A guide to fighting AI-fueled AP/AR fraud
Widely available AI is making payment fraud easier to perpetrate and harder to detect, raising the stakes for controls, verification, and professional skepticism.
Related
Drafting an AI policy that actually works
What AI agents mean for CPA firms
How to use the SCAN function to replace running totals in Excel
The accounts payable and accounts receivable functions (AP/AR) have long been targeted for fraud, but widely accessible artificial intelligence (AI) is making business scams more convincing, more prevalent, and easier than ever to concoct.
“This threat landscape we’re in right now has evolved so quickly and is so dangerous,” said Jonathan Marks, CPA/CFF/CITP, CGMA, MBA, CFE, NACD Board Fellow, a principal in BDO’s Forensic Investigations, Disputes and Regulatory Compliance Practice. “In the last two years, it’s the convergence, the confluence of generative AI, deepfake technology, and synthetic identity capabilities.”
Increasingly, internal fraud investigators are spotting fraudulent receipts and other fake documentation that employees have created with AI products. A large language model (LLM) can generate and supply a “ghost vendor” with a long paper trail. The competence barrier has eroded, making it easier and more tempting for anyone to attempt a scheme.
“The key thing is opportunity,” said Ray Sang, CPA/CITP, finance transformation director for cybersecurity company SentinelOne. “AI broadly opened up the opportunity to people who are motivated.”
Meanwhile, more advanced fraudsters are developing armies of synthetic identities that can withdraw money and take other action. Deepfakes — phony computer-generated video and audio — have been used to trick employees into moving millions. And emerging agentic AI technology is increasingly capable of identifying targets, stringing victims along, and carrying out fraud attempts largely autonomously.
“It becomes a bit harder to trace, a bit harder to catch, a bit harder to quantify,” said Emily Chee, CPA/CFF/CITP, a senior manager for BDO Canada specializing in forensic investigations, disputes, and data analytics.
For the modern CPA, the fundamentals of internal controls have never been more critical, or more difficult to maintain. Finance leaders must mount a threefold response to fraud, embracing new technological controls while also sharpening the company’s threat awareness and strengthening its dedication to payment best practices.
HOW AI ELEVATES AP/AR THREATS
More convincing email scams
For years, scammers have filled email inboxes with fraudulent payment requests. But these written requests have become harder to spot.
Rumbi Petrozzello, CPA/CFF, CGMA, head of assessment and strategy at Seramount and an AICPA board member, encountered the change firsthand — receiving an email purportedly coming from the CEO of a business she serves as a board member.
In the message, the “CEO” asked her to make a payment. It also included a lengthy email thread between the company’s CEO and the CFO — complete with accurate details about the privately held investment management firm.
“The exchange was very convincing,” Petrozzello recalled.
While it’s impossible to say exactly how the message was crafted, it suggests the leap that scammers have made with generative AI. LLMs can produce text with perfect grammar, complete with the tone, subject matter, and other parameters customized for each victim. It’s a marked change from the typo-filled phishing message of the past.
“These old emails, they were really sophomoric,” Marks said. “With AI, what has really changed is the accuracy.”
Clay Kniepmann, CPA/CFF/ABV, J.D., a forensic, valuation, and litigation principal at Anders CPAs + Advisors, added: “It’s the same scheme. It’s just that much more convincing because [the AI] does have access to all of the publicly available information to fill in those gaps.”
More advanced vendor and customer impersonation
Scammers aren’t just impersonating executives. They are increasingly pretending to be vendors so that they can send invoices, Marks said.
“Criminals or bad actors are building complete vendor identities,” he said. “You get W-9 forms, taxes that are fake — you can present a professional website, all AI-generated these days.”
Early iterations of generative AI produced simple text outputs. Later iterations added capabilities like image generation. And the latest wave of agentic products, such as Anthropic’s Claude Code and OpenAI’s Codex, can easily create complex coding projects such as websites.
What’s more, while consumer-grade products like OpenAI’s ChatGPT may have guardrails meant to prevent illegal activity, the democratization of AI means there are countless open-source and black-market tools that have no such constraints.
