To manage the threat of deepfake financial fraud, organizations should consider focusing on three key areas: People. Many people are unaware of the potential for deepfake fraud, often because they don’t understand it or assume that it won’t affect their company. Organizations should educate personnel and other stakeholders about what deepfake financial fraud is and how to identify and escalate suspected incidents of it. Tabletop exercises, interactive scenarios that simulate an attack, can also help test the organization’s response to deepfake incidents. Whichever educational approach is taken, it’s important to consider a routine or ongoing training program that can keep pace with the quickly evolving deepfake fraud landscape. Processes. Organizations should develop playbooks for handling both suspected deepfake threats and successful attacks. An effective playbook outlines clearly the who, what, where, and when of a swift, coordinated response, including how to escalate threats, who should lead the response, and when to review processes to ensure they are up to date. Other important processes include deepfake detection measures, legal considerations, and even public-private partnerships for content authenticity validation. Technology. As deepfakes become more sophisticated, human detection of synthetic content is becoming more challenging and sometimes impossible. GenAI tools that use metadata watermarks or labels to identify and flag synthetic content can help see what the human eye may be unable to. However, since bad actors can also remove watermarks, these types of tools perform best when used in conjunction with deepfake detection software across platforms.