Author

Husnain Bajwa

Published

30 April 2025

Estimated Read time

5Mins

Husnain Bajwa, SVP Product – Risk Solutions at SEON, on KYC detection and verification to combat fraud in financial services

Many fraudsters today are no longer just criminals – they’re technologists wielding powerful artificial intelligence (AI) as their primary weapon. As fraud techniques evolve, businesses are becoming increasingly vulnerable to sophisticated adversaries. With the rising wave of AI-powered fraud, traditional fraud prevention methods, which heavily emphasise Know-Your-Customer (KYC) processes, are struggling to keep pace.

Fraudsters have learned to exploit the inherent delays in standard KYC processes. They use AI to generate synthetic identities and automate infiltration techniques at an unprecedented scale. By the time most verification processes kick in, significant resources have already been spent, and potential damage has been incurred. To gain the upper hand, companies must move beyond isolated identity checks and adopt a more integrated approach. This combines pre-KYC detection with advanced KYC verification. A dual-layered defence system that’s both proactive and agile enough to adapt to the evolving threat landscape.

Introducing Pre-KYC fraud detection

Since KYC processes are essential for businesses to meet regulatory requirements and maintain compliance, the solution isn’t to abandon KYC but to transform it. Organisations must adopt a pre-KYC detection layer that detects fraud before it reaches verification processes.

What does this look like in practice? It starts by analysing a user’s digital footprint. This includes key data points, such as the age of an email address, phone number history, IP address patterns and social media activity. These indicators help assess the authenticity of a user’s identity. For example, a newly created email or an IP address associated with a known VPN service can be red flags, signalling possible fraudulent intentions and enabling businesses to proactively intervene before harm occurs.

Device intelligence further strengthens the initial stages of pre-KYC user verification. This technology detects discrepancies in device integrity, such as emulators, proxies or device spoofing techniques. These are common tactics fraudsters employ to conceal their true identities. Advanced device fingerprinting tools are critical in identifying when a device’s profile does not match its user’s provided details or shows unusual behaviour, adding an extra layer of security.

Adding to this framework, behavioural analytics play a pivotal role by monitoring how users interact with platforms. Analysing navigation patterns, session durations and behaviours during account setup can expose irregularities that suggest fraudulent activities. Indicators such as repetitive account creation attempts with varied data points or abnormally quick typing and navigation speeds often point to bot-driven fraud. This provides businesses with opportunities to intervene early in the user engagement process.

Combining Pre-KYC Technology with traditional methods

While pre-KYC tools can identify potential threats early, KYC verification remains essential for ensuring that the users who pass initial screening are legitimate. Once a user reaches this stage, robust identity verification methods must be in place to confirm the authenticity of the individual’s information.

Modern KYC processes must combine several features: document verification, biometric checks and address verification. The first, document verification, involves using optical character recognition (OCR) and machine learning to scan government-issued IDs and detect forgeries in real time. Additional security in this realm can be attained via facial comparisons – matching a user’s selfie with the photo on their ID – to ensure that the person behind the camera is the same as the one in the presented documentation.

Next, advanced liveness detection aids in combating both deepfake technology and image-based fraud – two fraud vectors on the rise. By requiring users to perform specific actions or gestures during verification processes, liveness detection ensures that fraudsters can’t simply upload a static image or video to impersonate someone. Lastly, address verification provides further protection, confirming a user’s address against authoritative databases or recent utility bills. These checks are crucial for businesses in regulated industries, where proof of residency is often a compliance requirement.

The growing threat of AI-powered fraud

Now that fraudsters can access AI tools, the fraud game has entirely changed. Bad actors can generate synthetic identities, manipulate biometric data and even create deepfake videos to pass KYC processes. Additionally, AI enables fraudsters to test security systems at scale, quickly iterating and adapting methods based on system responses.

In light of these new threats, businesses need dynamic solutions that can learn and evolve in real time. Ironically, the same technology serving sophisticated fraud can be our most potent defence. Using AI to enhance both pre-KYC and KYC processes delivers the capability to identify complex fraud patterns, adapting faster than human-driven systems ever could. These AI-powered tools don’t just detect fraud – they predict and prevent it by continuously learning from each attempted breach.

At the pre-KYC stage, machine learning (ML) algorithms can identify patterns and anomalies across vast amounts of user data, providing more accurate and faster risk assessments. As fraudsters evolve, these systems can recognise emerging fraud patterns, preventing bad actors from bypassing security.

Similarly, AI-driven verification methods can detect increasingly sophisticated forgeries and manipulations in the KYC phase. At the same time, adaptive authentication systems can increase or decrease the level of verification required based on the user’s risk profile. This flexibility strengthens security and enhances the user experience by reducing friction for legitimate users.

The stakes are set to climb

The battle against AI-empowered fraud isn’t just about preventing financial losses. It’s about maintaining customer trust in an increasingly sceptical digital marketplace. Every fraudulent transaction erodes confidence, and that’s a cost too high to bear in today’s competitive landscape.

Businesses that take a multi-layered approach, integrating pre-KYC and KYC processes in a unified fraud prevention strategy, can stake one step ahead of fraudsters. The key is ensuring that fraud prevention tools – data-rich, AI-driven and flexible – are as adaptive as the threats they are designed to stop. The future of fraud prevention isn’t about building higher walls; it’s about creating smarter, more adaptive and intelligent systems to anticipate and neutralise threats before they materialise.

