must extend through deposits, withdrawals, bonus claims, device changes and unusual play or betting patterns. Sumsub’s data that fraudsters take longer and make more verification attempts than legitimate users points to an adversarial process in which criminals test controls repeatedly and adapt when they fail.
APAC’s peak fraudulent activity window, between 8 p.m. and 10 p.m. GMT, also highlights the operational challenge. If fraud attempts rise when security teams are less active, operators need automated systems that can escalate risk in real time. Manual review remains important, but the volume and speed of AI-assisted attacks make purely human processes increasingly expensive and slow.
The rise of post-onboarding fraud also blurs the line between fraud management and customer management. Operators must identify risky behavior without creating unnecessary friction for legitimate players. That balance is particularly difficult in competitive markets where fast onboarding, instant withdrawals and personalized offers are core parts of the product.
Growth brings compliance risk with it
The region’s commercial momentum helps explain why fraud controls are drawing more investment. Global suppliers continue to view APAC as a growth market, even as regulatory and criminal risks rise. Marketing technology provider Optimove recently announced new APAC partnerships with WeClub Malaysia, 2up.io and Magency Life, citing operator demand for data-driven engagement and AI-powered campaign management.
Those tools are designed to improve retention and personalize player journeys, but they also increase the importance of clean data. If fraudsters can enter platforms with synthetic identities or compromised accounts, customer segmentation, incentives and lifetime value models can be distorted. Bonus abuse, affiliate fraud and account farming can turn growth systems into targets, particularly when campaigns are automated at scale.
This is where the commercial and compliance agendas converge. Operators expanding in APAC need to localize payments, marketing and customer service while meeting stricter identity and transaction monitoring expectations. Markets such as Singapore, Japan and South Korea may have different legal structures and risk profiles, but fraud networks can operate across borders faster than regulators can harmonize rules.
The Sumsub report’s jurisdiction-level findings reinforce that unevenness. Cambodia and American Samoa sit far above the regional average, while Singapore, South Korea, Bangladesh and Japan remain elevated. For multinational operators and suppliers, APAC is therefore not one risk category. It is a portfolio of markets in which enforcement capacity, legal status, payment methods and consumer behavior vary widely.
Integrity monitoring offers a parallel model
The broader betting industry has responded to suspicious activity by building more formal monitoring networks, especially in sports wagering. While the Sumsub data focuses on identity and transaction fraud, sports integrity systems show how regulators and operators are trying to share intelligence before suspicious activity becomes systemic.
In Canada, the International Betting Integrity Association was approved as Alberta’s suspicious betting activity monitor before the province’s expected regulated market launch. The group will use account-level data and its global alert platform to work with the Alberta Gaming, Liquor, and Cannabis Commission, as detailed in the report on IBIA’s role in Alberta’s upcoming igaming market. The arrangement reflects a regulatory preference for information-sharing among operators, regulators and sports bodies from the first day of market opening.
Integrity vendors are also moving deeper into sports with growing betting exposure. IC360’s partnership with the World Surf League will bring monitoring tools to global surfing events, according to the company’s announcement on suspicious wagering monitoring for World Surf League competitions. The deal followed IC360 work with college athletics, another area where betting markets have raised concerns about manipulation and athlete vulnerability.
These integrity systems differ from KYC platforms, but the logic is similar: suspicious activity is easier to detect when data is pooled, patterns are compared across markets and alerts move quickly to decision-makers. APAC’s fraud problem may require a comparable architecture for identity, payments and account behavior, particularly because criminal groups can use multiple operators to test weak points.
The next test is sustained monitoring
APAC’s improvement since 2024 indicates that regulation and enforcement can change operator behavior and reduce suspicious transaction volumes. The harder test is whether the region can sustain those gains as fraud tools become cheaper and more sophisticated. AI-generated faces, edited documents and templated identities lower the cost of attacks, meaning fraud groups can flood verification systems even when many attempts fail.
That dynamic raises the stakes for regulators. If legal markets become more secure but illegal platforms remain accessible, consumers may still be exposed to fraud and operators may face unfair competition from sites that ignore compliance costs. If legal operators make verification too burdensome, they risk pushing players toward unregulated alternatives. The policy challenge is to raise standards without weakening the regulated channel.
For operators, the lesson is that one-time onboarding is no longer sufficient in APAC. Continuous monitoring, device intelligence, payment-risk scoring and liveness checks are becoming baseline defenses. The region’s decline in suspicious transaction volumes is a sign of progress, but the remaining gap above the global average shows why fraud prevention is moving from a compliance function to a core operating discipline.
