Follow Us on Google
By Rita Okoye
Oluwatosin Lawal has been at the forefront of financial crime risk management. His career spans data science, consulting, internal audit, and advanced analytics roles in global financial institutions, where he has led anti-money laundering (AML) compliance reviews, designed monitoring frameworks, and helped institutions adapt to emerging threats.
With a strong background in statistical modeling and machine learning, he bridges the gap between traditional compliance methods and modern AI-driven approaches. In this conversation, he discusses how the breakneck pace of artificial intelligence development presents both opportunities and grave risks in the fight against fraud and money laundering.
You’ve spent many years working in fraud and AML risk management. With AI moving so fast, why are you concerned?
Response: My concern stems from seeing how quickly criminals adopt new technologies. Fraud and money laundering schemes thrive on innovation. Whenever a new capability enters the market, bad actors are often among the first to test it. With AI, the speed of advancement is unprecedented. Generative AI, for example, can create highly realistic identities, voice clones, and documents at scale. These are not just incremental improvements for criminals; they are transformational. This means the threat surface for banks is expanding at a pace that traditional controls simply cannot match.
We know from FBI reports that business email compromise scams cost U.S. companies over $2.7 billion in 2022 alone. Now, AI tools make those scams even more convincing. A deepfake voice or video can impersonate a company executive authorizing a wire transfer. A synthetic identity created with AI can open a U.S. bank account online and look completely legitimate. What used to take a criminal group weeks to organize can now be done with a laptop and publicly available AI software. A fraud ring no longer needs dozens of people to execute complex schemes; a single person with AI tools can simulate the work of many. That speed and accessibility is what makes the U.S. particularly vulnerable. For someone who has watched fraud evolve over many years, the trajectory of AI-driven crime is deeply concerning.
How exactly can AI make fraud more difficult to detect?
Response: AI undermines detection in several ways. First, it creates synthetic identities that are nearly indistinguishable from real ones. Identity fraud is one of the fastest-growing problems in America. According to the Federal Trade Commission (FTC), identity theft cases surged during the pandemic as more services moved online. Now, with AI, fraudsters can create fake driver’s licenses or Social Security cards that pass digital onboarding checks at U.S. banks.
Also, AI enables fraudsters to generate transaction activity that looks natural. Traditional monitoring tools rely on thresholds or deviations from expected behavior. But an AI system can simulate typical customer behavior, spending on groceries, small transfers, bill payments, while gradually layering in fraudulent transactions. That makes it extremely difficult to distinguish fraud from legitimate activity.
We’ve also seen U.S. consumers targeted by AI-driven scams like deepfake “grandparent scams,” where an AI-generated voice mimics a loved one asking for emergency funds. For banks, this creates a monitoring challenge. Traditional fraud tools look for red flags like large, unusual transactions. But if AI makes the fraud look routine, for example, spreading transactions across multiple accounts or imitating normal spending patterns, the alerts may never trigger. That means Americans are exposed to fraud that slips through systems designed for an older threat landscape.
The combination of realism, camouflage, and automation makes AI-driven fraud far harder to spot.
And what about money laundering? How does AI change the game there?
Response: Money laundering depends on hiding illicit funds within legitimate flows. AI makes that easier in multiple ways.
It helps criminals model transactions in a way that avoids detection thresholds. In the U.S., the Bank Secrecy Act requires banks to report suspicious activity through SARs. But criminals can now use AI to model transaction structures that avoid hitting those thresholds. For example, they might break down $10,000 deposits into multiple smaller amounts across different accounts and automate the process, so it looks like normal customer behavior.
The U.S. is also a hub for digital payments and crypto trading. FinCEN has already issued advisories about criminals exploiting virtual assets to move money. When AI is added to the mix, criminals can automate the layering process, moving funds through multiple wallets, exchanges, and payment platforms at a speed humans can’t trace in real time. That’s a national security risk, because these methods can be used not just by domestic criminals but by foreign adversaries trying to move illicit funds through U.S. institutions. A very good example is the Chinese Money Laundering Network who according to FinCEN are associated with suspicious transactions totaling $312 billion.
The sophistication associated with how funds are laundered is at an advanced level. While regulators and banks are tightening controls on traditional methods, criminals are leapfrogging them with AI-enhanced schemes.
That sounds like a serious challenge for compliance teams. Are current AML programs equipped for this?
