2025 was a year that kept every operator on their toes. Fraud accelerated. Identity challenges became more sophisticated. Cybersecurity pressures intensified alongside AI adoption. Compliance teams faced rising scrutiny. Yet, despite the rapid pace of change, this year did not feel chaotic. It felt like the market was finally snapping into focus.
For us at Liminal, that focus crystallized in a meaningful milestone: the close of our $8.5M Series A led by Noro-Moseley Partners. This round was not about chasing the next idea. It was about doubling down and accelerating the product and go-to-market strategy we have been building toward for years.
When we founded Liminal in 2021, we believed the future of intelligence would hinge on context scaffolding, the ability to structure, interpret, and activate information in real time as AI reshaped how decisions are made. In an AI-first world, static reports and disconnected tools fall apart. What teams need is intelligence that understands the why, not just the what.
In 2025, that thesis proved prescient. Teams are increasingly turning to Liminal to move faster, interpret market trends with confidence, and act decisively in moments that matter. The year ahead may bring more complexity, but the path forward is clearer than ever.
As we reflected on the year, one thing stood out clearly: none of the shifts below came as a surprise. Each was a prediction we outlined in our 2024 outlook, not as guarantees, but as trajectories we believed would define the next phase of the market. In 2025, those predictions became a lived reality.
What follows is not a recap of headlines. It is a scorecard, grounded in data, conversations, and execution, of how those predictions played out.
1. Fraud became more personal, adaptive, and believable
2024 prediction: AI would push fraud from scale to sophistication
In our 2024 outlook, we warned that fraud would move beyond volume-driven attacks and become deeply personalized, adaptive, and far more convincing. In 2025, that prediction materialized more quickly than most teams expected.
Fraud shifted from broad campaigns to individualized interactions powered by generative AI. Voice clones, realistic deepfakes, and multi-step impersonation schemes became common enough that fraud teams described them as routine rather than exceptional.
One moment that defined the year happened in October, when a fake YouTube livestream impersonating NVIDIA CEO Jensen Huang drew almost 100,000 viewers and promoted a QR-code crypto scheme. It captured global attention not only because of its scale, but because it showed how believable these attacks have become.
Across the market, the core signal was not simply that fraud got “smarter.” It was that it got faster. In our 2025 seminal research on the convergence of authentication and fraud prevention, 71% of buyers said they are concerned their current tools cannot stop GenAI-driven scams, and 72% said single-signal authentication methods like passwords fail against modern fraud. The same research found that 78% of buyers report recurring account takeover incidents, and 83% already use probabilistic signals like behavioral, device, or location signals, with most others planning adoption within a year.
The teams that kept pace were the ones that stopped relying on static checkpoints. They leaned into continuous risk scoring, behavioral analytics, and richer identity signals that paint a clearer picture of how a legitimate customer behaves over time. Fraud did not get easier in 2025, but the teams that invested early in multi-signal intelligence created real distance from the rest of the market.
What separated leading teams in 2025 was not access to better tools. It was access to better context, the ability to understand behavior over time, connect signals across touchpoints, and act before fraud felt obvious.
(Seminal Report: The Convergence of Authentication and Fraud Prevention, Page 39)
(Seminal Report: The Convergence of Authentication and Fraud Prevention, Page 5)
2. First-party fraud moved into the center of the P&L conversation
2024 prediction: first-party fraud would become a material revenue risk
Last year, we predicted that first-party fraud would stop being treated as operational noise and start showing up as a measurable drag on revenue. In 2025, that shift became impossible to ignore.
Retailers reported that margin pressure from returns abuse is no longer a niche operational issue. In our research, more than 80% of retailers reported that returns abuse is putting pressure on their profit margins, and nearly half have embedded fraud signals into their returns decisioning. The takeaway was consistent across leaders: controlling abuse without breaking customer experience requires identity-aware context, not blunt enforcement.
