How Deepfakes Are Disrupting KYC And Financial Security

Parya Lotfi is CEO & Cofounder of DuckDuckGoose, helping lead AI-driven deepfake detection in the fight against crime.
Financial institutions are being increasingly targeted by deepfake-enabled fraud during know your customer (KYC) processes. These sophisticated attacks threaten the integrity of identity-verification frameworks that support anti-money laundering (AML) and counter-terrorism financing (CTF) systems.
The U.S. Treasury's FinCEN has reported an increase in suspicious activity involving AI-generated media. It warns that "bad actors are seeking to exploit [generative AI]Meanwhile, Wall Street's FINRA has issued its warning: Deepfake audio and video scams could cost the financial sector as much as $40 billion by 2027, according to research from Deloitte's Center for Financial Services cited by the Wall Street Journal.
Biometric checks can no longer be relied on as the sole defense. A 2024 survey by Regula found that 49% of businesses across industries, including banking and fintech, have already encountered fraud schemes using audio or video deepfakes, with average losses approaching $450,000 per incident.
As these figures escalate, understanding the anatomy of a deepfake intrusion becomes critical for safeguarding customers, reputations and the global financial system.
Real-World Breach: Over 1,100 Deepfake Attempts In Indonesia
In late 2024, an Indonesian bank saw more than 1,100 attempts to bypass its digital KYC loan-application process in just three months, according to cybersecurity firm Group-IB.
Fraudsters combined AI-powered face-swapping with virtual-camera tools to spoof the bank's liveness-detection controls, despite the institution's "robust, multi-layered security measures." Potential losses from these intrusions have been estimated at $138.5 million in Indonesia alone.
As stated by Group-IB, 'AI-driven face-swapping tools enabled fraudsters to replace a victim's facial features with those of another person.' Thus, enabling them to exploit 'virtual camera software to manipulate biometric data ... deceiving institutions into approving fraudulent transactions' during KYC processes.
Inside The Deepfake KYC Fraud Playbook
Deepfake-enabled KYC fraud follows a methodical, multistage process:
1. Data Acquisition: Fraudsters begin by collecting personal data, in many instances using malware, social networking sites, phishing scams or the dark web. This data is then used to create convincing fake identities.
2. Manipulation: Deepfake technology is then used to alter identity documents. Fraudsters swap photos, adjust details or even re-create entire identities to bypass traditional KYC checks.
3. Exploitation: Fraudsters use virtual cameras or prerecorded deepfake videos to supply spurious biometric data to verification systems. This helps them evade detection of liveness by simulating real-time interactions.
4. Execution: With these tools in place, fraudsters can open fraudulent accounts, apply for loans and carry out high-value transactions, all while appearing completely legitimate.
This opens up a tough reality: The conventional authentication procedures, including facial recognition or document verification, are no longer sufficient to counter these advanced attacks. Consider that, on average, there has been one deepfake attempt every five minutes over the past 12 months, while, in a recent 2025 study, only 0.1% of people can spot deepfakes.
Fortifying KYC: A Multilayer Defense Strategy
Together, these issues highlight an urgent need for financial institutions to evolve from reactive incident response toward proactive, AI-powered detection and multilayer defenses.
Some of the technologies that companies should be considering in the fight against deepfakes include:
1. Multimodal Biometrics: Combine facial recognition with voice biometrics, behavioral patterns (e.g., typing rhythms) and advanced liveness cues to create overlapping verification barriers.
2. Explainable-AI Detection: Deploy AI tools trained to spot deepfake artifacts, such as unnatural flickering, mismatched body movement or inconsistencies between speech and facial expressions.
3. Layered Verification: Integrate document‐authenticity checks, geolocation validation and transaction‐pattern analytics alongside biometric scans to catch anomalies before account approval.
4. Continuous Monitoring: Extend fraud detection beyond onboarding. Real‐time AI monitoring of account behavior can detect suspicious transfers or device changes indicative of post-admission compromise.
5. Employee Training: Arm employees with deepfake-awareness training so they can spot red flags, such as off-sync audio or unnatural facial movement, in live or recorded customer interactions.
Beyond technology, institutions must establish robust internal protocols and cross-functional collaboration.
Traditional injection or presentation attack detection methods are inadequate, as deepfakes convincingly mimic human behaviors, even replicating nuanced physiological traits like our heartbeat pattern's influence on the skin color.
Thus, it's imperative that dedicated fraud response teams comprising compliance officers, cybersecurity analysts and customer-relations managers should regularly analyze fraud patterns and update KYC procedures. Regular onboarding audits and deepfake attack simulations proactively identify vulnerabilities. Clear escalation pathways ensure rapid, consistent responses to suspicious activities.
Implementing comprehensive governance policies is also essential for securely integrating new detection methodologies, ensuring compliance with emerging regulations such as the EU AI Act and privacy laws. Regular risk assessments and tabletop exercises stress-test KYC and AML protocols against evolving deepfake scenarios, allowing ongoing strategic adjustments.
Future Challenges And Evolution
Looking ahead, deepfake technologies will continue to evolve rapidly, driven by innovations like real-time voice cloning, hyper-realistic lip syncs and advanced text-to-video models such as Google's Veo 3 or OpenAI's Sora. Meanwhile, the increasing digitization of financial interactions and growing consumer demand for convenience inadvertently open new avenues for fraudsters using unpredictable, sophisticated generative AI methods.
To stay ahead, organizations must invest in cutting-edge research and collaborate with industry and academia to anticipate and adapt to these continually evolving threats.
Conclusion: A Continuous Battle For Digital Integrity
As deepfakes grow more sophisticated and widespread, financial institutions face a critical juncture: proactively adapting to new technological threats or risking severe financial and reputational damage. By adopting multilayered defenses, fostering continuous innovation and promoting internal readiness, banks and fintech firms can build resilient strategies capable of addressing the evolving threat landscape.
Staying ahead in the AI arms race is not just beneficial, it's essential to preserving digital integrity and customer trust.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