Cutting-edge attackers may go beyond forgeries, using AI to create simulated employees for a fake business.
“They not only set up the site for phishing. They also set up contact numbers and voice agents behind the scene, where it actually sounds like real people behind the phones, but it’s [a bot with a] script,” he said.
MORE TEMPTATIONS FOR INTERNAL FRAUD
Based on her forensic investigation work, Chee believes AI is contributing to internal fraud attempts.
“Expense fraud is on the rise, especially with AI,” she said. Most notably, modern software tools have made it trivially easier to doctor receipts and other documents.
“In the past, if somebody wanted to do something like that, it was gatekept by [the difficulty of using] Photoshop. Now it’s not being gatekept at all,” Chee said.
For example, free-to-use websites can produce receipts with vendor names, amounts, and other details selected by the user. A mainstream AI service like Google Gemini can then be asked to edit the image, making it look weathered and photorealistic.
Additionally, modern image editing applications include new AI-powered tools that make it easier to modify documents seamlessly.
Internal fraudsters also may use AI tools to improve and target their attempts, such as by combing through a vendor list to find companies with multiple locations that might easily be impersonated, Kniepmann said.
The unifying factor of all these types of scams, Marks said, is that AI is making fraud more accessible.
“What AI has done is dramatically lower the competence threshold for some folks,” he said. “Anyone with a laptop or an iPhone or an Android can run these [scams] now.”
WHAT CAN COMPANIES DO?
Companies must strengthen their anti-fraud fundamentals, according to the experts interviewed for this article, while also shoring up their cyber capabilities.
Maintain the master file
Companies with disorganized vendor records are more vulnerable to fraud attempts of all types — regardless of whether AI is involved. Kniepmann and Marks both urged CPAs to review their accounts payable master files.
“You want to keep that [vendor list] tidy, you want to keep it as small as possible. And you want a robust vendor setup process to confirm that that vendor’s real before you ever set it up in the system,” Kniepmann said.
Vendor validation will only grow more important as fraudsters use AI to fake documents such as articles of incorporation, he added.
Marks advised scanning for suspect vendor entries. A bogus vendor might list a post office box as an address, or it might share a bank account with another supposed vendor.
Control cash
Companies that maintain strict cash flow controls are more resilient against fraud.
“You want two people involved in the step where money comes into the company,” Kniepmann said. In other words, payment processes should be supervised by multiple people.
Requiring a second review makes it more difficult for an employee to divert payments and also provides assurance against increasingly convincing external fraud attempts.
More broadly, Marks advised mapping potential fraud vectors and testing the company’s controls against them.
Reinforce anti-fraud policies
Organizations must educate employees on the new ways that technology is enabling fraud — while also reinforcing anti-fraud basics.
“Training is the best control for any organization,” Sang said.
As always, employees must be taught to recognize suspicious patterns and exercise skepticism, he said. They also should be educated on AI’s capabilities — including through demonstrations of deepfake videos and audio.
Marks encourages the practice of “tradecraft,” or tactics that can help to identify and defuse scams.
For example, employees can test a potential impersonator’s knowledge of social and professional events. Or they can turn to an “out-of-band” communication channel to independently verify a suspicious request.
Embrace technology — appropriately
Just as AI has empowered attackers, it also can strengthen defenses.
For example, Chee has been using her organization’s closed AI environment to develop bots that can speed her fraud investigations by extracting data from documents en masse.
Meanwhile, even consumer-grade tools like Google Gemini can be asked to scan files for “watermarks” that may show whether a document has been altered by AI — a capability that Chee expects will become more common in enterprise software.
“Advancements in technology allow fraud to occur more easily, but the advancements will also allow us to better detect it,” she said. “It’s a double-edged sword.”
Financial institutions also offer controls to combat fraud, such as dual-authorization systems, positive pay policies, and ACH filters, Marks added.
But the introduction of new technological controls brings its own risks. While companies may use AI agents to manage purchasing and money movement, they too may be vulnerable to new attacks that aim to corrupt an agent’s decision-making. Such new attacks include data poisoning, which infiltrates an AI system’s training data, and prompt injection, which allows malicious instructions to bypass generative AI guardrails.
