Fraud Is Knocking Louder on the CFO’s Door

B2B CFOs sit at the increasingly complex intersection of treasury, technology, vendor management and enterprise risk. But that’s not all that finance leaders are tasked with overseeing above the balance sheet.

As artificial intelligence increases the capabilities of bad actors, chief financial officers and their accounts payable (AP) and accounts receivable (AR) teams are finding a familiar bedfellow rising up their priority list: fraud prevention. With B2B payments diversifying from legacy instruments like checks to increasingly complex embedded finance ecosystems, the enterprise and finance function attack surface is expanding in both predictable and unexpected ways.

Fraud tactics, after all, evolve quickly, often outpacing static control frameworks. In an environment where every payment method carries its own vulnerabilities, the CFO’s role is not to choose the “safest” option, but to ensure that risk is understood, managed and aligned with the organization’s broader strategic objectives.

Across B2B payment mechanisms spanning ACH, instant payments, virtual cards, embedded finance, stablecoins, legacy methods like checks and even cash, operational resilience is becoming defined not by the absence of B2B fraud but by the ability to anticipate, absorb and adapt to it.

Read also: IRS Warns of Most Dangerous 2026 Tax Scams Targeting SMBs 

Fraud risk tends to concentrate at points of transition, whether between systems, between people or between assumptions. Future-proofing AP and AR functions begins with visibility. Without a unified view of payment flows, risks may remain fragmented and difficult to manage. Standing up an adaptive prevention perimeter can also continue with standardization, ensuring that controls are consistently applied across payment types and platforms.

As innovation advances, the longstanding risks of existing B2B payments don’t just disappear. They get grandfathered in and can even become more exploitable. Checks, for example, put an exclamation point on this. Despite decades of digitization, checks continue to both account for a meaningful share of B2B payments and an outsized share of fraud losses.

Their vulnerability is structural. Checks carry all the information needed to initiate fraud: account numbers, routing details and authorized signatures, all exposed in transit.

The most common risks, like check washing, counterfeiting, mail interception and more are well documented. What is less appreciated is how these risks have scaled. Organized fraud networks now industrialize check theft, using automation and digital marketplaces to monetize stolen instruments rapidly.

For CFOs, the key issue may not be simply whether checks are still in use, but where they persist unnecessarily. Every check issued can create a lag between authorization and settlement, resulting in a window for fraudsters to exploit.

The more relevant question can be whether the organization has fully mapped its “long tail” of check usage. Are checks being used for edge-case vendors, exception payments or legacy workflows that no one has revisited? And critically, what percentage of total payment volume do they represent relative to their fraud exposure?

Another consideration is the impact on customers. The PYMNTS Intelligence report, “Orchestrating Trust: The Future of Fraud Prevention in Payments,” found that 85% of merchants say reducing friction for legitimate customers is their biggest fraud-prevention challenge. Companies increasingly see customer experience as part of the fraud equation rather than a separate concern.

See also: What Mid-Market Businesses Can Learn From Big Tech’s Bot Defenses 

Automated Clearing House (ACH) payments can often be perceived as a safer alternative to checks. In reality, they can shift the fraud vector rather than eliminate it. ACH fraud is typically dominated by account takeover and business email compromise (BEC).

A single compromised vendor email thread can result in legitimate invoices being paid to fraudulent accounts. And with the surge of AI-driven fraud, bad actors are increasingly able to launch high-scale and high-precision behavioral scams to just that aim.

“If a human can do it, we are now at a stage where the machines can do it in plausible ways,” Adam Hiatt, vice president of fraud strategy at Spreedly, told PYMNTS this month.

In light of the challenges of the modern B2B landscape, virtual cards have gained traction as a controlled, trackable alternative to traditional payment methods. They offer advantages in spend visibility, single-use credentials and predefined limits, all features that can inherently reduce certain types of fraud.

CFOs can examine whether their virtual card programs are delivering on their promise of control. Are spending limits dynamically enforced, or are they static and easily circumvented? How granular is transaction-level visibility, and how quickly can anomalies be detected?

Fraud in the context of virtual card use often manifests as misuse rather than theft.

The rise of embedded payments, where financial transactions are integrated directly into software platforms, also represents a fundamental shift in how B2B payments are initiated and processed.

The primary risk here is not a single point of failure, but a lack of holistic oversight. Fraud can emerge from API vulnerabilities, insufficient authentication protocols or gaps in reconciliation between systems.

The anti-fraud checklist for B2B payments, therefore, is not a static document, but a living system of questions. Where are our blind spots? Which controls are assumed rather than verified? And how quickly can we respond when those assumptions are challenged?

Findings in “Identity at Scale: Where KYC/KYB Touchpoints Create (or Contain) Agent Risk,” a new report from PYMNTS Intelligence and Trulioo, underscore the impact that continuous lifecycle management can have in defending against AI-powered fraud.

The post Fraud Is Knocking Louder on the CFO’s Door appeared first on PYMNTS.com.