๐Ÿ” Consumer Alert: Want to know how deepfake scams are targeting everyday bank customers? See our consumer guide: Deepfake Scams Targeting Your Bank Account Just Got 700% Worse โ€” ScamWatch HQ

Executive Summary

A landmark joint policy paper released on April 1, 2026 โ€” co-authored by the American Bankers Association (ABA), the Better Identity Coalition, and the Financial Services Sector Coordinating Council (FSSCC) โ€” has crystallized what many compliance officers have feared: generative AI has fundamentally broken the economic model of fraud prevention.

The headline number: $40 billion. Thatโ€™s Deloitteโ€™s projection for AI-enabled fraud losses in the United States by 2027 โ€” up from $12.3 billion in 2023, a compound annual growth rate of 32%. These arenโ€™t speculative numbers. Theyโ€™re grounded in observable data: deepfake incidents in fintech jumped 700% in a single year (2023 vs. 2022). Phishing campaigns that once required skilled human operators now run on autopilot, at a cost reduction of over 95%, while matching or exceeding human-crafted success rates.

The paper โ€” two documents, really, one tactical and one policy-focused โ€” identifies 10 specific attack categories targeting financial institution identity and authentication systems, and makes 20 policy recommendations across four major initiatives. The contributors? More than 130 senior executives from financial institutions, federal and state regulators, and cybersecurity specialists.

This is not a theoretical document. It is a compliance checklist in policy clothing.

This article breaks down every major finding, maps it to your existing regulatory obligations, and gives you the practical steps your compliance and risk teams need to start this quarter.

Key Statistics at a Glance

MetricFigureSource
Projected AI-enabled fraud losses (US, 2027)$40 billionDeloitte Center for Financial Services
AI fraud losses in 2023 (US baseline)$12.3 billionDeloitte
CAGR of AI fraud losses32%Deloitte
YoY increase in fintech deepfake incidents (2023)700%ABA/FSSCC paper
SARs tied to identity/authentication compromise42%BSA filing data (2021)
People victimized by AI-automated phishing60%Research cited in FSSCC paper
Reduction in phishing campaign cost (LLMs)>95%FSSCC paper
Increase in synthetic identity document fraud (Q1 2024โ€“Q1 2025)311%Sumsub/ACFE
Banks and fintechs reporting rising fraud rates (2025)67%BIIA
Deepfakes to be shared in 2025 (UK government projection)8 millionUK Government
Banking fraud losses by 2030 (Juniper Research)$58.3 billionJuniper Research

The AI Fraud Landscape: 10 Attack Categories

The FSSCC paper organizes the threat landscape around three primary attack vectors, each containing multiple specific tactics. Understanding the taxonomy is critical โ€” your risk assessment, your SAR narratives, and your exam responses all depend on being able to name and characterize these threats precisely.

Primary Vector 1: Deepfake-Driven Social Engineering and Impersonation

This is the category most compliance officers have been watching, but the pace of escalation is faster than most institutionsโ€™ controls have adapted to.

Attack Category 1: Deepfakes Against Identity Verification Systems (KYC Bypass)

Fraudsters generate synthetic facial imagery or video using generative AI to defeat document verification and selfie-matching systems during account opening. The quality of AI-generated face imagery now routinely passes first-generation liveness detection. Institutions relying on static photo comparisons or basic selfie checks are acutely vulnerable.

Compliance implication: Your KYC/CIP procedures need an explicit technology standard for liveness detection. If your third-party identity verification vendor cannot articulate their liveness detection algorithm and its testing against AI-generated imagery, that vendor relationship requires immediate re-evaluation.

Attack Category 2: Real-Time Deepfake Fraud (Voice/Video in Live Calls)

AI tools can now clone a voice or generate a live video deepfake in real time. This enables fraudsters to impersonate executives during wire transfer authorization calls, spoof a customerโ€™s voice to pass voice biometric authentication, or pose as a bank representative in a vishing (voice phishing) attack.

The 2024 case of a Hong Kong finance worker who transferred $25 million after a deepfake video call involving fake versions of company executives โ€” including the CFO โ€” is now cited as a template attack, not an anomaly.

Attack Category 3: LLM-Driven Vishing (Voice Phishing)

Large language models can conduct real-time voice conversations, dynamically adjusting responses to pass social engineering past trained employees. Unlike scripted robocalls, LLM-driven vishing adapts. It can handle objections, answer questions, and escalate urgency โ€” indefinitely, at scale.

