Deepfake Spoofs Dutch Bank’s KYC, Opening 46 Accounts. What Could Have Stopped It?

It started with a rental listing.

In Amsterdam, someone posted an apartment on Marktplaats, one of the Netherlands’ most popular classifieds platforms. Prospective tenants responded with the usual documents: a copy of their passport, a pay slip – proof they were good for the rent. Except the apartment didn’t exist, and their identity documents were about to be weaponized.

A 34-year-old man used those stolen IDs – along with others harvested from social media – to open 46 fraudulent bank accounts at ABN AMRO, one of the largest banks in the Netherlands. He did it entirely through the bank’s mobile onboarding flow, which required applicants to upload a photo ID and take a selfie for facial verification.

The trick was straightforward. He used deepfake technology to create imagery resembling the passport photos on the stolen IDs. The automated system compared the two images, found a match, and approved the account.

Not once, but forty-six times.

How the Deepfake Scheme Unraveled

The scheme ran for months before a single error gave it away. One application used a woman’s photo ID, but the selfie showed a male face. The deepfake had blended her features, her eyes, her mouth, onto his face, but not convincingly enough. ABN AMRO’s team flagged the anomaly, investigated, and uncovered the full scale of the fraud.

When border police later stopped the suspect at a checkpoint, the evidence was damning. Officers found him deleting Telegram from his phone. In his car: envelopes containing debit cards and PINs for multiple ABN AMRO accounts, dozens of fake IDs, and chat logs with ChatGPT in which he had asked how to bypass the bank’s security. CCTV footage showed him depositing large cash sums into the fraudulent accounts – transactions prosecutors say were linked to money laundering.

Prosecutors requested a 30-month prison sentence and €6,240 in compensation to ABN AMRO. In March 2026, the Amsterdam district court ordered further investigation rather than issuing a verdict. The defendant remains in pre-trial detention while a new hearing is scheduled within three months.

Why Did KYC Checks Fail?

This case reflects a broader pattern: traditional, ever-increasingly accessible AI tools are systematically defeating weaker identity verification solutions.

Once a fraudulent identity is inside the Know Your Customer (KYC) perimeter, it can be used for money muleing, laundering, terrorist financing, or sanctions evasion, and more. The financial impact isn’t limited to direct losses; the regulatory fallout often dwarfs them:

• TD Bank was fined $3.09 billion in 2024 for AML failures.
•  In the first half of 2025 alone, regulators levied $1.23 billion in financial penalties, a 417% increase year-over-year.
  

ABN AMRO caught 46 accounts. The question is how many others didn’t.

ABN AMRO’s onboarding flow followed a pattern common across European banking: upload a photo ID, take a selfie, let the system compare the two. This assumes that if the face in the selfie matches the document, the person is who they claim to be. That assumption collapses the moment a fraudster can generate a synthetic face that bridges their own appearance and someone else’s ID photo.

And it’s getting easier by the month. Generative AI has collapsed the barrier to entry for synthetic identity attacks: what once required specialist skills and high-end hardware can now be executed with inexpensive, off-the-shelf tools. iProov’s 2026 Threat Intelligence Report documented a 1,151% year-over-year increase in iOS injection attacks in the second half of 2025. iOS was long considered the more secure mobile platform; that assumption no longer holds. For banks running mobile-first onboarding on any OS, the implication is the same: if the verification system can’t detect manipulated video at the point of capture, it will approve it.

The ABN AMRO case illustrates why. The system verified that a face matched a document, but didn’t verify whether the face was real.

The Missing Layer: Liveness Detection That Works

The critical gap in the ABN AMRO onboarding flow was the absence of advanced liveness detection. Without it, the system had no way to distinguish a genuine human face from a digitally manipulated image.

Robust systems don’t just compare faces. They test whether a real person is present at the moment of capture. A passive, one-time randomized challenge at the moment of authentication, and deep learning models that progressively learn from evolving attack vectors. Done properly, it confirms three things simultaneously: that the user is the right person, a real person, and authenticating in real-time.

This approach detects the three primary attack vectors:

• Presentation attacks involve holding up a photo, video, or mask to a camera.
• Digital injection attacks feed a deepfake directly into the verification pipeline, bypassing the camera entirely. This is the most pressing and scalable type of attack.
• Replay attacks re-present previously captured biometric data, such as a recording of a legitimate verification session, to impersonate a real user.

Public reporting on the ABN AMRO case doesn’t specify the exact technical method of delivery. But whether the manipulated selfies were uploaded or injected, the outcome is the same: a face-matching check can’t tell a synthetic face from a real one. That’s what liveness detection is designed to stop.

There are now independent benchmarks buyers should expect vendors to meet, including:

• CEN/TS 18099 Level High and Ingenium Injection Attack Detection Level 4 for injection attack resistance
• and NIST SP 800-63-4, which in 2025 made injection attack detection a mandatory control objective for higher assurance levels. Vendor claims without independent, accredited testing against these standards aren’t evidence of resilience. They’re marketing.

Had ABN AMRO’s onboarding included verification of this kind, the fraudster’s manipulated selfies would have been flagged not because the face didn’t match the ID, but because the face itself wasn’t real or genuinely present.

This Is Not an Isolated Case of Deepfake Fraud

The ABN AMRO case is the latest in a growing list of deepfake-enabled financial fraud incidents.

In April 2025, Hong Kong police arrested eight people in a deepfake-driven fraud ring that had used 21 stolen Hong Kong identity cards to make 44 bank account applications, roughly 30 of which succeeded. The group merged their own faces onto the stolen ID photos to bypass facial recognition, the same technique used against ABN AMRO, and the accounts were linked to laundering and credit abuse.

This represents a structural shift in how new account fraud operates – one where the tools are cheap, the skills required are minimal, and the verification systems most banks rely on weren’t built for this threat.

What Financial Institutions Should Take Away

1. Social engineering and synthetic media work together. The fraudster didn’t just use deepfakes. He used a fake rental listing to harvest genuine identity documents from real people. Verification systems need to account for the fact that the documents being presented may be authentic, even when the person presenting them is not.
2. Static verification is not enough. A selfie-to-ID check that uses the same rules today as it did at launch is a threshold to clear, not a barrier to entry. Financial institutions need verification that evolves against new attack techniques, including the AI-driven threats growing fastest.

The question has moved from if deepfake-enabled KYC fraud will affect your institution, to when, and whether you’ll detect it before 46 – or thousands more – accounts are opened at scale.

ABN AMRO’s onboarding flow is common across banking. So, increasingly, is the vulnerability it exposed. See how iProov’s Dynamic Liveness detects the injection attacks, deepfakes, and replay attacks that traditional selfie-to-ID matching cannot. Book your live demo.