In most cases, no. Many AML programs are still anchored in rule-based systems. Not yet. A lot of financial institutions still rely heavily on rule-based monitoring systems that were built years ago. These systems are very good at generating alerts but not very good at filtering out noise. The result is tens of thousands of alerts that compliance teams must manually review, with most of them turning out to be false positives. At the same time, AI-driven laundering schemes can fly under the radar because they don’t match the rules the system was built on.
One case that illustrates this was reported by the European Banking Authority, where banks failed to detect structured transactions tied to organized crime groups because the laundering activity was disguised within “normal” commercial flows. AI can replicate this deception at scale, making static monitoring even less effective.
The answer is adaptive monitoring. Financial institutions must adopt models that learn from new behaviors and detect subtle anomalies. For example, AI-powered anomaly detection systems in some U.S. banks have already reduced false positives by up to 30 – 40 percent while uncovering hidden networks of suspicious behavior. But it is not just about technology. Compliance professionals need new skills like data science, AI governance, and forensic analytics to interpret and challenge these models. Without this evolution, AML programs risk falling dangerously behind. This is a field I am heavily invested in, it is absolutely necessary to respond to this shift to ensure that our fraud and AML monitoring systems are robust enough to respond to this 21st century threat.
How are regulators responding to this?
Regulators are aware of the risks and are starting to act. In the U.S., FinCEN continues to emphasize that under the Bank Secrecy Act, institutions remain responsible for detecting and reporting suspicious activity regardless of technological changes. The Office of the Comptroller of the Currency (OCC) and Federal Reserve have also started issuing guidance on model risk management, emphasizing that banks must be able to explain how AI models work and how decisions are made. In Europe, the European Banking Authority has explicitly warned about AI-generated fraud documents being used in remote onboarding. And globally, FATF has stressed that the rise of AI, crypto, and DeFi demands stronger monitoring and governance.
We’re also seeing specific warnings tied to fraud. The FBI, for example, issued alerts about AI being used in deepfake scams and synthetic identity fraud. Regulators are essentially telling U.S. banks: innovation is fine, but transparency, governance, and accountability must come first.
The common theme is accountability. 0052egulators are saying: if you use AI, you must understand how it works, ensure transparency, and maintain human oversight. If a bank clears a transaction based on an AI decision, it must be able to explain that decision to regulators. The risk is not only missing financial crime, but also failing regulatory expectations if AI is treated as a “black box.”
So what can banks and financial institutions do right now to get ahead of the threat?
There are practical steps. First, deploy AI defensively. Machine learning models that analyze customer behavior and detect anomalies are far more effective than rule-based systems. For example, banks piloting AI for payment monitoring have been able to detect mule accounts linked to global fraud rings far earlier than before.
Second, strengthen identity verification. Social Security numbers alone are no longer enough. Institutions in the U.S. are increasingly adopting biometric verification, two-factor authentication and forensic document analysis to counter AI-generated fakes.
Third, perform regular penetration testing of AML systems, including red-teaming exercises that simulate AI-enabled attacks.
Fourth, collaborate. Fraud and laundering tactics evolve quickly, so information sharing among banks, regulators, and technology firms at this time is critical.
And finally, build governance frameworks. Every U.S. institution should have policies for ethical AI use, explainability, and human oversight. AI can be a shield, but only if we control it responsibly.
What happens if institutions fail to act quickly enough?
The risks are systemic. The consequences would be felt by everyday Americans as much as by Wall Street. On the consumer side, we’d see more people falling victim to scams, an increase in elder financial exploitation where grandparents are tricked into wiring money, small businesses hit by fake invoice schemes, families losing savings to synthetic identity fraud. On the institutional side, banks would face massive fraud losses, regulatory fines, and reputational damage.
But beyond that, there’s a national security angle. If AI allows foreign adversaries, drug cartels, or terrorist organizations to launder funds through U.S. institutions undetected, the risks extend far beyond finance. The bottom line is that the financial sector cannot afford to treat AI as just another incremental change. This is a paradigm shift. Criminals are innovating at lightning speed, and unless institutions innovate faster, the risks will outpace our defenses.
The integrity of the U.S. financial system is one of the country’s greatest strengths. If AI-enabled crime erodes that trust, the impact will ripple across the economy and even into national defense. That’s why this is not just a banking issue, it’s a matter of protecting the American people.
