Six key fraud, KYC and AML predictions for 2025

Technology is now astoundingly intelligent and accessible. It poses a significant challenge for fraud prevention in financial services, as there have never been so many ways for criminals to scam customers and bypass stringent security systems. 

In the 2024 Experian Fraud Report, 57% of businesses reported that fraud losses have increased in recent years. At the same time, just 68% reported feeling very confident in their ability to identify online customers – falling from 83% in 2023. We believe this fall in confidence is being driven by data breaches, AI adoption, the prevalence of personal information and context online driving increasing challenges in assessing identity. 

As we step into 2025, here are six of the most significant trends and shifts we believe will dominate the fraud and financial crime space; and how technology is being used to fight back. 

1. AI and machine learning

Artificial Intelligence (AI) has dominated the headlines in 2024, with alarming stories of how it can be misused. NatWest reported the fastest growing types of fraud in 2024 have been AI powered, accounting for 34% of crimes. It’s seen a notable increase in AI voice cloning, where fraudsters mimic customers’ voices to gain access to sensitive information, and deepfakes, where they generate fake images or videos of trusted celebrities to endorse a scam website.

Adversarial AI can also be deployed, which intentionally mislabels or manipulates data to confuse automated systems. A famous example shared by OpenAI showed that adding extra pixels to an image of a panda (which can’t be seen by humans) made the system think it was a gibbon. The newest AI models are far better at avoiding these mistakes, but they’re hard to avoid altogether.

However, according to We Fight Fraud, greater numbers of criminals are currently using generative AI for more lowbrow deception. It could be as simple as generating a profile picture of them with a fake dog or receipts for medical treatment to add legitimacy to fraudulent pet insurance claims. Often, fraudsters use AI simply to cover their tracks or scale their operations to commit more crimes, rather than commit complex identity theft.

From a business perspective, it’s important to understand how AI can enhance security. With AI-produced documents increasingly hard to spot, the latest AI-powered tools will be essential in spotting subtle anomalies and be less susceptible to confusion. They’ll also support fraud detection at scale, helping organisations keep pace with criminals without assembling massive, highly skilled teams overnight.

2. Synthetic ID fraud

In cases of typical identity fraud, a person’s entire identity is stolen and misused. It’s an established practice that banks now know how to quickly detect and prevent. However, in synthetic identity fraud, real people’s sensitive information (such as their national insurance or date of birth) is paired with fake personally identifiable information to create a synthetic identity.

With generative AI, an entirely new person can be created in a matter of minutes. Some criminals go as far as to fabricate entire social media accounts to make their fake identities feel more legitimate.

Synthetic fraud can be much harder to detect. Unless someone regularly checks their credit record, or is the target of debt recovery action, they may never realise fraudulent accounts or lines of credit exist. For that reason, homeless, elderly and very young people are at higher risk. 

Generative AI is also helping fraudsters produce more convincing fake identity documents to bypass security screening. It it thought that the number of fake passports produced through generative AI could now exceed the number of digitally-altered physical documents for the first time. It can also be used to change voices to avoid detection, rather than to be someone else.

Thankfully, combatting synthetic ID fraud doesn’t mean reinventing the wheel. Evolved customer due diligence and Know Your Customer (KYC) processes, which leverage AI, data and hard-to-replicate biometrics, are going to be highly effective at keeping platforms and assets safe. Smart orchestration also allows you to automate checks on electronic identity verification (EIDV), sanctions and any previous fraud offenses, allowing you to conduct a robust check without impacting the customer experience.

3. Cybercrime-as-a-Service

While it’s natural to imagine cybercriminals to be sophisticated and tech-savvy hackers, the reality is that powerful new tools are making fraud more accessible to a broader base of criminals, particularly as lots of AI-assisted fraud is pretty lowbrow. Criminals are also broadening the scope of their targets and looking beyond the wealthiest individuals. Data is also a valuable commodity that’s readily available on the dark web, which means it’s never been easier to find sensitive data that can be used for fraud.

