When you buy through affiliate links in our content, we may earn a commission at no extra cost to you. Learn 
The growing use of artificial intelligence (AI) poses a cybersecurity threat to banks and other financial service providers — but it also creates opportunities to enhance compliance with fraud prevention and data privacy regulations.
Banks are also using the technology to create streamlined, personalized services for individuals and businesses by automating credit checks and targeted marketing.
But as cybercriminals turn to generative AI to find new fraud tactics, the financial industry needs to take note and prepare its defenses.
Derrick Loi, General Manager, International Business at China’s Ant Group Digital Technologies, recently talked through one case at the Digital Economy Summit in Hong Kong.
Loi cited an instance in January 2024 when a multinational company employee was invited to a conference call with his chief financial officer.
The person in the conference call looked and sounded like the CFO and asked the employee to wire five transactions totaling 25 million.
But, if you couldn’t see the twist coming, It turned out the call was a deep fake.
Loi said:
“In recent months, we have seen a proliferation of fraudsters using generative AI in order to create deep fake attacks, and that is something we are seeing as an increasingly alarming trend.”
Financial firms must now implement “more advanced predictive AI with machine vision to mitigate against such attacks,” Loi said.
Banking has changed massively over the last ten years — if you think you have a grasp of how it operates, think again, as we explore below.
Key Takeaways
- The rise of AI in banking brings both cybersecurity risks and opportunities — few industries have as much valuable data as finance.
- Banks are automating credit checks and fraud detection but face challenges when cybercriminals exploit AI for fraud
- Derrick Loi of Ant Group warns of deep fake attacks and urges the adoption of predictive AI with machine vision.
- The banking world of the early 2000s is beginning to look like a distant memory.
AI in Fraud Detection
Most financial institutions already use AI for crime detection and fraud detection, but two-thirds of respondents to a recent survey by fraud detection firm BioCatch said criminals are more effective at using AI to commit financial crimes than banks are at using it to detect crimes.
Around half of organizations lost between $5m and $25m to AI-related threats last year, and alarmingly, only 3% said their organization did not lose any money.
AI tools can help financial firms detect increasingly advanced AI-driven scams by analyzing account usage and interactions across devices and account-to-account transactions.
For instance, Mastercard has launched an AI-based Scam Protect product, which combines AI algorithms with identity, biometric data, and open banking capabilities to identify unusual customer behavior related to scammer activity.
Loi noted that companies can also use AI to ensure that transactions are secure while maintaining data privacy.
Examples given included:
- GenAI can learn typical customer behavior and transactions and recognize patterns that indicate fraudulent or illicit activity.
- By learning from biometric authentication or behavioral analysis, algorithms can adapt authentication protocols to address changing security threats.
- Through training, AI can become a virtual regulatory and policy expert, comparing policies and operating procedures to answer questions about regulation, company policies, and guidelines.
- Also, by checking cybersecurity vulnerabilities, generative AI tools can be useful in testing attack scenarios and simulating adversarial strategies.
- AI can assist software developers in writing secure code, automatically check code for regulatory compliance misalignment and gaps, and provide alerts for potential breaches.
Meanwhile techniques such as federated machine learning can enable payment service providers to collaborate with each other or with regulatory bodies, such as in anti-money laundering (AML) monitoring, without compromising the privacy of individual customer data.
With privacy on everyone’s minds, multiple companies can instead train models on decentralized data sources without sharing their customers’ Personally Identifiable Information (PII) or use generative AI to create synthetic data, which replicates the statistical properties of customer data without using real information.
This synthetic data can then be used to test new security measures and algorithms without exposing real customer data to potential risks.
Trevor Jung, Chief Digital Officer, Corporate Banking, at Bank of China Hong Kong, told the Digital Economy Summit that financial firms can then use the information to increase the effectiveness of their post-lending analysis.
He said:
“At the input there are lots of decentralized data — it can be trade, it can be facility documents, it can be payment collection — and we are using the algorithm to connect the dots between all the entities. From the output side we take out all the sensitive data,”
Automating Services
Fraud and anti-money laundering detection is particularly important in cross-border payments.
With the proliferation of AI-generated deep fakes, Ant Group is using more advanced predictive AI with machine vision to detect fraudulent transactions while maintaining data privacy, Loi said.
AI algorithms can also optimize currency exchange rates to increase the speed and efficiency of cross-border conversions. And when it comes to merchant payment services, whether domestic or international, AI can help merchants to personalize their marketing strategies.
The growing range of financial super apps also features third-party “mini apps” that allow users to complete more transactions in one place from their digital wallet.
Loi said:
“For example, you are able to buy a Starbucks from AliPay in Hong Kong, from True Money in Thailand, from Kakao in South Korea.
“This allows the merchants to grow their business, but more importantly, there’s data which allows the merchants to also optimize their marketing and promotions.
“This is where we have used AI to really personalize these digital marketing strategies in partnership with the merchants.
“This targeted marketing enables merchants and service providers to increase not only their transaction volume, but also the revenue generated from transactions.”
Using privacy-enhancing technologies (PETs) can help ensure that transactions are secure. In combination with AI and blockchain technology, banks can provide platforms for small and medium-sized enterprises (SMEs) with additional financial tools to be locally relevant to their customers, Loi said.
For instance, a local account enables an SME to pay their suppliers and receive payments from their customers in different countries in the local currency.
These platforms can also provide them with tools and insights into payment trends and patterns, enabling them to target their customers more effectively.
Modern Banking for an SME
Small businesses typically contribute more than 50% of an economy’s gross domestic product (GDP), so Loi noted that giving them access to affordable financing and using digital technology that provides effective risk management and credit risk scoring is critical to the growth of any digital economy.
Multi-party computation (MPC) allows multiple organizations, including banks, insurance companies, telecom service providers, and merchants, to share the customer data they collect in a way that does not identify individuals so that they can still comply with data privacy regulations.
This not only improves their joint marketing capabilities but also makes for better end-to-end credit risk scoring for credit ratings and micro-financing.
“Beyond having an AI data-driven platform to achieve credit risk scoring to provide affordable financing, SMEs also need to be able to better understand the various tools and services that are available,” Loi said.
To do this, AI can be used, for instance, to generate digital avatars that provide personalized services, such as video recordings that are part of the electronic KYC (eKYC) process for loan processing.
Natural language processing (NLP) can also automate document review, reducing the need for lengthy and complex manual review processes and the potential for errors. It can also update customers’ risk ratings based on changes in their KYC attributes.
“To be a bank of the future, we cannot just talk about AI. We need to look at API cloud platforms and big data platforms. We need to make sure we handle this properly so that with the data and technology, we are able to maximize the use of AI-based decision-making,” Bank of China Hong Kong’s Jung said.
The Bottom Line
The increasing use of AI for advanced forms of financial fraud poses a threat to financial services firms, but they can also use AI algorithms, machine learning, and computer vision to fight back and detect such scams.
AI systems provide opportunities for firms to streamline and improve their compliance with fraud prevention and data privacy regulations, such as AML, KYC, and GDPR.
At the same time, banks can use AI to automate credit checks and risk management for lending and personalize services for individuals and businesses with targeted marketing.
Put it all together… The banking of the early 2000s is beginning to look as quaint as the banking of the 1980s.
