Key insights:

• • • Fraud management works best as a connected workflow 鈥斕鼳ligning corporate fraud, AML, compliance, and investigation teams can strengthen visibility and response.

    • Monitoring must move beyond on-boarding听鈥� Existing customers require ongoing risk-based review, smart alerts, and transaction monitoring that can identify potentially suspicious behavior without overwhelming teams.

    • AI can accelerate investigations, but humans remain essential听鈥� AI-driven automation helps process data and prioritize alerts; however, skilled analysts are still needed to provide context, judgment, and industry expertise.

Fraud prevention represents only the first step in comprehensive fraud management. Organizations must develop robust detection and investigation capabilities to identify fraudulent activity and respond effectively.

Indeed, the most successful organizations think about fraud management in a systematic way, says Andrew Pellington, a senior director in Risk & Fraud solutions at 成人VR视频. 鈥淭he most successful organizations think about fraud management in more of a workflow phase that moves systematically from initial prevention through ongoing detection and into detailed investigation,鈥� explains Pellington.

Phases of organizational structures

Understanding how these phases interconnect and then building the proper organizational structures to properly execute them can help corporate risk, fraud & compliance teams create the foundation for effective fraud protection. These phases include:

1. Build organizational alignment across fraud and compliance functions

One of the most significant structural shifts in fraud management is the convergence of corporate fraud and anti-money laundering (AML) departments. Historically siloed, these functions are increasingly merging because fraud and money laundering are deeply intertwined. Fraudsters commit fraud, obtain illicit proceeds, and then need to launder those funds 鈥� effectively, two sides of the same coin, Pellington notes.

That means, financial and non-financial institutions can benefit from unified teams sharing data, processes, and expertise; and this convergence extends beyond AML and fraud to prevention, detection, and investigation phases. Organizations can gain competitive advantage when these functions share integrated toolsets, consolidated data sources, and cross-departmental communication. Before sharing knowledge across institutions, however, organizations must first establish robust information sharing across their own departments.

2. Establish monitoring systems for existing customers and accounts

As your organization moves through the fraud management workflow, the focus shifts from high-volume account opening activities to continuous monitoring of existing customers and account holders. This phase requires different tools, processes, and resources than does prevention.

Monitoring 鈥� both proactively and reactively 鈥� allows organizations to identify suspicious patterns and behaviors, then sophisticated systems must track transactions across time, identify deviations from normal behavior, and flag accounts for review.

Proactively, organizations should segment customers by risk level and establish review cycles: monthly for high-risk customers, semi-annual for medium-risk, and annual for lower-risk accounts. Reactively, they should deploy adverse media and sanctions alerts against public records, coupled with transaction monitoring models that specifically identify potential money laundering or structuring patterns.

“As you move through the monitoring, now you’re looking at your existing customers and account holders, and then you get alerts thereafter,鈥� Pellington explains.

3. Implement alert systems and prepare for regulatory scrutiny

While effective monitoring generates alerts that bridge passive systems and active investigation teams, these alerts need to be calibrated to identify genuine fraud risks without overwhelming investigators with false positives. This requires regular tuning and coordination between technology and investigation teams.

Organizations should adopt scenario planning and war games to test their processes by simulating potential fraud cases, regulatory inquiries, and adverse media incidents. Fraud incidents are a matter of when, not if, Pellington says, and those organizations that proactively test their response processes 鈥� rather than waiting for actual events 鈥� will maintain regulatory confidence and demonstrate institutional readiness.

4. Leverage AI while maintaining human expertise in investigations

While AI-driven automation of some work processes is a big advantage, deeper dive investigations require specialized expertise that cannot be fully automated. This is where generative AI (GenAI) and agentic AI can create significant opportunities. Agentic AI can prescreen alerts and determine which warrant investigation; and GenAI can rapidly produce enhanced due diligence reports by pulling together transaction histories, communications, vendor relationships, and public records.

Automating this work frees specialized fraud analysts to focus on what humans do best 鈥� applying industry knowledge and making judgment calls. Indeed, investigation is equal parts art and science, Pellington explains, adding that AI excels at the science 鈥� processing data at scale, and humans excel at the art 鈥� understanding context, industry fraud typologies, and customer relationships.

5. Transform data into knowledge and wisdom

The final critical gap Pellington identifies is the journey from information to knowledge to wisdom. Organizations possess unprecedented volumes of data, yet many drown in it without extracting actionable intelligence.

