Treasury Fraud in 2026: New Threats and How to Defend Against Them (BEC, Deepfakes and AI-Powered Attacks)
June 25, 2026
Treasury has always been a target. What is different in 2026 is the quality of the attack. The fraud attempts reaching corporate treasury teams today are not opportunistic or clumsily constructed. They are researched, contextually precise, and in some cases delivered through synthetic audio or video that most people cannot distinguish from the real thing.
This is not a problem that sits at the edges of the treasury function. It sits at its centre, in the payment authorisation process, in the vendor master, in the bank connectivity layer, and in every communication channel a treasury team uses to receive and act on financial instructions.
This article examines the three threat types causing the most significant losses for corporate treasury teams in 2026, illustrates them with documented cases, and sets out the practical control framework that every treasury function should have in place.
The Scale of the Problem
The data published by the Association for Financial Professionals in its 2026 Payments Fraud and Control Survey is a useful anchor. Seventy-six percent of organisations reported attempted or actual payments fraud in 2025. Business Email Compromise affected nearly three-quarters of those surveyed. The FBI’s Internet Crime Complaint Center recorded BEC losses rising from $2.77 billion in 2024 to $3.05 billion in 2025, and that figure is widely considered an undercount: many incidents go unreported, and many more go undetected entirely.
In Europe, the ECB’s June 2025 Thematic Review on Payment Fraud identified CEO impersonation and synthetic media social engineering as material and growing operational risk exposures. The EBA’s ICT and Security Risk Guidelines designate payment fraud and social engineering as priority areas for operational resilience programmes.
The entrance of AI into the attacker’s toolkit is what makes the current environment different in kind, not just in scale. Multiple industry reports document exponential growth in AI-enabled fraud attempts over the last two to three years. The FBI formally designated “AI-related” as a distinct crime category for the first time in its 2025 annual report, recording nearly $900 million in AI-attributed losses in that initial accounting alone. For treasury professionals, the implication is straightforward: this is no longer a peripheral cybersecurity concern. It is a core treasury risk, requiring the same rigour applied to FX exposure, counterparty credit, or liquidity management.
Payments Fraud Trend: 2022 to 2025
Percentage of organisations reporting attempted or actual payments fraud — AFP Payments Fraud and Control Survey
| 2022 |
|
||
| 2023 |
|
||
| 2024 |
|
||
| 2025 |
|
Source: AFP Payments Fraud and Control Survey. The marginal decline in 2025 reflects improved detection and reporting practices, not a reduction in the sophistication or financial impact of attacks.
Threat One: Business Email Compromise
Business Email Compromise is the most consistently reported fraud vector in corporate treasury, and it is becoming more effective rather than less. The 2026 AFP survey found that BEC affected 74% of organisations that experienced payments fraud in 2025. The FBI recorded $3.05 billion in BEC losses for the year, an increase on 2024, and that figure covers only reported incidents.
The mechanics are well understood: an attacker impersonates a trusted counterparty, typically a senior executive, a key supplier, or a bank representative, and uses that impersonation to instruct a treasury or accounts payable team to redirect a payment. What has changed is the quality of the impersonation and the sophistication of the scenario constructed around it.
Generative AI has made it straightforward to produce communications that are grammatically precise, contextually appropriate, and written in a register that matches the genuine style of the person being impersonated. The traditional indicators that finance teams were trained to detect, poor grammar, generic salutations, implausible sender domains, are no longer reliable signals. Attackers can aggregate months of genuine correspondence, public statements, and company announcements to craft communications that pass a reasonable scrutiny.
The attack surface has also expanded beyond email. Fraudulent payment instructions are increasingly delivered through WhatsApp, Microsoft Teams chat, Zoom messages, and Signal, channels where treasury teams typically operate with fewer formal controls and where the informality of the medium can lower professional vigilance.
Vendor and third-party impersonation warrants specific attention. The AFP data consistently identifies this as one of the most frequently reported BEC variants. The moment a legitimate supplier requests a change to their banking details is a predictable attack window. Fraudsters intercept or replicate that communication and substitute their own account details. Treasury and accounts payable teams, often processing these requests under time pressure within a payment factory or ERP workflow, are the intended target.
When BEC succeeds, the consequences are severe and often permanent. Wire transfers settled through SWIFT or domestic high-value payment rails are irrevocable. The 2025 AFP survey found that only 22% of organisations were able to recover 75% or more of payments fraud losses, down from 41% the prior year.
| Case: Scoular Company US-based grain trading company Scoular lost $17.2 million after employees received emails purportedly from the company’s CEO and from an auditor at KPMG, both instructing urgent wire transfers in connection with a confidential acquisition. The acquisition did not exist. The emails were fraudulent. The transfers were made. No single employee was deceived by an implausible communication. The fraud succeeded because there was no procedural control between a convincing instruction and an irrevocable payment. |
Threat Two: Deepfake Audio and Video
For as long as corporate treasury has existed, a direct phone call or video conference with the CFO has carried weight as an authorisation mechanism. That assumption can no longer be made safely.