Fraud rates are already beginning to rise. We could see them increase further if ‘Cybercrime-as-a-Service’ takes off, where criminals use tools to commit mass fraud for other criminals. If financial services firms are slow to adapt to this evolving threat, they may find it harder to protect customers’ money or Personally Identifiable Information (PII).

To protect against attacks, which are growing more frequent and sophisticated, it’s essential that financial firms are proactive about protection. In 2025, we’re likely to see organisations introducing significantly enhanced security protocols and more robust employee training to prevent financial crime slipping under the radar.

4. Increased pressure of compliance

Financial services firms aren’t just under pressure from criminals. They’re also facing increasing scrutiny from regulators as part of the Economic Crime and Corporate Transparency Act (ECCTA), which will penalise companies without robust fraud and AML protection processes in place from September 1^st 2025.

The Act bolsters existing standards and checks, including Anti-Money Laundering (AML), Know Your Business (KYB) and Know Your Customer (KYC). Its goal is to make financial services providers more effective at detecting and preventing crimes like fraud and money laundering, committed by individuals or businesses.

In her Mansion House speech in late 2024, the Chancellor expressed that even technology and telecoms businesses will be called upon to fight fraud. Considering scams are increasingly happening online, and that telecoms data can help to track down fraudsters, their cooperation will be key.

Another troubling development that regulators will be looking to crack down on is the complexity cryptocurrency adds to fraud cases. Funds can now be transferred to cryptocurrency wallets rather than exiting accounts as cash, adding yet another layer of complexity to money laundering.

The FCA has admitted that regulating and governing such decentralised assets is challenging, but it is exploring how to strengthen controls on cryptocurrency platforms and intermediaries. Many crypto trading platforms, such as eToro and CoinJar, are FCA approved and must already comply with money laundering measures. They’re also within the remit of ECCTA, meaning they could face heavy penalties if they aren’t doing enough to actively prevent fraud.

5. Data is the answer

Organisations know stronger checks are the only way to prevent fraud, but intrusive, time-consuming identity verification processes are not the answer. Any additional friction needs to be proportional, meaning customers’ activities are only disrupted if invisible background checks don’t suffice.

There isn’t a one-size-fits-all solution for quietly detecting and preventing fraud or money laundering, but reliable, comprehensive data should be a key part of any strategy. For example, in a case of synthetic ID fraud, a bureau-based KYC check will quickly flag that the name doesn’t match the sensitive information.

When standard checks fail to dispel concerns, data can offer historical context to support or refute an identity’s legitimacy. If a 40-year-old has never opened a bank account or any individual has applied for 20 loans in the past month, these red flags should trigger further investigations.

Data-based identity verification can even be as simple as checking if the phone numbers and email addresses used on applications have been legitimately associated with the customer. At the other end of the scale, behavioural biometrics, such as device orientation, copy and pasting or even typing speed analysis, can also flag fraudulent activity.

Crucially, many of these checks can happen invisibly using GDPR-compliant credit reference agency data, adding zero extra friction to most customers’ experience. If not, tools can automate customer analysis, making it simpler to spot patterns of suspicious activity.

6. Collaboration is key to prevention

To make sure fraud prevention efforts are both genuinely effective and resource efficient, it’s going to be even more important for financial institutions, regulators and third-party providers to work together. Collectively, the data and expertise held across the sector will prove incredibly powerful in tackling fraud and financial crime – particularly in detecting crimes like smaller-scale money laundering.

As we've identified 'plastic money mule’ fraud allowed fraudsters to exploit transaction monitoring loopholes on credit cards in response to tighter current account controls. The limited data individual companies hold makes it difficult to identify this kind of mule activity. One instance of overpaying debt and moving money to a different account may not trigger checks – even if that customer has done the same thing across 10 credit cards.

In the future, our collective power could be bolstered by securing data from big tech players, such as Meta and TikTok, to give us a better understanding of pervasive crimes like social media scams. The greater the amount of pooled contextual data we have, the easier it will become to spot troubling patterns and cross-provider crime. With new regulations in mind, collaborating for the industry’s best interests shows organisations are serious about preventing financial crime.