12 July 2023
As Nikhil Rathi, head of the Financial Conduct Authority calls for greater investment from financial services to combat fraud, RSM UK is urging businesses to be aware of the increased potential for exploitation of AI technology.
Erin Sims, associate director of fraud risk services at RSM UK, said: ‘While artificial intelligence can provide benefits to many businesses, in the wrong hands it also greatly increases fraud and cyber threats. In financial services, ‘bad actors’ are harnessing new technologies to find innovative ways to commit crimes so fast businesses are struggling to keep up. For example, deep fake technology can be used to clone a person’s voice in real time, so we are advising financial services firms to step up security with multifactor authentication, as biometric data becomes ever more compromised.
‘We also urge businesses to increase education among their workforce, customers, third parties and suppliers, to help them identify fraudulent attempts to gain access, and remember their staff are often the first line of defence. New AI technology presents an opportunity to fight fire with fire, as with ransomware booming and cyber-attacks hitting headlines daily, the automation AI brings can be a vital tool in the fight against fraud.’
Earlier this month, the EU AI Act became the first focused regulation on AI. As the UK develops a pro-innovation approach to AI regulation, any law will need to strike a balance of driving technological advancement whilst maintaining focus on the negative consequences that it brings. The UK is looking to harness relationships with the US in the autumn as it hosts the first global summit on the safety of AI.
RSM UK recommends financial services organisations should consider the following tips to protect themselves and their customers from the increased threat of fraud using generative AI:
- Implement policies addressing the risks of generative AI and regulatory frameworks
- Reconsider the use of biometric data for verification of identity
- Invest in cybersecurity software, cyber security professionals, IT audits, penetration testing and ongoing monitoring
- Provide and enforce diligent fraud and cybersecurity training across the business, focusing on higher risk areas.