Connect with us

Technology

The state of Artificial Intelligence in 2024

By Maxime Vermeir, Senior Director of AI Strategy, ABBYY

This year, we saw innovation teams experimenting with a variety of automation tools powered by artificial intelligence (AI). As enterprises navigate the potential for business value through large language models (LLMs) like generative AI, adoption of AI continues to grow increasingly widespread. According to recent research, the large majority (89%) of IT executives say that they have AI strategies in place, with 37% having a roadmap spanning three to five years.

Organisations were surrounded with AI hype in 2023 but have since had time to cut through the noise and determine the best business use cases for using it in their operations. This resulted in a realisation that despite their profound potential to generate value, the most powerful general-purpose AI tools can be unscalable, costly, and resource-consumptive, rendering them unsuitable for many enterprise automation goals. However, enterprises that don’t find a way to apply specialised AI solutions to business goals will find themselves falling behind their competitors.

In 2024, there is a need for purpose-built AI that will solve specific pain points effectively, efficiently, and in a scalable and resource-conscious way.
Key challenges and focuses for businesses in 2024 will be strategically integrating AI into organisations, measuring the success of AI implementation, and managing the ethical and legal risks of AI while staying ahead of the innovation curve.

AI strategies

In order to harness the power of AI, businesses need to anchor their AI strategies around clear, purpose-driven goals that align with business outcomes. These are three steps businesses should follow to establish effective AI strategies:

  1. Identify Clear Objectives:
    • What business objectives do you want to achieve with AI? Whether it’s improving operational efficiency, enhancing customer experience, or driving innovation, it is crucial to clearly define your goals and the metrics by which you’ll measure success.
  2. Choose Specialised AI Solutions:
    • The versatility of generalised AI can seem appealing, but opting for specialised, contextual AI solutions tailored to specific business challenges are more likely to deliver accurate and actionable insights with less cost and risk.
  3. Invest in Quality Data:
    • Relevant, high-quality data is necessary for successful AI implementations. Ensure your data is clean, organised, and accurate to real-world scenarios your AI solutions will encounter.

Measuring success of AI projects

From ABBYY’s perspective, the crux of measuring success of AI initiatives lies in the tangible impact they have on business processes, rather than just the technical metrics. Metrics like F-scores can provide useful insights into the performance of AI models, but they don’t necessarily translate to how effective they are in the real-world. Success metrics should always go back to how AI can enhance business operations.

The three main metrics we prioritise are those that reflect direct business value. These include:

  • Straight-Through Processing Rate (STPR): An increase in STPR means that more transactions or processes are being completed without manual intervention thanks to AI
  • Time Saved: Efficiency gains can be estimated by measuring the time saved by implementing AI solutions
  • Return on Investment (ROI): This captures the financial value from AI initiatives and demonstrates the cost-effectiveness and value add to the business. In 2023, an average of 57% respondents anticipated seeing at least twice the cost of investment ROI, while only 43% delivered this increase.

By focussing on these metrics, businesses can ensure their AI initiatives are delivering real value, driving process efficiency, and contributing to the bottom line. This approach can help businesses achieve meaningful enhancements in how they operate and deliver value.

Addressing the environmental impact of AI

Businesses will continue to grapple with the trade-off between generative AI capabilities and their ecological impact, such as immersive search capabilities that consume large amounts of energy. Using generative AI today to search and summarise data consumes 10 times the energy of a normal search, which is unsustainable in the global effort to reach an average planetary temperature of 1.5 degrees by 2025. There are alternative AI models that use robust machine learning and natural language processing with business rules for highly specified purposes; for example, in transportation and logistics, extracting data from the 44M bills of lading issued every year and processed by at least 9 stakeholders at 12 touchpoints with a highly accurate AI-model, trained on thousands of bills of lading.

The growing influence of regulation

As AI technologies continue to permeate various sectors, regulatory bodies will likely ramp up scrutiny to ensure ethical use and data privacy. This will also include measures to ensure that claims made by AI vendors are accurate and verifiable. These frameworks and regulations will sensitise users to the potential risks that shadow the possibilities and will bring business users back to the reality of integration challenges.