Attack Category 4: AI-Generated Fraudulent Documents

Generative AI can produce near-perfect synthetic versions of driverโ€™s licenses, passports, utility bills, bank statements, and pay stubs. The documents pass visual inspection and many automated document authentication systems. The FSSCC paper explicitly calls out this vector as driving the 311% increase in synthetic identity document fraud observed by Sumsub between Q1 2024 and Q1 2025.

Primary Vector 2: Synthetic Identity Creation

Synthetic identity fraud is arguably the most insidious category because it is the hardest to detect and the hardest to attribute. Unlike traditional identity theft โ€” where a real victim eventually discovers the fraud โ€” synthetic identity fraud creates a victim that doesnโ€™t exist.

Attack Category 5: Synthetic Identity Creation (Blending Real and Fake Data)

A synthetic identity typically combines a real Social Security Number (often belonging to a minor, an elderly person, or a deceased individual with no credit history) with fabricated name, address, and date of birth information. AI tools have industrialized this process, enabling the creation of thousands of synthetic identities with consistent, internally coherent fabricated histories.

Once created, synthetic identities are โ€œagedโ€ over months or years โ€” establishing credit histories, making small payments, building bureau profiles โ€” before the fraudster executes the โ€œbust-outโ€: maxing out all available credit and disappearing. By the time the fraud is discovered, the synthetic person no longer exists.

Attack Category 6: AI-Enhanced Credential Stuffing

AI tools can generate and test massive volumes of credential combinations against financial institution login systems, adapting to CAPTCHA challenges and behavioral detection systems. Unlike traditional credential stuffing, AI-enhanced versions dynamically adjust timing, request patterns, and browser fingerprints to evade bot detection.

Attack Category 7: Adversarial Attacks on Biometric Liveness Detection

This is a technical but increasingly important category. Adversarial AI techniques can craft synthetic inputs โ€” images, videos, or voice samples โ€” that are specifically optimized to defeat liveness detection algorithms. The attack exploits known or discovered vulnerabilities in specific biometric algorithms.

Compliance implication: Vendor due diligence for biometric authentication systems now needs to include testing against adversarial AI inputs. NISTโ€™s upcoming updated guidance on biometric algorithms and liveness detection is expected to define minimum standards here.

Primary Vector 3: AI Agents as Attack Surrogates

This is the newest and most concerning category. It represents the full automation of fraud operations.

Attack Category 8: AI-Generated Phishing Campaigns

LLMs can generate personalized, contextually accurate phishing emails at scale with negligible marginal cost. The FSSCC paperโ€™s most striking data point: LLMs cut phishing campaign costs by more than 95% while achieving success rates equal to or greater than human-crafted campaigns. The result: 60% of people have fallen victim to AI-automated phishing.

This is not a technology problem. Itโ€™s an economics problem. When the cost of attacking drops by 95%, the volume of attacks increases by orders of magnitude. Your fraud teamโ€™s detection capacity has not increased 20x.

Attack Category 9: AI Agent Account Takeovers

AI agents can autonomously navigate financial institution websites and apps, executing complex multi-step account takeover sequences โ€” defeating knowledge-based authentication (KBA), manipulating chatbots, and completing fraudulent transactions โ€” without human intervention. The agent operates continuously, learning and adapting to detection attempts.

Attack Category 10: Automated Social Engineering at Scale

The combination of data aggregation (scraped social media, leaked databases, public records) with LLM-generated content allows adversaries to craft highly personalized, contextually plausible social engineering at industrial scale. An AI agent can research a target, draft a tailored lure, send it via the optimal channel, follow up, and escalate โ€” all autonomously.

Deep Dive: Deepfakes vs. Identity Verification

The arms race at the KYC checkpoint is where the $40 billion projection becomes most concrete. Every financial institution must remotely verify customer identity. Every remote identity verification system that relies on visual checks โ€” document images, selfies, liveness tests โ€” is now in scope as an AI attack surface.

How KYC Deepfake Attacks Work

Modern AI-generated face synthesis (GANs, diffusion models) can produce photorealistic images of people who do not exist. These synthetic faces can be:

  1. Injected directly into the camera feed during selfie capture, bypassing the physical camera entirely
  2. Used to generate a synthetic ID document (driverโ€™s license, passport) with matching fabricated face
  3. Animated into a short video clip that passes basic liveness detection requiring movement
  4. Enhanced with adversarial perturbations specifically designed to fool the liveness detection algorithm of a target verification vendor

The core problem: most commercial identity verification systems were trained on datasets that did not include high-quality AI-generated images. Their liveness detection algorithms are playing catch-up.