  • Cybersecurity in FinTech

Author

Henry Balani

Published

18 September 2024

Estimated Read time

4Mins

Henry Balani, Global Head of Industry & Regulatory Affairs at Encompass Corporation, on meeting the demand for improved risk management, operational efficiency, and customer service with pKYC

The traditional banking and finance industry is evolving. Processes are experiencing a digital transformation as a result of perpetual Know Your Customer (pKYC). The pKYC approach enables modern banks to continuously update and verify customer information in real time. Banks are moving away from the reliance on periodic reviews. This change is driven by technological advancements. And the increasing demand for dynamic and responsive regulatory compliance mechanisms.

Perpetual KYC

Conventional KYC processes commonly involve periodic reviews of customer information at fixed intervals. These reviews are typically conducted every one, three, or five years. While these reviews are thorough and comprehensive, they are also static. This can result in outdated information, potentially overlooking changes in customer risk profiles or new compliance requirements.

On the other hand, perpetual KYC is dynamic and event driven. Through its continuous and automated approach, pKYC enables financial institutions to address risks and compliance needs in real-time. These risks can be determined by continuously monitoring customer activities. Furthermore, automatically updating profiles in response to specific triggers, including changes in personal information, significant transactions, or alterations in beneficial ownership.

Gaining a competitive advantage with pKYC

By leveraging pKYC, banks, and other regulated financial institutions can take advantage of a range of benefits. These are crucial in the modern digital era to gain a competitive edge. Through continuous monitoring, pKYC enables financial institutions to identify and address potential risks promptly. This real-time approach helps mitigate risks associated with financial crimes. Moreover, it ensures compliance with the latest regulatory standards.

pKYC will lead to operational efficiency and cost reduction. By automating many of the manual processes involved in KYC, pKYC significantly reduces the time and resources needed for compliance. This allows financial institutions to focus their efforts on high-risk cases, rather than conducting blanket reviews for all customers, resulting in substantial cost savings.

This process also enables many banks to improve their customer service and management. It also enhances the customer’s experience. With pKYC, customers are not subjected to frequent, intrusive reviews if their profiles remain stable. This results in a smoother and more positive customer experience, potentially increasing overall customer satisfaction and loyalty. Additionally, automated systems minimise human error and ensure consistency in applying KYC policies. This enhances overall regulatory compliance and reduces the risk of non-compliance penalties.

Perpetual KYC implementation: Challenges and considerations

Implementing a pKYC operating model is not straightforward. It requires the right blend of infrastructure and operating process. Every firm’s pKYC journey and ecosystem will be unique and cut across people, processes and technologies.

Data is central to the success of pKYC as reviews based on event changes (aka event driven triggers) will not be effective if client information is outdated, missing or incorrect. Without consistent access to relevant and accurate client information, pKYC is impossible. Corporate Digital Identity (CDI) is fast emerging as a foundation for ensuring valid customer information is collected for successful pKYC operations.

Being able to leverage this data requires an ecosystem of technology, which may be developed in house, utilising third-party RegTech providers, or a combination of both. This technology should drive how data is stored, structured and accessed so that pKYC triggers can be comprehensively managed. Customer lifecycle management systems (CLMs) are particularly relevant to pKYC as they connect all components along the workflow processes.

Importantly, overarching executive sponsorship is needed to ensure a successful outcome in transformation initiatives. Recognising the structural and cross departmental challenge, influential sponsors will align the multiple stakeholders involved in driving this change and will champion a firm’s pKYC strategy and approach to regulators and other key stakeholders.

Ultimately, pKYC must be future-proof and scalable, ready to adapt in line with business strategy and regulation to keep firms competitive.

The future of pKYC

The adoption of pKYC is growing, driven by regulatory pressures and the increasing complexity of financial crimes. Financial institutions are recognising the benefits of a proactive, real-time approach to compliance and risk management. The move towards pKYC is seen as a necessary evolution to stay ahead in a highly regulated and competitive financial environment.

As the technological landscape continues to evolve, integrating advanced technologies such as blockchain and further developments in AI and ML will likely enhance pKYC systems’ capabilities. Ensuring higher levels of compliance and risk mitigation, these technologies are able to provide more robust and secure mechanisms for customer verification and monitoring.

Blockchain technology can be utilised to further improve the initial customer authentication and validation process. As a result, we can expect improvements and advancements in the quality of customer data collected during initial customer onboarding processes. Financial institutions can then leverage AI-enhanced tools that can identify and collect the necessary attributes during document processing stages. This ensures that pKYC will utilise relevant, accurate, and up-to-date data. Perpetual KYC represents a significant departure from traditional, periodic KYC, as it offers a wide range of benefits in real-time risk management, operational efficiency, and customer experience. Although the implementation of pKYC poses certain challenges, it also provides numerous advantages, making it an increasingly attractive solution for financial institutions aiming to enhance their compliance and risk management frameworks and maintain a competitive edge in a rapidly evolving regulator landscape.

  • Cybersecurity in FinTech