With more demand for transparency among businesses and regulators in AI decision-making, advancements in Explainable AI (XAI) will gain momentum, as it helps to demystify complex AI models and foster trust among users and stakeholders.

Embracing a human approach to AI

C-suite leaders have already begun to discover the hidden costs and ecological impact of generative AI, lifting the veil of hype to reveal practical challenges of integrating AI applications into their organisation’s infrastructure. Still, artificial intelligence has proven itself as a transformative tool that will be instrumental in modernising businesses and driving operational excellence.

In order to overcome these challenges, business leaders need to embrace a more human understanding of their data and processes. This involves bridging the gaps in understanding between AI teams and the business side of the organisations they serve. By fostering collaboration between AI specialists and professionals with actionable, hands-on business knowledge, enterprises can ensure that AI is driving operational excellence in the right areas and yielding truly actionable insight. Businesses need to carry this approach through impact assessments, strategising, implementation, and measuring success.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

PSD3 and the Real-Time Fraud Imperative: What the Regulation Actually Demands of Financial Infrastructure 

Baiba Miezere, Group Product Development Director at Eastnets 

The payments industry has spent years treating fraud prevention as a detection problem. PSD3 reframes it as an infrastructure problem, and that distinction matters enormously for how institutions should now be thinking about their technology stack. 

The Regulatory Signal Worth Reading Carefully 

PSD3 is frequently discussed in terms of its compliance burden: stronger authentication, expanded liability, tighter rules around authorised push payment fraud. But the more important signal is structural. By increasing liability for fraud losses and accelerating the shift toward instant payment rails, the regulation is effectively forcing fraud prevention out of the back office and into the transaction execution path itself. While PSD was concentrating more on cards, pull payments, reversible transactions, PSD3 addresses rapidly growing pain-point in financial market: instant payments, irreversible push payments, open banking Account-to-account payments, real time fraud.   

This is a meaningful change. For most institutions, fraud review has historically happened after the fact, a monitoring function that flags anomalies, investigates cases, and seeks recovery. That model was always imperfect, but it was manageable when payment cycles gave you hours or days. Instant payments collapse that window to seconds. Once funds move, recovery options are limited. The liquidation point, where fraudsters convert access into irreversible transfers, now happens faster than most legacy fraud systems can respond. Fraud methods have also rapidly evolved: social engineering scams, synthetic identities, account takeovers, authorised push payment fraud – all requiring shift from traditional post-transaction rule-based monitoring to real-time cross-payment channels detection, combined with behavioural biometrics and artificial intelligence layer.  

PSD3 doesn’t just tighten rules. It implicitly requires a different architecture, different tooling. 

Why Behavioural Intelligence Is Now Central, Not Optional 

The fraud typologies that PSD3 is most focused on, particularly APP fraud and account takeover, share a common characteristic: they’re hard to catch at the transaction level alone. A payment instruction may look entirely legitimate in isolation. The anomaly only becomes visible when you layer in behavioural context: Is this consistent with how this customer normally behaves? Is the session access pattern unusual? Is the same device and behavioural pattern spotted across other accounts and payment methods?  Has the beneficiary relationship changed recently? 

This shift explains why the industry has been moving toward a more integrated approach to fraud prevention. To comply with PSD3 and evolving fraud, institutions shall combine entity-level risk profiling, session-level intelligence, and transaction-level risk scoring to create a fuller view of risk before a payment is executed. 

The challenge is that, in most institutions, these capabilities remain siloed. Behavioural analytics may sit in a separate system or be missing altogether, while transaction monitoring is split across channels, with one solution for cards and another for wire transfers. This often leaves instant payments, account-to-account payments, crypto payments, and buy-now-pay-later flows insufficiently covered, especially when detection and decisioning must happen within milliseconds. 

The result is a fragmented control environment, with no unified decision point that brings all relevant signals together before a payment is released. 

The gap between these layers is where fraud increasingly lives. Schemes evolve precisely to exploit the seams between detection systems. Static rules, however sophisticated, are inherently reactive, they catch what’s already been seen. The more durable approach combines rules-based detection for known patterns with unsupervised machine learning that identifies deviations from normal behaviour without requiring prior fraud examples. This handles both the known unknowns and the genuinely novel. 