Modern AI voice synthesis tools can replicate a person’s voice from only a few seconds of publicly available audio, the kind available from any earnings call recording, investor presentation, or LinkedIn video. The output is increasingly difficult for most people to distinguish from a genuine call, particularly in the context of a time-pressured payment authorisation where the cognitive load is already high and the scenario being constructed is contextually plausible.
The UK NCSC and US CISA published a joint advisory in February 2026 specifically warning corporate treasury and finance leaders about this threat vector. The ECB’s 2025 Thematic Review on Payment Fraud classified synthetic media impersonation of executives as a material operational risk. Gartner has projected that by 2026 a significant proportion of enterprises will no longer consider standalone identity verification and authentication solutions to be reliable in isolation.
The attack sequence is consistent across documented cases. Attackers research the target organisation, identifying senior executives, treasury team structure, key banking relationships, and any anticipated transactions such as acquisitions, refinancings, or large supplier settlements. An urgent request arrives, framed around a commercially sensitive matter with an instruction to handle it discreetly and to bypass the normal approval process. A follow-up call or video conference provides synthetic audio or video confirmation from a deepfaked executive. A payment is made to a fraudulent account before the instruction is questioned. The confidentiality framing is particularly effective in treasury environments because handling sensitive, time-critical transactions with discretion is a normal professional expectation.
| Case: Arup In 2024, global engineering firm Arup confirmed losses exceeding HK$200 million (approximately £20 million) after a finance employee in Hong Kong attended what appeared to be a video conference with the company’s CFO and other colleagues. Every other participant on the call was a deepfake, an AI-generated audio and video impersonation of real Arup employees. The employee, believing the call to be genuine, authorised a series of transfers to accounts controlled by the attackers. The impersonations were convincing enough to deceive a trained finance professional in a live, interactive video environment. |
| Case: Toyota Boshoku Toyota Boshoku Corporation, a Tier 1 automotive supplier, lost approximately $37 million when an attacker used targeted social engineering to instruct a finance employee to change the bank account details for a supplier and execute a substantial wire transfer. The instruction was conveyed with authority and urgency, two elements that consistently characterise the most effective treasury fraud, and the absence of an independent verification step meant the payment was processed without challenge. |
Threat Three: AI-Assisted Attack Automation
Beyond individual BEC incidents and deepfake calls, a third development is reshaping the fraud environment: the use of AI to automate and scale elements of the fraud process itself.
Historically, a sophisticated fraud campaign required significant human effort, researching targets, drafting communications, managing responses, coordinating across channels. Emerging AI agent frameworks are beginning to automate substantial parts of this process. The most sophisticated attacks today still involve human oversight and direction, but the capability to run highly personalised, multi-channel campaigns at scale with reduced human input is developing rapidly.
The practical effect for treasury teams is that spear-phishing communications have become significantly more convincing. AI systems can aggregate information from LinkedIn profiles, company websites, press releases, regulatory filings, SWIFT directory data, and publicly available financial statements to generate communications that reference specific individuals, genuine banking relationships, real transaction patterns, and accurate organisational detail. Traditional awareness training built around generic, poorly constructed phishing attempts is increasingly insufficient against this quality of communication.
Multi-stage attacks are also becoming more common. A campaign may begin with a credible email, followed by a WhatsApp message, then a phone call, then a document, each step reinforcing the legitimacy of the previous one and progressively reducing the recipient’s willingness to challenge the instruction. Payment factory environments, where high transaction volumes create a cognitive baseline that can normalise an unusual instruction, are particularly exposed to this pattern.
The speed of modern payment rails compounds the problem. In many corridors, high-value wire transfers settle within minutes of release. By the time a treasury team has escalated a suspicious instruction for a second opinion, the window to interrupt the payment may have closed. This makes preventive controls, applied before payment release, substantially more valuable than detective or recovery measures applied afterwards.
Top Fraud Methods Affecting Treasury Teams
| Fraud Method | Reported Incidence (2025) |
|---|---|
| Business Email Compromise | 74% |
| Vendor / Third-Party Impersonation | ~60% |
| Check Fraud | 58% |
| ACH Fraud | ~35% |
| Wire Fraud via BEC | ~30% |
| Deepfake / Synthetic Media Attacks | Tracked for the first time in 2026 AFP survey; categorised as emerging and material |
Source: AFP Payments Fraud and Control Survey 2026; FBI IC3 Internet Crime Report 2025.
