The Personal Investment Management & Financial Advice Association (PIMFA)

Dictionary

Login Home
Filter by Topics

The perfect fraud storm: How AI is giving criminals an unfair advantage

Fraud is getting harder to spot, and the advent of Artificial Intelligence (AI) is a big reason why.

The perfect fraud storm: How AI is giving criminals an unfair advantage

Fraud is getting harder to spot, and the advent of Artificial Intelligence (AI) is a big reason why. What used to stand out in fraud investigations – bad grammar, mismatched documents, suspicious requests – is being replaced by entirely fabricated identities and behaviours that feel convincing enough to pass as real.

For the wealth services sector, that shift is making it much tougher to tell genuine clients from carefully constructed fakes, especially when everything looks seemingly above board at first glance.

Fraudsters are no longer relying on poorly written emails or obvious fake documents. They’re using tools that can mimic a real person, create fake identities, and behave in ways that, to many, is uncomfortably close to legitimate client activity.

The risks are no longer theoretical. In 2026, the CEO of a Singapore-based company  totalling US$36.3 million after being deceived by a scammer posing as the firm’s chairman, demonstrating how convincing modern impersonation attacks have become.

Where AI is being used against wealth service firms

AI-assisted fraud is already showing up in ways that feel uncomfortably close to everyday operational processes. One of the most common methods is synthetic identity creation.

Here, fraudsters are building entirely fabricated client profiles that hold up under standard checks. Combining a mix of real and fake data, bad actors are then using AI tools to generate supporting documentation that passes superficial checks. Utility bills, bank statements, and identity documents can now be produced at scale with consistent formatting and realistic detail.

Deepfake technology is also making fraud harder to spot during client onboarding checks. Instead of clearly fake video calls, criminals can now alter faces or voices, so they still sound and look real. Earlier this year, The Guardian reported that “deepfake fraud is taking place on an industrial scale,” citing just how easy and inexpensive these scams are to deploy at scale. In the wealth management sector, where trust is often built through conversation, these small changes can be easy to miss and create risk during key approval decisions.

There is also a growing risk around injection attacks, where fraudsters try to trick onboarding systems by feeding them information designed to confuse or mislead the checks themselves. During client identity verification processes, this can include edited images, hidden changes in documents, or data meant to fool automated tools into approving false identities.

As firms continue to rely on software to support onboarding, this type of attack is increasingly aimed at the systems themselves rather than just the people using them to verify client identities, making them harder to spot and manage.

When AI fraud turns into a compliance problem

Once a synthetic identity, cloned persona, or manipulated onboarding record is accepted, it can sit inside a firm like any other legitimate client. From that point on, it becomes much harder to challenge. Activity begins to look normal, communication follows expected patterns, and transactions blend into everyday business without raising immediate concern.

But this is where the risk starts to build.

Funds can move through standard payment processes even when the underlying purpose of the transaction or source of wealth hasn’t been properly verified. AI-generated content can reinforce that false sense of legitimacy, with emails written in a consistent tone, requests that mirror genuine client behaviour, and supporting documents produced on demand to justify activity that would otherwise look questionable.

Once inside the system, the deception is easy to maintain. Transactions linked to the client appear routine on the surface, even if the foundations are weak. Supporting paperwork can be generated quickly, making activity seem properly evidenced when it doesn’t match the client’s real risk profile or expected behaviour.

If this isn’t identified early, firms can quickly fall out of step with their Anti-Money Laundering (AML) compliance obligations.

Ongoing monitoring depends on having an accurate, up-to-date understanding of who the client is and what normal activity looks like for them. When that starting point is wrong, everything built on top of it is compromised.

What’s more, client risk ratings are supposed to evolve as new information comes in, but if a fake or manipulated identity has already been accepted, the system is effectively updating risk based on false assumptions. As a result, higher-risk or irregular behaviour may be misclassified as low risk, meaning unusual transactions may not receive the level of scrutiny they require.

Often, by the time the issue is spotted, dirty money may have already moved through multiple accounts or even across borders, making it harder to trace and contain.

This can leave firms exposed not only to regulatory fines, but also significant reputational damage that can take far longer to repair than the compliance breach itself.

Fighting fire with fire in the battle against AI-driven fraud

However, the same technology helping fraudsters create convincing fake identities is also helping firms expose them.

For the wealth and investment industry, the onboarding process has become one of the most heavily targeted stages of the client lifecycle, and traditional document checks and manual reviews are finding it harder to keep pace.

This is where firms are turning to AI-driven tools to spot patterns, identify anomalies, and surface risks that traditional controls can miss.

Modern verification platforms can analyse identity documents at a level far beyond what the human eye can detect. Rather than simply checking that a passport or driving licence looks genuine and the details match what your client has provided, AI-powered verification tools can carry out forensic-level document checks, detect signs of digital manipulation, identify inconsistencies within documents, and flag anomalies that may indicate fraud.

Biometric verification adds another layer of protection. Advanced facial matching technology can compare a user’s selfie against their identity document while liveness detection helps determine that the person presenting the document is physically present, rather than a photograph, video recording, screen replay, or AI-generated deepfake.

As fraudsters become more familiar with AI systems, some are attempting to fool the technology itself. This can include using manipulated camera feeds, altered images, or other techniques designed to make fake identities appear genuine during the verification process. Modern identity verification platforms are becoming increasingly effective at spotting these attempts, detecting signs of infiltration and suspicious activity before a fraudulent application can be approved.

Together, these layers can provide firms with a higher degree of confidence that the identity document is genuine, the individual is present during verification and the person presenting the document is its rightful owner.

As synthetic identities and impersonation attacks become more sophisticated, these controls are becoming increasingly important for firms handling high-value client relationships.

Disclaimer

The views and opinions expressed in this guest blog are those of the author and do not necessarily reflect the official policy or position of PIMFA. The author and their firm are clearly identified and responsible for the content provided.

You may also be interested in

Artificial Intelligence

Technology using algorithms and data to enhance decision-making, improve efficiency, and manage risks.
Where human expertise and AI work together to drive better decisions, speed and control. …
Free
Date & Time: 08th Oct 2026 (8:30) - 08th Oct 2026 (13:30)
Location: Publicis Sapient

The Wealth and Asset Management Operating Model Can’t Keep Up

Read this article from the PIMFA Journal #33 by Richard Doherty and Sumit Johri at Publicis Sapient about the traditional playbook built on manual processes, siloed business and technology functions, and relationship-driven models is no longer sufficient.

Shared Type: Shared Public
Published: April 28, 2026
Enjoying our website? Email us anytime with your feedback!