NEW YORK--Financial institutions are confronting a fast-moving trust crisis driven by artificial intelligence, deepfakes, and digitally networked criminal groups—forces that are rapidly outpacing traditional compliance defenses, according to the Association of Certified Anti-Money Laundering Specialists’ Global AFC Threats Report 2026, as reported by Bank Info Security.
The report, based on a survey of 1,400 anti-financial-crime professionals worldwide—most of them in banking—warns that the convergence of generative AI, geopolitical fragmentation, and more sophisticated criminal networks is creating what Bank Info Security describes as a “perfect storm” for compliance teams. For the third year in a row, respondents ranked the malicious use of AI as the greatest threat, with 75% saying it poses a high or very high risk. Investigators now face “fraud as a service” platforms that allow even low-skill criminals to run convincing scams at scale.
For financial institutions, the practical impact is a sharp shift in priorities. Bank Info Security reports that 84% of compliance professionals now say their primary focus is protecting individuals from scams and fraud, rather than only monitoring institutional risk. AI-driven identity fraud—powered by deepfakes, synthetic documents, and even holograms—was ranked the second-biggest threat, eroding confidence in traditional verification tools like biometrics and paperwork.
As ACAMS executive vice president Justine Walker told Bank Info Security, “The deepfake scenario now is just making it so, so complex,” and routine document checks are “essentially useless.”
Banks and credit unions are responding by testing behavioral analytics, device intelligence, contextual data, and layered authentication. More than half of institutions are already piloting AI tools, Bank Info Security reported—but many are struggling because of fragmented data, outdated core systems, and siloed platforms. Walker noted that “over half of people are saying that outdated data and legacy IT systems are high or very high risk to the AFC programs,” underscoring a core challenge for CIOs: AI only works as well as the data behind it.
The regulatory environment is adding to the strain. Bank Info Security notes that 72% of respondents expect major changes to AI rules in the next year, and 70% expect shifts in crypto regulation—yet there is no globally coordinated framework. At the same time, criminal networks are modernizing old systems like hawala into encrypted, crypto-enabled “digital veins,” often operating from weaker jurisdictions.
For financial institutions, the takeaway is clear: technology alone is not enough. As Walker told Bank Info Security, “It’s not so much the technology, it’s actually having the right data,” and building resilient, integrated, intelligence-driven systems may be the defining capability for banks and credit unions in the AI era.