Building the Defence: A Practical Treasury Control Framework
Effective defences against modern treasury fraud exist. The critical point is that they must be deployed in combination and enforced at the system level where possible, not simply documented in policy and left to individual judgement under pressure.
The framework below aligns with established international standards including the NIST Cybersecurity Framework, ISO 27001 information security controls, the SWIFT Customer Security Programme (mandatory for all SWIFT-connected entities), the EBA Guidelines on ICT and Security Risk Management, and the NCSC/CISA joint advisory on synthetic media threats to corporate finance published in February 2026.
Treasury Payment Governance: Control Framework
| PAYMENT REQUEST RECEIVED
Email | Messaging platform | Phone | TMS workflow
|
| ↓ |
| INITIATION CONTROLS
Authenticated channel verified | Vendor master validation | New beneficiary alert triggered
|
| ↓ |
| INDEPENDENT VERIFICATION
Callback to pre-registered number | Verbal authorisation alone is insufficient
|
| ↓ |
| DUAL APPROVAL (TMS / ERP)
Segregated authorisers | Threshold-based routing | System-enforced, not policy-reliant
|
| ↓ |
| BANK RELEASE
SWIFT / Banking portal | Positive Pay | Bank-side fraud filters active
|
| ↓ |
| AUDIT AND RECONCILIATION
Full audit trail retained | Same-day reconciliation | Exception reporting reviewed
|
Segregation of Duties
No single individual should be able to both initiate and approve a payment, regardless of seniority. This principle is foundational to ISO 27001, the SWIFT Customer Security Programme, and the EBA’s ICT and Security Risk Guidelines. It is also, in practice, one of the most commonly compromised controls in mid-market treasury teams, where informal workarounds develop under time pressure or where headcount constraints make clean role separation feel impractical.
In a TMS or ERP environment, whether Kyriba, SAP Treasury, FIS Quantum, or Openlink, payment initiation and authorisation should be enforced at the system level through separate user roles and authentication sessions. It should not be possible for the approver role to be bypassed by a verbal instruction, regardless of the seniority of the person giving it. This is precisely the authority that attackers impersonate.
Dual Authorisation with Independent Verification
Every material payment instruction that arrives through an informal channel, whether by email, messaging platform, or phone call, must be verified through a second, independent channel before it can proceed to release. This is the single most effective control against both BEC and deepfake-enabled fraud, and it requires no technology investment beyond a documented procedure and the discipline to follow it without exceptions.
Verification means calling the requester back on a number held in the internal directory, not the number the message came from, and not a number provided within the communication being challenged. It means requiring confirmation through an authenticated system. Any instruction that includes a request to bypass the normal process or to maintain confidentiality should be treated as a reason to verify more carefully, not as a reason to comply more quickly.
Tiered Payment Authorisation Thresholds
Authorisation thresholds should be calibrated to fraud risk, not simply to internal budget authority. Payments above defined limits, particularly cross-border wire transfers, payments to new or recently changed beneficiaries, and any instruction to modify existing counterparty payment details, should require a higher tier of verification, additional signatories, or a mandatory review period before bank release.
Changes to the vendor master and changes to beneficiary bank details deserve particular attention. These changes frequently arrive as apparently routine administrative requests and represent one of the most exploited vectors in treasury fraud. A dedicated, audited process for any modification to counterparty payment details, with independent verification required before the change is activated in the TMS or ERP, is an essential control. Within payment factory environments or in-house bank structures, these thresholds should be embedded at the system level so that they cannot be overridden by a manual instruction.
Voice and Video Authorisation Policy
Treasury payment policy must be updated to reflect the current threat environment explicitly. Verbal authorisation, whether by telephone or video conference, is not sufficient on its own to release a payment. This must be a written policy position, communicated clearly to the whole team, and understood as a non-negotiable standard rather than a guideline to be applied with discretion.
For high-value transactions, confirmation must be received through an authenticated, system-recorded channel in addition to any verbal instruction. Where Microsoft Teams, Zoom, or similar platforms are used for executive communication around payments, teams should consider implementing a pre-agreed challenge code or out-of-band confirmation requirement. Anti-deepfake detection capabilities are becoming available within enterprise communication platforms and are worth evaluating as part of a broader technology review.
Callback and Challenge Procedures
A formal callback procedure should be documented and applied to any payment request that arrives through an informal channel, involves a new or modified beneficiary, or is accompanied by urgency framing or a request for discretion. The callback number must be sourced from the internal directory, not from the communication being challenged. The callback, the individual reached, and the confirmation received must be documented as part of the payment audit trail, a requirement under the EBA’s ICT and Security Risk Guidelines and part of the evidence base for SWIFT CSP compliance.