The Verge

36 minutes ago

• The Verge

Apple keeps pulling its own ads

Apple has taken down a new ad just one day after posting it, making it the fourth one removed in just over a year, as spotted earlier by MacRumors. The nearly eight-minute-long ad, titled 'The Parent Presentation,' featured comedian Martin Herlihy giving students advice on how to convince their parents to buy them a Mac. Apple posted the ad on Friday, but it disappeared from YouTube and the company's webpage for college students on Saturday. The iPhone maker also released an accompanying 81-slide presentation template that's supposed to give parents '45 undeniable reasons why a Mac is essential to college,' which still remains available for download on its site. Last May, Apple apologized for its 'Crush!' commercial, which showed a hydraulic press flattening a piano, record player, paint, and other creative tools, only to lift and show its new iPad Pro at the end. It was meant to demonstrate how many creative tasks can be completed with the device, but it sparked widespread backlash instead. Apple pulled the commercial from TV before removing it from YouTube. Months later, Apple pulled a 10-minute ad, called 'Out of Office OOO,' which showed a group of coworkers using Apple products on a business trip in Thailand, after receiving criticism from Thai citizens and lawmakers for portraying the country in a stereotypical and outdated way. Then, in March of this year, Apple took down an iPhone 16 ad with Last of Us star Bella Ramsey. Apple used the ad to show off an AI-upgraded Siri with features that aren't available yet, like recalling the name of someone they met months ago. Unlike the other ads pulled by Apple over the past year, there's no clear reason why 'The Parent Presentation' was taken down — other than some users on social media calling it 'cringe,' or raising questions about who the commercial's target audience was. The Verge reached out to Apple with a request for comment but didn't immediately hear back.

