GenAI AML Guide to Discreetly Bypass Compliance
As most companies and bad actors are now using AI against each other, there has not been too much exposure of methods used in bypasses. We have covered some KYC and deepfake vulnerabilities, but the fraud world doesn't stop with just one component. Companies are racing to create their own AI agents to help automate and detect more AML and KYC checks. There are already some good examples, but most are essentially generating reports and summarizing research. People tend to embellish their technologies and how they function, but if you break it down enough, the components equal concepts that have existed for ages. When searching for a specific entity, AML checks using GenAI are essentially what Google, Bing, and Perplexity will do. Whether it is a person, Know-Your-Business (KYB), vessel, or crypto address, searching the web for hits is always helpful. Multiple datasets are sold for screenings, such as OFAC, Politically Exposed Persons (PEP) lists, and other country-sanction lists. The problem with some of them is getting a correct match against a name and continuously updating the checks. Relying on just public tools does not work, and plenty of commercial sources will provide even more information. Using these open source datasets, you can see here Data sources - OpenSanctions that the lists are massive. False positives are common if you share a similar name as someone and could result in additional reviews during an account opening.
There can still be mistakes, as we have seen the accuracy fail plenty of times, so it is not always the best idea for highly regulated industries to rely solely on AI. GenAI should be another tool to speed up AML and KYC reviews. Next, AML is not difficult for people who want to skirt around the lists. Whether it's terrorists, organized crime, tax evaders, corruption, or other parties that have fallen onto an AML hit, they have plenty of ways around it. Names are easy to change and so are creating shell companies and using layers of puppet ownership structure. GenAI helps specifically with this since it automates the cover stories of each component. The KYC part can easily be compiled using stolen identities with data matching actual government databases, and then documents can be generated as deepfakes. Entire companies with a website, LinkedIn, videos, and more can now be created with a professional look to match the expected business profile. However, this method is usually employed by people looking to develop burners and other quick schemes as this is not a long-term solution. Other AML fraudsters take a more conniving approach to bypass checks by finding a willing participant; they are in on the scheme or fooled into believing they are part of a legitimate endeavor. We have seen one scheme where people hire app developers for their accounts to distribute apps on Apple and Android for malware and spying. Keeping entities siloed is a crucial method by the launderers as they know eventually something will get caught. Still, they ensure their entire operations can operate smoothly during any inconveniences. It puts the defenders in a constant chase where even if they believe they detect a sanctioned entity, they have no idea that other parts are still operating freely.
The fraud industry is so vast that multiple levels of sophistication allow for different purposes, even between money laundering schemes. i.e., one fraudster on Telegram was looking for a Coinbase account with a long history that could be used as one mule during a laundering scheme. This shows you that bad actors understand all the fraud detection models being used and carefully plan to move funds around, not to trigger any alarms. GenAI has also made bank statements, financials, and more KYC documents easily generatable so they can bypass any manual reviews. AML compliance teams might detect a suspected case but even when they press hard everything looks legitimate further confounding the situation. The key to getting real detection metrics is a zero-trust principle and looking for ways that GenAI can not bypass or produce as reality. Non-fungible evidence is one method we have suggested to a client. For example, in the earlier case of a fake app developer, we proposed requiring Git history commits on GitHub, which would show the reality of the project. In this case, it is an extreme ask, but it is the only method of recourse when dealing with adaptive bad actors. It is critical to think outside the box and put a company or person in a position where they can not use AI as an escape.
In some examples, only government entities can solve the situation if you are dealing with an entity that is advanced enough. Take a case where a restaurant signed up for card processing and generates everything legitimately. They have a storefront, website, LinkedIn employees, paystub documents, bank statements, and more, all as a front. The only way to detect fraud would be through manual intervention, such as staking out the place with an AI camera to calculate the actual revenue based on customers using logic. In some countries, that might be easy, but others would restrict it for privacy concerns and highly illegal. Completely digital companies are even more accessible to create using AI for money laundering. They are 100x cheaper to generate and can operate stealthily for years before being detected. AML lists will be worthless in the future as they are missing vital biometric checks. Obtaining the biometrics of a terrorist would be difficult, and then distributing that to different companies and agencies as a shareable digital identifier would be even more difficult. Even if that gets adopted, biometric AML will be bypassed. Digital identities similar to what is done in the EU, AU, and recently China will be another identifier probably added in the future that can better detect AML violations. However, a country's likelihood of sharing the identifiers is close to nil. The centralization will continue, but solving the bypass issues will likely remain elusive as the schemes become more hidden.
One GenAI release by Google claimed that their Vertex AI tool could help with compliance: How Strise Uses Gen AI and Vertex AI to Accelerate AML Compliance | Google Cloud Blog. However, this is just making the process easier for compliance teams to look up sanctions and other lists. It allows businesses to fall into the trap of believing technology can solve all the problems, and as long as they cross off the AML scope, they are safe. Going back to how AML can be further improved using biometrics, it would require a multimodal approach, as we discussed in our article about the future of identity verification.
Some solutions could help, like Clearview AI, which uses massive datasets to capture everyone's facial biometrics from multiple sources, either online photos or live cameras. They work with mostly government agencies to screen for known terrorists and other offenders. i.e. it is not difficult to pinpoint someone on a facial database if they appear anywhere by a camera. This technology is also not state of the art anymore, and we expect adversaries to use the same methods using AI. They could use facial biometrics to spot abnormal people in an area and identify them to avoid any detection. The AML world crosses the globe, intersecting digital and physical economies, making it ripe for exploitation. GenAI is only accelerating the trend of laundering, becoming a more invisible threat that many AML solutions will no longer detect.