The EU AI Act came into effect earlier this year, marking a significant milestone as the first regulation of its kind for this emerging technology. While the law has raised concerns about compliance costs and potential impacts on innovation, its overarching goal is to position the EU as the “global hub for trustworthy AI” and reduce the risks associated with the new technology.
While the law will impact many sectors, its immediate impact on financial services may seem less significant at first glance. The FS sector is already heavily regulated to ensure the safety and soundness of the financial system and to protect consumers. However, in the eyes of the banks, there is room for improvement. Mitek’s 2024 Identity Intelligence Index shows that more than a third (36%) of banks want more clarity on new regulations to improve customer protection.
So while the impact of the EU AI Act on banks may be limited for now, the sector faces a rapidly evolving regulatory landscape that will increasingly shape its future. Adapting to these changes will require greater flexibility in managing emerging technologies and compliance complexities.
Now is the time for banks to refine their strategies and deploy innovative processes and technology to combat identity theft and protect their customers. Let’s explore how they can adapt to effectively meet these challenges.
Senior Vice President Identity at Mitek Systems.
Safety first
The Mitek Index shows that on average 76% of banks surveyed believe that fraud and scams have become more sophisticated. Of the challenges and concerns leaders have in their roles today, AI-generated fraud and increasing deepfakes (37%) took the top spot. Billions were lost to fraud last year, with more than half a billion pounds in Britain, $8.8 billion in the US and €1.8 billion in Europe.
Some banks may not even realize they are falling victim to these sophisticated tactics. Current anti-fraud systems and processes often lack the ability to detect deepfakes and other AI-powered threats, leaving institutions to battle an invisible enemy. Dealing with unknown factors creates increasing tension within banks, causing these organizations to fear that every transaction could be fraudulent.
Despite recognizing the need to address these threats, many banks struggle to act quickly due to limited expertise and reliance on siled, legacy systems that cannot keep up with the fluidity of modern AI-driven fraud tactics. This problem is exacerbated by the rise of increasingly sophisticated fraud tactics, including the creation of ‘fake’ customers using synthetic identities or AI-generated personas. Banks often fail to fully understand the scope of fake profiles, leaving critical holes in their defenses.
To combat this, banks are investing in technology to analyze customer interactions and detect fraud. Success requires a balanced approach where customer experience, compliance and fraud prevention are given equal priority. By using data and weighing customer lifetime value against fraud risks, banks can adopt a more nuanced strategy.
The stakes are high: once a fraudulent or synthetic identity successfully opens an account, it can persist indefinitely, posing long-term risks to both customer security and operational costs. By taking this nuanced approach, banks will be able to make the necessary changes needed to keep customers safe and engaged amid an increasingly complex fraud landscape.
The build or buy conundrum facing banks
Compliance is more than just a checklist: regulations are needed to solve real-world problems. Financial institutions must start viewing fraud prevention and regulatory compliance as long-term strategic opportunities to differentiate and strengthen their cybersecurity.
To satisfy regulators, ensure customer experience and combat fraudsters, financial services providers must have a clear picture of the extent and nature of fraud within their systems. This can be achieved through specific techniques such as advanced anomaly detection using AI tools and machine learning, analyzing transaction patterns for anomalies, and implementing tools such as identity verification systems to detect synthetic or stolen identities.
Banks must constantly test their limits to balance the two, giving the customer a frictionless ‘phygital’ experience while identifying fraudulent activity. However, we have reached a tipping point where it is no longer feasible for internal IT teams at banks to keep up with this increasing amount of regulation through manual, inefficient and expensive processes that do not meet expectations for a seamless user journey.
Align with legal standards, today and tomorrow
Banks must work with technology providers to ensure product roadmaps align with regulatory standards, today and tomorrow. The FS industry has the opportunity to collaborate by leveraging technology to develop better identity lifecycle strategies.
Multi-layered fraud detection allows banks to anticipate the ever-changing identity landscape, protecting vulnerable customers from increasingly sophisticated fraudulent attacks. In this way, fraud prevention should focus on turning raw data – such as login attempts, transaction anomalies and device usage patterns – into actionable information.
While banks can all work individually to protect their own customers, it is work that is not as efficient when done alone. To be more effective, the financial services industry must build an identity intelligence ecosystem where banks and other financial institutions can collaborate in real time and share fraud threats. By collaborating and sharing data on emerging fraud patterns, suspicious activity and known threats, banks can increase their ability to more quickly detect and prevent fraud, improving security for all customers.
See regulations as a commercial opportunity
As regulatory requirements emerge and tighten across industries, banks and other financial institutions find themselves between a rock and a hard place. The good news is that banks have the hard-earned experience and many tools at their disposal to develop robust compliance programs and effectively deal with these regulatory challenges.
With the right combination of resources, institutions can develop scalable programs that adapt to future regulatory changes. While achieving compliance and risk programs is challenging, companies that develop a coherent strategy today will have a much easier time tomorrow. From there, building a fraud intelligence ecosystem between organizations and law enforcement agencies could be essential to helping all banks stay on top of regulations and keep their customers safe.
We’ve put together a list of the best identity management software tools available today.
This article was produced as part of Ny BreakingPro’s Expert Insights channel, where we profile the best and brightest minds in today’s technology industry. The views expressed here are those of the author and are not necessarily those of Ny BreakingPro or Future plc. If you are interested in contributing, you can read more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro