AI Mortgage Fraud Is Accelerating: ASIC Demands Action Now

ASIC Commissioner Constant has written directly to financial services licensees warning that AI-powered mortgage fraud is a live threat, not a future one.

Australia's corporate regulator has issued one of its most direct warnings in recent years to every licensed participant in the financial services industry — and mortgage brokers are squarely in the crosshairs. [Australian Broker](https://www.brokernews.com.au/news/breaking-news/asic-sounds-alarm-as-aidriven-mortgage-fraud-accelerates-289324.aspx) reports that ASIC Commissioner Simone Constant has written an open letter to financial services licensees and company directors, declaring that AI-driven mortgage fraud is not a future risk to the lending system. It is a present one.

"This is not a distant or hypothetical risk," Constant wrote. "It is here now, evolving quickly and requires the attention of boards and executives."

The Scale of the Fraud Problem

The backdrop to ASIC's intervention is stark. AI tools are now capable of generating convincing falsified payslips, bank statements and employment records — documents sophisticated enough to slip through traditional verification systems. Organised fraud networks are using this technology to help borrowers, and in some cases coordinated criminal groups, secure loans they would not otherwise qualify for.

The consequences are already landing on real businesses and real people. A Sydney-based lawyer and a Melbourne accountant have been charged in fraud-related matters, and authorities are continuing to investigate brokers linked to major groups including LMG and Finsure. Commonwealth Bank self-reported to authorities over a suspected $1 billion in fraudulently obtained home loans that included AI-generated applications. Those fraud estimates have since grown to $3 billion. Sub-aggregator Hai Money became an early casualty of the escalating fallout, collapsing in April after its parent aggregator Finsure severed the relationship.

For brokers, the exposure is not abstract. When a fraudulent application makes it through under a broker's watch — even without the broker's knowledge — the potential consequences include compliance breaches, reputational damage and, in serious cases, loss of accreditation.

Rory Sercombe, owner and broker at Melbourne-based Own Home Loans, described a specific emerging threat: "There's a lot of client impersonation: AI-generated voice and video cloning, which means a call or video from someone who sounds and looks like your client may not actually be them. This is a real concern that will only worsen."

Brokers now facilitate more than 77 per cent of all new home loans in Australia, handling vast quantities of borrower financial data daily across CRMs, serviceability tools, identity verification platforms and lender portals. Each integration point is a potential entry for bad actors.

ASIC's 12 Steps — What They Mean for Your Practice

Commissioner Constant's letter is not just a warning. It comes with a 12-step action list. For mortgage brokers, the most critical priorities translate to the following.

**Reassess your cyber plan immediately.** ASIC is explicit: do not wait for a breach or regulatory visit to review your risk framework. The pace of AI-enabled threats has already outrun many existing controls.

**Review who has access to what.** ASIC specifically flags rising insider threats and recommends regularly reviewing and reassessing user privileges. In a brokerage context, that means being deliberate about which staff have access to client files, application data and lender portals — and removing access when it is no longer needed.

**Patch and update systems without delay.** AI is accelerating how quickly criminals can identify and exploit known software vulnerabilities. System currency is no longer optional.

**Manage third-party risk actively.** Brokers relying on external CRMs, portals and data platforms should know what data each provider accesses and what their security posture looks like. Systemic third-party exposure is a specific ASIC concern.

**Table this letter at board level.** ASIC requests the letter be formally discussed at the highest governance level of your organisation. For sole operators and small brokerages, that means a serious internal self-assessment — not a skim-read.

Blake Buchanan, general manager of aggregator Specialist Finance Group, put the practical line plainly: "If brokers follow safe protocols, do their due diligence and raise any concerns with their aggregator around client or documentary authenticity, you will be better protected against losing accreditations, suffering financial penalties or worse."

The Finance Brokers Association of Australia has already advised its members not to enter client or personal information into publicly available AI tools — a baseline that remains relevant as AI adoption accelerates across the industry.

What This Means for Borrowers

The scale of AI-generated fraud in the mortgage market matters for legitimate borrowers too. Working with an accredited broker who follows rigorous verification processes is the best protection for your application and your identity. A responsible broker will seek original documentation, ask detailed questions, and will not rush an approval on shortened timelines.

If anything about your loan process feels unusual — unexpected documentation requests, unfamiliar contacts, pressure to skip steps — raise it directly with your broker or aggregator.

Ready to compare? Find lenders operating within ASIC's regulatory framework through our [home loan refinance hub](/home-loans/refinance), or browse [today's cheapest home loans](/home-loans/cheapest) to see what is available in the current market.