A recent report highlighted that the primary concerns for compliance teams in 2023 are real-time digital payments, digital fraud, and cybercrime. However, a new technology has emerged that poses both a threat and an opportunity for compliance and security teams – ChatGPT. Introduced in November 2022, ChatGPT has quickly gained over 1 billion users and has been embraced by criminals to create convincing fake profiles, documents, and transactions that can bypass even well-trained compliance personnel. ChatGPT is also a breeding ground for the development of bots and malware that execute cybercrime schemes and perpetrate scams aimed at obtaining sensitive financial information.
Criminals are using AI-generated messages to enhance the realism of impersonations, making scams more difficult to detect. This poses a significant challenge for compliance teams trying to differentiate between criminal and legitimate transactions. The rise of real-time payments and cybercrime in the past few years has increased the number of financial crime cases involving digital payments, account takeover, and payments related to ransomware and cryptocurrencies.
Financial institutions must employ digital identity solutions and leverage AI/machine learning technologies to combat this. Ironically, while ChatGPT serves as a valuable tool for fraudsters, it can also play a crucial role in detecting anomalies, cross-referencing against sanctions lists, and reducing false positives by analyzing vast amounts of data on individuals and transaction histories.
A Vice President, AML, from a Tier-1 bank said, I have just been playing around with ChatGPT in the last few weeks, and there’s the opportunity for some of these things to completely rewrite our entire workflow. I think that we are going to need to be able to monitor AML threats in real-time, and we’re going to need to turn to machine learning to start generating that.
Financial institutions must learn to fight fire with fire when it comes to the threat of generative AI like ChatGPT. The complexity of emerging criminal typologies, the speed and volume of real-time payments, and the growing intricacy of sanctions demand a proactive response.