The Cryptographic Credential Answer

The FSSCC paperโ€™s most important insight in this space: a deepfake cannot spoof possession of a cryptographic private key.

Mobile driverโ€™s licenses (mDLs), implemented per ISO/IEC 18013-5, use asymmetric cryptography. The credential is bound to a specific device via a private key that never leaves that device. Authentication requires proving possession of the private key through a cryptographic challenge-response. No AI-generated image, video, or synthetic identity can satisfy that challenge.

This is the fundamental reason the FSSCC recommendations push hard for mDL adoption and phishing-resistant cryptographic authentication. Itโ€™s not a preference โ€” itโ€™s a mathematical property that defeats the current generation of AI fraud attacks.

What This Means for Your KYC Program

  • Short term (now): Audit your identity verification vendorโ€™s liveness detection capabilities. Ask specifically: What version of liveness detection do you use? Is it active or passive? Has it been tested against injection attacks? What is your false acceptance rate for AI-generated images?
  • Medium term (6โ€“12 months): Evaluate whether your CIP procedures need technology-specific minimum standards. The FFIEC is expected to update guidance here; getting ahead of that curve reduces exam risk.
  • Long term (12โ€“24 months): Build toward accepting mDLs as primary identity documents in your account opening flow, particularly for digital channels.

Deep Dive: Synthetic Identity Fraud

Synthetic identity fraud has been the โ€œinvisible fraudโ€ for a decade. AI has made it exponentially worse โ€” not by changing the fundamental mechanic, but by industrializing every step of the process.

The Fraud Lifecycle

Phase 1: Identity Assembly AI tools scrape, aggregate, and combine data from data breaches, social media, public records, and the dark web. An LLM can generate a coherent backstory, consistent address history, plausible employment record, and matching supporting documents. What once took skilled fraudsters hours per identity now takes seconds.

Phase 2: Identity Seeding The synthetic identity is submitted to credit bureaus via thin-file credit applications โ€” secured cards, small loans. AI agents can manage hundreds of synthetic identities simultaneously, making the small, consistent payments that build credit history.

Phase 3: Credit Building (โ€œPiggybackingโ€) Some sophisticated operations add the synthetic identity as an authorized user on legitimate accounts with strong credit history, rapidly boosting the synthetic identityโ€™s credit score.

Phase 4: The Bust-Out When the synthetic identity has achieved sufficient credit across multiple institutions, all available credit is drawn down simultaneously and the identity is abandoned. The average bust-out loss per synthetic identity is estimated at $15,000โ€“$25,000. At industrial AI scale, a single organized criminal operation can execute hundreds of bust-outs simultaneously.

Detection Challenges

The critical detection challenge: synthetic identities behave like good customers until the bust-out. Traditional fraud detection looks for anomalous behavior. A carefully cultivated synthetic identity has entirely normal behavior โ€” until it doesnโ€™t.

Effective synthetic identity detection requires:

  • Cross-institution data sharing (unusual for competitors, but increasingly necessary)
  • Identity graph analysis (detecting that the same SSN is associated with multiple name/address combinations across the industry)
  • Velocity analysis at identity creation (flagging multiple account applications using the same SSN across institutions within a short window)
  • SSA eCBSV verification โ€” the most direct tool, confirming that the SSN/name/date-of-birth combination actually exists in SSA records

Deep Dive: AI Phishing โ€” The 95% Cost Reduction Problem

The economics of AI-powered phishing deserve special attention because they represent a category shift, not a degree change.

The Old Phishing Economics

Traditional phishing operations required:

  • Human operators to craft email templates
  • Language expertise (especially for cross-language campaigns)
  • Social engineering experience to craft convincing lures
  • Manual operations to follow up with targets
  • Geographic and language limitations

These constraints kept phishing at a manageable (if large) scale. Fraud teams could reasonably staff detection and response.

The New Phishing Economics

LLMs changed every constraint simultaneously:

  • Template crafting: Automated, context-aware, requiring no human operator
  • Language expertise: LLMs write fluent, idiomatic text in any language
  • Personalization: Data aggregation + LLM = custom lures for every target, referencing real details (employer, colleagues, recent transactions)
  • Follow-up: AI agents conduct multi-turn conversations, adapting to responses
  • Scale: Limited only by compute, which is cheap and getting cheaper

The result: the marginal cost of one additional phishing attempt approaches zero. The per-attack cost reduction is over 95%. And success rates are equal to or greater than human-crafted campaigns.

The Authentication Vulnerability Stack

AI phishing succeeds not just because the lures are better โ€” it succeeds because the authentication systems at the end of the lure are still phishable.

The FSSCC paper is explicit: SMS OTP and push-based authenticator apps are phishable. A real-time phishing attack (Adversary-in-the-Middle, or AiTM) can capture a one-time passcode from an SMS and replay it within seconds. Push notification fatigue attacks (MFA bombing) have proven devastatingly effective against push authenticators.

Neither provides cryptographic proof of site identity. Neither is bound to the legitimate origin. Both can be relayed by a man-in-the-middle proxy.

Passwords are also phishable. Your password is a shared secret. Any proxy that intercepts it can use it. Password complexity requirements and rotation policies do not address the fundamental phishability of the credential type.

This is why the FSSCCโ€™s authentication recommendations focus on phishing-resistant authentication โ€” specifically, FIDO2 security keys and passkeys. These are not simply โ€œbetter passwords.โ€ They are architecturally different:

  • They use public key cryptography
  • The private key never leaves the userโ€™s device
  • Authentication is cryptographically bound to the origin (domain) โ€” a proxy cannot relay it to a different site
  • They are immune to replay attacks

Policy Paper Breakdown: 4 Government Initiatives

The FSSCCโ€™s policy companion paper makes 20 distinct recommendations across four major initiatives. Below is a detailed breakdown of each initiative, its compliance implications, and the near-term actions institutions should take.

Initiative 1: Identity Proofing and Verification Modernization

What policymakers are being asked to do:

  1. Stand up a Treasury Department-led task force to coordinate federal, state, and local agencies on closing the gap between physical credentials and digital equivalents
  2. Accelerate mobile driverโ€™s license (mDL) adoption, leveraging ISO/IEC 18013-5 cryptographic binding as a deepfake-resistant identity proofing path
  3. Expand the SSAโ€™s eCBSV system beyond the current limited set of credit-related financial services use cases to account opening, background checks, and broader identity validation
  4. Create federal grant programs for states to modernize identity infrastructure
  5. Build new attribute validation services at the IRS (tax records), State Department (passport data), and USPS (address validation)
  6. Establish a digital passport option for Americans
  7. Grant USPS authority for in-person identity verification services
  8. Issue updated NIST guidance on biometric algorithms and liveness detection technology

Why eCBSV expansion is the most critical near-term action:

The SSAโ€™s Electronic Consent-Based SSN Verification (eCBSV) allows financial institutions, with customer consent, to verify that an SSN/name/date-of-birth combination actually matches SSA records. This is the most direct tool against synthetic identity fraud โ€” it verifies that the identity exists in an authoritative government database.

Currently, eCBSV is limited to a narrow set of credit-related financial services applications. The FSSCC recommends expanding access to account opening across the financial services industry. This would allow every financial institution, not just certain credit providers, to cryptographically verify identity against SSA records at onboarding.

Compliance action: If your institution is within scope of current eCBSV use cases, implement it if you havenโ€™t. If not, begin tracking the regulatory expansion โ€” eCBSV access for broader account opening could become a regulatory expectation within 12โ€“18 months.

Initiative 2: Authentication Modernization

What policymakers are being asked to do:

  1. Direct financial regulators (OCC, FDIC, Fed, NCUA, CFPB) to update authentication guidance โ€” specifically FFIECโ€™s IT Examination Handbook โ€” to align with NIST SP 800-63-4 and give institutions explicit confidence that phishing-resistant authentication methods satisfy existing compliance requirements
  2. Encourage regulators to explicitly endorse FIDO security keys and passkeys for both internal systems and customer-facing applications
  3. Issue guidance against SMS OTP and push authenticator apps as primary second factors for high-risk transactions
  4. Avoid restrictions that limit data analytics for risk-based fraud detection

The SMS OTP Phase-Out: What to Replace It With

This is the most operationally immediate recommendation for most institutions. If your institution is relying on SMS OTP for:

  • Customer authentication for online banking
  • Wire transfer confirmation
  • Account change verification
  • Employee VPN/remote access

โ€ฆyou have a phishable single point of failure in your authentication chain.