The Swift Dimension That Often Gets Overlooked 

Much of the conversation around PSD3 and instant payments focuses on domestic retail rails, which makes sense given where consumer fraud volumes are concentrated. But high-value cross-border payments represent a distinct and underserved risk surface. 

Swift traffic sits largely outside the scope of consumer-focused fraud tools. Yet correspondent banking flows carry significant value, and the attack vectors, compromised operator credentials, fraudulent payment instructions, manipulation of debit confirmations, are well-documented. The ability to monitor Swift messages at multiple interception points, cross-reference MT900 confirmations against MT103 instructions, and, critically, issue stop-and-recall instructions via the GPI tracker for payments already in-network, meaningfully extends the intervention window beyond what’s possible on domestic rails. 

Very few fraud prevention architectures address this channel natively alongside retail payments. That gap deserves more attention as institutions think about end-to-end coverage. 

From Compliance Burden to Architecture Decision 

The institutions that will navigate PSD3 most effectively aren’t those that treat it as a compliance checkbox. They’re the ones that use the regulatory moment to reassess their fraud prevention architecture more fundamentally, asking not just “what do we need to do to comply?” but “what does a genuinely real-time, multi-channel fraud prevention capability actually look like, and do we have it?” 

That question tends to surface uncomfortable answers. Fragmented point solutions. Offline analysis loops. Gaps in channel coverage. Detection capabilities that operate after execution rather than within it. Manual fraud investigation processes. Rapidly growing fraud volumes that institutions are expected to manage without proportionally increasing investigator teams and operational costs. 

The regulation provides the mandate. The harder work is architectural: building or acquiring a unified control layer that sits within the payment workflow, combines behavioural and transactional signals, covers the full range of payment rails, and makes preventive decisions in real time rather than purely detective ones after the fact. Done well, this approach can strengthen detection, improve the customer experience, reduce operational costs, and significantly increase the effectiveness and productivity of fraud investigators.  

That’s not a product category. It’s an infrastructure requirement. And PSD3 has just made it non-negotiable. 

Continue Reading

Business

Why Resilience Is Replacing Prevention as the Defining Cybersecurity Strategy

by Manuel Sanchez, Information Security and Compliance Specialist, iManage

For decades, cybersecurity centered around prevention. Build the right walls around your perimeter, deploy the right tools, train your people not to click the wrong links, and you could keep the bad actors out.

Today, the question driving security strategy is no longer “how do we stop a breach?” but “how do we survive one?” It is a subtle but profound shift in philosophy, and it is reshaping everything from how IT and Security leaders structure their teams to how they select their vendors and deploy AI.

Rehearsing for the worst

The practical expression of this shift is visible in how security teams are being restructured. Organisations are establishing dedicated disaster recovery teams – not to prevent incidents, but to contain and recover from them when they occur. These teams maintain detailed, regularly updated playbooks covering everything from backup restoration to stakeholder communications, with roles pre-assigned and procedures rehearsed well in advance.

In many ways, this mirrors the logic behind disaster drills: fire alarms matter, but knowing the evacuation routes and the post-incident recovery plan determines how well an organisation survives. Critically, responsibility cannot rest with the CISO alone. Business continuity after a cyber incident is a whole-company challenge – which means every core part of the organisation is involved to sustain critical business operations.

Governance in the gray areas

Running alongside this shift is a governance crisis that is easy to underestimate until it becomes a serious risk. As organisations adopt more applications across more vendors and hosting services, the shared responsibility model that was supposed to keep cloud accountability clear has become increasingly difficult to enforce.

The sheer volume of cloud applications in use at any given enterprise is too vast for consistent governance under current approaches – and bad actors have become skilled at identifying exactly where vendor responsibility ends, and customer accountability begins, then operating precisely in that “gray area”. Being aware of this risk and putting preventative measures in place is important, but recognising the role these cloud applications play and the impact to key business operations if these applications were compromised, is critical.

Meanwhile, data volumes continue to grow exponentially, and unstructured data continues to accumulate in the background across many digital systems. Why is this important? If you don’t know what data you have, where it is stored, who has access to it, and, most importantly, how it is protected – onsite or cloud backup – this makes the recovery process a lot harder.

