The EU’s AI law came into force earlier this year, marking a major milestone as the first regulation of its kind for this emerging technology. Although the law has raised concerns about compliance costs and potential impacts on innovation, its overarching goal is to position the EU as the “global hub for trustworthy AI” and reduce the risks associated with new technology.
Although the law will affect many sectors, its immediate impact on financial services (FS) may seem less significant at first glance. The financial services industry is already heavily regulated to ensure the safety and soundness of the financial system and protect consumers. However, there is room for improvement in the eyes of banks. Mitek’s 2024 Identity Intelligence Index reveals that more than a third (36%) of banks want greater clarity on new regulations aimed at improving customer protection.
So while the impact of EU AI law on banks may be limited for now, the sector faces a rapidly evolving regulatory landscape that will increasingly shape its future. Adapting to these changes will require greater flexibility in managing emerging technologies and compliance complexities.
Now is the time for banks to refine their strategies, leveraging innovative processes and technologies to combat identity theft and protect their customers. Let’s explore how they can adapt to effectively address these challenges.
Senior Vice President of Identity at Mitek Systems.
Safety first
The Mitek Index reveals that on average, 76% of banks surveyed believe that fraud and scams have become more sophisticated. Among the challenges and concerns executives face in their roles today, AI-driven fraud and increasing deepfakes (37%) take the top spot. Billions were lost to fraud last year, including more than half a billion pounds in the UK, $8.8 billion in the US and €1.8 billion in Europe.
Some banks may not even realize they are falling victim to these advanced tactics. Current anti-fraud systems and processes often lack the capacity to detect deepfakes and other AI-based threats, leaving institutions fighting against an invisible enemy. Facing unknowns creates increasing tension within banks that could make these organizations fear that every transaction could be fraudulent.
Despite recognizing the need to address these threats, many banks struggle to act quickly due to limited expertise and reliance on siled, outdated systems that are unable to keep up with the fluidity of tactics. modern AI-based fraud schemes. Compounding this problem is the rise of increasingly sophisticated fraud tactics, including the creation of “fake” customers using synthetic identities or AI-generated personas. Banks often fail to fully grasp the scope of fake profiles, leaving critical gaps in their defenses.
To combat this, banks are investing in technology to analyze customer interactions and detect fraud. Success requires a balanced approach that prioritizes customer experience, compliance and fraud prevention. By leveraging data and weighing customer lifetime value against fraud risks, banks can adopt a more nuanced strategy.
The stakes are high: once a fraudulent or synthetic identity successfully opens an account, it could persist indefinitely, posing long-term risks to both customer security and operational costs. By taking this nuanced approach, banks will be able to make the changes necessary to keep their customers, and their customers, safe in an increasingly complex fraud landscape.
The “build or buy” dilemma facing banks
Compliance is more than a box-ticking exercise: regulations are necessary because they solve real problems. Financial institutions should begin to view fraud prevention and regulatory compliance as long-term strategic opportunities to differentiate and strengthen their cybersecurity.
To satisfy regulators, preserve customer experience and combat fraudsters, financial services organizations must have a clear understanding of the scale and nature of fraud within their systems. This can be achieved through specific techniques such as advanced anomaly detection using AI and machine learning tools, analyzing transaction patterns for irregularities and implementing tools such as identity verification systems to spot synthetic or stolen identities.
Banks must constantly test their advantage to balance the two, providing the customer with a seamless “phy-gital” experience, while identifying fraudulent activity. However, we have reached a critical point where it is no longer possible for banks’ internal IT teams to keep up with this growing volume of regulations through manual, inefficient and costly processes that do not meet expectations for seamless user journeys.
Align with regulatory standards, today and tomorrow
Banks should work with technology providers to ensure product roadmaps meet regulatory standards, today and tomorrow. The FS industry has an opportunity to collaborate by leveraging technology to develop better identity lifecycle strategies.
Multi-level fraud detection allows banks to anticipate the ever-changing identity landscape, helping to protect vulnerable customers from increasingly sophisticated fraud attacks. In this way, fraud prevention should focus on converting raw data (such as login attempts, transaction anomalies, and device usage patterns) into actionable insights.
Although banks can all work individually to protect their own customers, this work is not as effective if done alone. To be more effective, the financial services industry must establish an identity intelligence ecosystem where banks and other financial institutions can collaborate and share fraud threats in real time. By working together and exchanging data on emerging fraud patterns, suspicious activities and known threats, banks can improve their ability to detect and prevent fraud more quickly, improving the security of all customers.
View regulation as a business opportunity
With the emergence and tightening of regulatory requirements across various sectors, banks and other financial institutions find themselves between a rock and a hard place. The good news is that banks have the hard-earned experience and numerous tools to develop robust compliance programs and effectively address these regulatory challenges.
With the right mix of resources, institutions can develop scalable programs that adapt to future regulatory changes. Although implementing compliance and risk management programs is difficult, companies that develop a cohesive strategy today will have a much easier time tomorrow. From there, establishing a fraud intelligence ecosystem between organizations and law enforcement could prove key to helping all banks stay on top of regulations and keep their customers.
We’ve compiled a list of the best identity management software tools currently available.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we feature the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you’re interested in contributing, find out more here:
