Notifications
Clear all
Topic starter
10/06/2026 10:42 pm
TL;DR: KYC is moving beyond one-time onboarding as AI-generated fraud, deepfakes, synthetic identities, reusable identity ecosystems, and adaptive risk scoring reshape trust decisions, according to SumSub. Static checks alone no longer match the pace or persistence of modern fraud, so verification now needs lifecycle-aware monitoring and stronger behavioural and device signals.
NHIMG editorial — based on content published by SumSub: Innovation in KYC: 2026
Questions worth separating out
Q: How should organisations move from static KYC checks to continuous verification?
A: Organisations should treat onboarding as one control point in a longer assurance process.
Q: Why do deepfakes and synthetic identities break traditional verification models?
A: Because traditional verification assumes identity evidence is stable, human-generated, and hard to reuse at scale.
Q: When should teams require re-verification instead of trusting an existing identity record?
A: Teams should re-verify when the risk profile changes materially, such as new devices, unusual geographies, suspicious behaviour, or evidence that the identity may be part of a reusable fraud pattern.
Practitioner guidance
- Add post-onboarding trust monitoring Treat initial verification as the starting point.
- Map reusable identity trust chains Document where reusable KYC signals originate, how often they are revalidated, and which services inherit them.
- Blend fraud and IAM decisioning Bring fraud signals into access and account governance so verification outcomes do not live in a separate silo.
What's in the full article
SumSub's full report covers the operational detail this post intentionally leaves for the source:
- Innovation spotlights on adaptive deepfake detection and reusable KYC workflows for practitioners moving past static onboarding.
- Practical maturity assessment guidance for measuring how well your current verification strategy handles modern fraud patterns.
- Examples of AI-assisted orchestration that show how verification teams can scale decisions without relying only on manual review.
- Industry examples and expert commentary that expand the implementation choices behind behavioural and network-level defence.
👉 Read SumSub's innovation guide on KYC, fraud prevention, and adaptive verification →
KYC verification beyond onboarding: what IAM teams need now?
Explore further
11/06/2026 2:51 am
Static onboarding KYC is a broken premise, not just an outdated control. The article reflects a market shift from point-in-time verification to lifecycle trust, which is the right direction for fraud conditions that evolve after account creation. The old model assumed identity evidence could be established once and trusted for a long period. Practitioners should read this as a signal that verification governance now has to follow the identity, not just the signup.
A few things that frame the scale:
- 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures, according to Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which helps explain why lifecycle trust problems persist across identity programmes.
A question worth separating out:
Q: How do behavioural and device signals improve KYC decisions?
A: They add context that documents alone cannot provide. Behavioural and device signals help show whether the same identity is being used in a normal way, by the expected person, from a familiar environment. That makes it harder for bot-assisted fraud, account takeover, and synthetic identities to blend into routine traffic.
👉 Read our full editorial: KYC verification is shifting toward continuous fraud detection