Phishing-resistant alternatives, in order of practical deployability:

MethodPhishing ResistantDeployabilityUser ExperienceNotes
Passkeys (FIDO2/WebAuthn)โœ… YesHigh (browser/OS support widespread)Excellent (biometric or PIN)Best choice for customer-facing; now in most browsers
FIDO2 Hardware Security Keysโœ… YesMedium (requires physical key)Good (tap to authenticate)Best for privileged/admin access
PKI Smart Cardsโœ… YesLow (requires infrastructure)Fair (card reader required)Common in government/large enterprise
Push Authenticator (e.g., Duo, Authy)โŒ NoHighGoodVulnerable to MFA bombing; not phishing-resistant
TOTP (Google Auth, Authenticator apps)โŒ NoHighGoodRelay-able by AiTM proxies
SMS OTPโŒ NoHighFairMost vulnerable; sim-swappable; relay-able

Practical path for consumer banking:

  1. Immediately: Add passkey enrollment option for customers who want it
  2. Q3 2026: Make passkeys the default enrollment for new accounts
  3. 2027: Sunset SMS OTP for high-risk transactions (wire transfers, account changes)
  4. Ongoing: For customers who cannot enroll in passkeys, maintain SMS OTP but apply enhanced transaction monitoring

Practical path for employee/internal access:

  1. Immediately: Audit all internal systems using SMS OTP or push authenticators for privileged access
  2. Q2 2026: Deploy FIDO2 hardware keys for privileged access (IT admins, finance, C-suite)
  3. Q3 2026: Roll out passkeys for standard employee access to critical systems
  4. Q4 2026: Sunset SMS OTP for employee authentication

Initiative 3: International Coordination

What policymakers are being asked to do:

  1. Direct NIST, DHS, and Treasury to engage the EU and other allied nations on digital wallet interoperability and identity standards
  2. Increase U.S. participation in international standards bodies โ€” China and other adversaries are actively participating in ISO/IEC and other bodies that shape digital identity and authentication standards; U.S. participation is constrained by budget and staffing

Why this matters for compliance:

Cross-border financial services โ€” correspondent banking, international wire transfers, cross-border lending โ€” face compounding risk when identity standards diverge across jurisdictions. The EUโ€™s eIDAS 2.0 regulation is establishing a European Digital Identity framework. The U.S. has no equivalent federal framework.

For compliance officers at global financial institutions: expect increased examination scrutiny on cross-border identity verification procedures, particularly for customer segments with documentation from countries without strong digital identity infrastructure.

Initiative 4: Public Education

What policymakers are being asked to do:

  1. Treasury + CISA + financial institutions to run a national campaign on deepfake fraud threats
  2. A separate public awareness effort around passkeys and phishing-resistant authentication โ€” specifically to address the persistent misconception that โ€œgoing passwordless is less secureโ€

The misconception problem:

As Jeremy Grant of the Better Identity Coalition noted: โ€œWe didnโ€™t really see passkeys start to emerge at scale in the consumer space until late 2023, and the fact that most consumers now know what they are not even three years later is notable, given how long it takes most new technology to find its way to consumers.โ€

But consumer resistance remains real. Decades of โ€œmake your password strong and uniqueโ€ messaging has conditioned consumers to view passwords as security. Explaining that eliminating the password actually increases security requires overcoming deep-seated mental models.

Compliance action: Your customer communications and digital banking education materials likely still contain password guidance. Begin planning a communications refresh that introduces passkeys and phishing awareness in consumer-friendly language.

What Compliance Teams Must Do NOW: Practical Checklist

This section cuts through the policy analysis to actionable items. Organized by urgency and function.

๐Ÿ”ด Immediate (Within 30 Days)

Risk Assessment Updates

  • Add AI-powered fraud (deepfake, synthetic identity, AI phishing, AI agent attacks) as explicit risk categories in your enterprise risk assessment
  • Map AI fraud risk categories to your existing BSA/AML, operational risk, and cybersecurity risk frameworks
  • Brief your Board Risk Committee and CISO on the $40B projection and the FSSCC paperโ€™s findings
  • Assess your institutionโ€™s current exposure score across the 10 attack categories

Vendor Due Diligence

  • Contact your KYC/identity verification vendor(s) and request documentation on:
    • Their liveness detection algorithm version and testing methodology
    • Injection attack detection capabilities
    • Testing against AI-generated image datasets
    • Roadmap for NIST biometric guidance alignment
  • Contact your authentication vendors and ask for their passkeys/FIDO2 roadmap and timeline

