UK firms across financial, legal and property sectors are increasingly exposed to AI-driven financial crime with many still relying on manual processes to combat rapidly evolving threats.
Research from SmartSearch shows that 33% of firms now view AI-driven decision-making tools as their biggest technological threat, while 91% believe emerging technologies such as Mythos pose a high risk to compliance frameworks.
Despite this, more than half (54%) of firms continue to rely on manual identity checks as their first line of defence, creating a widening gap between criminal capability and corporate protection.
The findings come as identity fraud continues to rise, with losses reaching £600m in the first half of last year, driven in part by the use of synthetic identities and automated systems to open accounts and move funds at scale.
TIGHTENING ENVIRONMENT
Phil Cotter (main picture, inset), Chief Executive Officer at SmartSearch, says: “Trying to catch AI-generated fraud with a manual checklist is like sending a fax to stop a cyberattack.
“The criminals targeting UK firms are deploying AI to build synthetic identities and exploit gaps at a speed and scale that human review simply cannot match. The threat has moved on. For too many firms, the tools haven’t and that presents a corporate risk that is growing and evolving by the day.”
The regulatory environment is also tightening, with the Financial Conduct Authority set to become the single anti-money laundering supervisor for professional services by 2027.
Upcoming changes to money laundering regulations will require firms to identify ultimate beneficial owners more rigorously, while further reforms targeting overseas entities aim to close loopholes used to obscure illicit funds.
CRIMINAL LIABILITY
At the same time, the introduction of the Failure to Prevent Fraud offence next year will increase accountability for senior leaders, with directors facing potential criminal liability if compliance systems fail.
Cotter adds: “Directors will soon face personal criminal liability for fraud that filters through compliance cracks. At that point, ‘we had a process’ is not enough.
“Firms need to prove it worked. Automated, electronic verification can conduct individual checks in seconds and business checks in minutes, cross-referencing data at a scale and speed no manual process can match.
“That is the only way to demonstrate, with confidence, that reasonable steps were taken to prevent fraud from getting through.”