Industry-wide data reinforced the direction of travel. In the Merchant Risk Council’s 2025 Global eCommerce Payments and Fraud Report, refund and policy abuse showed broad prevalence and meaningful year-over-year increase, with only a small minority reporting no impact and many reporting material growth. The operational implication is straightforward: when post-purchase abuse becomes both common and fast-moving, teams cannot manage it as an exception process. They need continuous context across identity, behavior, and policy.
Disputes and chargebacks told the same story from a second angle. Mastercard’s chargeback outlook projects chargeback volume rising from 261 million in 2025 to 324 million by 2028, a 24% increase in three years. More disputes mean higher costs, increased ambiguity between customer friction and misuse, and greater pressure to distinguish legitimate claims from opportunistic behavior in real-time.
The meaningful progress we saw this year came from organizations that treated first-party fraud as a core revenue decision problem, not a narrow detection problem. They aligned fraud and CX teams, tightened policy frameworks, improved segmentation, and introduced identity-aware controls that could differentiate misuse from legitimate behavior. This was the year first-party fraud gained its place on the leadership agenda.
3. AI governance and data access control became operational necessities
2024 prediction: AI governance would move from policy to production
In 2024, we predicted that AI governance would quickly move from policy decks to day-to-day operations. In 2025, that transition became unavoidable.
As AI agents transitioned from experimentation to production workflows, organizations faced new risks associated with data exposure, model behavior, and access control. In our Link Index for AI Data Governance, 94% of practitioners cited safeguarding sensitive data as their top AI concern, and more than three-quarters stated that traditional security controls cannot keep pace with AI’s rapid adoption. The signal was clear: governance is becoming inseparable from execution, because AI is now embedded directly into workflows that touch sensitive systems and decisions.
Public incident data reinforced the urgency behind that shift. Harmonic’s analysis of enterprise prompts to widely used LLMs found that 8.5% of employee prompts contained sensitive data, with customer data comprising the largest share of leaked content. In practical terms, the risk is no longer theoretical; it is now a reality. The “prompt layer” has become a significant data-loss pathway, and its impact scales with adoption.
Inside the enterprise, the response has begun to formalize. Internal audit and risk organizations are increasingly turning to structured guidance for evaluating AI governance, controls, and oversight. The Institute of Internal Auditors’ AI Auditing Framework is one example of how rapidly the assurance layer is catching up to production reality. In parallel, government and oversight bodies have also elevated AI risk management for critical systems, including guidance tied to critical infrastructure and expectations for risk assessment.
In practice, governance in 2025 was less about restriction and more about confidence: confidence that decisions made by humans and machines alike are grounded in accurate, traceable, and well-scaffolded context.
4. KYC, AML, and financial crime teams made progress while facing higher stakes
2024 prediction: Continuous monitoring would replace point-in-time compliance
Last year, we anticipated that point-in-time compliance would no longer be sufficient to counter AI-driven fraud and synthetic identity threats. In 2025, that prediction came to fruition across KYC and AML programs.
Deepfakes and synthetic identities made onboarding harder than at any point in the past decade. Nearly 87% of organizations said they are not fully prepared for deepfake-enabled onboarding threats. At the same time, continuous monitoring gained credibility, with 72% expecting to adopt perpetual KYC within two years. The operating model is shifting from one-time clearance to sustained confidence.
Synthetic identity fraud accelerated beyond expectations. The Federal Reserve Bank of Boston has highlighted that losses tied to synthetic identity fraud surpassed $35 billion in 2023 and that generative AI is a meaningful accelerant, making synthetic identities easier to create and harder to detect. That dynamic is a direct driver of why compliance teams are moving toward continuous monitoring and cross-institution context, especially as attackers test synthetic personas across multiple institutions.
On the execution side, the push toward automation is not simply about efficiency. It is about survivability in terms of volume and complexity. BCG has noted that KYC and compliance processes can represent a material share of operating costs in financial institutions, and that AI-enabled approaches can reduce KYC compliance costs substantially when implemented correctly. The strategic implication is that automation without governance creates exposure, but governance without automation creates bottlenecks.
The most effective programs treated intelligence as a living system: continuously refreshed, context-rich, and capable of evolving in response to emerging threats.
