A City of London push for cheaper fraud checks
On 8 May 2026, the City of London Corporation called on tech firms to build a voluntary, reusable digital identity verification system. You prove who you are once with an approved provider, then reuse that verification across financial services.
Chris Hayward, the Corporation's policy chairman, said fraud cost banks "over £1bn last year" and projected £5bn in economic benefits over five years if the system lands.
For banks and large lenders, this makes sense. Identity fraud happens at their front door, when someone opens an account or moves money. A verified, portable identity tightens that door across the whole sector.
For your small business, fraud rarely walks through that front door.
You see different fraud than the bank does
A bank watches account creation, large transfers, and unusual access locations. Reusable identity helps with that.
You watch different things. A roofer takes a flood of quote requests from postcodes 200 miles away, all referencing the same job. A coffee shop processes ten card-not-present orders for 200 lattes from one address. A B2B parts supplier gets an email from a customer asking to update bank details before next month's invoice.
All three are fraud. All three sit outside what reusable identity verification can catch.
Where off-the-shelf rules stop
SaaS fraud tools work on the signals their vendor expects to find: IP geolocation, card velocity, blacklisted email domains. Those catch the obvious. They miss the patterns specific to your business.
Your business has rules a generic engine cannot see. The roofer knows nobody has booked a job from outside the West Midlands in five years of trading. The coffee shop knows an order over fifty lattes always comes with a phone call first. The parts supplier knows the customer's procurement runs on the second Tuesday of the month, not by an emailed request.
A SaaS vendor builds one rule book and ships it to all its customers. Encoding your specific knowledge into that rule book is rarely possible, and when it is, it usually costs more than the fraud you would prevent.
Custom rules used to be expensive
Five years ago, building a small fraud-detection layer for your business meant expensive software. The financials rarely worked for a small business.
That cost has dropped. Engineers using AI agents can now build, test, and deploy a custom validation rule in hours. A rule that catches £4,000 of fraud a year is worth writing, even if it fires twice.
Bespoke fraud logic doesn't replace your bank, your card processor, or any SaaS tool you already use. It sits alongside them and watches the things only your business knows to watch for.
If you can describe the fraud pattern that keeps catching you, an engineer can build a rule that flags it.