AI Fraud Surge Leaves US Companies Dangerously Exposed, Report Finds

NEW YORK, NY – January 27, 2026 – A stark new report reveals a rapidly widening gap between the sophistication of artificial intelligence-powered fraud and the outdated defenses of American corporations. According to new data from the fraud prevention platform Trustpair, a staggering 71% of U.S. companies have witnessed an increase in AI-driven fraud attempts over the past year. Despite this alarming trend, nearly half (48%) of these enterprises continue to rely on manual, human-led checks to fend off attacks, a practice proving increasingly futile against automated, large-scale threats.

The report, titled “Fraud in the Cyber Era: 2026 Fraud Trends & Insights,” surveyed 250 senior finance executives and CFOs, uncovering a dangerous complacency in the face of an evolving enemy. The findings highlight not only significant financial hemorrhaging and operational paralysis but also a widespread lack of awareness regarding impending regulatory mandates set to reshape the payments landscape.

“AI has raised the baseline of fraud. The risk keeps increasing, but internal processes haven’t moved fast enough,” said Baptiste Collot, co-founder and CEO of Trustpair, in the report's release. “The reality is that manual callbacks and email checks simply cannot defend against attacks that are generated at scale.”

The New Face of Corporate Fraud: AI at the Helm

The nature of financial crime is transforming. The classic phishing email riddled with typos is being replaced by hyper-realistic, AI-generated communications that can fool even the most discerning eye. By mid-2024, an estimated 40% of Business Email Compromise (BEC) phishing emails were already being crafted by AI. This threat remains the leading fraud channel, affecting 62% of organizations, a figure consistent with findings from the FBI's Internet Crime Complaint Center (IC3), which ranked BEC as the second costliest cybercrime in its 2024 report, with losses nearing $2.8 billion.

AI is supercharging these schemes with terrifying efficiency. Fraudsters are leveraging deepfake technology to clone the voices of executives, making urgent payment requests over the phone that are nearly indistinguishable from the real person. Trustpair reports a 118% year-over-year surge in such voice cloning incidents. This is compounded by the use of AI to create synthetic identity documents for vendor onboarding and to automate account takeover attempts, where bots can manipulate customer service and request wire transfers without any human intervention.

This technological disparity is at the heart of the problem. While fraudsters leverage machine speed and scale, 48% of finance departments are still fighting back with manual processes. This is a slight improvement from 69% the previous year, but it still leaves a massive vulnerability that criminals are readily exploiting.

A High Price for Inaction: Financial and Human Costs Mount

The consequences of this security mismatch are severe and extend far beyond the balance sheet. According to the Trustpair report, one in four companies suffered six-figure losses due to fraud. This aligns with broader industry data from the Association of Certified Fraud Examiners (ACFE), whose 2024 report found that 22% of occupational fraud cases involved losses of $1 million or more.

Furthermore, the financial toll is deepening across the board. A recent update from TransUnion revealed that U.S. companies lost an average of 9.8% of their revenue to fraud over the last year, a staggering 46% increase from 2024, representing an estimated $114 billion in losses among the leaders surveyed. The operational strain is equally damaging, with 45% of companies reporting that they spent multiple days responding to a single fraud incident, pulling critical resources away from core business functions.

There is also a significant human cost. The report found that 17% of companies had to terminate employees due to mistakes related to fraud. This underscores the immense pressure placed on finance teams and the personal career risks involved when processes are inadequate. The ACFE's research further notes that in cases of occupational fraud, 68% of perpetrators were terminated by their employers, highlighting the internal turmoil these events can cause.

The Regulatory Clock is Ticking: Nacha's 2026 Mandate Looms

Adding a layer of urgency to this crisis is a fast-approaching regulatory deadline that many companies are ill-prepared to meet. The report uncovered that a concerning 45% of companies are not even aware of the upcoming Nacha rules that will mandate more robust account validation and fraud monitoring processes starting in March 2026.

These new ACH Network rules will be implemented in two phases. Phase one, effective March 20, 2026, will require large originators, third-party service providers, and financial institutions to establish and document risk-based processes to detect fraudulent ACH payments, particularly those stemming from BEC and other impersonation schemes. By June 22, 2026, these requirements will extend to all originators and third parties, regardless of size. The rules implicitly push the entire industry toward stronger upfront account validation, a practice currently lacking in most organizations.

This regulatory shift directly confronts a core weakness identified in Trustpair's research: siloed and sporadically validated vendor data. The report found that only 32% of companies validate vendor bank account details on a continuous or real-time basis, leaving them exposed to fraud in the vulnerable period between vendor onboarding and the moment of payment. With the Nacha deadline approaching, companies without automated, risk-based validation processes face significant compliance risks on top of their fraud exposure.

Modernizing Defenses in the Cyber Era

While the challenges are formidable, the report indicates that a shift toward modernization is underway. Half of the companies surveyed increased their fraud prevention budgets in 2025, and the adoption of automated account validation tools saw a modest increase from 31% to 34%.

Experts argue that the only viable path forward is to fight automation with automation. Modern fraud prevention platforms integrate directly into existing enterprise resource planning (ERP) and procure-to-pay (P2P) systems via APIs. These tools provide continuous, real-time validation of bank account ownership at every critical stage: during vendor onboarding, whenever banking details are changed, and just before a payment is executed. By cross-referencing data against global banking networks and other sources, they can instantly flag suspicious activity, effectively eliminating the human error and inefficiency inherent in manual checks.

Embedding these automated controls into daily financial workflows strengthens security without adding friction to operations. As AI continues to arm fraudsters with ever-more-powerful tools, organizations that fail to upgrade their own technological arsenals will find themselves increasingly outmatched, facing not just financial loss but also regulatory penalties and severe operational disruption.