AI agents on the rise – and with it new risks

Although the focus of this article is on resilience, prevention must still remain an essential part of your defences. On that front, the accelerating adoption of autonomous AI in cyber defence tasks is reshaping security operations as visibly as anything else happening in the field right now. The volume, speed, and sophistication of modern threats have simply outpaced what human analysts can manage in real time.

The shift is toward AI that doesn’t just flag anomalies for human review, but actively detects, analyses, and neutralises threats as they emerge, even using predictive models to anticipate attacks before they fully materialise. This frees human experts to focus on strategic decisions and complex defence work rather than spending their days firefighting.

Autonomous AI does, however, introduce risks of its own. When AI agents operate across systems – accessing sensitive repositories, triggering actions, sharing data – they expand the attack surface in ways that aren’t always immediately visible.

Managing the digital identities of AI agents, much like managing employee access credentials, is becoming a critical security discipline. Accordingly, comprehensive traceability frameworks that log every action an agent takes are no longer optional; they are the foundation of responsible AI deployment in any security context.

The supply chain wake-up call

The case for moving from a “prevention” mindset to a “resilience” one is further bolstered by recent high-profile breaches via compromised managed service providers, which have forced a fundamental reset in how organisations evaluate their vendors.

The era of cost-first selection is over. Security credentials, demonstrated through continuous and verifiable evidence, are now non-negotiable for any provider hoping to retain enterprise clients – and what organisations are demanding goes well beyond point-in-time audits. They want real-time visibility into every third-party integration, every software update, and every vendor interaction – including the cloud services the vendors themselves use.

“Trust but verify” has become the operational standard, and providers who cannot demonstrate validated controls and live monitoring are finding themselves out of contention. It is a structural shift that will reshape the vendor landscape considerably — and it is already underway.

A new era demands a new approach

In the end, prevention still matters, but resilience – instilled via the key focus areas above – is what turns disruption into survivable events rather than existential crises. The organisations that are honest about the limits of prevention and embrace the shift towards resilience won’t just better withstand the next wave of attacks – they’ll be differentiating themselves from competitors still clinging to yesterday’s playbook.

Continue Reading

Business

Adapting compliance in a fragmented regulatory world

Rasha Abdel Jalil, Director of Financial Crime & Compliance at Eastnets, discusses the operational and strategic shifts needed to stay ahead of regulatory compliance in 2025 and beyond.

As we move through 2025, financial institutions face an unprecedented wave of regulatory change. From the EU’s Digital Operational Resilience Act (DORA) to the UK’s Basel 3.1 rollout and upcoming PSD3, the volume and velocity of new requirements are constantly reshaping how banks operate.

But it’s not just the sheer number of regulations that’s creating pressure. It’s the fragmentation and unpredictability. Jurisdictions are moving at different speeds, with overlapping deadlines and shifting expectations. Regulators are tightening controls, accelerating timelines and increasing penalties for non-compliance. And for financial compliance teams, it means navigating a landscape where the goalposts are constantly shifting.

Financial institutions must now strike a delicate balance: staying agile enough to respond to rapid regulatory shifts, while making sure their compliance frameworks are robust, scalable and future-ready.

The new regulatory compliance reality

By October of this year, financial institutions will have to navigate a dense cluster of regulatory compliance deadlines, each with its own scope, jurisdictional nuance and operational impact. From updated Common Reporting Standard (CRS) obligations, which applies to over 100 countries around the world, to Australia’s new Prudential Standard (CPS) 230 on operational risk, the scope of change is both global and granular.

Layered on top are sweeping EU regulations like the AI Act and the Instant Payments Regulation, the latter coming into force in October. These frameworks introduce new rules and redefine how institutions must manage data, risk and operational resilience, forcing financial compliance teams to juggle multiple reporting and governance requirements. A notable development is Verification of Payee (VOP), which adds a crucial layer of fraud protection for instant payments. This directly aligns with the regulator’s focus on instant payment security and compliance.

The result is a compliance environment that’s increasingly fragmented and unforgiving. In fact, 75% of compliance decision makers in Europe’s financial services sector agree that regulatory demands on their compliance teams have significantly increased over the past year. To put it simply, many are struggling to keep pace with regulatory change.

