NEW
YORK, Sept. 17, 2024 /PRNewswire/ -- Over half
of C-suite and other executives (51.6%) expect an increase in the
number and size of deepfake attacks targeting their organizations'
financial and accounting data – otherwise known as deepfake
financial fraud – during the next 12 months, according
to a new Deloitte poll. That increase could impact more than
one-quarter of executives in the year ahead, as those polled report
that their organizations experienced at least one (15.1%) or
multiple (10.8%) deepfake financial fraud incidents
during the past year.
According to Deloitte, deepfake financial fraud is
a category of cybercrime that leverages deepfake technology with
the intent of defrauding organizations or individuals of cash
assets or otherwise causing financial losses.
Polled executives at organizations that faced deepfake financial
fraud in the past year expect higher than average
increases in similar events for the year ahead, with those
experiencing just one fraud event expecting the
biggest increase in fraud (67.1%). Executives at
organizations experiencing multiple fraud events
during the past 12 months also expect above-average increases in
the year to come (59.6%).
"Deepfake financial fraud is rising, with bad
actors increasingly leveraging illicit synthetic information like
falsified invoices and customer service interactions to access
sensitive financial data and even manipulate organizations' AI
models to wreak havoc on financial reports," said Mike Weil, digital forensics leader and a
managing director, Deloitte Financial Advisory Services LLP. "The
good news is that concern about future incidents seems to peak
after the first attack, with subsequent events tempering concerns
as organizations gain more experience and become better at
detecting, managing and preventing fraudsters' deepfake
schemes."
Learnings vary by executives, based on organizational
deepfake financial fraud experiences
According to the poll, executives whose organizations faced a
singular deepfake financial fraud incident in the
previous year are most likely to increase employee education about
new threats as a means of preparing their workforces (30%). That
said, respondents at organizations that experienced more than one
deepfake financial fraud event in the past year are
more likely to establish new policies and procedures to help
workforces prepare for deepfake-related fraud schemes
(25.2%) as their primary risk approach.
Regardless of respondents' experiences with deepfake
fraud, few lean into detection technologies as a
primary line of defense. The likelihood of using such technologies
does, however, increase incrementally with the number of attacks
experienced in the past year (no attacks = 6.8%; one attack = 8.8%;
more than one attack = 15%).
Surprisingly, 9.9% of polled executives say their organizations
do nothing to guard against deepfake fraud targeting
their accounting and financial data.
"Knowledge of evolving deepfake fraud schemes is
evolving quickly," continued Weil. "But as illicit actors'
techniques advance, they become more impervious to human detection,
technologies and tools. In the years ahead, it'll become more
critical for organizations to both identify and address deepfake
risks, not the least of which will be those efforts targeting
potentially market-moving accounting and financial data to
perpetrate fraud."
Despite undertaking risk management approaches, just under half
of polled executives (46.5%) say they are confident in their
organizations' ability to manage deepfake-related financial
fraud threats. The poll also found that taking actions
to manage deepfake fraud has a 2.5x effect on trust
levels in associated risk management efforts compared to
organizations that take no actions (taking actions = 60.1%
confident; no action = 24.3% confident).
One-fifth (20.1%) of polled leaders report no confidence at all
in their organizations' ability to respond effectively to deepfake
financial fraud.
"As AI transforms the global information ecosystem,
organizations need to take a holistic view of the related trust
implications by deeply analyzing their own trustworthy AI use
as well as bad actors' potentially nefarious use of the
technology," said Michael Bondar, global Enterprise
Trust leader and a principal, Deloitte Transactions and
Business Analytics LLP.
"By infusing trust in AI use for accounting and financial data,
organizations can activate robust governance models enabled by
technology and supported by well-rehearsed response playbooks and
processes. They can be proactive by performing regular controls gap
audits, aligning to regulatory requirements as well as
demonstrating industry trend awareness in this rapidly evolving
space. And, for those organizations planning significant business
milestones like IPOs, M&A deals and product launches, it's
important to closely consider how AI use can impact organizational
trust levels," concluded Bondar.
About the online poll
More than 1,100 C-suite and
other executives were polled during a recent webcast, titled
"Generative AI and the fight for trust," on May 21, 2024. Answer rates differed by
question.
About Deloitte
Deloitte provides industry-leading audit, consulting, tax and
advisory services to many of the world's most admired brands,
including nearly 90% of the Fortune 500® and more than 8,500
U.S.-based private companies. At Deloitte, we strive to live our
purpose of making an impact that matters by creating trust and
confidence in a more equitable society. We leverage our unique
blend of business acumen, command of technology, and strategic
technology alliances to advise our clients across industries as
they build their future. Deloitte is proud to be part of the
largest global professional services network serving our clients in
the markets that are most important to them. Bringing more than 175
years of service, our network of member firms spans more than 150
countries and territories. Learn how Deloitte's approximately
457,000 people worldwide connect for impact at
www.deloitte.com.
Deloitte refers to one or more of Deloitte Touche Tohmatsu
Limited, a UK private company limited by guarantee ("DTTL"), its
network of member firms, and their related entities. DTTL and each
of its member firms are legally separate and independent entities.
DTTL (also referred to as "Deloitte Global") does not provide
services to clients. In the United
States, Deloitte refers to one or more of the US member
firms of DTTL, their related entities that operate using the
"Deloitte" name in the United
States and their respective affiliates. Certain services may
not be available to attest clients under the rules and regulations
of public accounting. Please see www.deloitte.com/about to
learn more about our global network of member firms.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/half-of-executives-expect-more-deepfake-attacks-on-financial-and-accounting-data-in-year-ahead-302250391.html
SOURCE Deloitte