The AI paradox in candidate screening and vetting

As in many industries, artificial intelligence (AI) in the world of candidate and employee screening represents a paradox; simultaneously, it is both a great catalyst for identity fraud and a potent tool to combat it. Potential bad actors now have access to generative platforms that can create entirely fabricated and falsified identities, but the very same technology can also be leveraged by employers to detect the deception.  

Few organisations are fully prepared and ready to manage the scale of attacks they are now facing, with a worrying volume still reliant on largely manual processes. However, opting for a manual approach to tackling AI-fraud will not work. 

Consequently, adopting tech-driven compliance strategies is now essential for all employers to ward off the next generation of potential employee and candidate identity fraud. But how can they leverage AI and other tools effectively to protect themselves in this increasingly hostile environment?  

Rising threat levels 

The exponential pace of development and rise of deepfake technology is reshaping every stage of the hiring journey, from initial outreach to final onboarding, creating new threats for employers to manage. AI offers a large range of potential benefits to firms, but it is also driving much of the aforementioned criminal activity. In fact, research shows that there has been a staggering 2,137% increase in deepfake-related fraud over the past three years with banks, insurers, and payment services across UK and Europe, which now represents approximately 6.5% of all fraud cases.  

Employers are facing significant challenges as a result. A 2025 report from CIFAS, the UK fraud prevention service, found a 28% increase in ‘insider threats’ and employee fraud in the last two years. In addition, in 2024, over a third (38%) of fraud attempts took place within the first three months of employment. Fraudulent candidates, backed by criminal groups, and even hostile states, in some cases, are actively looking to secure jobs at companies of all sizes with the sole intent of leaking information, attacking sensitive databases, and committing a range of illegal activities.  

Most businesses are underprepared to tackle these modern challenges at a time when these threat levels are rising. More than half of firms in both the US and UK say they have been targeted by AI-enabled, or deepfake fraud, and only 10% spotted the threat before it had an impact, highlighting the ease with which criminals can exploit processes when there is a lack of preparation.   

Manual vs digital 

A core challenge facing businesses is the relative infancy of AI; most firms are still reliant on legacy tools and processes which were not designed for a world where technology has advanced so far, and highly effective forgeries can be developed in minutes. While organisations are manually reviewing verbal references or credentials, fraudsters are stitching together data fragments from social media profiles, old CVs, and stolen voice samples to create highly accurate composite identities with the capacity to slip through superficial screening. With skills shortages and other factors placing pressure on hiring teams to fill roles quickly, the time required to thoroughly vet applicants is shrinking.  

A combination of these factors means that potentially fraudulent candidates are streets ahead of the vast majority of employers. Many businesses are fighting a digital war with analogue tools, and the onus is on them to catch up and level the playing field. 

Dual nature 

The solution is staring many firms in the face; the technology and algorithms behind these attacks can themselves be leveraged to strengthen defences and fight off fraud. AI-driven liveness tests, for example, now require candidates to respond to random prompts on camera to ensure they are human, while facial recognition models confirm that the video matches up with official identity documents. In addition, other digital scanning tools can examine passports, driving licences and certificates for microscopic inconsistencies such as altered fonts, irregular holograms or manipulated PDF metadata that would be invisible to the human eye, and in a fraction of the time. Equally, voice-biometric systems can be applied to analyse acoustic patterns and cadence to spot speech generated by text-to-speech engines or deepfake platforms. But the potential of this technology should not be seen as an invitation for employers to offload their HR teams and invest entirely in ChatGPT, and a layered approach, combining people and technology with clear governance policies, is the best option to develop a truly complete compliance framework. 

Keep pace with the market 

Even firms that feel they are perfectly set up to identify fraudulent candidates or employees can still face challenges, and all employers must continually react and review their policies and risk thresholds to protect themselves in the future. The pace of development with artificial intelligence and other emerging technologies means that continuous monitoring of the broader AI ecosystem, including emerging generative models, decentralised identity solutions and zero-knowledge proof, is now critical, and will prepare organisations to adopt innovative defence strategies before they become mainstream and less effective. 

The race between fraudsters and businesses will only continue to accelerate, but those employers that recognise the potential of AI and other technology to protect themselves stand to prosper and will be able to leverage their preparation into a proactive competitive advantage. By weaving digital tools into their vetting and background screening program, businesses can mitigate their risks by safeguarding themselves from potentially frauds, invest with confidence and mitigate the risks in their recruitment activity.