But why is it so difficult for teams to adapt?

The answer lies in a perfect storm of structural and operational challenges. In many organisations, compliance data is trapped in silos spread across departments, jurisdictions and legacy platforms. Traditional approaches – built around periodic reviews, static controls and manual processes – are no longer fit for purpose. Yet despite mounting pressure, many teams face internal resistance to changing established ways of working, which further slows progress and reinforces outdated models. Meanwhile, the pace of regulatory change continues to accelerate, customer expectations are rising and geopolitical uncertainty adds further complexity.

At the same time, institutions are facing a growing compliance talent gap. As regulatory expectations become more complex, the skills required to manage them are evolving. Yet many firms are struggling to find and retain professionals with the right mix of legal, technical and operational expertise. Experienced professionals are retiring en-masse, while nearly half of the new entrants lack the right experience needed to step into these roles effectively. And as AI tools become more central to investigative and decision-making processes, the need for technical fluency within compliance teams is growing faster than organisations can upskill. This shortage is leaving compliance teams overstretched, under-resourced and increasingly reliant on outdated tools and processes.

Therefore, in this changing environment, the question suddenly becomes how can institutions adapt?

Staying compliant in a shifting landscape

The pressure to adapt is real, but so is the opportunity. Institutions that reframe compliance as a proactive, technology-driven capability can build a more resilient and responsive foundation that’s now essential to staying ahead of regulatory change.

This begins with real-time visibility. As regulatory timelines change and expectations rise, institutions need systems that can surface compliance risks as they emerge, not weeks or months later. This means adopting tools that provide continuous monitoring, automated alerts and dynamic reporting.

But visibility alone isn’t enough. To act on insights effectively, institutions also need interoperability – the ability to unify data from across departments, jurisdictions and platforms. A modern compliance architecture must consolidate inputs from siloed systems into a unified case manager to support cross-regulatory reporting and governance. This not only improves accuracy and efficiency but also allows for faster, more coordinated responses to regulatory change.

To manage growing complexity at scale, many institutions are now turning to AI-powered compliance tools. Traditional rules-based systems often struggle to distinguish between suspicious and benign activity, leading to high false positive rates and operational inefficiencies. AI, by contrast, can learn from historical data to detect subtle anomalies, adapt to evolving fraud tactics and prioritise high-risk alerts with greater precision.

When layered with alert triage capabilities, AI can intelligently suppress low-value alerts and false positives, freeing up human investigators to focus on genuinely suspicious activity. At the more advanced stages, deep learning models can detect behavioural changes and suspicious network clusters, providing a multi-dimensional view of risk that static systems simply can’t match.

Of course, transparency and explainability in AI models are crucial. With regulations like the EU AI Act mandating interpretability in AI-driven decisions, institutions must make sure that every alert or action taken by an AI system is auditable and understandable. This includes clear justifications, visual tools such as link analysis, and detailed logs that support human oversight.

Alongside AI, automation continues to play a key role in modern compliance strategies. Automated sanction screening tools and watchlist screening, for example, help institutions maintain consistency and accuracy across jurisdictions, especially as global lists evolve in response to geopolitical events.

Similarly, customisable regulatory reporting tools, powered by automation, allow compliance teams to adapt to shifting requirements under various frameworks. One example is the upcoming enforcement of ISO 20022, which introduces a global standard for payment messaging. Its structured data format demands upgraded systems and more precise compliance screening, making automation and data interoperability more critical than ever.

This is particularly important in light of the ongoing talent shortages across the sector. With newer entrants still building the necessary expertise, automation and AI can help bridge the gap and allow teams to focus on complex tasks instead.

The future of compliance

As the regulatory compliance landscape becomes more fragmented, compliance can no longer be treated as a tick-box exercise. It must evolve into a dynamic, intelligence-led capability, one that allows institutions to respond to change, manage risk proactively and operate with confidence across jurisdictions.

To achieve this, institutions must rethink how compliance is structured, resourced and embedded into the fabric of financial operations. Those that do, and use the right tools in the process, will be better positioned to meet the demands of regulators today and in the future.

Continue Reading

Copyright © 2021 Futures Parity.