Forbes

an hour ago

• Forbes

The AI Hype Trap: Why Most CEOs Struggle To Unlock Real Business Value

Diganta Sengupta is a seasoned technology leader with deep expertise in artificial intelligence, Gen AI, Cloud computing, and blockchain. While collaborating with clients on cutting-edge AI initiatives, I've had a front-row seat to the rapidly evolving landscape of generative AI (GenAI). There's no doubt that it's a transformative force, and the excitement is palpable. Leaders see GenAI as a powerful enabler of innovation, efficiency and even cultural change within their organizations. But beneath the surface of this enthusiasm, a more sobering reality has started to emerge. I observed leadership become enthusiastic about leveraging AI to unlock insights from massive operational datasets, but the reality quickly became evident. Despite deploying advanced models, the organization lacked the foundational elements for scalable impact. In other words, data was siloed, inconsistent and often not AI-ready. Teams were stretched thin across too many pilot projects without clear alignment to business workflows. Flashy prototypes drew attention but failed to deliver lasting value without reengineering the underlying processes. This mirrors a broader trend. Seventy percent of CEOs fear that flawed AI strategies could lead to their removal, while 54% fear that competitors may already have more advanced AI implementations. AI systems learn from historical data. If that data encodes human biases against certain demographics, regions or business units, the AI will reproduce and even amplify those biases. While developing a prototype using certain datasets for a utility company, for example, I grappled with significant challenges around bias and fairness. These issues persisted despite the presence of seemingly robust governance frameworks. As we trained our AI models on historical operational and customer data, I noticed embedded biases tied to region, demographics and internal processes. These biases not only surfaced in the model outputs but were, in some cases, amplified. My two cents: CEOs must invest in bias-detection tools, diverse development teams and transparency mechanisms long before deploying AI at scale. Without these guardrails, AI initiatives stall as risk-averse stakeholders balk at unverified "black-box" systems. In another project integrating a large language model (LLM)-powered chatbot with an enterprise ERP system, I encountered AI hallucinations as the model confidently generated inaccurate and misleading information about customer orders. Despite rigorous prompt engineering and system tuning, we noticed that the LLM occasionally fabricated responses about inventory levels or order status. This experience echoed findings from a 2024 Boston Consulting Group survey, which revealed that while 75% of executives ranked AI among their top priorities, only 25% reported realizing substantial benefits from their AI initiatives. Tackle hallucinations with robust validation pipelines, keep human-in-the-loop review for critical outputs and ongoing monitoring of model performance. This is where the challenge becomes even more complex. In many of my AI pilots in the oil and gas sector, I've repeatedly seen issues like inconsistent formats, missing metadata and a lack of standardized governance across departments severely impact model performance. Despite having large volumes of rich data, much of it couldn't be used without extensive manual cleanup. Efforts to unify data governance were often sidelined in favor of launching high-profile AI initiatives. A Harvard Business Review Analytic Services survey similarly found that most companies' data is largely not ready for enterprise-wide AI, citing poor data quality as a key barrier. Without strong cross-functional data stewardship and quality assurance, even the most advanced AI models fall short. Before spending on fancy models, CEOs must champion cross-functional data governance, setting up practices on creating common taxonomies, automated data-quality checks and centralized platforms. Only then can AI be relied upon to deliver accurate, actionable insights. Working on the previously mentioned utility AI project also brought light to another critical and often underestimated concern—security and governance challenges that surround enterprise AI deployments. As we integrated sensitive operational and customer data into AI workflows, it became clear how vulnerable these systems can become without rigorous controls. Inadequate access management, insufficient encryption and lack of monitoring can create openings for potential ransomware attacks and unauthorized data exposure. In one survey, 35% of respondents cited mistakes or errors with real-world consequences and 34% pointed to not achieving expected value as top barriers. Both are rooted in security vulnerabilities and governance shortcomings. CEOs must elevate AI risk management to the same level as financial or operational risk. This includes rigorous model-risk frameworks, data-privacy impact assessments and alignment with evolving regulations such as the EU's AI Act. To harness the full potential of AI, I recommend applying practical, accountable strategies that organizations can adopt to drive real, scalable impact. • Establish cross-functional data governance. Form a governance council with IT, compliance and operations to ensure data ownership, accountability and consistent standards. • Implement data quality controls. Deploy automated checks for outliers, schema validation and data freshness to improve input reliability and mitigate bias. • Address LLM hallucinations with RAG. Use retrieval-augmented generation (RAG), prompt chaining and fallback mechanisms to reduce hallucinations. • Align AI projects with business goals. Prioritize initiatives tied directly to key KPIs (for example, safety, cost reduction, etc.), which can improve adoption and leadership support. • Pivot away from noncritical use cases. Reallocate resources from low-impact projects to high-impact workflows like downtime alerts for field engineers. • Focus on responsible AI deployment. Emphasize transparency, accountability and strategic value delivery to build trust and ensure scalability. CEOs who view AI adoption as a multidimensional transformation rather than a plug-and-play technology will be the ones ready to move beyond the hype and truly harness the AI power. The future of competitive advantage lies not just in having AI, but in embedding it thoughtfully and responsibly into the fabric of the enterprise. This will help transform AI from a conceptual promise to a tangible asset and help drive innovation and growth for the organizations. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?

