Experts: Tackling AI-powered financial crime needs behavioral biometrics, ML models, data science

As artificial intelligence accelerates financial crime, the industry is racing to adapt. In an in-depth webinar, Glenn Fratangelo, head of product marketing at Sardine, convenes a panel of experts to explore how to outpace AI-driven threats.

The discussion features Mike Jackson, Director of Fincrime Technology at PwC; Paco Mainez, Global Head of Financial Crime Strategy at Nium; and Kim Darpel (AFCS), Senior Manager of Anti-Financial Crime at ACAMS.

To start, the host gestured to how much things have changed. In the 2010s payments were in the process of being modernized. Banks had only partially or not yet transitioned to online account opening. But today, the speed and scale of financial crime is overwhelming.

Now, systems are needed to address deepfakes. Websites are being cloned to collect identity information, with even fraudulent marking campaigns. Synthetic identity networks are innovating and moving rapidly. Fratangelo opened the panel by asking Jackson of PwC how he views the industry at large and what the biggest gaps are.

The director of financial crime technology said he’s seeing a “very dynamic marketplace” that is adapting around the risks and adoption of AI. Jackson observed a lack of a clear strategy, either from risk mitigation or adoption of AI tools. However, he identified some emerging trends.

One of the major trends is the development of biometric tools. Via contact center channels, voice biometrics and other kinds are used to help authenticate users. Deepfakes are actively compromising biometric safeguards, especially voice biometrics, Jackson noted.

The PwC director believes it’s a race between technology innovation and the bad actors. Circumvention and anti-circumvention. From Jackson’s perspective, the contact center is always going to be an area of concern when it comes to accessing client account information.

Synthetic identities are a major issue as these are acquired via the dark web, and can be challenging to detect and separate from genuine identities. Jackson: “So again this is starting around opening up accounts that can then be compromised using synthetic IDs which are hard to trace back.”

Financial crime is being industrialized, democratized, amplified

Mainez underlined the industrialization of financial crime with the high volumes institutions are seeing. This has been noticed across the industry. A BioCatch report looking at global scams emphasized the industrialization of operations, with scam compounds in Southeast Asia that are spreading to Africa and South America, often run by organized crime.

The Nium head pointed out that large segments of the population have moved into the digital space, which translates to larger volumes of transactions to analyze. In turn, the scammers are no longer individuals or groups of individuals, but entire teams — “the same size as the teams that we have in the [financial] industry,” Mainez said.

As fraud has become professionalized, mitigation means not only better technology but constant updates to processes and training of staff. Professionalization also means the packaging and marketing of tools for the bad actors, so it’s not only industrialized but democratized. “Now, I can go into the dark web, purchase a package and then put it into practice very very quickly,” Mainez said, contrasting from a previous era where fraudsters needed some technical knowhow.

Fratangelo pointed out that the scale of fraud is having an impact on the people having to deal with the challenges every day, as he turned to Darpel of ACAMS who noted that it’s stressing the foundational and support structures within risk teams. These teams face an onslaught of fraud alerts and must stay ahead of the next fraud attack. This necessitates a broader, more holistic approach.

But as the industry faces waves of fraud, teams are working within their silos, firm to firm, and the anti-fraud sector has observed such data silos. Darpel pointed out “people silos” and knowledge silos also exist, with the need for support from the top level of an organization.

Leveraging agents and ML models in the fight against fincrime

Jackson picked up on Darpel’s points and observed that building disciplined teams around adjudication processes both in fraud and AML still makes sense in some cases. However, going forward, the key lies in understanding correlated and related activity and events. This is by no means easy, but bringing this up and evolving is what is needed. So, how can this be done?

It begins with understanding all the signals that go into a network, the process of labeling a risk signal, and levelling that up so viewing all those signals and orchestrating them becomes holistic. Next, extracting meaning from the data, and Jackson believes this is where agentic solutions can be leveraged.

Agentic AML agents or agentic fraud agents can help with reporting and insights. For fraud, a unified data layer, adaptive models that leverage machine learning, and embedded intelligence with behavioral biometrics are some of what’s required to evolve.

However, for machine learning ((ML) which is often equated to “AI”) to function, institutions will need proper data governance, a robust framework that utilizes consistent labeling of data. “If we want to use AI in a practical manner we need quality data and labeled data so it can do its job,” Jackson said.

On the other aisle, criminals are making very good use of data, Mainez pointed out, as they incorporate traditional and non-traditional data sources, being adaptive in ways that regulated industries cannot. Here, Mainez highlighted the advantages of a broader frame of view, thinking in terms of geopolitics, sanctions and analyzing suspicious behaviour using data analytics, as activity can arise from larger structural shifts. Advanced cybersecurity now brings in dark web monitoring and includes such signals into onboarding and account activity monitoring.

As the conversation moved more specifically into anti-money laundering, Jackson spoke on how AI models are being used in AML. As firms struggle with the volume of alerts, which necessitate compliance procedures, adoption of AI models is helping to reduce the amount of false positives in a feedback loop that strengthens the model.

Now, there is activity to leverage such tools to do the actual adjudication (deciding which alerts to pay attention to). However, this application requires more contextual event-based feedback, and this is only currently being tentatively applied, Jackson said.

“It needs strong governance, strong explainability, which is a difficult aspect because some of the regulators are not fully up to speed with where some firms are pushing the utilization of AI,” the PwC director said.

The best path forward lies in risk signals, biometrics, holistic thinking

Darpel summarized that the best path forward is to have a very strong risk framework that is inclusive of the entire organization — not just AML and fraud teams but a well-trained workforce that includes customer service educated in fraud and through to marketing partners and IT teams. The training would include a platform or channel so that teams can stay up-to-date on the latest happenings in fraud.

Jackson emphasized focusing on understanding what risk signals are available within the network. “There could be signals that you may not even be aware of through different types of edge devices and can they inform some inherent risk that is occurring?” he asked rhetorically.

He pointed to embedded intelligence as being “really important” with behavioral biometrics and anomaly detection as the path forward. He highlighted overall risk signal anomaly detection as key since new threat paradigms and vectors may appear that require a quick response, but such reaction speed is missing in many of today’s organizations.

Lastly, he underlined the importance of modernizing the internal data infrastructure — building a unified real-time data layer that can consolidate the risk signals. “It needs processes, procedures, governance, and probably strong data science,” he said.

Fratangelo wrapped things up noting that fighting AI-powered financial crime with legacy rules, fragmented data and siloed systems is not the way, when today’s threats are intelligent, coordinated, and operating at machine-level speeds. Defenses must evolve, with unification and intelligence.

With this, Seon has unveiled its upgraded command center for real-time fraud prevention and AML compliance. The expanded platform enables finer control over customer screening configuration, jurisdictional rule management, and deeper investigations, for compliance teams. “We’re giving teams the freedom to configure risk on their own terms,” says Tamas Kadar, Seon co-founder and CEO. Seon uses graph theory and network science to go beyond pattern matching, using its Network Graph to uncover hidden links between accounts via shared devices, behavioral patterns, and relationship signals.

Meanwhile, Experian has a new report: Unwrapping Fraud: Helping you to prepare for the festive season ahead. The report uncovers the range of techniques fraudsters use to exploit consumers, businesses and employees. As the holidays approach, fraud activity increases and Experian delves into identity theft, facility takeover, refund abuse and deepfake messages. The report blends Experian’s analysis with insights culled from the Cifas National Fraud Database.

Article Topics

behavioral biometrics  |  BioCatch  |  Experian  |  financial crime  |  fraud prevention  |  machine learning  |  Sardine  |  SEON  |  synthetic identity fraud