SAR Narrative Review

  • Review recent SARs involving identity fraud or account takeover for patterns consistent with AI-enhanced attacks
  • Update SAR narrative templates to include AI-assisted fraud indicators
  • Ensure BSA/AML team is aware of the 10 attack categories and can identify them in transaction monitoring alerts

๐ŸŸก Short-Term (30โ€“90 Days)

Policy and Procedure Updates

  • Review Customer Identification Program (CIP) procedures for:
    • Technology requirements for identity document verification
    • Liveness detection standards
    • Whether current standards are sufficient for AI-generated document detection
  • Review authentication policy for explicit guidance on phishing-resistant authentication requirements
  • Add AI fraud risk to your fraud risk assessment (if separate from enterprise risk)
  • Update your incident response playbook to include AI deepfake scenarios (executive impersonation, KYC bypass, AI agent attacks)

Authentication

  • Inventory all customer-facing authentication touchpoints and categorize as phishing-resistant or phishable
  • Inventory all internal/employee authentication touchpoints and categorize
  • Identify highest-risk phishable touchpoints (wire transfer auth, account change auth, privileged access) for priority migration
  • Begin passkeys pilot for digital banking customer authentication

Training

  • Develop AI fraud awareness training for front-line staff โ€” focus on:
    • Real-time deepfake vishing calls (how to detect, how to verify)
    • AI-generated social engineering emails (behavioral signs, not just visual tells)
    • Escalation procedures when AI fraud is suspected
  • Train BSA/AML team on synthetic identity patterns and AI-enhanced credential stuffing

๐ŸŸข Medium-Term (90 Daysโ€“12 Months)

Technology and Infrastructure

  • Implement passkeys as an enrollment option for customer digital banking
  • Deploy FIDO2 hardware keys for privileged/admin access
  • Evaluate AI-powered fraud detection tools for transaction monitoring (complements behavioral analytics)
  • If in scope for eCBSV, ensure full implementation; track policy expansion

Regulatory Engagement

  • Monitor FFIEC updates to IT Examination Handbook for authentication guidance
  • Monitor NIST SP 800-63-4 finalization for identity proofing and authentication standards
  • Monitor FinCEN/OCC guidance on AI fraud risk disclosures and controls expectations
  • Track mDL adoption in your key states โ€” begin evaluating when/how to accept mDLs for account opening

Exam Preparation

  • Document your AI fraud risk assessment methodology
  • Prepare narratives describing controls for each of the 10 FSSCC attack categories
  • Develop key metrics and KRIs for AI fraud detection performance

SMS OTP Deprecation: Your Complete Replacement Guide

The FSSCCโ€™s call for SMS OTP phase-out is the most operationally disruptive recommendation โ€” but also, arguably, the most urgent. Here is a comprehensive guide to making the transition.

Why SMS OTP Must Go

SIM swapping: Attackers social engineer mobile carriers into transferring a victimโ€™s phone number to an attacker-controlled SIM. Every SMS sent to that number is now received by the attacker. Telecom carriersโ€™ verification procedures are no match for determined social engineers (or employees bribed by organized crime).

Real-time relay (AiTM phishing): A phishing proxy intercepts the victimโ€™s credentials and the SMS OTP simultaneously, replaying both to the legitimate site within the authentication window. Evilginx, Modlishka, and similar frameworks have made this attack trivially available to script-level attackers.

SS7 vulnerabilities: The signaling system underlying global telecom (SS7) has known vulnerabilities that allow technically sophisticated attackers to intercept SMS messages in transit. Nation-state actors and sophisticated organized crime groups routinely exploit these vulnerabilities.

LLM vishing: AI agents can call victims in real time, impersonating the bank, and request the SMS OTP that was just sent to them. The attack is entirely automated and runs at scale.

The FIDO2/Passkeys Architecture

Passkeys (FIDO2/WebAuthn credentials) work as follows:

  1. Registration: The device generates a public/private key pair. The public key is stored on the server; the private key never leaves the device.
  2. Authentication: The server sends a challenge. The device signs the challenge with the private key (requiring biometric verification or device PIN). The server verifies the signature using the stored public key.
  3. Origin binding: The cryptographic challenge includes the siteโ€™s origin (domain). A proxy presenting a fake site gets a signature bound to the fake origin โ€” which the legitimate site will reject. This makes relay attacks impossible.

