Clari5

Menu

Tag: Anti money laundering

Person Not Present: What AI Agents Mean for Your Fraud Detection Stack

Posted on by Vivekananda J


Every fraud detection system in production today is built on one assumption: a human being initiates the transaction. That assumption no longer holds true with AI agents now able to initiate real payments for customers, at scale.

Mastercard launched Agent Pay in partnership with Microsoft, Stripe, and Google. Google’s Agent Payments Protocol has over 60 institutional backers, including American Express, PayPal, and Coinbase. India launched the world’s first national pilot integrating UPI directly into ChatGPT. Without a customer touching their screen, their AI agent can pay for groceries, book a flight, compare insurance premiums, and renew a policy.

This is payments infrastructure being laid across the world’s largest economies. And it changes the fraud equation in ways the industry has not fully absorbed.

 

From card-not-present to person-not-present

For two decades, card-not-present (CNP) defined the dominant fraud category. The physical card was absent, but a human was still on the other end, confirming intent, entering credentials, completing the action.

Javelin Strategy & Research describes what is now replacing it: person-not-present. The human is no longer at the point of transaction at all. The AI agent is the front-line actor. The authorization is indirect, and the initiating logic is not human-readable.

The distinction matters because CNP was an evolution within an existing trust model. Person-not-present breaks the trust model itself. Every verification method, every risk score, and every fraud rule in the stack was designed to answer one question: “Is this the right person?” When no person is present, that question has no answer.

And this is not a distant scenario. Datos Insights projects that 82 percent of midsize to large financial institutions will deploy GenAI into banking and payments workflows by the end of 2026. The infrastructure for AI-initiated transactions is scaling. The framework for monitoring them does not yet exist.

 

Why the current detection stack will not catch it

Rules-based systems evaluate transactions against static thresholds: Is this amount unusual? Is this merchant new? Is this device recognized? These questions assume a human made a decision to transact. When an AI agent initiates a purchase within its pre-set parameters, the transaction will look normal. It may pass velocity checks, come from a recognized device, and still be fraudulent.

Authentication will not catch it as there is no person present to authenticate. Bot detection will not catch it since the agent is legitimate and was invited in. The challenge is no longer separating bots from humans. It is separating legitimate agents from compromised ones that behave identically.

Consider what is no longer an edge case: a compromised agent redirected to transact with a fraudulent merchant. An agent exploited through prompt injection, executing transactions the customer never intended. An agent operating outside its authorized scope, where liability frameworks have not been written yet. Gartner projects that over 50 percent of successful attacks against AI agents will exploit access control issues using prompt injection through 2029.

 

The behavioral intelligence question

When the transaction initiator is not human, point-of-authentication controls lose their explanatory power. The question “Is this the right person?” becomes irrelevant. What replaces it is a different question entirely: “Does this action reflect the customer’s intent?”

That is a behavioral intelligence question. Answering it requires detection infrastructure built to evaluate patterns, sequences, and intent across the full session, not just the authentication moment.

This means analyzing how a session unfolds over time: Whether

  1. the sequence of events leading to a payment reflects genuine intent or manipulation
  2. an agent-initiated transaction aligns with the customer’s historical patterns of engagement
  3. the agent itself is operating within the boundaries the customer established.

Financial institutions that have invested in cross-channel behavioral monitoring are structurally better positioned for this shift than those relying on authentication-centric or rules-based models. The detection paradigm does not need to determine whether the actor is human or machine. It needs to determine whether the action is consistent with the customer’s intent. That distinction is what separates institutions that will detect agent-driven fraud from those that will discover it after settlement.

 

What this looks like in practice

Consider a retail banking customer who has used their account in a consistent pattern for three years: salary credits on the 28th, rent and utilities in the first week of the month, grocery purchases from two or three familiar merchants, and occasional travel bookings planned days in advance with browsing activity preceding the purchase.

The customer enables an AI shopping assistant. The agent is legitimate, authorized, and operating from a recognized device. Within its first week of activity, it initiates a high-value electronics purchase from a merchant the customer has never transacted with, in a product category with no historical precedent, and at a time that is inconsistent with the customer’s established transaction patterns.

A rules engine will see a valid payment within approved limits. Authentication is not triggered because the agent is operating under existing credentials. Bot detection is not triggered because the agent is not a bot. It is an authorized tool. But behavioral intelligence will see something different.

Behavioral intelligence will see a transaction that breaks the customer’s established pattern of engagement across multiple dimensions simultaneously: merchant category, transaction value, timing, and the absence of the browsing-then-purchasing sequence that has preceded every similar transaction in the customer’s history. That cluster of deviations, evaluated together and in real time, will generate the risk signal.

The agent may have been compromised through prompt injection. It may have been redirected to a fraudulent merchant optimized to look legitimate to automated tools. Or it may simply be the customer trying something new. Behavioral intelligence does not need to know the cause to flag the anomaly. It needs to surface the deviation from intent so the institution can act before settlement, not after.

 

The liability gap no one has closed

When a customer taps ‘Buy’, liability frameworks are well-established. This is not true when the customer’s AI agent does it.

OpenAI’s developer documentation places payment liability on merchants and their payment service providers. Google’s A2P Protocol introduces cryptographically signed mandates to create audit trails. Visa is tokenizing agent credentials with spending controls. Everyone is drawing lines, but no one knows where the boundaries will settle.

Javelin’s payments analysts put it plainly: the players involved are keenly aware of what is at stake, but the liability questions remain open. For financial institutions, that uncertainty is not a reason to wait. It is the reason to ensure that the detection infrastructure can distinguish between a legitimate agent acting on verified intent and an agent that has been manipulated, before the settlement window closes.

 

The question that matters now

When the AI layer your institution deployed to improve customer experience becomes the vector through which fraud enters your system, what in your current detection stack will catch it?

Gartner projects that 25 percent of enterprise breaches will trace to AI agent abuse by 2028. The institutions answering that question now will not be reacting to the next wave of agent-driven fraud; they will have already built for it.

How UAE’s New AML Rules Change the Game for Financial Institutions

Posted on by Vivekananda J
Entering 2026, the UAE’s financial sector is operating under a fundamentally different regulatory and market dynamic. The UAE’s exit from the FATF grey list, removal from the EU’s high-risk jurisdiction list, and AED 350 million in recent AML enforcement fines mark a decisive shift. The direction of travel is clear: enforcement is real, scrutiny is targeted, and differentiation has begun. Under Federal Decree-Law No. 10 of 2025, regulators are focused on demonstrable effectiveness rather than formal compliance. As FATF’s 2026 mutual evaluation approaches in June, institutions with mature AML capabilities, evidenced through effective transaction monitoring, timely escalation, and high-quality suspicious transaction reporting, will benefit from faster market access, improved cross border flows, stronger correspondent relationships and participation in regional and international growth opportunities. Those unable to evidence effectiveness face increased operational friction, regulatory attention, and strategic constraints. What the Fines Tell Us Recent enforcement action by the Central Bank in 2025 makes regulatory priorities unmistakable. It signals that regulators are focusing less on formal compliance frameworks and more on whether controls work in practice. Institutions with fragmented monitoring, weak escalation, or poor governance are under pressure. Those with demonstrably mature AML operations are increasingly differentiated by both regulators and counterparties. The New Rules: What Changed and Why It Matters Federal Decree-Law No. 10 of 2025, effective 14 October 2025, is not just another regulatory update. It is the enforcement mechanism behind the fines we have already seen and the framework that will determine which banks get access to the opportunities ahead. Lower Prosecution Threshold: The law no longer requires authorities to prove “actual knowledge” of criminal intent. Banks can now be held liable if they “should have known” based on circumstantial evidence. Extended Enforcement Powers: The Financial Intelligence Unit can now freeze funds for up to 30 days (up from 7) and suspend transactions for 10 working days without notice. For banks with weak screening systems or slow escalation processes, this means operational disruption. For those with automated controls and clear escalation protocols, it means being able to demonstrate rapid response capability. Personal Liability for Senior Management: Senior managers and directors can now face personal criminal liability, from fines to imprisonment, if violations occur due to breach of duty or known negligence. Corporate fines have doubled to a range of AED 5 million to AED 100 million. Expanded Scope: The law now criminalizes Proliferation Financing as a standalone offense, directly regulates Virtual Asset Service Providers (VASPs), and explicitly includes tax evasion as a predicate offense. Banks that have already integrated sanctions screening for proliferation risk and built VASP monitoring frameworks have a structural advantage. What This Means in Practice For Banks For banks, AML maturity is now directly linked to speed, access, and credibility. Banks with integrated monitoring systems, strong model governance, and clear escalation timelines will find cross-border transactions moving faster and relationships easier to maintain. Those that cannot evidence effectiveness may experience quiet friction — slower onboarding, enhanced reviews, and reduced appetite — even without formal regulatory action. In this environment, AML is no longer a defensive function. It is an enabler of market access. For Exchange Houses Exchange houses sit at the sharpest edge of enforcement risk. The scale and concentration of recent penalties indicate heightened regulatory sensitivity to cash-intensive activity, remittance corridors, and frontline control failures. For exchange houses, the issue is not just whether controls exist, but whether they scale with volume and velocity. For VASPs For VASPs, the regulatory transition is now explicit. They are expected to demonstrate the same seriousness of intent as traditional financial institutions — including transaction monitoring calibrated to blockchain risk typologies, sanctions screening, and meaningful STR engagement. FATF 2026: The Evidence Test All of this leads to a clear milestone. The FATF’s 5th Round Mutual Evaluation of the UAE is scheduled for June 2026. The methodology prioritizes effectiveness over form. Assessors will ask whether laws produce outcomes: investigations, convictions, asset recovery, and high-quality financial intelligence. Banks, exchange houses, and VASPs will collectively form the UAE’s evidence base. The Strategic Question For regulated institutions in the UAE, the strategic question has shifted. It is no longer whether an institution can pass an audit. It is whether its AML framework produces evidence that regulators can rely on and counterparties can trust. For leadership teams, now is an appropriate moment to step back and ask a simple question: If our AML framework were tested tomorrow, would it speak for itself? That reflection, more than any single regulatory deadline, is what will shape market access in the years ahead.

Financial Mecca Tightening The Screws On Anti-Money Laundering!

Posted on by Clari5

“Breaking News: Singapore to use data tracking against money-laundering”. What bearing does this headline have on a safer and more secure banking system?

The 1MDB fiasco

Let’s rewind to 2015 and 1Malaysian Development Berhad – a Malaysian fund set up in 2009 by the Prime Minister of Malaysia, with the intention of turning Kuala Lumpur into a financial hub, much like its neighbour, through strategic investments, to help boost the economy.

The Wall Street Journal broke a story in 2015 and reported a paper trail of alleged misappropriation of funds in 1MDB to the tune of US $ 700 million, traced to the PM’s personal accounts.

All hell broke loose and investigations by the US Department of Justice revealed that the quantum of laundered money is actually US $3.5 billion!

Since then, multiple foreign authorities have been involved in the investigations of this scam – something so massive that it has thrown open a Pandora’s box on the prevalent AML security systems in banks.

In May, earlier this year, Singapore, South East Asia’s leading financial centre ordered the Swiss bank BSI to shut down on charges of “suspected corruption of public foreign officials, dishonest management of public interests and money laundering”.

MAS (Monetary Authority of Singapore) and its role in banking regulations

A brief perspective on MAS and its scope of authority – www.mas.gov.sg states, “As Singapore’s central bank, the Monetary Authority of Singapore (MAS) promotes sustained, non-inflationary economic growth through appropriate monetary policy formulation and close macroeconomic surveillance of emerging trends and potential vulnerabilities.”

“It manages Singapore’s exchange rate, foreign reserves and liquidity in the banking sector. MAS is also an integrated supervisor overseeing all financial institutions in Singapore — banks, insurers, capital market intermediaries, financial advisors, and the stock exchange. “

 

“With its mandate to foster a sound and progressive financial services sector in Singapore, MAS also helps shape Singapore’s financial industry by promoting a strong corporate governance framework and close adherence to international accounting standards.”

“In addition, it spearheads retail investor education.”

“MAS ensures that Singapore’s financial industry remains vibrant, dynamic and competitive by working closely with other government agencies and financial institutions to develop and promote Singapore as a regional and international financial centre.”

“Given the nature of its position and authority, one of its functions is to “conduct integrated supervision of financial services and financial stability surveillance.”

“Moreover with Singapore being a key financial mecca in the South Asian region, it plays an active role in international fora and is a key contributor to shaping financial regulatory norms.”

In this context, given the nature of the 1MDB scandal, Singapore’s MAS has been probing different banks for any breach of security and money laundering activities while handling transactions linked to 1MDB.

To quote a report in Shanghai Daily, “The Monetary Authority of Singapore is looking at several aspects of the UBS and DBS Group Holdings’ operations including whether they were diligent enough in knowing who their customers were and what the source of their funds was, and whether they were particularly careful in screening politically-exposed persons such as government officials, banking and legal.”

The investigation by MAS could lead to hefty fines and various other penalties if the banks under question were found to be non-compliant with the very stringent anti-money laundering rules, policies and measures.

In the past, the US has imposed hefty penalties on banks found to have lapses with money-laundering activities, tax evasion and international sanctions, but Asian regulators have found to be slow to act.

Given this context, it was incumbent upon Singapore to act tough and prove that banks in the city-state are complying with anti-money-laundering rules.

Given this back story it is but natural for the central bank of Singapore to clamp down heavily on any fraudulent activity that jeopardizes the reputation of Singapore as a mecca for banking not only in Asia but globally.

