Decades of regulatory pressure in financial services have forced robust identity verification guardrails into place. Know Your Customer has become the standard foundation for how those organizations onboard individuals.
AI-driven fraud is now outpacing those guardrails. Synthetic IDs and deepfakes make it increasingly difficult to tell whether a person is risky or real.
And business onboarding compounds the problem.
Even at its strongest, KYC only answers one question: Is this person who they say they are? And AI-driven fraud is making that question harder to answer every day.
What KYC was never built to answer is the second question: Is this business real, active, and trustworthy?
That is the role of Know Your Business, and it's where the gap is hiding in plain sight. KYB has never faced the same regulatory scrutiny as KYC, so most companies lack equivalent controls. Meanwhile, the same AI tools driving synthetic identity fraud now make synthetic shell companies just as easy to create.
Malicious actors can build a business in minutes with no in-person validation required. In the U.S., anyone can apply online and request an EIN from the IRS. This is especially true for SMB onboarding that is inherently difficult to verify given thin-file UBOs, fragmented histories, and inconsistent data across geographies.
The lines of risk are blurring between synthetic businesses and the synthetic owners behind them. Yet most onboarding workflows still run on a single flawed assumption: that a verified business implies a legitimate owner, or vice versa.
That assumption no longer holds.
This is hitting AI and tech hardest, where KYB and KYC failures are now a national security issue, not just a fraud issue. Product-led growth onboarding was never built for this level of risk.
Regulators are responding accordingly. In June, the U.S. government intervened directly in Anthropic's and OpenAI's latest model releases, signaling real doubt in tech's ability to identify risk and safeguard access. The concern is global as reflected in the EU AI Act’s requirement for frontier labs to verify each customer’s use case before enabling access.
What's happening in tech is an early signal, not an isolated case. When industries can't demonstrate they know who and what they're doing business with, regulators tend to respond with broad restrictions.
Organizations that modernize verification now will help shape their own controls, rather than having controls shaped for them.
In the age of synthetic threats, onboarding must evolve into a multilayered, simultaneous flow.
This is the gap Socure and Markaaz partnered to close. Socure and Markaaz are eliminating the friction from global small and medium business (SMB) onboarding by unifying business and identity verification into a single, automated workflow that scales across all global markets.
In our next blog, we’ll share a framework that translates how this partnership is evolving and how quickly and safely onboarding can be accomplished even in the face of rising AI driven fraud.
Join our webinar on August 5th at 10am PT | 1pm ET, where experts walk through real cases and practical approaches.