Forbes

an hour ago

• Forbes

The Financial Frontier of Climate Risk and Resilience

Pedestrians walk past a stock indicator showing share prices of the Tokyo Stock Exchange (top-C) and ... More other overseas stock markets in Tokyo. (Photo by Kazuhiro NOGI / AFP) (Photo credit should read KAZUHIRO NOGI/AFP via Getty Images) As climate impacts intensify and financial markets adapt, two new reports —Howden's Insurability Imperative and the World Business Council for Sustainable Development's 2025 Business Breakthrough Barometer— reveal a reality that diverges sharply from the prevailing narrative. Despite headlines about ESG backlash and net-zero retreats, companies are not abandoning climate goals. They are embedding them into core strategy, shifting from compliance to competitiveness. At the same time, insurers are redrawing the boundaries of investability, making insurability a frontline filter for capital allocation. These trends mark a profound shift in how risk is understood, priced, and managed. Climate change is not tied to political cycles or market sentiment. Its impacts are structural and cumulative, reshaping both the physical world and global finance. As the Barometer notes, 'where governments lead with clarity, business capital follows'. In the absence of coherent policy, insurers are stepping in to decide what can and cannot be financed. With governments falling short, markets are beginning to price in climate resilience —and for many sectors, it's no longer optional. Climate Risk Is Market Risk The Business Breakthrough Barometer underscores this shift. Despite public skepticism and ESG backlash, most companies are not abandoning their goals. Instead, they are reallocating capital based on a more immediate truth, that climate risk has become business risk According to the Copernicus Climate Change Service, we are on track to breach the 1.5 °C warming threshold within six years or less. This is not a future concern but a present financial reality. Record heatwaves, vanishing ice and billion-dollar disasters are reshaping how risk is modeled and priced. As WBCSD president and chief executive Peter Bakker said in an interview: 'The climate won't wait for the market to find consensus. It won't adjust itself to quarterly earnings. What it demands is system change, in how we price risk, share it, and design markets around physical realities.' The economic transition is unfolding in ways that traditional business systems cannot manage. Companies still rely on linear models — forecasts, fixed returns, long timelines — while the net-zero shift is volatile, uneven and often misaligned with policy and consumer behavior. This misalignment plays out across sectors. EV production is accelerating while charging infrastructure lags. Carbon capture projects are stalling amid weak demand signals, while the decarbonisation of buildings is slowed by outdated codes and permitting bottlenecks. In each case, technological readiness is colliding with systems that are not fit for transition. As Bakker argues, sustainability must move from reporting to real governance, from targets to embedded decision-making. That means adopting robust frameworks like the ISSB's S1 and S2, aligning climate strategy with operational and financial reality. The Barometer reveals a decisive shift: 91% of companies surveyed have either maintained or increased their climate-related investments over the past year (as of May 2025). Crucially, 56% cited long-term competitiveness, not compliance, as the main driver. While high-profile exits from alliances like the Net-Zero Banking Alliance or corporate withdrawal and redesign of net zero targets dominate headlines, many firms are shifting focus. They are beginning to embed climate resilience into core business functions such as capital planning, supply chains and governance. 'We've got sufficient data to act,' said Bakker. 