Malta's BOV Loses €6.8m To Fraud, But Saves €3m In Prevention Efforts

Malta’s BOV Loses €6.8m To Fraud, But Saves €3m In Prevention Efforts

Share This Article

Bank of Valletta lost approximately €6.8 million to fraud in 2025, but managed to prevent a further €3 million in attempted losses, highlighting both the scale of the problem and the effectiveness of detection systems.

Speaking to the Times of Malta, Ryan Caruana, the bank's group chief anti-financial crime officer, said the prevented amount represents nearly one-third of the total funds targeted by fraudsters over the year.

Caruana said the figures reflect a sharp rise in fraud activity over the past three years, with scams becoming more frequent and increasingly sophisticated.

A key feature of these fraud cases is that funds are rarely retained within Malta.

“In the last three years, I have never seen a victim of fraud where the money ended locally,” Caruana said, noting that funds are almost always transferred to foreign accounts.

Common destinations include jurisdictions such as Lithuania, the United Kingdom, France and Spain, making recovery more difficult and highlighting the cross-border nature of financial crime.

The use of “money mules” — intermediaries who receive funds on behalf of fraudsters — and the growing role of cryptocurrencies are also complicating enforcement efforts.

Despite the increase in fraud attempts, Caruana said internal controls are improving, with the bank successfully blocking numerous transactions, including smaller-scale scams involving amounts between €500 and €2,000.

However, the broader picture remains challenging.

A report by the NASDAQ stock exchange estimated that more than €85 billion was lost to fraud across the EU and UK in 2024, while data from the Financial Action Task Force suggests fraud now accounts for around 40% of all crime in the UK.

The issue has also attracted local scrutiny. Earlier this year, criticism was raised over the bank’s security systems following high-profile fraud cases, including allegations that existing controls were insufficient to prevent unauthorised transfers.

Caruana rejected concerns about specific mechanisms such as SMS-based communication, stating that while fraudsters can spoof phone numbers, banks themselves do not send links via text message.

He emphasised that customer awareness remains the most important line of defence.

Among the most common warning signs are requests for sensitive information such as card details or login credentials, as well as unsolicited messages containing links claiming to be from banks.

Caruana also pointed to the emerging risk of artificial intelligence, noting that deepfake technology could be used to impersonate individuals — even in less widely spoken languages such as Maltese.

While banks continue to invest in prevention systems, he said the effectiveness of these measures ultimately depends on informed and cautious behaviour from customers.