Notifications
Clear all
Topic starter
12/06/2026 9:47 pm
TL;DR: Fraud, AML/KYC, verification technologies, and AI-related threats are positioned as a connected editorial field for compliance and security teams, reflecting how identity, trust, and fraud controls now overlap across regulated and non-regulated sectors, according to SumSub. The practical implication is that IAM, fraud, and compliance programmes can no longer be managed as separate conversations.
NHIMG editorial — based on content published by SumSub: The Sumsuber overview of fraud, verification, and AI-related threat coverage
By the numbers:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected.
Questions worth separating out
Q: How should organisations connect fraud detection with identity governance?
A: They should treat fraud signals as governance inputs, not separate alerts.
Q: Why do AI-related fraud threats matter to IAM teams?
A: AI-related abuse matters because it increases the speed and quality of deceptive interactions that target identity controls.
Q: What do security teams get wrong about verification and trust?
A: They often assume verification is a one-time hurdle instead of an ongoing property of the identity.
Practitioner guidance
- Map identity assurance to fraud decision points Identify where onboarding, recovery, step-up verification, and session monitoring each feed access or transaction decisions.
- Extend verification beyond enrolment Review whether trust checks stop at account creation.
- Align compliance telemetry with identity operations Make sure suspicious patterns from AML, KYC, and fraud tooling can be acted on by IAM and support teams without manual handoffs that delay containment.
What's in the full article
SumSub's full article covers the editorial detail this post intentionally leaves for the source:
- How The Sumsuber structures coverage across AML/KYC, verification, fraud trends, and AI-related threats.
- The platform's editorial sections and content formats for practitioners who want broader compliance context.
- Examples of the topics it says it covers in News, Spotlight, Knowledge Hub, podcast, and video formats.
- How SumSub positions its internal experts and editorial review process around fraud and verification content.
👉 Read SumSub's overview of fraud, verification, and AI-related threat coverage →
Fraud, compliance, and identity risk: what should teams watch?
Explore further
13/06/2026 12:06 am
Fraud, verification, and identity governance are now the same operating problem. SumSub’s editorial framing is useful because it reflects how abuse patterns move across AML/KYC, authentication, and digital trust decisions. A compliance team that treats fraud as separate from identity risk will miss the point where access, verification, and transaction abuse intersect. The practitioner conclusion is that governance must span identity assurance and fraud controls together.
A few things that frame the scale:
- Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks, according to The 2024 ESG Report: Managing Non-Human Identities.
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected.
A question worth separating out:
Q: Who should own fraud-related identity risk decisions?
A: Ownership should be shared across IAM, fraud, compliance, and operations, with clear escalation rules. No single team sees the full picture, because identity assurance failures and abuse patterns emerge across onboarding, access, and transaction workflows. Joint ownership reduces blind spots and avoids delayed containment.
👉 Read our full editorial: Why fraud media is widening the scope of identity risk analysis