According to a 2025 Adversa report on AI security, “prompt injection causes over 30% of AI security failures,” and simple prompts resulted in over $100,000 in losses.
“Fraud has always been a cat-and-mouse game. The fraudsters are always a step ahead, and we’re chasing,” Kniepmann said. “You could always go to a full AI fraud prevention type system, but you’re going to be a step behind.”
Additionally, technological defenses bring ethical concerns, Sang said. Powerful new computer monitoring platforms make it easier to track employees’ activity and raise red flags for potential fraud, Sang said, but excessive oversight may demoralize and outrage workers.
“[Fraud monitoring] becomes much more accurate and much more meaningful, but now with AI’s help, I do see a trend of centralized [employee] surveillance,” he said.
WHAT IS THE CPA’S ROLE?
The evolution of fraud will force finance professionals to master new skills and collaborate ever more closely with partners on data and technology teams.
“The sources of truth these days are data, and data comes in abundance,” Marks said. “If you can’t structure your data in a way you can use it, you’re just lost.”
But a CPA’s greatest contributions may still be professional skepticism, judgment, and dedication to maintaining appropriate controls.
“At the end of the day, the AI is not going to testify in court. The AI is not going to be the expert witness,” Chee said. “The AI is not going to sign off on the financial statement.”
About the author
Andrew Kenney is a freelance writer based in Colorado. To comment on this article or to suggest an idea for another article, contact Jeff Drew at Jeff.Drew@aicpa-cima.com.
LEARNING RESOURCES
Fraud Prevention, Detection, and Response
This course describes the techniques typically employed to prevent, detect, and investigate fraud within the organization. Topics include the impact of fraud on business and society, common profiles of fraud perpetrators, types of fraud schemes, fraud triangle, risk issues, corporate governance, and fraud risk assessment and process controls.
CPE SELF-STUDY
Investigation and Fraud Risk Management
This self-study course provides key foundational knowledge of fraud management and fraud investigations, including how to identify different types of fraud, conduct fraud risk assessments, and investigate possible fraud.
CPE SELF-STUDY
AICPA Forensic and Valuation Services community
Stay updated on what’s happening in the FVS community in real time on Engage365. Exchange ideas, ask questions, and collaborate with peers facing similar challenges in the forensic accounting and business valuation fields.
COMMUNITY
AICPA Forensic & Valuation Services Conference
Get timely updates on trends, issues, and cutting-edge technology while enjoying quality networking with other forensic accounting and valuation professionals at the AICPA Forensic & Valuation Services Conference, to be held Nov. 4—6 at the Gaylord National Resort & Convention Center in National Harbor, Md.
CONFERENCE
The Forensic and Valuation Services (FVS) Section is an add-on membership section that offers comprehensive professional guidance and tools, exceptional learning initiatives, advocacy, and community for forensic accounting and business valuation practitioners.
SECTION
Certified in Financial Forensics
Financial forensics is one of the fastest-growing specialty areas for accounting and finance professionals — and credentialed forensic practitioners are in demand. The Certified in Financial Forensics (CFF®) credential is a strategic way to distinguish yourself as an expert in bankruptcy, insolvency, litigation support, family law support services, and more.
CREDENTIAL
For more information or to make a purchase, go to aicpa-cima.com/cpe-learning or call 888-777-7077.
MEMBER RESOURCES
Articles
“AI-Powered Hacking in Accounting: ‘No One Is Safe‘,” JofA, Oct 1, 2025
“How CPAs Can Combat the Rising Threat of Deepfake Fraud,” JofA, May 1, 2025
FVS Eye on Fraud reports (available to FVS Section members)
“Banking on Vigilance: Modern Fraud Trends and Prevention Strategies for Financial Institutions,” Winter 2026, Issue 2, March 17
“How Internal Controls Help Prevent, Deter, and Detect Employee Embezzlement,” Winter 2026, Issue 1, Feb. 10
