The financial industry is suffering from increased fraud across banks and credit unions. With the help of AI, fraudsters are becoming more sophisticated and harder to expose through outdated manual checks. While KYC and AML regulations mandate certain customer verification standards, not all solutions offer the same level of protection. From in-branch impersonation to fraudulent online loan applications, threats now span every channel. Deep, layered identity verification is needed to prevent fraud and stop financial losses.
Using data from customer surveys, scan data across our platforms, and anonymous testimony, this report reveals the scope of fraud and breaks down how fraudsters are targeting financial institutions.
For banks and credit unions, preventing fraud at the point of transaction is more critical than ever. Implementing robust ID verification enables banks to prevent fraudulent activity before it results in financial losses. Proactive identity verification not only helps detect criminals attempting account takeovers, check fraud, or member impersonation, but also deters them from targeting the institution in the first place.
About this report
IDScan.net’s 2026 financial services fraud report compiles data from a recent survey we conducted across our database, scan data from banks and credit unions across our DIVE and VeriScan solutions, anonymous testimony from banks and credit unions, and data from trusted reporting sources.
Our analysis draws on data from banks and credit unions across a range of asset sizes, customer demographics, and service channels. By incorporating insights from diverse sources, this report underscores that fraud is pervasive and that addressing it requires a comprehensive solution.
Overall fraud exposure
Every single bank or credit union that we surveyed reported fraud concerns of some kind, with most surveyed institutions reporting a fraud experience in the last twelve months. This highlights that no institution is immune to fraud attempts, no matter the size or location.
Channel-based fraud exposure
Most of the banks and credit unions surveyed reported in-branch fraud concerns aligned with fraudsters presenting fake identification or documents in an attempt to steal funds from the institution. A third of surveyed banks and credit unions also reported concerns of online fraud, which includes digital account opening, digital account takeover, or new loan applications.
Fraud concerns by category
While check fraud continues to be the biggest concern of financial institutions, identity fraud is the second leading stressor. As AI-driven tools make it easier than ever for bad actors to create and present highly convincing fake or manipulated credentials, the threat landscape is rapidly evolving. This shift is forcing banks and credit unions to move beyond traditional verification methods and adopt more advanced, AI-powered ID authentication solutions that can detect subtle signs of tampering that are often undetectable with manual checks.
Surveyed bank and credit union by asset size
Of the banks and credit unions surveyed, over 40% had an asset size between $1 billion – $10 billion, with the other being an even mix of low, medium and high asset size. This distribution suggests that fraud is not concentrated within any single tier of institution, but instead impacts organizations across the entire asset spectrum. It also indicates that mid-sized institutions may be especially representative of the broader fraud challenges facing the industry today.
Key takeaways from this report:
- In-branch fraud is still a huge threat and is largely ignored
- Behind check fraud, identity impersonation is the second largest concern for FIs
- The cost of fraud goes beyond initial losses
- Prevention is non-negotiable. Companies using comprehensive ID verification systems successfully stopped tens of thousands of fraudulent attempts in 2025, preventing millions in potential losses.
Fraud is happening everywhere
Bank fraud is no longer confined to specific regions or isolated incidents; it is a widespread, global issue affecting financial institutions of every size. Across the United States, fraud is occurring in urban, suburban, and rural areas alike, with no single geographic hotspot standing out. Instead, the rise of digital tools, sophisticated fake IDs, and organized fraud networks has made it possible for criminals to operate anywhere, targeting banks and credit unions indiscriminately.
2026 banking fraud in the news
- A Colorado man claims a woman used a fake ID with his wife’s personal information to try to withdraw $28,000 from their bank, a tactic that helped expose a broader fraud scheme in which she allegedly stole nearly $200,000 from multiple victims at different banks. This is a common member impersonation tactic where criminals use real information on fake IDs to try to access accounts.
- A California man was sentenced to 37 months in federal prison and three years of supervised release for his role in a multi‑state identity theft and bank fraud ring that operated in Arizona, Colorado, and California. The scheme involved using stolen personal identifying information and fake IDs to open fraudulent accounts tied to real victims’ bank accounts, then transferring funds into those accounts and withdrawing the proceeds in cash at banks and casinos.
- A 46‑year‑old Hudson County woman has been indicted for allegedly using fake identities to access bank accounts and steal more than $86,000 from multiple victims in New Jersey. Prosecutors say she used fraudulent identification to obtain debit cards tied to six different victims’ accounts between May and June 2024 and then withdrew cash both in person at bank branches and at ATMs.
Digital banking fraud
Digital banking fraud encompasses a range of tactics used to exploit online and mobile financial services, with common examples including account takeovers through stolen or compromised credentials and the use of synthetic or stolen identities to open new accounts. As digital channels continue to expand, these attacks are becoming more sophisticated, making layered security and identity verification critical to protecting both institutions and their customers.
We looked at 10,898 January 2026 scans from banks and CUs using our Digital Identity Verification Engine, primarily used as a solution to combat digital banking fraud, and made these observations:
Out of the total scans, 15.81% of identity verifications were flagged for some reason.
Let’s break down the type of flags commonly seen in digital identity verification:
Document Confidence relates to whether or not DIVE thinks the document being presented is real or has been tampered with, based on a variety of checks the software performs. If the Document Confidence is below 70, DIVE is suggesting the ID is fake or has been tampered with.
Face Anti-Spoofing relates to whether DIVE thinks the person presenting the ID is using a method of passing for the person on the ID. This involves a variety of methods, including using a mask, photo, or altering the image. If the Face Anti-Spoofing score is below 70, DIVE suggests that the person presenting the ID is not the person on the ID.
Face Confidence relates to whether DIVE thinks the person presenting the ID exactly matches the person on the ID, rather than closely resembling the person on the ID, such as being a family member. If the Face Confidence score is below 70, DIVE suggests that the person presenting the ID is presenting a stolen document.
Here is the breakdown of the 10,898 scans from January:
- 2.4% of scans failed Anti-Spoofing, or showed signs of deepfake tampering
- 3.1% of scans failed Face Confidence, or showed signs of a stolen document
- 10.3% of scans failed Document Confidence, or showed signs of a fake ID
DIVE flagged scans breakdown
In-branch fraud
In-branch fraud presents a heightened risk, largely because these environments are often less protected than digital channels. While most digital onboarding workflows already incorporate identity verification, in-branch operations have been slower to adopt new technologies due to the costs and time associated with hardware implementation and staff training. As fraud continues to rise and become increasingly difficult to avoid, banks and credit unions will ultimately need to implement robust ID verification solutions across the entire member experience, not just online.
Looking at data from just over 40,000 scans from December 2024-present from banks using VeriScan, the following observations can be made.
.47% of scans failed authentication, which means a significant number of suspicious, possibly fraudulent, transactions took place over the course of about 1.5 years.
If an ID fails authentication, that means that the document did not pass one or more authentication tests. These tests include UV, IR, and white light tests, barcode security checks, format checks, jurisdictional checks, watermark checks, and hologram checks. Authentication also checks for voids, expiration, and signs of tampering. If a document fails authentication, it is more than likely that there is suspicious activity happening, and further investigation is needed.
With each fraud instance averaging $5000, that’s almost $1 million in fraud losses that were potentially prevented.
After implementing ID authentication, these institutions saw a significant drop in attempted fraud.
In addition to the scan data presented, we’ve heard concerning firsthand accounts from banks and credit unions that highlight just how common and costly in-branch fraud attempts have become. One small bank in Texas shared, “A person walked in trying to cash a check from an external source, and when we scanned their ID, it was fake. We declined the check and contacted the issuing institution, which confirmed the fraud. If we hadn’t caught it, we would have faced a $7,000 loss.”