“We will make more robust risk assessments of financial institutions’ business activities, client profiles, geographical connections, transaction volumes and quality of controls,” Ravi Menon, the MD of MAS said.

According to the UN Office on Drugs and Crime, the estimated amount of money siphoned off globally in one year is 2 – 5% of global GDP, or $800 billion – $2 trillion in current US dollars. Money laundering is an epidemic and must be curbed – no question about it.

Advanced tech to the rescue

With escalating frequency and complexity of financial crimes, it is imperative for banks to pay greater attention to fraud prevention not just from a regulatory compliance perspective but for better operational risk management.

They must understand that if their systems are not preemptive in nature, then ‘post-incident’ scenarios are going to be quite common.

Banks need to work in partnership with solution innovators to combat the menace.

 

Given the sophistication of large-scale economic fraud., there is a need to move away from conventional channel-centric AML approaches and consider real-time, cross-channel solutions that have the capability to analyse big data and provide real-time intelligence covering Suspicious Activity Monitoring, Customer Risk Categorization, Entity Identity Resolution/Watch List Filtering, Regulatory Reporting (CTR/STR/SAR), Case Management and Entity Link Analysis.

Banks must understand the gravity of the situation and begin evaluating solutions that can quickly enable a strong and strategic fraud prevention framework to pro-actively thwart potential threats from sophisticated money-laundering syndicates.

Sources:

Anti-Fraud and Anti-Money Laundering in Banking- The Common Denominators

Posted on by Clari5

We have been hearing from multiple banks on their plans to align the anti-fraud and anti-money laundering efforts within their organizations. Over the past few years we have seen many manifestations of sophisticated fraudsters and money launderers across the globe which is what is making the bankers re-think their strategy and execution to curb these attempts. Clearly fraud risk and money laundering risk are the key containment areas for operational risk management with in a bank and implications of these two are similar from perspectives of legal risks, reputational risks and financial losses.

The need for real-time fraud monitoring of banking transactions across the enterprise is well established and many banks are catching up to move from traditional methods to advanced real-time fraud monitoring systems. But many banks are still living with the old generation anti-money laundering systems which only can perform offline transaction monitoring by taking the transaction data from core systems offline or in batch mode.  Also, there is a lacuna with these systems from the perspective of agility and flexibility for changes required, with the changing times and the regulatory mandates.

Need for real-time transaction monitoring in AML capabilities

With the advancements in operational systems and technology for faster, rather, real-time payments & remittances and the rise of multi-channel banking, the money launderers of this age need less than an hour or few hours at the maximum to complete the three key steps of money laundering process: Placement –placing the illegal money into the system; Layering –  separating the illegal money from the source through a series of transactions and making it difficult to trace the origin; and Integration- converting the illegal money to legitimate form.  This accentuates the need for real-time monitoring capabilities for detection of suspicious transactions and effectively combating money launderers. Majority of the banks across the globe are not well-equipped with real-time suspicious transaction monitoring in their AML systems and this is one area banks need to gear up.

Here are the key aspects of alignment of anti-fraud and anti-money laundering efforts in a bank

Operational Processes and people:  Both anti-fraud and anti-money laundering departments of the bank need dedicated investigated teams who investigate each case/alert that systems generate based on the severity level and category of the alert as per the defined processes of the bank. The nature the business has become such that these investigation teams need to operate on a continuous basis and even 24/7 depending on how the fraud processes are configured.  Both these teams need similar investigation tools for completing the investigation workflows and finding the evidences in order to resolve cases. It makes sense for the banks to optimize the efforts of investigation teams by having combined AML and fraud investigation under single umbrella.

IT Platform: Real-time transaction monitoring, integrated case management and comprehensive investigation workbench are the common basic build blocks of both fraud management and anti-money laundering systems.  If the both fraud management and AML can be done using a single platform bank will have huge benefits in terms of the capital and operational expenditure leading to significant benefits total cost of ownership (TCO).

Data: Data Integration is one challenging area for banks. Both fraud management and AML systems need the integration with the same host systems (core banking system, credit cards etc. ) for the corresponding transactional data and master data. If there is a single platform, that can handle real-time integration with host systems for getting the events from the host systems and use the same both fraud management and AML purposes, this could be hugely beneficial for the bank.

With the need for sophisticated fraud detection capabilities and current state of out-dated AML system many banks have, combined Real-time Enterprise Fraud Management and AML platform is an idea whose time has come. Few banks have already begun their journey on this front and we expect more banks to join the bandwagon.

How do you envision your anti-fraud and anti-money efforts at your bank? Do let us know your views- we’d love to know.