All resources
Guide · AI & Fraud

The deepfake CFO: AI-enabled fraud and the controls that stop it

An employee joined a video call with their CFO and several colleagues, then transferred HK$200 million. Every face on the call was a deepfake. The control that would have stopped it costs nothing: a phone call to a known number.

12 min readPublished 2 July 2026

A phone call that should have happened

In January 2024 an employee in the Hong Kong office of the engineering firm Arup received a message, apparently from the group’s UK-based CFO, about a confidential transaction. The employee was suspicious, so a video call was arranged. On the call were the CFO and several familiar colleagues. Reassured, the employee made 15 transfers worth about HK$200 million, roughly US$25 million[1]. Every person on that call was a deepfake, generated from publicly available video and audio.

The striking part is not the technology. It is how ordinary the defeating control would have been: one phone call, to a number the employee already had for the CFO, would have ended the scheme. The attack did not beat a firewall. It beat a payment process that had no independent verification step.

This is not a fringe threat in Australia

Australian reported scam losses rose to A$2.18 billion in 2025, up 7.8% and the first annual increase since 2022. Payment redirection, the category that covers business email compromise, climbed 9.3% to $166.8 million and is now the second-largest single type of loss[2]. The Australian Signals Directorate lists business email compromise among the top cybercrimes reported by businesses, and assesses that AI is letting attackers operate at greater scale and speed[5].

The investment-scam side shows the same trend. ASIC removed nearly 12,000 scam websites in 2025, up 90% on the year before, and its commissioner was direct about the cause: AI is making fake ads "more polished, more convincing and harder to spot"[3]. The tools that faked a CFO on a video call are the same ones cloning voices and fabricating endorsements.

Why the deepfake works

These attacks succeed because they target trust, not systems. A familiar face on a screen or a familiar voice on the phone overrides the small doubt that a suspicious email raises. The raw material is cheap: a few minutes of a public presentation or a media interview is enough to build a convincing likeness. And the real target is never the technology. It is your payment authorisation process, and specifically the moment a person is asked to move money or change bank details in a hurry.

The controls that actually stop it

The defences are process, not product, and the ACSC recommends them explicitly[4]. None of them require new software.

  • Out-of-band verification: confirm any payment-detail change or large transfer by calling the requester on a number you already hold, never a number from the email or the call itself
  • Dual authorisation: no single person can both initiate and approve a payment above a set threshold
  • A standing approval process for changes to supplier or payroll bank details, with a mandatory waiting and verification step
  • A rule that urgency is a red flag, not a reason to skip steps; "the CEO needs this in the next ten minutes" is the script
  • Regular, brief drills so the finance team has actually practised saying no to a convincing request

Make it a board question

Because the fix is process, the oversight belongs at the board, not buried in IT. Three questions surface most of the risk. Who is authorised to change bank details or approve a large transfer? What is the exact call-back procedure, and does it use independently sourced numbers? When was it last tested with a realistic scenario? Treat this as a controls review, the same way you would treat segregation of duties in finance.

If your finance team cannot describe the call-back procedure for a payment-detail change from memory, you do not have a deepfake problem yet. You have a process gap that a deepfake will eventually find.
Research sources

Evidence-based, transparently sourced.

All statistics and research findings on this page are supported by authoritative sources. Behind The SLA is committed to evidence-based advisory and transparent methodology.

  1. [1]
    CNN. (2024). Finance worker pays out $25 million after video call with deepfake CFO
    In January 2024 an employee in the Hong Kong office of engineering firm Arup made 15 transfers totalling about HK$200 million (US$25 million) after a video call in which the CFO and other colleagues were all deepfakes. Arup confirmed it was the target in May 2024.
    View source
  2. [2]
    National Anti-Scam Centre / ACCC. (2026). Targeting Scams report (2025 data)
    Released 30 March 2026. Combined reported scam losses were A$2.18 billion in 2025, up 7.8% and the first rise since 2022. Payment redirection (business email compromise) losses rose 9.3% to $166.8 million, the second-largest category.
    View source
  3. [3]
    ASIC. (2026). ASIC ramps up action to protect consumers from AI-powered online investment scams
    In 2025 ASIC removed 11,964 scam websites, up 90%. Commissioner Alan Kirkland: "Scammers are using artificial intelligence to make fake investment ads look more polished, more convincing and harder to spot."
    View source
  4. [4]
    Australian Signals Directorate (ACSC). (2025). Preventing business email compromise
    ACSC recommends verifying payment-change and large-transfer requests by calling the sender on a known, verified number (not one from the email), and introducing an approval process for such requests.
    View source
  5. [5]
    Australian Signals Directorate. (2025). Annual Cyber Threat Report 2024-25
    Business email compromise is among the top cybercrimes reported by Australian businesses. ASD assesses that AI is enabling attackers to operate at greater scale and speed, including through deepfakes and voice cloning.
    View source

Methodology Note: Behind The SLA conducts independent research validation for all published statistics. Where proprietary research is cited, it is based on aggregated, anonymised data from client engagements spanning 15+ years of MSP industry experience.

Want this applied to your organisation?

An independent advisory conversation costs nothing, and clarifies whether what you have read here is relevant to where you actually are.

Schedule a conversation