Key characteristics:

  • Phishing-resistant by design (origin binding)
  • No shared secrets to steal
  • Biometric-friendly (Face ID, Touch ID, Windows Hello)
  • No hardware tokens required (synced passkeys work across devices)
  • Supported in all major browsers and platforms as of 2024

Implementation Roadmap for Consumer Banking

Phase 1: Launch (Months 1โ€“3)

  • Enable passkey enrollment in your digital banking app (iOS, Android, Web)
  • Position as โ€œeasier, more secure sign-inโ€ โ€” do not lead with security messaging
  • Target new account openings for passkey enrollment at onboarding
  • Publish help center content and in-app guidance

Phase 2: Incentivize (Months 3โ€“9)

  • Offer customers who enroll in passkeys: reduced friction for certain transactions, faster access to certain features
  • Begin prompting existing SMS OTP users to migrate during login
  • Set up passkey as default option for new accounts

Phase 3: Elevate (Months 9โ€“18)

  • Require passkey (or hardware security key) for high-risk transaction authorization: wire transfers over threshold, account changes, new payee addition
  • Maintain SMS OTP for customers who have not enrolled in passkeys, but apply step-up verification for high-risk transactions
  • Remove SMS OTP as an option for employee authentication

Phase 4: Sunset (Months 18โ€“30)

  • SMS OTP restricted to low-risk, low-value functions only
  • For customers unable to enroll in passkeys (accessibility needs, device limitations): alternative hardened path (hardware key, in-person verification for account changes)
  • Full elimination of SMS OTP for employee and privileged access

FIDO2 Hardware Keys for Privileged Access

For employee access to internal systems โ€” especially privileged admin access, financial systems, and any system with access to customer data โ€” hardware FIDO2 keys are the gold standard.

Leading options:

  • YubiKey 5 Series (Yubico) โ€” most widely deployed, extensive enterprise management
  • Google Titan Security Key โ€” FIDO2 certified, cost-effective
  • Feitian ePass FIDO2 โ€” budget-friendly alternative

Deployment guidance:

  • Issue two keys per privileged user (primary + backup)
  • Register backup key before primary deployment โ€” lost key lockout is a real operational risk
  • Integrate with your IAM/SSO platform (most enterprise SSO platforms now support FIDO2)
  • Document key issuance and recovery procedures in your access management policy

Regulatory Outlook: BSA, FinCEN, and Whatโ€™s Coming

The regulatory framework governing financial institution fraud prevention was built for a pre-AI world. The FSSCC paper is, in part, a message to regulators: the rules need to catch up.

Bank Secrecy Act (BSA) / AML

The BSA requires financial institutions to maintain Customer Identification Programs (CIP), Customer Due Diligence (CDD) procedures, and to file Suspicious Activity Reports (SARs) for suspected money laundering and fraud.

Current gaps:

  • CIP regulations (31 CFR 1020.220) do not specify technology requirements for identity verification. The โ€œreasonable beliefโ€ standard for document verification was written for in-person document inspection, not remote digital verification with AI-generated documents.
  • SAR guidance does not explicitly address AI-enhanced fraud patterns. Examiners are beginning to look for evidence that institutions can identify and characterize AI fraud in their SAR narratives.

Expected updates:

  • FinCEN has signaled increased interest in AI fraud risk disclosures. Expect SAR guidance updates in 2026โ€“2027 that explicitly address AI-enabled identity fraud typologies.
  • CIP rules may see amendments requiring minimum technology standards for remote identity verification โ€” particularly liveness detection for digital account opening.

FFIEC IT Examination Handbook

The Federal Financial Institutions Examination Councilโ€™s IT Examination Handbook includes guidance on authentication (the โ€œAuthentication in an Internet Banking Environmentโ€ guidance, most recently updated in 2011 and supplemented in 2021). This guidance is significantly outdated relative to current threat landscape.

What examiners are currently looking for (based on industry feedback):

  • Evidence that institutions have assessed their authentication risk in light of AI threats
  • Documentation of authentication controls and their effectiveness
  • Migration plans away from SMS OTP for high-risk transactions
  • Vendor due diligence on identity verification technology

Expected FFIEC actions (2026โ€“2027):

  • New or significantly updated authentication guidance aligned with NIST SP 800-63-4
  • Explicit endorsement of passkeys and FIDO2 as meeting or exceeding current authentication expectations
  • Potential examination procedures specifically addressing AI fraud controls

NIST SP 800-63-4 (Digital Identity Guidelines)

NIST is currently finalizing the fourth edition of its Digital Identity Guidelines (SP 800-63-4). This is the foundational document for digital identity assurance levels and authentication assurance levels. Key expected changes:

  • Explicit inclusion of passkeys as meeting higher authentication assurance levels
  • Phishing-resistant authentication required for Identity Assurance Level 2 (IAL2) remote identity proofing
  • Updated liveness detection requirements for biometric-based remote identity proofing
  • Guidance on acceptable use of mDLs as identity evidence

Compliance action: Begin aligning your identity and authentication controls to the draft SP 800-63-4 requirements now. The final publication is expected in 2026; FFIEC guidance following it will likely require compliance within 12โ€“18 months.

