AI deepfake fraud has industrialised. The Arup $25 million deepfake call case defined a category that has since been democratised into a criminal service. Commonwealth Bank research shows 27% of Australians witnessed a deepfake scam in the past year. This post examines why AI-enabled fraud is a governance problem requiring process-level controls, not just detection technology.
In 2024, an engineer at Arup transferred $25 million after joining a video call with people who appeared to be his colleagues and CFO. Every person on the call was a deepfake. The engineer was deceived by synthetic audio and video generated from publicly available footage of real people. By the time the fraud was discovered, the money was gone.
The Arup incident is not a cautionary tale from the distant past. It is the documented origin point of a fraud category that has since industrialised. Commonwealth Bank research shows that 27% of Australians reported witnessing a deepfake scam in the past year. AI-powered business email compromise drove $2.77 billion in losses in the period tracked by the IC3. And a 2026 analysis found that 82.6% of phishing emails now contain some AI-generated content, eliminating the grammatical errors and generic messaging that enterprise security awareness training was built to detect.
Australian enterprises are operating in an environment where the traditional signals of fraud, the wrong tone, the suspicious request, the unusual instruction, have been replicated by generative AI to a standard that bypasses both human recognition and legacy security tooling. The fraud risk is not separate from the AI governance risk. It is a consequence of it.
The fraud landscape has restructured around four AI-enabled techniques that enterprise risk teams need to understand specifically.
Deepfake video and voice compromise. The Arup case defined this category. Real-time or pre-rendered deepfake video impersonates executives, CFOs, legal advisers or counterparts during scheduled calls. Voice cloning creates synthetic audio from as little as three seconds of training data, replicating a known voice for phone-based authorisation requests. In 2026, AI voice cloning and related vishing attacks exceed 1,000 attempts per day at major retailers globally. The social engineering narrative is indistinguishable from legitimate communication because the voice and face of the person being impersonated are reconstructed with high fidelity.
AI-powered business email compromise. Traditional BEC relied on spoofed email addresses and generic requests. AI-generated BEC uses publicly available information, including LinkedIn profiles, annual reports, media coverage and social media, to craft hyper-personalised requests that reference specific relationships, recent events and organisational context. The result is an instruction that appears to come from someone the recipient knows, referencing something the recipient recognises, in a communication channel they trust. Forty per cent of BEC emails are now estimated to be primarily AI-generated.
Synthetic identity fraud. AI tools produce convincing fake identity documents, supporting fake invoice instructions, fraudulent payment requests and forged board resolutions. These are used to manipulate finance teams, accounts payable processes and procurement approvals. UBS research revealed that one in three Australian home loans contained false or inflated information, partly attributable to AI-generated document fraud. The same techniques are being applied to enterprise procurement, lending and onboarding processes.
Deepfake-as-a-service. Organised cybercrime groups now offer deepfake fraud as a subscription service, lowering the technical barrier for less sophisticated attackers. This is not a threat requiring state-level resources. It is a service available to criminal groups with modest budgets, applied systematically against enterprise targets across financial services, professional services and government.
Enterprise fraud teams have traditionally operated separately from AI governance functions. The deepfake fraud category breaks that separation in a way that requires a governance response, not just a security response.
The fundamental reason is that AI-enabled fraud exploits the same gap that AI governance frameworks exist to close: ungoverned AI operating in environments without adequate controls, accountability or monitoring. When a deepfake video call bypasses an organisation's authorisation process for a $25 million transfer, it has exploited an absence of governance at the process level, not just an absence of deepfake detection technology.
The controls that prevent AI-enabled fraud at the process level are AI governance controls. Pre-defined human oversight thresholds that specify what verification is required before large financial transactions are authorised, regardless of the apparent identity of the requester. Documented authorisation processes that cannot be overridden by a single video call or email, regardless of how convincing it appears. Out-of-band verification protocols that require confirmation through a separate, pre-established channel before consequential actions are taken. These are governance controls, designed into processes before fraud attempts occur, not detection technologies that try to catch fraud after the instruction has been given.
For Australian financial services, professional services and government organisations, AI-enabled fraud creates regulatory exposure that goes beyond the financial loss itself.
AUSTRAC regulated entities have obligations around transaction monitoring and suspicious matter reporting. Where AI-enabled fraud results in transactions that should have been flagged under existing AML/CTF obligations, regulatory scrutiny of the organisation's fraud governance framework will follow the loss. The question regulators will ask is not only how the fraud occurred, but whether the organisation had adequate controls in place to prevent it.
