Why now: the real threat picture
Fraud remains a pressing issue for property transactions. Recent figures underline the scale:
- 65% of law firms faced cyber incidents1 and 30% of buyers experienced property fraud2.
- Conveyancing fraud rose by 29% between January ’23 and April ’243, with 143 cases and £11.7m in losses recorded between April ‘24 and May ’254,
- Average losses of £47,000, for some it’s more than £250,0003.
These are not just numbers; they represent households whose lives are upended and firms whose reputations are left in tatters.
Crucially, most attempts don’t begin with a system breach. They begin with persuasion, a convincing email or message that results in the diversion of funds. Pressure peaks at completion, where decisions are often fast and the sums are large.
That’s why controls need to be clear, simple and reliable – supported by shared playbooks and visible checkpoints at completion.
Culture beats checklists
Policies matter and create a structure. But what stops fraud in practice is awareness and culture, not just documentation. Across the series, a consistent set of practical, preventative actions emerged:
- Implementing verified call-backs for any change to payee details, using a known number, not the one in the message.
- Introducing short cool-down windows before releasing funds after a late change request, to allow verification.
- Enforcing dual authorisation at payment release, so more than one person must agree before money moves.
- Running regular, role-based training and phishing simulations that keep awareness high without overwhelming teams.
- Building a culture that empowers people to pause and say, “something doesn’t feel right.”
Small acts, done consistently, turn policy on paper into protection in practice.
Trustworthy data flows (interoperability with guardrails)
Digitising documents is only the start. The real value is data that carries its own context – source, consent, roles, and purpose, so it can move safely between parties. That means focusing on:
- Agreeing common rules (codes of practice, certification, directory services) so participants are known and can be authorised if needed.
- Binding consent to the data, so it is clear who can access what, when, and why.
- Prioritising data flows over email attachments, reducing re-keying and the errors that accumulate across the chain.
The result is a more consistent, efficient and secure end-to-end journey. This work is already advancing through industry collaboration, for example via the Open Property Data Association (OPDA) – to align standards and guardrails.
End-to-end secure payment rails at completion
Completion should be the moment of certainty. Secure, shared payment rails with role-based permissions, verified approvals and tamper-evident audit trails reduce risk at the point where it matters most – where money is exchanged for title.
Where appropriate, designing processes so firms don’t need to hold large sums of money can lower their profile as a target for fraud, which is a powerful way to reduce risk exposure. Data input errors (for example a mistyped name, an incorrect address, or a mismatched account) can also be significantly reduced when workflows enforce data validation checks. With technology providers such as PEXA delivering these processes, law firms and lenders can benefit today.
For clients, this translates into clearer, more accurate communication which builds trust in the transaction. For law firms and lenders, it creates a more certain and auditable pathway to completion, so it’s less attractive to fraudsters.
What insurers value (the PII story)
Underwriters respond best to controls that operate consistently and correctly. Evidence of secure, end-to-end digital transactions, dual authorisation, and live audit trails builds credibility and confidence. As the market tightens, firms that can demonstrate consistent practice, supported by secure payment rails, tell a more compelling renewal story.
There’s a second-order effect too: less attractive targets. When controls remove the opportunity, the “tools are no longer in the van” – criminals look elsewhere, further improving the firm’s risk profile for insurers.
Conveyancing losses remain dominated by funds-diversion attacks, with impersonation attempts rising and early signs of deepfakes emerging. With four in five invoice cases beginning in the inbox5, email can be the weak link. One option is to set a few simple rules: remove email from high-risk approvals, verify changes by logged call-back to a known number, and add a short cool-down before releasing funds.
Collaboration – threaded through everything
Everyone sees different facets of risk: conveyancers are closest to day-to-day realities and can identify issues because of their extensive experience; lenders see payment-change requests, account-name mismatches and out-of-pattern timings; insurers and regulators see systemic trends. When these perspectives are joined up – through shared playbooks, early reporting and measurable controls – the whole chain becomes harder to attack and completions more predictable.
Collaboration needs to be practical, not theoretical: with 70% of APP (Authorised Push Payment) cases enabled online and 16% via telecomms5, we need consistent client messaging, early reporting, and transparent, measurable controls.
What’s next (over the next 12–24 months)
Expect continued progress on Digital ID for property transactions, further development of property data trust frameworks for clarity and visibility, and the digitisation of government datasets through local authority pilots. In parallel, look for wider adoption of secure funds movement and completions that connect title validation, settlement, and title lodgement in a regulated digital workflow.
Fraud is an ever-growing concern, and attacks are becoming more sophisticated. But when we combine standards, behaviours and shared payment rails, the transaction becomes more secure and less attractive to fraudsters.
Our focus at PEXA is to support conveyancers and lenders with what works: collaboration, trustworthy data flows and secure infrastructure – so completions are not only efficient, but safer and more secure, to help deliver certainty at completion for everyone involved.
Get more fraud awareness insights:
Found this blog valuable? Read more fraud insights in the webinar series round up.
Discover more about PEXA:
Get in touch if you have any questions, or to see how PEXA supports secure, digital completions.
Sources: 1The Law Society 2025, 2PwC Customer Survey 2024, 3Lloyds Bank 2024, 4Action Fraud 2025, 5UK Finance Fraud Report 2025