Potential New FinCEN Rules

The AML/CFT modernization agenda includes several regulatory actions that could directly address AI fraud:

  1. AI fraud risk in AML risk assessments: FinCEN may issue guidance requiring explicit AI fraud risk assessment as a component of institution-wide risk assessments
  2. SARs for synthetic identity fraud: Updated typology guidance to help institutions identify and report synthetic identity bust-outs
  3. Beneficial ownership registry integration: FinCENโ€™s Corporate Transparency Act beneficial ownership registry could be a tool for detecting shell entities created with synthetic identities
  4. AI tools for AML/fraud: FinCEN has been supportive of innovation in AML technology; guidance explicitly permitting AI-based fraud detection without implicating Fair Credit Reporting Act concerns is expected

The GENIUS Act Connection

The GENIUS Act โ€” pending federal legislation addressing digital assets โ€” includes a provision requiring Treasury to report to Congress on innovative technologies to counter illicit finance involving digital assets. Treasuryโ€™s recent report in response to this provision explicitly touches on digital identity verification for cryptocurrency transactions. This signals that AI identity verification standards may flow through the digital assets regulatory pathway, not just the traditional banking pathway.

Conclusion: The Arms Race Is Already Underway

The $40 billion projection is not a warning. It is a current trajectory. The fraud is happening now. The technology is deployed. The organized crime networks and nation-state actors are already running AI-enhanced fraud operations against your institutionโ€™s customers, accounts, and employees.

The FSSCC/ABA/Better Identity Coalition paper is the most comprehensive industry-government consensus document on AI identity fraud to date. Its significance is not its novelty โ€” practitioners have been aware of these attack vectors โ€” but its formalization. These are now officially recognized attack categories. The policy recommendations are now officially on the table. Regulatory action will follow.

For compliance officers, risk managers, and financial CISOs, the message is clear and urgent:

The question is not whether AI fraud will affect your institution. It is whether you will be ahead of the regulatory curve or behind it when examiners start asking about your AI fraud controls.

The institutions that will fare best are those that:

  1. Understand the 10 attack categories and have assessed their exposure
  2. Have begun the transition from phishable to phishing-resistant authentication
  3. Have audited and strengthened their KYC/liveness detection capabilities
  4. Have updated their BSA/AML program to detect AI-enhanced fraud patterns
  5. Are tracking the regulatory pipeline (NIST 800-63-4, FFIEC handbook updates, FinCEN guidance)

None of this requires waiting for regulatory mandates. The risk is real, the controls are available, and the expectation of competent risk management is already embedded in your existing compliance obligations.

Start now.

References and Further Reading

  1. ABA/FSSCC/Better Identity Coalition Policy Paper: Recommendations for Policymakers: Mitigating AI-Powered Attacks Against Identity and Authentication

  2. FSSCC Tactical Paper: โ€œMitigating AI-Powered Attacks Against Identity and Authenticationโ€ โ€” available at betteridentity.org

  3. HelpNetSecurity Coverage: Financial groups lay out a plan to fight AI identity attacks

  4. BiometricUpdate Coverage: Better Identity Coalition partners on gen-AI fraud threat mitigation guidance

  5. Deloitte Center for Financial Services: Deepfake Banking Fraud Risk on the Rise

  6. ACFE: Top Fraud Trends of 2025

  7. BIIA: Synthetic Identity Fraud Statistics 2026

  8. NIST SP 800-63-4 (Draft): Digital Identity Guidelines

  9. FFIEC IT Examination Handbook: Authentication and Access to Financial Institution Services and Systems

  10. SSA eCBSV Program: Electronic Consent Based Social Security Number Verification

This article was produced for ComplianceHub.wiki โ€” resources for compliance officers, risk managers, and financial CISOs. Information is educational and does not constitute legal or regulatory advice. Consult qualified legal counsel for institution-specific guidance.