The EU AI Law came into force earlier this year, marking an important milestone as the first regulation of its kind for this emerging technology. While the Act has raised concerns about compliance costs and potential impacts on innovation, its overall goal is to position the EU as the “global hub for trustworthy AI” and reduce the risks associated with the new technology.
Although the Act will affect many industries, its immediate impact on financial services (FS) may seem less significant at first. The financial services sector is already heavily regulated to ensure the safety and soundness of the financial system and protect consumers. However, in the eyes of the banks, there is room for improvement. Mitek’s 2024 Identity Intelligence Index found that more than a third (36%) of banks want greater clarity on new regulations to improve customer protection.
So while the impact of the EU AI Law on banks may be limited for now, the industry faces a rapidly evolving regulatory landscape that will increasingly shape its future. Adapting to these changes will require greater flexibility in managing emerging technologies and compliance complexities.
Now is the time for banks to refine their strategies, leveraging technology and innovative processes to combat identity theft and protect their customers. Let’s explore how they can adapt to meet these challenges effectively.
Senior Vice President of Identity at Mitek Systems.
Putting safety first
The Mitek index found that, on average, 76% of banks surveyed believe that fraud and scam cases have become more sophisticated. Of the challenges and concerns leaders have in their roles today, AI-generated fraud and deepfakes on the rise (37%) took the top spot. We see billions of dollars lost to fraud last year, with over £500m in the UK, $8.8bn in the US and €1.8bn in Europe.
Some banks may not even realize that they are falling victim to these advanced tactics. Current anti-fraud systems and processes often lack the ability to detect deepfakes and other AI-driven threats, leaving institutions fighting an invisible enemy. Dealing with strangers creates growing tension within banks that could make these organizations fear that every transaction could be fraudulent.
Despite recognizing the need to address these threats, many banks struggle to act quickly due to their limited experience and reliance on outdated, siled systems that cannot keep pace with the fluidity of modern AI-driven fraud tactics. . Compounding this problem is the rise of increasingly sophisticated fraud tactics, including the creation of “fake” customers using synthetic identities or AI-generated personas. Banks often fail to fully understand the extent of fake profiles, leaving critical gaps in their defenses.
To combat this, banks are investing in technology to analyze customer interactions and detect fraud. Success requires a balanced approach that equally prioritizes customer experience, compliance and fraud prevention. By leveraging data and weighing customer lifetime value against fraud risks, banks can take a more nuanced approach.
The stakes are high: Once a fraudulent or synthetic identity successfully opens an account, it could persist indefinitely, posing long-term risks to both customer security and operational costs. By taking this nuanced approach, banks will be able to make the changes necessary to keep customers safe and on their side amid an increasingly complex fraud landscape.
The build-or-buy dilemma facing banks
Compliance is more than a box-ticking exercise: regulations are needed that solve real-world problems. Financial institutions should begin to view fraud prevention and regulatory compliance as long-term strategic opportunities to differentiate themselves and strengthen their cybersecurity.
To satisfy regulators, safeguard customer experience and go toe-to-toe with fraudsters, financial services organizations must have a clear idea of the scale and nature of fraud within their systems. This can be achieved through specific techniques, such as advanced anomaly detection using artificial intelligence and machine learning tools, analyzing transaction patterns for irregularities, and implementing tools such as identity verification systems to detect identities. synthetic or stolen.
Banks must constantly test the advantage to balance both, providing the customer with a frictionless ‘phy-gital’ experience, while also identifying fraudulent activities. However, we have reached a tipping point where it is no longer feasible for banks’ internal IT teams to keep up with this growing volume of regulations through manual, inefficient and costly processes that do not comply with regulations. expectations of a smooth user journey.
Align with regulatory standards, today and tomorrow
Banks should work with technology providers to ensure product roadmaps align with regulatory standards, today and tomorrow. The financial services industry has an opportunity to collaborate by leveraging technology to develop better identity lifecycle strategies.
Multi-layered fraud detection allows banks to stay ahead of the ever-changing identity landscape, helping to protect vulnerable customers from increasingly sophisticated fraudulent attacks. In this way, fraud prevention should focus on turning raw data (such as login attempts, transaction anomalies, and device usage patterns) into actionable intelligence.
While all banks can work individually to protect their own customers, it is a job that is not as efficient if done alone. To be more effective, the financial services industry needs to establish an identity intelligence ecosystem where banks and other financial institutions can collaborate and share fraud threats in real time. By working together and sharing data on emerging fraud patterns, suspicious activities and known threats, banks can improve their ability to detect and prevent fraud more quickly, improving security for all customers.
See regulation as a business opportunity
With regulatory requirements emerging and tightening in various sectors, banks and other financial institutions find themselves between a rock and a hard place. The good news is that banks have the hard-earned experience and many tools at their disposal to develop robust compliance programs and effectively address these regulatory challenges.
With the right mix of resources, institutions can develop scalable programs that adapt to future regulatory changes. While implementing compliance and risk programs is challenging, companies that develop a cohesive strategy today will have a much easier time tomorrow. From there, establishing a fraud intelligence ecosystem between organizations and authorities could be essential to help all banks stay on top of regulations and keep their customers safe.
We’ve compiled a list of the best identity management software tools currently available.
This article was produced as part of TechRadarPro’s Expert Insights channel, where we feature the best and brightest minds in today’s tech industry. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing, find out more here:
