How NatWest Stays Ahead of Fraud — In Partnership with CSIS.
Chris Parker, Strategic Fraud Lead at NatWest Group, shares how a decade-long partnership with CSIS has helped the banking group understand, anticipate and respond to some of the UK's most sophisticated fraud threats.
The Challenge: Gaps in Threat Intelligence
NatWest Group — home to NatWest, Royal Bank of Scotland, Ulster Bank and Coutts — serves personal, business and wealth customers across the UK. Like every bank, it faces an evolving range of threats: third-party fraud, first-party fraud, customer compromise, and increasingly sophisticated card and scam operations.
Ten years ago, Chris explains, the industry looked very different. NatWest recognised it had gaps in threat insight and threat intelligence — and CSIS had the technical sophistication and depth of capability to fill them.
The Partnership in Practice
Over the years, CSIS has helped NatWest respond to some of the most significant fraud threats facing UK banking.
For example, during the high-volume Dridex malware attacks, CSIS helped NatWest build a real-time capability to identify compromised customers — not just within NatWest Group, but across the wider industry. That became, in Chris's words, “really effective...for preventing customer loss and protecting customers."
When the Lao Wang operation emerged — a sophisticated scam that productionised the capture of card and personal details through phishing — CSIS was able to show NatWest exactly how those criminal gangs had built infrastructure capable of servicing hundreds of cards, creating tokenisation and spend opportunities, and monetising stolen data globally.
More recently, CSIS intelligence, enabled by our SecAlliance team, has been central to NatWest's understanding of card scams and emerging technologies like NFC relays — providing the intelligence needed to brief internal stakeholders, supply chain partners, law enforcement and government, and work collectively on solutions.
The Relationship
Chris describes CSIS simply as "a partnership" — one built on mutual recognition of what each side requires, and how they need to evolve together. CSIS has consistently adapted as the threat landscape has shifted and is always looking to support and help NatWest respond to threats. The ability to talk openly about what's working and what isn't, he says, has been the defining characteristic of the relationship.
The value CSIS provides goes beyond protecting NatWest customers. Their intelligence has proven powerful in educating executives, shaping internal strategy, and informing conversations with law enforcement and government.
For businesses looking for threat insight, threat intelligence or threat guidance, Chris's recommendation is: "CSIS are an excellent partner, and I would absolutely recommend having a discussion with them to see if they can meet your needs."
Sign up
Stay informed.
Get our Cyber Bytes!