Before implementing ID verification, a federal credit union in Washington D.C. claimed, “We just got stung with member impersonation. A fraudster was able to withdraw $3,000 using a fake ID.”
Similarly, a credit union in Pennsylvania reported, “Before we implemented ID verification, someone used a fake ID to open a new account and cashed a check for $46,000.” While the average fraud loss is estimated to be around $5,000, these examples demonstrate how quickly losses can escalate and how frequently higher-value incidents occur. In fact, according to a recent report by LexisNexis, the true cost of fraud is approximately 5.75 times greater when factoring in recovery efforts, operational strain, and reputational damage. When viewed holistically, fraud losses represent far more than a single transaction; they pose a significant and ongoing risk that institutions cannot afford to ignore.
Additional costs to fraud losses:
- Labor and investigation costs: These expenses grow as staff must spend increased time manually reviewing suspicious activity, conducting investigations, and managing fraud cases.
- Applications, underwriting, and processing stages costs: Fraudulent applications force institutions to invest additional resources into verification, reprocessing, and tightening controls, slowing operations and increasing per-application costs.
- Legal fees: Banks may incur significant legal expenses from pursuing fraudsters, responding to regulatory scrutiny, or handling disputes and liability claims from affected customers.
- External recovery expenses: Recovering lost funds often requires third-party agencies, collection services, or forensic specialists, all of which add incremental costs with no guarantee of full recovery.
- Damage to reputation that affects future business: Fraud incidents can erode customer trust, leading to lost accounts, reduced customer lifetime value, and increased marketing spend to rebuild credibility.
ID fraud prevention solutions
IDScan.net offers a comprehensive suite of solutions designed to combat fraud in the financial industry. Beyond our core products, we integrate seamlessly with the banking platforms that tellers and staff already use every day, making it easy to incorporate ID verification into existing workflows without disruption. Our integration partners include Jack Henry, MeridianLink, Digital Check, and ARGO, among others, helping institutions enhance security while maintaining operational efficiency.
ParseLink is a powerful authentication and data automation software that is integrated with existing check scanners and requires minimal training for teller lane staff to eliminate data entry errors and to stop fraud at the teller lane. ParseLink is perfect for high-volume teller environments where efficiency and speed at the teller lane are critical.
VeriScan is a comprehensive in-branch ID authentication solution that verifies IDs in real time at the teller lane and is perfect for detecting fake or tampered IDs and stopping fraud at the teller lane. VeriScan is ideal for smaller banks or CUs that want detailed reporting on their customer base and insights into their demographics.
DIVE (Digital Identity Verification Engine) focuses on remote and digital ID verification. It allows financial institutions to verify customers’ identities online or via mobile apps, using AI to detect fake IDs, liveness checks, and document authenticity. DIVE is great for online banking and to stop fraud in remote onboarding or loan origination environments.
Fraud trend predictions
Fraud rates show no signs of slowing. Criminal networks are constantly evolving, and with the rise of AI-generated fake IDs, traditional detection methods are no longer enough. The most effective way to stop fraudsters is to verify every ID tied to the member experience.
Fraud rates will continue to climb
Until it becomes standard practice to authenticate every ID associated with a member transaction, fraudsters will persist. From impersonation and account takeovers to using fake IDs to cash legitimate checks, the attempts won’t stop unless institutions make it clear that fraud will not succeed.
Criminals with take advantage of improving AI
As AI becomes more advanced and more difficult to detect, criminals will continue to exploit it to outmaneuver outdated systems. The only way to keep pace is to fight AI with AI, leveraging intelligent, adaptive verification tools that evolve alongside emerging threats.
Fraud will become more omnichannel and coordinated
Bad actors are no longer targeting a single point of entry. Instead, they are orchestrating attacks across in-branch, online, and mobile channels, testing for weaknesses and exploiting gaps between systems. Financial institutions will need unified, cross-channel identity verification strategies to close these gaps and stay ahead.
