Skip to content

Artificial intelligence is not only giving fraudsters better disguises. It’s helping them coordinate, learn, and scale. At the 2026 conference of the Association of Certified Fraud Examiners (ACFE), this fact resonated with B2B payments leaders at a pivotal moment.

Frustration is palpable at the ACFE conference and other industry events, as criminal groups now combine widely available AI tools with dark web and “gray web” channels to exchange tactics and accelerate schemes.

The fraud ecosystem is learning faster, without privacy rules, corporate policies and competitive concerns that slow the efforts of legitimate businesses.

Mason Wilder, Research Director at the Association of Certified Fraud Examiners, sees little reason to expect this trajectory to flatten anytime soon. “AI-powered fraud risk has matured faster than any other fraud risk, and there’s no reason to expect it to slow down within the next couple of years,” he said in a recent interview. “This problem has moved far beyond social engineering schemes being enhanced with deepfakes.”

Meanwhile, the ACFE’s Occupational Fraud 2026: A Report to the Nations emphasizes the high level of fraud committed by insiders rather than by barbarians at the gate. Wilder warns that the dangers of vendor impersonation, compromised third-party accounts and business email compromise primarily concern external attacks, not internal. The two categories shouldn’t be conflated.

Particularly, the report exposes organizational weaknesses that external criminals exploit freely in the here-and-now. These include slow detection, inadequate controls, fragmented ownership, and a corporate culture that assumes fraud is someone else’s job.

Across 2,402 occupational fraud cases, ACFE documented more than $3.4 billion in losses. The median loss was $104,000, and 20% of cases exceeded $1 million.

 

Fraud Thrives Amid the Unusual

One uncomfortable advantage belongs to the criminals: they share information freely. Valid businesses face privacy and competitive constraints to exchanging fraud intelligence. 

But change is afoot. In June, the U.S. Financial Crimes Enforcement Network (FinCEN) clarified that banks and FIs can share data on suspected fraud without running afoul of the law. Section 314(b) of the USA PATRIOT Act creates a safe harbor protecting FIs and related associations from liability when sharing information with each other for the purpose of identifying and reporting activities including money laundering, terrorist financing, financial fraud, and suspected unlawful activities.

That is music to the ears of fraud fighters who crave intel collaboration but fear the legal ramifications of sharing data, despite the near universal appeal of it. “If you only work with the data that’s available to you and your systems, you’re not getting the full picture of the fraud risk landscape, even within your industry,” Wilder said, illustrating the issue.

Data sharing is gaining new importance with AI-enabled fraud now appearing as coordinated activity rather than obviously suspicious payments. A single invoice may fall below a review threshold. An account change may look plausible. Across several entities or transactions, however, little events can reveal a larger menace.

“A lot of times, what looks like a small one-off thing is part of a larger web of activity,” Wilder said. The response is broader collaboration through industry groups, data-sharing consortiums and peer relationships. It also means paying closer attention whenever a payment request breaks an established pattern.

Vendor acquisitions, new markets, changed bank details and unfamiliar instructions all create uncertainty that fraudsters can exploit. So do late-Friday requests, holiday weekends and overdue invoices carrying sudden urgency.

“When you get forced out of your comfort zone, or there’s something different about a situation, that’s when you really need to pay extra attention to all the details,” Wilder said. “Take a beat, take a breath, and take a good look at everything that’s happening. Verify and corroborate things as best you can before you authorize that payment or transfer.

Internal fraud data supports the cost of waiting. ACFE found that the typical occupational/internal fraud scheme runs for 12 months before detection. Cases detected within six months produced a median loss of $40,000, while schemes lasting more than five years caused median losses above $1.1 million. In short, the longer suspicious activity remains disconnected and unexplained, the more damaging it becomes.

 

Give Every Fraud Tool a Job

When a fraud technology investment is inevitable, first define what it should accomplish.

“If you don’t have a specific objective for a particular piece of technology or tool, then it’s unlikely to show a promising return on investment,” Wilder said.

Giving every fraud analyst a general-purpose AI license and asking them to become more efficient is not a strategy. Deploying an investigation tool to process digital evidence faster, or using machine learning to identify and prioritize anomalous transactions, is.

“A lot of organizations are going to come away from those assessments realizing that they need to take a more specific than general approach when it comes to AI,” Wilder said.

Even a well-chosen tool can disappoint when fragmented data, internal silos or weak operating competence undermine the investment. Companies also need a clear view of vendor and partner controls.

“It only takes one bad partner or vendor to cause a serious issue for you,” Wilder said.

The same discipline applies to fraud risk assessments. Too many organizations conduct them on a fixed schedule to satisfy an insurer, board or regulator, then file the results until the next review.

“Too many organizations treat [fraud audits] as a check-the-box exercise,” Wilder said.

A more mature program uses targeted assessments when risk rises. New markets, product launches, acquisitions, competitor breaches and revealing enforcement actions should all prompt internal security reviews.

The ACFE 2026 report provides an internal-fraud benchmark for why controls and culture matter. In that study, whistleblowing exposed 43% of occupational fraud cases, and more than half of those clues came from employees. Organizations that train both employees and managers reported median losses of $84,000 per case, compared with $150,000 where neither group received such training. More than half of all cases involved either missing internal controls or the override of existing controls.

Those findings do not quantify external B2B payment fraud. They do show why technology alone cannot prevent it. People must know what looks wrong, have a trusted way to report it, and believe leadership will act.

“CFOs and leadership underestimate the need for a truly robust and mature fraud risk management program that goes from top to bottom and side to side,” Wilder said.

The goal is not perfect safety. It’s to avoid becoming the easiest target. Wilder uses the old “outrunning a lion” metaphor, saying that a company doesn’t have to outrun the lion, but rather outrun the slowest targets in their group. Simply put, don’t be the slowest runner.

Get the ACFE report: Occupational Fraud 2026: A Report to the Nations®

Understanding Internal and External Fraud FAQs

What is occupational fraud?

Occupational fraud is committed by an employee, manager, executive or other insider through misuse of their position. ACFE’s 2026 Report to the Nations focuses on this internal category.

What is external B2B payment fraud?

External payment fraud originates outside the victim organization and includes vendor impersonation, compromised third-party accounts, business email compromise and fraudulent payment instructions.

Why include occupational-fraud statistics here?

They are not estimates of external payment fraud. They provide evidence about shared risk factors, including delayed detection, weak or overridden controls, inadequate training and poor reporting cultures.

When should a payment request receive extra scrutiny?

Pause when payment details change, a vendor is acquired, a request comes from an unfamiliar market, or urgency appears late on a Friday or before a holiday weekend.

How should companies evaluate AI fraud tools?

Start with a specific operational goal, assess data readiness and internal skills, and determine how the tool will integrate with existing systems and workflows.