Can AML keep pace with AI-driven financial crime?

AML

In early 2024, a finance worker joined what looked like an ordinary video call with the CFO and a group of senior colleagues. In reality, every other participant on the call was a deepfake. By the time the scheme was detected, $25m had already been moved into fraudulent accounts.

According to Consilient, the technology behind that attack has only become cheaper, quicker and more accessible in the 18 months since. Deloitte forecasts that fraud losses enabled by generative AI could climb to $40bn globally by 2027, up from around $12bn in 2023.

Consilient recently discussed generative AI and financial crime, and the topic of what happens when deception outpaces control design.

The problem is clear. Synthetic identities, voice cloning and AI-assisted mule recruitment are already fully operational, yet most AML control frameworks were designed around historical patterns of financial crime.

Synthetic identities are now an industrial process

Synthetic identity fraud is nothing new, but the production model has been transformed. Where criminals once manually stitched together stolen pieces of personally identifiable information, generative AI now automates the fabrication of identities at scale, drawing on hundreds of millions of records leaked in data breaches.

False identity cases jumped 60% in 2024 compared with the previous year and now account for nearly 29% of all identity fraud. Synthetic identity document fraud rose 311% in North America in Q1 2025 alone.

Quality is as much of a concern as volume. According to Experian, AI can now generate counterfeit identity documents that are virtually indistinguishable from authentic ones, meaning onboarding controls built to detect human-level forgery are being tested against machine-speed, machine-quality fabrication.

The threat has since evolved further. By 2025, AI fraud agents had emerged that combine generative AI, automation frameworks and reinforcement learning, producing synthetic identities, engaging with verification systems in real time and adapting their behaviour based on outcomes. Standard KYC checks were simply not built for that.

Voice cloning in high-value payment fraud

Scammers need as little as three seconds of audio to build a voice clone with an 85% match to the original speaker, and source material is easily scraped from earnings calls, webinars or corporate podcasts. Most senior executives have hours of audio publicly available.

In 2024, a deepfake attack took place every five minutes, and 49% of surveyed companies reported experiencing audio or video deepfake fraud. Deepfake files ballooned from 500,000 in 2023 to 8 million in 2025, with fraud attempts using deepfake content rising more than 2,000% over three years.

The financial exposure for banks is substantial. Over 10% of banks have suffered deepfake-related losses exceeding $1m, with an average loss of $600,000 per incident. Even that is likely understated. The FBI’s 2025 Internet Crime Report logged $893m in losses attributed to AI-related scams, a figure the Bureau concedes is conservative because most victims never realise AI was involved.

Part of the detection challenge is human. One in four adults has experienced or knows someone affected by an AI voice cloning scam, and 70% doubt their ability to tell a cloned voice from a real one. Human verification was never a robust control; now it is barely a control at all.

The same criminal networks running these attacks then need somewhere to move the proceeds, and generative AI is assisting there too.

AI is scaling mule recruitment

Mule networks are the infrastructure that shifts and cleans criminal money. Recruiting and managing them used to demand time, local contacts and human oversight. That is changing.

The FCA reported that 226,957 bank accounts linked to suspected money mules were shut by 37 of the UK’s largest banks and payment firms in a single year. Notably, these are not the accounts monitoring systems would expect to flag. RUSI’s August 2025 report found roughly 60% of identified mule accounts were more than a year old, and 20% were over five years old. Aged accounts attract lower risk scores under traditional monitoring rules, which is precisely why criminals target them. Mule accounts should therefore no longer be treated as a single account type: some are opened with synthetic or fabricated identities, while others are genuine, aged accounts that have been recruited, rented, compromised or taken over by criminal groups.

The speed of fund movement compounds the challenge. Nearly 28% of money passing through identified mule accounts left within 15 minutes, with a further 25% gone within an hour.

Recruitment is also scaling rapidly. AI-generated scripts, personalised outreach and automated follow-up allow a single criminal group to run operations across multiple platforms at once.

Security Brief said, “We are seeing the social engineering component of money laundering scale at a rate that challenges existing controls.”

In 2025, one in four respondents reported being targeted for money mule recruitment, and most had no idea what they were being drawn into.

Why AML controls struggle to keep up

Traditional fraud scripts were developed offline, honed through trial and error, then deployed at scale. That iteration cycle used to take time. Generative AI has compressed it to almost nothing.

The FBI has warned that generative AI cuts the time and effort criminals need to deceive their targets, and can even correct the human errors that might otherwise act as warning signs. Language models produce contextually accurate communications that mimic the tone and style of a specific organisation, generating dozens of variants simultaneously and optimising for whatever works.

BEC attackers are now using chat-generation tools to craft executive-impersonation communications with precise tone and contextual detail, then layering in voice cloning to place follow-up calls confirming wire transfers.

There is a deeper structural issue. Most AML transaction monitoring systems, including ML models, are trained on historical data and detect deviations from patterns learned in the past. That approach works when criminal behaviour is relatively stable. It breaks down when deception evolves faster than the training data. By 2026, manual reviews, static rules and delayed investigations are widely acknowledged as obstacles to effective financial crime prevention. A synthetic identity is engineered to pass current verification checks, a voice clone is built to clear current authentication thresholds, and a mule recruitment script is optimised against current detection logic. A model trained six months ago may have zero exposure to methods being used against institutions today.

Institutional silos make things worse. A synthetic identity technique that circumvents one bank’s onboarding controls is likely being deployed across multiple institutions at once, yet siloed models have no visibility into that.

What regulators expect and what detection requires

Regulators have made clear through guidance, examinations and enforcement actions that automation does not dilute accountability, and that oversight expectations rise as AI becomes more sophisticated.

Supervisors are also arming themselves. In April 2025, the Bank for International Settlements rolled out an AI-driven toolkit designed to strengthen on-site supervision and decision-making. Compliance teams are now benchmarked against peers and assessed by supervisors running advanced detection of their own.

So what does detection require when the threat is adaptive? It is certainly not a better single-institution model. As criminal organisations diversify and operate across multiple banks, consortium data becomes essential, enabling institutions to identify patterns and connections invisible in isolation and to build profiles across hundreds of millions of entities and counterparties.

Federated learning provides the structural fix, allowing institutions to train on collective behavioural intelligence across a network without raw data ever leaving individual firms. With that in place, a synthetic identity surfacing across three banks simultaneously becomes visible, and a mule account that appears low-risk on its own reveals a pattern only detectable at network level.

“Banks leveraging AI-powered models have seen a 260% uplift in fraud detection rates compared to traditional methods, across analysis of 124 billion transactions.”

Consilient’s federated learning models deliver precisely this, exposing cross-institutional behavioural patterns for synthetic identities, high-risk typologies and anomalous activity that single-institution models structurally cannot see. The resulting 88% reduction in false positives and 3x efficiency gain demonstrate what becomes detectable with network-level signal.

Deception that learns needs detection that does too

Generative AI has not altered the fundamentals of money laundering. Placement, layering and integration still describe how illicit funds move through the financial system. What has changed is the sophistication of the entry point and the speed at which criminal networks can iterate and adapt.

Controls built for a static threat environment will always struggle against an adaptive one. That is a structural mismatch, and one that single-institution models, however well constructed, cannot resolve alone.

The question every institution should now ask is simple: was your detection framework built around what financial crime looks like today, or what it looked like when the model was last trained?

Read the full Consilient post here. 

Read the daily RegTech news

Copyright © 2026 RegTech Analyst

Enjoyed the story? 

Subscribe to our weekly RegTech newsletter and get the latest industry news & research

Copyright © 2018 RegTech Analyst

Investors

The following investor(s) were tagged in this article.