'The perfect mustn't delay progress.' Nowhere is this financial recalibration more visible than in insurance markets. Howden's new Insurability Imperative report warns that insurability is becoming a prerequisite for investability. As climate risks escalate, insurers are withdrawing from high-risk zones and redlining regions. What cannot be insured cannot be financed, and what cannot be financed cannot scale. Historical shocks have prompted similar responses: the Great Fire of London led to fire codes and insurance pools, while 19th-century boiler explosions catalyzed modern engineering standards. Today's escalating climate risks are driving a comparable redesign in how markets address risk particularly in infrastructure, agriculture, and real estate. Insurability now operates as an early indicator of systemic viability, determining which assets, sectors, and geographies remain viable. To secure capital companies must increasingly demonstrate resilience through adaptation planning, risk mitigation and long-term feasibility. 'Resilience is investable,' Bakker says. 'But only if we build the conditions to make it so, together.' This marks a deeper shift in how risk is understood and priced. Unlike weather patterns, climate change isn't cyclical—it brings long-term, structural disruption that's redefining business models and investment priorities. As the Barometer notes, where governments lead with clarity, capital follows. In the absence of coherent policy, insurers are stepping in to decide what can and cannot be financed. With governments falling short, markets are beginning to price in climate resilience and for many sectors, it is no longer optional. When Policy Stalls, Capital Retreats Bakker argues that the climate transition depends on aligning three forces: policy, business, and finance. Policy sets direction, business delivers scale, and finance provides capital. When these pillars are aligned, markets function but when they are not, the system stalls. This disconnect plays out across sectors and is creating tangible capital bottlenecks, with the misalignment especially visible in energy markets. While capital still flows disproportionately to low-risk, mature technologies like solar and wind, funding for capital intensive decarbonisation solutions like hydrogen and carbon capture are falling. In 2024, global investment in clean energy reached a record $2 trillion yet hydrogen investment declined by 42%, and carbon capture by 56%. These bottlenecks are not down to a lack of ambition but rather structural weaknesses, including lack of regulatory certainty, underdeveloped infrastructure, and crucially a lack of offtake agreements to guarantee long-term market demand. 'There must be offtake,' said Bakker. 'There must be market creation.' Policy must now evolve to enable markets, not just regulate them. Ninety-four percent of Barometer respondents said clear, consistent policy is essential to unlock climate investment but 54% no longer trust governments to deliver them. That credibility gap is already reshaping capital flows and creating geographic winners and losers. According to the Barometer, Asia and Europe are increasingly viewed as more attractive for investment than the United States. In the U.S., political volatility has undermined confidence in the Inflation Reduction Act contributing to nearly $15.5 billion in abandoned or scaled-back projects. 'Markets need frameworks that translate ambition into investable pathways and real-world price signals,' Bakker said. Insurability, investability, and effective regulation are now interdependent. Unless policy reflects the full scope of physical and financial risk, not just short-term political cycles, systems that look solid on paper may collapse under pressure. The growing pressure in insurance markets underscores the urgency as attention turns to COP30 in Brazil. 'We don't need another moment of intent' warns Bakker. 'We need a moment of delivery.' Two structural shifts are defining this new phase: implementation is moving from public to private actors, those who control supply chains, capital, and operations; meanwhile momentum is shifting from the Global North to the Global South, where climate vulnerability, economic growth, and industrial opportunity increasingly converge. The climate transition can be profitable, resilient, and equitable if businesses, policymakers, and financial institutions can co-create markets grounded in both physical and financial realities. The markets that align around this are likely to shape the next era of economic leadership.