IDnow’s Director of Product, Jonas Mendes, has spent years watching how financial institutions approach digital identity – and in 2026, the shift is no longer on the horizon. It’s already here. These are the four trends actively redefining KYC this year, and why compliance teams that haven’t acted yet are running out of time.

The way financial institutions think about digital identity is fundamentally broken and 2026 is the year that can no longer be ignored, according to Jonas Mendes, Director of Product at IDnow. Originally, KYC was designed as a gate: users come, companies verify them once and move on. But the threats banks face today don’t stop at the gate. Additionally, with AMLR and eIDAS 2.0 coming into force in 2027, the regulatory window to get this right is closing fast. Here are the four trends Jonas believes will separate the regulation-ready from those scrambling.

1. Companies must get ready for AMLR and eIDAS 2.0

Regulatory deadlines are approaching fast. AMLR and eIDAS 2.0 both come into force in 2027, which means the decisions about technology partners, verification methods and compliance architecture need to be made now.

The KYC frameworks built until 2024 were not designed for what’s coming. Banks will be required to accept EUDI Wallets , and existing video verification flows, so typical in Germany for example, will need to be adjusted. Trust services will become much more important with QES and QEAAs at the core of many digital processes. Now, financial institutions are at a strategic crossroads: do they patch the existing stack or re-architect?

How we help: Patching buys time. Re-architecting buys optionality – and that’s what AMLR and eIDAS 2.0 actually demand. IDnow’s soon-to-be-launched Trust Platform is built for institutions that want to get ahead of it rather than catch up. It combines all identification methods, from automated and video-based verification to eID and EUDI Wallet support, with trust services like QES and QEAAs, all within a single integration. It ensures full compliance coverage now, with the flexibility to adapt as requirements evolve without managing multiple vendors or maintaining a fragmented tech stack.

2. AI fraud is taking over, whether we like it or not

AI is not just a tool for banks, fraudsters are using it too and they are great at it! So much so that deepfakes and synthetic identities are becoming indistinguishable from real photos and documents. In 2026, the sophistication of attacks is already outpacing the speed at which they can be detected with fraudsters constantly finding new ways to bypass the defence mechanisms of banks and other critical institutions. The real question financial services companies should no longer be “Can you detect fraud?” but “How quickly can you adapt when a new method of attack emerges?”

How we help: IDnow addresses this through an Injection Attack Detection feature that flags injected or manipulated videos, including deepfakes, during customer onboarding. Beyond this, the combination of Biometric Authentication paired with Device Intelligence via IDnow Trust Platform, you can effectively block account takeover attempts and synthetic identity fraud. Crucially, the platform’s modular design and no-code workflow builder will allow compliance and product teams to react to emerging fraud patterns quickly, without filing an engineering ticket.

Banks have spent years optimising KYC. But most fraud happens after onboarding, and it evolves fast. By the time you’ve updated your defences, fraudsters have moved on. That’s exactly what the Trust Platform is built to fix. – Jonas Mendes, Director of Product, IDnow

3. Know Your Customer (KYC) is no longer enough

For many companies, most investment has gone into onboarding, even though most fraud happens after onboarding. However, point-in-time verification creates a false sense of security because account takeovers, mule networks, Authorised Push Payment (APP) fraud – all these exploit the post-onboarding blind spots. KYC only tells you who someone was at the point of onboarding, but it doesn’t tell you who they are today.

Some organizations may rely on periodic re-verification cycles, but they just don’t work. They’re calendar-based, triggered on a fixed schedule depending on risk tier, regardless of whether anything suspicious has happened. Also, the process of asking an existing customer to re-submit their ID, selfie or a document is cumbersome and annoying. So much so, many customers simply don’t complete the re-KYC process. They ignore the request, abandon it halfway, or churn entirely, resulting in low conversion rates.

All in all, the answer isn’t a better KYC process, it’s a different relationship with identity altogether – one based on continuous trust, not periodic checks.

How we help: The Trust Platform makes TYC operational. It enables modular, risk-based processes that allow customers to trigger the right verification action at the right time – whether that’s biometric verification, device signals, or collecting a fresh ID copy from the customer. All of it is configurable and adjustable at any time, without development overhead.

4. Invisible, intelligent fraud prevention that scales without scaling costs

We already know that identity should be continuously validated, not periodically re-checked or worse – only checked at the point of onboarding. Smart, risk-signal-driven re-verification that engages the customer when it matters should be the norm with low-friction biometric authentication set as the new standard. The check should be so subtle that fraud prevention feels invisible to the customer but effective for the bank. But there’s one question companies need to keep in mind: how do they scale continuous monitoring without inflating operational costs?

How we help: The Trust Platform is designed to support exactly this kind of invisible, intelligent monitoring that doesn’t inflate the costs when scaled. By combining various signals like Device Intelligence, Behavioral and Contextual signals with biometric and document checks, it enables automated, risk-based decisions that reduce friction for legitimate customers while catching fraudsters before damage is done.

Interested in more insights from our subject matter experts?

Senior Architect at IDnow, Sebastian Elfors explains how technical standards are moving from guidelines to legal foundations and what that means for banks and every European citizen.

Former INTERPOL Coordinator and Forensic Document Examiner at IDnow, Daniela Djidrovska explains why IDnow offers document fraud training to every customer, regardless of sector.

Research Scientist at IDnow, Nathan Ramoly explores the dangers of deepfakes and explains how identity verification can help businesses stay one step ahead of fraudsters.

Research Scientist in the Biometrics Team at IDnow, Elmokhtar Mohamed Moussa explores the dangers of face verification bias and what steps must be taken to eradicate it.