5. Capital returned with clearer priorities and a higher bar
2024 prediction: capital would return, but discipline would define winners
In our 2024 outlook, we predicted that capital would re-enter fraud, identity, and cybersecurity, but with far greater selectivity. That prediction held.
Public market and venture data points to a simple pattern: capital remained available in 2025, but it concentrated around higher-conviction bets and clearer narratives. KPMG’s Venture Pulse shows that global venture investment decreased from Q1 to Q2 2025, reflecting a more cautious environment despite continued activity. Crunchbase similarly highlighted that Q2 2025 funding remained substantial, but with large portions concentrated in fewer, larger rounds and in AI-related categories. The message to founders and operators was consistent: differentiation and execution mattered more than momentum.
Strategic activity reinforced the same theme. Buyers and acquirers were not consolidating categories for optics. They were filling capability gaps, especially where intelligence can be operationalized and embedded. Mastercard’s launch of its Threat Intelligence solution illustrates the direction of travel: in announcing the product, Mastercard cited that 60% of global fraud leaders are not notified of a breach until after losses begin, a framing that elevates real-time, actionable intelligence as an operational requirement, not a “nice to have.”
The market was not quiet in 2025. It was discerning. Companies that could translate intelligence into execution stood out. Those without a clear story struggled.
(Q2 2025 Market & Investment Trends Report, Page 16 and 18)
(Q2 2025 Financial Crime & Compliance Market & Investment Trends Report, Page 18)
6: Age assurance moves from debate to implementation
2024 prediction: age assurance would shift from discussion to enforcement
Few predictions materialized as cleanly as age assurance. In 2024, we expected global momentum. In 2025, enforcement began.
In Australia, a social media minimum age framework moved into implementation. From December 10, 2025, age-restricted platforms must take reasonable steps to prevent Australians under 16 from creating or keeping accounts, alongside an age assurance trial and supporting guidance. In the UK, the Online Safety Act created legal duties to protect users and children online, with age assurance explicitly positioned as a core mechanism for preventing children from accessing pornography and other harmful content.
In the U.S., the Supreme Court’s decision in Free Speech Coalition, Inc. v. Paxton upheld a Texas law requiring certain websites with sexually explicit content to verify that visitors are 18 or older, signaling continued momentum for state-level age restrictions and verification requirements.
Age assurance is no longer a future requirement. It is now an implementation cycle. Platforms must operationalize age checks, navigate regional compliance requirements, and strike a balance between user experience, privacy expectations, and regulatory risk.
As enforcement ramps up in 2026, the organizations that will succeed will be those that contextualize regulation, risk, and user experience in real-time, rather than treating age assurance as a static compliance checkbox.
Looking Ahead
Each of the shifts we reflected on this year followed the same arc. They began as early signals, evolved into visible patterns, and ultimately reshaped how teams made decisions in real time. That progression reinforces a belief we have held since Liminal’s earliest days: intelligence only creates value when it is contextual, timely, and designed for action.
As AI compresses decision cycles and increases the cost of error, organizations are discovering that data alone is not enough. What they need is context scaffolding, the connective tissue that explains what matters, why it matters now, and what to do next. Static reports, point-in-time assessments, and disconnected tools consistently failed teams in 2025 when speed, confidence, and coordination were required.
This insight directly shapes how we think about what comes next. The predictions we have outlined for 2026 build on what this year confirmed: intelligence is no longer a reference point. It is becoming a native layer inside the systems teams use every day, embedded across fraud workflows, identity journeys, product decisions, and go-to-market execution. The organizations that win will not be those with the most tools, but those with intelligence that compounds, improving with every signal, interaction, and decision.
Looking ahead, the pace of change will only accelerate. Fraud actors will become more adaptive. Identity will move from checkpoints to continuous evaluation. Governance will become inseparable from automation. Capital will continue to reward platforms that unify workflows and translate intelligence into execution.
The teams that succeed in 2026 will not simply react faster. They will act with clarity and purpose. And clarity comes from intelligence that is dynamic, contextual, and embedded, where decisions actually happen.
Travis and Jennie
Co-Founders