TMS and Bank Connectivity Controls
The Treasury Management System should enforce the control framework rather than simply provide the infrastructure within which it operates. Mandatory dual-authorisation workflows should be configured so they cannot be bypassed at the system level. Automated alerts should fire for any new beneficiary addition or change to banking details. Threshold-based escalation routing should direct high-value or high-risk payments to appropriate authorisation tiers without relying on manual judgement.
The bank connectivity layer, whether SWIFT, a host-to-host connection, or a multibank banking portal, should be configured with equivalent rigour. SWIFT CSP controls provide a mandatory baseline for all SWIFT-connected entities. ISO 20022 payment messages, which carry richer structured remittance data than legacy MT formats, also support more granular anomaly detection and post-execution reconciliation.
Fraud Awareness Designed for Current Threats
Awareness training must reflect the current threat environment. A treasury team trained to identify poorly constructed phishing emails is not well prepared for an AI-generated communication that is contextually precise, grammatically impeccable, and delivered through a legitimate channel. Training programmes need to cover deepfake impersonation scenarios, the social engineering dynamics of AI-assisted BEC, vendor impersonation at the point of bank detail change, and the psychological pressure patterns that characterise the most effective attacks.
Tabletop simulation exercises, including scenarios that involve synthetic audio calls or fabricated video confirmations, should be incorporated into team training at least annually. The NCSC/CISA joint advisory from February 2026 provides a structured framework for designing these exercises and defining escalation responsibilities.
Incident Response Planning
It is worth planning on the basis that an attack will eventually succeed in clearing primary controls and reaching a human decision point. The speed with which the treasury team can escalate a suspected fraud event, halt a payment, engage the bank’s fraud team, and preserve evidence is frequently the determining factor in whether any recovery is possible. Given that wire transfer recovery windows are measured in hours rather than days, the incident response plan needs to be actionable from the first moment of suspicion.
The plan should include direct contact details for banking fraud and payments teams, not general switchboard numbers, along with contact information for the cyber insurance provider and legal advisers. It should be reviewed at least annually and tested against a realistic scenario.
Treasury Fraud Readiness ChecklistUse this checklist to assess your current control environment against the framework above. Every item should receive a clear yes, supported by documented evidence. Governance and Process
Technology and Bank Connectivity
People and Awareness
Incident Readiness
|
The Structural Case for Independent Control Layers
One dimension of treasury fraud risk that is frequently underappreciated is the structural vulnerability created by small teams. Many multinational organisations operate with treasury functions of two or three professionals. In that environment, effective segregation of duties is genuinely difficult to maintain, not because of poor practice, but because the headcount required to separate initiation, authorisation, and oversight across every payment type simply does not exist. An attacker who maps the organisational structure can identify and exploit this constraint directly.
This structural problem is one that treasury outsourcing resolves without requiring additional internal headcount. When payment initiation, authorisation, reconciliation, and reporting are distributed across an independent service provider operating under its own governance framework, control environment, and staffing structure, the segregation of duties problem is addressed architecturally. The attacker must now compromise not just the client organisation’s team but an independent third party with separate verification procedures, its own technology controls, and an independent fraud awareness programme. That structural separation introduces a layer of resilience that is difficult to replicate within a small internal function, and it is increasingly one of the reasons mid-sized multinational organisations are reconsidering their treasury operating model.
Conclusion
The fraud environment facing corporate treasury in 2026 is different in character from what it was three years ago. The tools available to attackers have lowered the cost of a sophisticated, contextually convincing attack to a level that puts every organisation within reach, regardless of size or sector.
Arup lost approximately £20 million to a deepfake video call. Toyota Boshoku lost $37 million to a payment instruction that passed every surface-level check. Scoular lost $17 million to a CEO impersonation that no individual within the company had a structural reason to question. In each case, the failure was not individual negligence. It was the absence of a procedural control that would have interrupted the payment before it was made.
The controls that matter most are procedural and system-enforced: authorisation frameworks that cannot be overridden verbally, independent verification requirements with no exceptions, callback procedures applied consistently, and a team culture in which bypassing the process is never the right answer, regardless of who appears to be asking or how convincingly.
The NIST Cybersecurity Framework, the EBA ICT and Security Risk Guidelines, the SWIFT Customer Security Programme, and the NCSC/CISA joint advisory on synthetic media threats all converge on the same conclusion: multi-layered, process-enforced controls, tested regularly and updated as the threat environment evolves, are the appropriate response. The threat has evolved. The controls must keep pace.
FTI Treasury has provided treasury outsourcing and in-house banking solutions to multinational corporations for over 30 years. Our operational model is built around the governance and control frameworks described in this article, including system-enforced segregation of duties, independent payment verification, and audit-ready reconciliation processes. If you would like to discuss how your treasury control environment compares to current best practice, contact our team.
Related Services: Treasury Outsourcing | Back Office Services | In-House Banking