APRA regulated entities face prudential governance expectations that extend to operational risk management and fraud controls. An organisation that processes a $25 million transfer based on a video call, without independent verification through a separate channel, is likely to face questions about whether its operational risk framework was adequate.
The Privacy Act ADM obligations from December 2026 add a further dimension for organisations using AI in fraud detection processes. Where AI systems are used to make or influence decisions about suspected fraud that affect individuals, the disclosure and accountability obligations apply. The fraud governance framework and the AI governance framework are not separate compliance exercises. They are the same governance infrastructure applied to different risk categories.
Deepfake detection technology will continue to improve and will continue to be defeated by the next generation of synthetic media. The governance controls that provide durable protection are process-level, not technology-level.
Dual-approval financial controls with out-of-band verification. Any financial transaction above a defined threshold requires approval from two authorised individuals, with at least one verification conducted through a pre-established channel that is separate from the channel the instruction arrived on. A payment instruction received by email is verified by phone to a pre-registered number. A payment instruction from a video call is verified by email to a registered address. The synthetic replication of one channel does not compromise the out-of-band verification.
Pre-shared code phrases for unusual requests. For high-risk transaction categories or requests that arrive in unexpected contexts, organisations establish pre-shared phrases between known counterparts that cannot be replicated by an attacker who has reconstructed someone's voice and face from public information. This is a low-technology governance control that is highly effective precisely because it operates outside the AI-enabled fraud vector.
Documented authorisation processes that cannot be overridden by verbal instruction. The Arup fraud was possible partly because the organisation's authorisation process could be bypassed by a sufficiently convincing video call. Governance processes that require written documentation, system-recorded approvals and independent verification cannot be overridden by a deepfake, regardless of how realistic it is.
AI risk assessment as part of payment and procurement workflows. Trusenta's Risk Management module supports the documentation of AI-specific operational risks, including deepfake fraud and AI-enabled BEC, within the organisation's risk framework. Each payment and procurement workflow that is susceptible to AI-enabled fraud should have an explicit risk treatment that is documented and monitored.
Regular testing and awareness that reflects the current threat. Security awareness training built around identifying grammatical errors in phishing emails is not adequate for a threat environment where 82.6% of phishing emails contain AI-generated content. The training programme needs to reflect the current fraud techniques, including deepfake recognition, out-of-band verification habits and the specific scenarios that Australian organisations face.
At Trusenta, AI-enabled fraud is increasingly part of the conversation when we work with organisations on AI risk frameworks. The connection between ungoverned AI at the industry level and fraud at the enterprise level is direct: the same absence of governance that allows shadow AI to proliferate inside organisations creates the process vulnerabilities that AI-enabled fraud exploits from outside.
The organisations best positioned to resist AI-enabled fraud are not those with the most sophisticated deepfake detection technology. They are those with the most disciplined governance of their own processes: clear authorisation controls, documented verification requirements and AI risk frameworks that explicitly address the fraud vectors that generative AI has made accessible to organised criminal groups.
Risk Management: Trusenta's Risk Management module supports the documentation of AI-enabled fraud as a specific risk category within the organisation's AI risk framework, with treatment plans linked to the process-level governance controls that provide durable protection against deepfake and AI-powered BEC threats.
AI Governance: The AI use-case intake and governance infrastructure that brings internal AI systems under systematic control also addresses the shadow AI exposure that creates process vulnerabilities exploitable by external AI-enabled fraud. Organisations with strong internal AI governance are more resistant to AI-enabled fraud because their authorisation processes are documented and governed, not improvised.
AI Governance Services: For organisations that need to review their AI risk framework to explicitly address AI-enabled fraud as a risk category, and embed the process-level governance controls that reduce exposure, Trusenta's AI Governance engagements deliver the framework review and control design that makes this operational rather than aspirational.
The deepfake video call that defrauded Arup of $25 million was not primarily a failure of deepfake detection technology. It was a failure of governance: inadequate verification controls for a consequential financial transaction, in a process environment that could be bypassed by a sufficiently convincing impersonation. The threat has since scaled, democratised and specifically targeted Australian enterprises. The governance response needs to match the current threat, not the one that existed before generative AI made synthetic impersonation available as a criminal service. The organisations that treat AI-enabled fraud as an AI governance problem, requiring process-level controls designed into authorisation workflows, will be in a materially better position than those treating it as a technology problem requiring better detection.
