Traditionally, BEC schemes have involved attackers impersonating high-level executives via email to manipulate employees into transferring company funds to fraudulent accounts. However, the introduction of AI-driven deepfakes—realistic synthetic media—has raised the stakes, making fraud schemes harder to detect and more sophisticated than ever.

A recent case in Hong Kong illustrates the severity of this emerging threat. Cyber criminals impersonated a CFO during a video conference call using deepfake video technology, successfully convincing an employee to authorize transfers totaling US$25.6 million. This fusion of BEC and deepfakes signals a paradigm shift in internal fraud and compliance investigations, as such schemes are now increasingly difficult to distinguish from legitimate communications.

For companies, the implications are profound. Fraud detection systems that rely solely on traditional methods, such as email audits or financial tracking, may no longer be sufficient in an era where voice, video, and images can be convincingly forged. Investigative teams must expand their toolkits, not only by implementing advanced detection technologies but also by reevaluating how they approach internal controls, verification procedures, and cross-departmental collaboration during investigations.

The Role of Internal Investigations in Combating Deepfake-Assisted BEC
An effective internal investigation strategy should now include a focus on verifying the authenticity of communications beyond email records. This calls for the integration of real-time verification technologies capable of detecting deepfake manipulation, alongside traditional investigative methods like document reviews and interview processes. Investigators must also work closely with finance teams, ensuring that all transactions—especially high-value ones—are subject to rigorous internal controls, including multi-level approvals and robust verification protocols.

Additionally, training employees across departments to recognize potential signs of deepfake-enhanced fraud is critical. Investigators should take a proactive approach, conducting scenario-based training sessions and ensuring that employees understand how to handle suspicious requests, even when these come in seemingly legitimate forms like video calls or voice messages. Compliance teams should frequently review and update protocols, incorporating lessons learned from recent fraud attempts and refining escalation processes for swift investigative responses.

Strengthening the Investigation Process: Lessons from Hong Kong
‍In light of the Hong Kong deepfake incident, organizations must rethink their investigation procedures to mitigate the potential for future incidents. Dual controls, where the responsibilities for authorizing and verifying transactions are split between multiple employees, should be emphasized as part of any internal review. Additionally, investigators should assess the adequacy of existing reporting channels, ensuring that any anomalies in transaction patterns are escalated immediately for further review.

Internal investigations should also focus on the broader implications of deepfake technology. Beyond financial transactions, deepfakes have the potential to be used for corporate espionage, disinformation, and reputational attacks. Investigative teams need to be prepared to explore not just the technical aspects of such cases, but also their organizational impact, addressing issues of compliance, data privacy, and potential regulatory violations.

Conclusion: The Need for an Evolving Investigative Framework
As cybercrime becomes increasingly sophisticated, internal investigations must evolve in tandem. Fraud schemes that leverage deepfakes represent a new frontier in financial and compliance-related investigations. Detecting and preventing these types of attacks requires organizations to adopt a proactive, multi-layered approach that integrates cutting-edge technologies with established investigative processes. More importantly, companies must foster a culture of vigilance and adaptability, where investigators, compliance officers, and finance teams work in unison to ensure that fraud prevention measures keep pace with emerging threats. In the age of deepfakes, the role of internal investigations is more critical than ever in safeguarding the financial integrity and reputation of businesses.

‍