Back to The Intelligent Enterprise

How Banks Are Meeting Compliance Regulations and Fighting Fraud with AI and Machine Learning

by Bruce Orcutt, Senior Vice President of Product Marketing

To address the dual challenge of complying with KYC/AML/CFT regulations and forestalling criminal activities that may fall outside compliance requirements, financial institutions need a multi-front battle plan that addresses people, processes, and documents.


When famed American bank robber Willie Sutton was asked why he robbed banks, he replied, “That’s where the money is.” Today, banks are still “where the money is,” but criminal techniques have come a long way from the armed robberies that Sutton was known for.

Financial crime has gone digital, and cybercriminals are inventing new methods of fraud and money laundering as quickly as banks can implement countermeasures.

The origins of know-your-customer (KYC) and anti–money laundering (AML) regulations go back to the Bank Secrecy Act of 1970 and were strengthened after the attacks in New York City, USA on September 11, 2001. For the first time, cybercrime was officially codified as terrorism and received special attention in formulating counter-terrorism measures, including Combating the Financing of Terrorism (CFT).

Complying with these regulations can be effective in preventing fraud and theft, yet banks must remain vigilant and take additional steps to keep pace with rapidly evolving cybercriminal methods.

Financial crimes have evolved, and so have financial institutions

Driven by heightened competition and evolving customer expectations, financial institutions (FIs) rely increasingly on automation, mobile technology, and contactless interactions, while also defending against new vulnerabilities from nefarious actors.

Banks are highly vulnerable to cybercriminal activity, and studies by email security company Vade reveal that financial institutions are the most impersonated brands in phishing scams.

The FBI’s Internet Crime Complaint Center (ICCC) reports that “among the complaints received in 2022, phishing, personal data breach, and non-payment/non-delivery are the top incidents reported. And while phishing ranked number one, the associated dollar loss of $52 million is small in comparison to investment fraud which resulted in a $3.3 billion loss—increasing a staggering 127 percent from the previous year”1.

Banks and financial services rank second among industries in the annual cost of cyberattacks, costing businesses an average of $5.97 million USD in 2022.2

Identity Proofing and Affirmation

Download now

Preventing sophisticated crimes requires sophisticated measures

How can financial institutions counteract this constant flow of attacks? Manual oversight can be helpful but is inherently limited by a human employees’ inability to keep pace with the volume and speed of transactions on a 24/7 basis, combined with inadequate controls over transaction monitoring and reporting.

Plus, the increased risk of human error and challenge of keeping employees informed on the latest criminal techniques create additional risk of human employees engaging in financial crimes themselves.

Fortunately, today’s artificial-intelligence-driven technologies are providing banks with visibility into their processes and their content that’s needed to align with regulations, be flexible to adapt as conditions change, and put their data to work, securely and efficiently. With AI-driven technologies, banks are able to align with KYC/AML/CFT regulations and be flexible to adapt as conditions change.

To address the dual challenge of complying with KYC/AML/CFT regulations and forestalling criminal activities that may fall outside compliance requirements, financial institutions need a multi-front battle plan that addresses people, processes, and documents.

How AI and machine learning facilitate document chain of custody

Using the latest artificial intelligence (AI) and machine learning (ML) technologies, banks are provided with key capabilities in document chain of custody:

  • Validation of customer onboarding documents—both structured and unstructured—and their content at the point of entry
  • Intelligent extraction of content from those documents that can be validated and/or flagged as suspicious with human-in-the-loop if needed
  • Process discovery that reveals patterns of suspicious behavior between people and documents and gaps in processes that can create vulnerabilities for attack

This enables banks to have a means of scrutinizing documents to detect attempted fraud. Secondly, this visibility into their processes enables continuous monitoring for irregularities that could indicate fraudulent behaviors. Thirdly, intelligent automation brings new insight into the ways that people are interacting with processes and the documents that could indicate suspicious behavior.

Use case example: Customer Onboarding

If a customer submits a driver’s license as part of the onboarding process, a chain-of-custody record should incorporate when and how the document was scanned, how the data was extracted and verified, what happened to the scanned image after onboarding, and how the extracted data can be traced back to the document.

Any gaps in this chain could result not only in KYC compliance violations, but also in vulnerabilities that could be exploited by cybercriminals.

While most banks may have a good idea of how these processes should execute, the gaps between theory and practice may be broader than they think—and those gaps could present opportunities for fraud or data theft. By automatically mapping process execution, banks can track the lifecycle of customer and transaction data as it moves through and between processes with their essential documents and, if required, provide accurate documentation of the chain of custody.

Forecasting human-in-the-loop to remain vital to AI-solution success

AI-driven solutions can automatically review and monitor hundreds of processes and thousands of documents, quickly and accurately, to flag signs of possible criminal activity. AI will not replace human compliance and fraud prevention experts; on the contrary, it can be a game-changing asset that frees employees from routine oversight tasks and enables them to focus on more complex problems.

The combination of human expertise with a digital workforce to help financial institutions scale and adapt quickly creates a unique advantage in the battle against financial crime, enabling banks to comply with KYC/AML regulations while fortifying their own defenses against cybercrime—today, tomorrow, and for years into the future.

1 Source:

2 Source:

Bruceorcutt 99X99

Bruce Orcutt

Senior Vice President of Product Marketing at ABBYY

Bruce Orcutt is a veteran Product Marketing and Product Management professional with over 20 years’ experience in Enterprise Software. Bruce drives global product marketing for ABBYY's intelligent automation solutions that create business value for organizations. His go-to-market strategies accelerate the adoption of ABBYY solutions worldwide.

Connect with Bruce on LinkedIn.

Subscribe for updates

Get updated on the latest insights and perspectives for business & technology leaders


Connect with us