Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more

Fraud and Financial Crime: 2023 Regulatory Challenges

Explore challenges, regulatory pressures and actions to take.

The disruptions that affected all industries in 2020 will forever reshape the financial services industry. With such changes come regulatory and public policy challenges and concerns, which in 2021 will begin to inform the future, altering our view of the course to take. 

Here, from the KPMG report Ten key regulatory challenges of 2021, we share insights related to fraud and financial crimes.



Financial institutions face challenges to enhance financial crimes prevention and detection capabilities while meeting their obligations to provide information to key regulators. Regulatory comments ask for better quality suspicious activity reporting versus a sheer volume of filings. In this environment, many firms struggle to augment legacy monitoring systems with artificial intelligence and other advanced detective approaches due to long implementation timelines.

Fraud concerns shifted due to COVID-19, and the operational flexibility to adjust detective and reporting processes to address emerging areas has required many institutions to shift more resources into fraud and financial crimes. PPP, unemployment, healthcare scams and other COVID-19-related schemes have emerged as key risk drivers, but significant uncertainty about the responsibilities of financial services companies remains.

While the respective regulatory pressures continue to mount, the mandate to meet those needs at a lower cost and with fewer resources is ever present—and growing with the emergence of FinTech competition with lower-cost business models.


Regulatory pressures

Alignment of risk with capabilities. Regulatory expectations continue to increase to match program design to real world risks presented by customers, products, and geographies. Consistent with the pressure for increased quality in reporting, regulators are demanding evidence of how KYC programs influence detective capabilities and risk assessments, and vice versa.

Deployment of advanced technology. Financial services companies continue to experiment with different levels of automation and artificial intelligence but legacy data and systems problems result in long and rigid implementation timelines. Many firms struggle to move these capabilities out of the lab and into production due to data, governance, validation, and reporting issues. Moreover, accelerated rollout of contemplated central bank digital currencies will require redesign of existing technology capabilities and operational processes.

Continued emphasis on sanctions. Economic sanctions continues to be a significant area of focus as the volume and complexity of sanctions programs grow globally. Many firms struggle to align sanctions detective and alert management capabilities to the need for faster or instantaneous payments and digital currencies. Legacy technology solutions result in high volumes of false positives and require significant manual intervention, thereby impacting processing times.

Exposure to COVID-19-related fraudsThe regulatory expectations have increased for firms to detect and report suspicious activity related to COVID-19 relief program frauds and other emerging threats. Potential fraud and financial crime profiles have shifted due to COVID-19 with significant increase in medical scams, imposter scams, money mules, unemployment insurance, and cybercrime. Losses from these frauds are not strictly financial, with reputational damage and customer friction as significant concerns. Ongoing and after-the-fact reviews of COVID-19 relief programs for fraud are a significant, and emerging concern, especially in light of the sheer volume of the relief measures, and the speed at which they were necessarily rolled out.

Enterprise wide focus on fraud and financial crime. Regulators expect firms to measure and respond to fraud and financial crimes risks across business lines in a consistent and cohesive manner. Firms are challenged to work across functional silos in cyber and IT security, product-focused fraud, financial crimes teams, enterprise AML leadership, and regulatory reporting. Many firms may have to re-design their operational and reporting structures in areas that were traditionally separate functions.

Response to Cybercrime and Ransomware. Account take over, ID theft, bot attacks, and synthetic ID fraud continue to be major fraud risks arising from cybercrime and gaps in cybersecurity programs. Additionally, recent regulatory guidance, including red flag indicators, raised expectations that firms will file suspicious activity reports for cybercrime and ransomware payments using cryptoassets which may flow through the firm’s custodial or account operations.

Adapting to Cryptoassets. Competitive pressure from emerging FinTech companies and non-bank custodians is increasing the pressure for regulated firms to allow customers to hold cryptoassets in accounts. New charters for digital assets have been proposed at both the federal and state levels. However, most firms are not yet prepared to make the necessary changes to their financial crimes programs and technology in order to monitor and respond to the new fraud and financial crime risks presented by cryptoassets, both private (e.g., Bitcoin) and emerging government issued fiat digital currencies. At the same time, the emerging FinTech firms have been building more sophisticated compliance programs, including increasingly robust financial crimes compliance functions. DOJ recently released a report evaluating emerging threats posed by cryptoassets and the legal and regulatory tools available in the U.S. to confront those threats.


9 actions to take

  1. Align preventive, detective, and reactive capabilities with the risk profile of the company and its customers.
  2. Develop cohesive connections between fraud, cybersecurity, and financial crimes teams within all three lines of defense on a global scale.
  3. Design and build target operating models and responsibilities linking first and second line operations to remove internal friction and duplication of effort.
  4. Operationalize fraud processes and technology through integration of advanced technology tools, including enhanced analytics capabilities.
  5. Respond to rapid changes in threats with automation and new capabilities; integrate ethics and compliance efforts for scalability and continued sustainability.
  6. Develop financial crimes capabilities that are effective and suspicious activity reporting that provides adequate and meaningful information.
  7. Improve communication and collaboration across functional groups responsible for preventing, detecting, investigating and reporting potential fraud.
  8. Aggregate risks and losses across all business lines and develop appropriate metrics to monitor changes. 
  9. Develop effective strategies for increased adoption of cryptoassets and the novel compliances challenges presented by existing and planned crypto and digital assets, particularly those with anonymous capabilities.

Dive into our thinking :

Ten Key Regulatory Challenges of 2021

Download PDF

Explore More

Meet our team

Image of Amy S. Matsuo
Amy S. Matsuo
Principal, U.S. Regulatory Insights & Compliance Transformation Lead, KPMG LLP
Image of John Caruso
John Caruso
Principal, Forensic, KPMG US

Explore other services tailored to your business

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Office locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.