The EU’s AI law came into effect earlier this year, marking a major milestone as the first regulation of its kind for this new technology. While the law has raised concerns about compliance costs and potential impacts on innovation, its overall aim is to position the EU as the “global hub for trustworthy AI” and reduce risks associated with the new technology.
While the law will affect many industries, its immediate impact on financial services (FS) may seem less significant at first. The FS sector is already heavily regulated to ensure the safety and soundness of the financial system and to protect consumers. However, there is room for improvement in the eyes of the banks. Mitek’s 2024 Identity Intelligence Index found over a third (36%) of banks want better clarity on new rules to improve customer protection.
So while the EU AI law’s impact on banks may be limited for now, the industry faces a rapidly evolving regulatory landscape that will increasingly shape its future. Adapting to these changes will require greater flexibility in dealing with new technologies and compliance complexities.
Now is the time for banks to refine their strategies, leverage innovative processes and technology to combat identity theft and protect their customers. Let’s explore how they can adapt to meet these challenges effectively.
Senior Vice President for Identity at Mitek Systems.
Putting safety first
The Mitek Index found, on average, that 76% of banks surveyed believe fraud and fraud cases have become more sophisticated. Of the challenges and concerns leaders have in their roles today, AI-generated fraud and deepfakes on the rise (37%) took first place. We see billions lost to fraud last year, with more than half a billion pounds in the UK, $8.8 billion in the US and €1.8 billion in Europe.
Some banks may not even realize they are falling victim to these advanced tactics. Current anti-fraud systems and processes often lack the ability to detect deepfakes and other AI-driven threats, leaving institutions fighting an invisible enemy. Dealing with unknowns creates an increasing tension in banks that can lead these organizations to fear that any transaction could be fraudulent.
Despite recognizing the need to address these threats, many banks struggle to act quickly due to limited expertise and reliance on siloed, outdated systems that cannot keep up with the fluidity of modern AI-powered fraud tactics. Compounding this problem is the rise of increasingly sophisticated fraud tactics, including the creation of “fake” customers using synthetic identities or AI-generated personas. Banks often fail to fully understand the extent of fake profiles, leaving critical gaps in their defences.
To combat this, banks are investing in technology to analyze customer interactions and detect fraud. Success requires a balanced approach that prioritizes customer experience, compliance and fraud prevention equally. By leveraging data and balancing customer lifetime value against fraud risks, banks can adopt a more nuanced strategy.
The stakes are high: Once a fraudulent or synthetic identity opens an account, it can persist indefinitely, posing long-term risks to both customer security and operational costs. By adopting this nuanced approach, banks will be able to make the necessary changes to keep customers safe and on their side amid an increasingly complex fraud landscape.
Build or buy riddle opposite banks
Compliance is more than a tick-box exercise – regulations are needed as they solve real-world problems. Financial institutions should begin to view fraud prevention and regulatory compliance as long-term, strategic opportunities to differentiate and strengthen their cybersecurity.
To satisfy regulators, secure the customer experience and stand toe-to-toe with fraudsters, financial services organizations should have a clear picture of the extent and nature of fraud in their systems. This can be achieved through specific techniques such as advanced anomaly detection using AI tools and machine learning, analyzing transaction patterns for anomalies, and implementing tools such as identity verification systems to spot synthetic or stolen identities.
Banks must constantly test the edge to balance both, giving the customer a frictionless ‘fy-gital’ experience while identifying fraudulent activity. But we have reached a tipping point where it is no longer possible for internal IT teams in banks to keep up with this increasing amount of regulation through manual, inefficient and expensive processes that do not meet the expectations of seamless user journeys.
Adapt to regulatory standards, today and tomorrow
Banks should partner with technology vendors to ensure product roadmaps align with regulatory standards, today and tomorrow. The FS industry has an opportunity to collaborate by leveraging technology to develop better identity lifecycle strategies.
Multi-layered fraud detection allows banks to anticipate the ever-changing identity landscape, helping to protect vulnerable customers from increasingly sophisticated fraudulent attacks. In this way, fraud prevention must focus on converting raw data—such as login attempts, transaction anomalies, and device usage patterns—into actionable intelligence.
While banks can all individually work to protect their own customers, that work is not as effective if done alone. To be more efficient, the financial services industry needs to establish an identity intelligence ecosystem where banks and other financial institutions can collaborate and share fraud threats in real time. By working together and sharing data on emerging fraud patterns, suspicious activity and known threats, banks can improve their ability to detect and prevent fraud faster, improving security for all customers.
Sees regulation as a commercial opportunity
With regulatory requirements emerging and tightening across various sectors, banks and other financial institutions find themselves between a rock and a hard place. The good news is that banks have the hard-earned experience and many tools at their disposal to develop robust compliance programs and effectively navigate these regulatory challenges.
With the right combination of resources, institutions can develop scalable programs that adapt to future regulatory changes. While delivering compliance and risk programs is challenging, companies that build a coherent strategy today will have a much easier time tomorrow. From there, establishing a fraud intelligence ecosystem between organizations and law enforcement could be critical to helping all banks stay on top of regulations and keep their customers safe.
We’ve compiled a list of the best identity management software tools currently available.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we feature the best and brightest minds in the tech industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing, you can read more here:
