AI-Fueled Fraud Forces Banks to Rethink Identity Checks

Over the course of my career in global payments, one lesson has remained constant: trust is easiest to take for granted when systems are working, and hardest to rebuild once they break.

Digital onboarding has reached a similar inflection point, crossing an important threshold and evolving from a verification function into a critical control for managing financial crime across the digital economy.

Looking back on that evolution through the “over/under” lens, some assumptions proved right. Others underestimated the risk created by keeping compliance and fraud in organizational silos.

Financial Crime Begins Before the Transaction

Few trends were as predictable as the rise of identity verification from a supporting function to a core requirement of digital transactions. In payments, scale only works when trust is established early, and today even low-risk interactions increasingly require proof of identity.

What also became clear is that identity was never the end goal. Its real value lies in shaping onboarding decisions. After all, financial crime does not start at the transaction. It starts when the wrong actors are allowed through the door.

Getting the right employees, customers, businesses and partners into the system became the first and most effective line of defense against downstream risk. In large payment networks, that upstream discipline is what protects velocity without sacrificing control.

KYB Outgrew Static Onboarding 

The same pattern has reshaped business verification. Know your business (KYB) was once about confirming incorporation and ownership at onboarding. Today, risk lives behind the entity in ownership structures, networks of control and behavioral signals that change over time.

As regulators push harder on ultimate beneficial ownership, KYB is moving closer to the individuals behind the corporate veil.

Business identity is no longer static, and verification must persist beyond onboarding and continuously inform risk, just as payment networks have long monitored activity well after an account is approved.

Fraud Scaled Faster Than Expected

Where expectations fell short was the scale and persistence of fraud.

Fraud has evolved less through novel techniques than through scale. Automation and generative artificial intelligence (AI) allow bad actors to repeat simple, familiar tactics at a massive scale, hiding advanced attacks within overwhelming noise.

In payments, this pattern is familiar: when friction drops, abuse finds the gaps. Global fraud losses tied to AI-enabled crime are projected to reach $40 billion in the U.S. by 2027. Many organizations believe they can keep pace with these threats. Far fewer actually can.

The result is not just higher losses, but growing strain on systems never designed to process risk at this scale. Fragmented fraud and compliance teams are left chasing signals in isolation, while attackers exploit the gaps between them.

Agentic Commerce Raises the Stakes

That gap will widen as AI agents move into the flow of money. This shift changes the nature of trust. Once payment networks establish clear models for authorization, intent and liability, software will increasingly act on behalf of consumers and businesses to execute transactions.

Systems designed only for onboarding are not sufficient to deal with this. Managing agent-driven commerce at scale will require identity signals that persist beyond entry, adapt to changing behavior, and integrate directly into real-time risk decisions.

Without that, the same efficiencies that make agentic commerce attractive will amplify fraud just as quickly.

Preparing for 2026

The defining challenge heading into 2026 is efficiency in managing financial crime.

As fraud continues to scale, organizations are discovering that managing onboarding, compliance and fraud as separate functions creates blind spots they can no longer afford.

In response, compliance and fraud functions will increasingly converge into unified financial crime prevention teams, supported by systems that recognize trusted actors instantly, escalate friction only when risk rises and remain explainable under regulatory scrutiny.

For leaders, the question is no longer whether identity, onboarding and fraud belong together, but whether they will align them deliberately — or wait for losses to force the decision.