More data doesn’t guarantee better decisions; and organizations must elevate information to knowledge, understanding what their peers are doing, what best practices exist, and which approaches work best for the organization. Wisdom then comes from sharing across institutions, learning from industry experts, and avoiding mistakes others have experienced. This requires deliberate peer learning and thought leadership engagement.

Preparing for the future of fraud

Fraud risks are evolving fast, and those organizations best positioned to keep up will be the ones that keep their teams connected, sharpen their investigative tools, and pair AI with human judgment to act faster and stay more resilient while proactively transforming data into actionable wisdom.

By implementing these five phases of fraud protection, organizations can improve their detection and investigation capabilities and create comprehensive fraud protection that evolves with emerging threats.

You can find out more about ways to

Key insights:

• • • Unauthorized practice of law rules have repeatedly come into conflict with new forms of legal self-help 鈥� Each major wave of consumer-facing legal assistance has tested the boundaries of UPL doctrine and forced courts, regulators, and lawmakers to decide where legal information ends and legal advice begins.

    • Technology has expanded access to legal information faster than regulation has adapted 鈥� LegalZoom and other justice tech companies showed that legal tools could be delivered at scale, while UPL doctrine often struggled to accommodate new models of legal assistance designed for consumers with unmet legal needs.

    • The rise of AI makes the old UPL framework increasingly inadequate 鈥� As GenAI tools provide legal research, document assistance, and guided analysis directly to the public, regulators should move beyond the LegalZoom-era battles and consider a framework focused on consumer protection, transparency, and actual harm.

This two-part blog series examining how regulators, the legal profession, and individual litigants are looking at the unauthorized practice of law (UPL) first looks at the history of UPL and then suggests a consumer protection-based method of regulation to replace today鈥檚 supplier-based regulations.

With three-quarters of state court cases including at least one self-represented party, and with 92% of Americans with a legal problem not getting the legal help they need, it鈥檚 not surprising that the unauthorized practice of law (UPL) is a concept that鈥檚 not far from people鈥檚 minds.

It does not have to be this way, of course, and there are solutions to the thornier issues with UPL; but first, it may be helpful to understand how we got to this place and how UPL has evolved.

Legal self-help in a pre-Internet world

In the late-1800s, before UPL was formally articulated, John Wells published “Every Man His Own Lawyer”, a widely circulated guide that explained legal principles and provided practical forms. Its popularity reflected sustained public demand for accessible legal information. Around the same time, the organized bar began to emerge, along with more structured efforts to define and protect the boundaries of legal practice.

By the early-1900s, auto clubs were providing legal help to their members, demonstrating an early form of a prepaid legal services plan that exists to this day, but with typically a wider array of services. As would be the case in later years, an economic downturn soon brought a fight as lawyers used threats of UPL to fight competition. Not long after the Great Depression began, the ABA formed the Committee on Unauthorized Practice of Law, and a wave of litigation ensued to essential end the offering from auto clubs.

Similar dynamics appeared later in the 20th century. In the 1960s, soon before the recession of the 1970s, Norman Dacey鈥檚 “How to Avoid Probate!” offered readers tools to manage estate planning without engaging a lawyer. The response included investigations and attempts to suppress the book. Courts ultimately clarified that providing general legal information, even when presented in a structured and practical format, does not constitute individualized legal advice and falls within the scope of protected speech.

Tech enters the equation

By the 1990s, these ideas had moved into a digital environment. Companies such as Nolo and Parsons Technology translated legal forms and guidance into software and the Texas State Bar sued in federal court. Although the bar initially prevailed, a legislative response introduced a software exception to UPL that remains in effect today, reflecting an early acknowledgment that technology-based tools required a different regulatory lens.

By early 2000s, LegalZoom extended these concepts at scale. By automating document creation across a wide range of legal needs, it brought structured legal tools directly to consumers in a more accessible format. While not the first provider of self-help legal resources, it demonstrated how technology could move online and operationalize these services at a national level 鈥� not surprisingly, this effort would face resistance at a whole new level.

Launched in 2001, LegalZoom argued that it just represented the modern evolution of books like those written by Wells and Dacey. The response from the legal establishment was ferocious. It began with state bar inquiries trying to understand what LegalZoom was offering, and as the Global Financial Crisis began in 2007, class action lawsuits and regulatory challenges followed.

These suits sought significant damages without alleging specific consumer harm, creating substantial pressure on a still-developing sector and signaled resistance to new models of service delivery. The objections were ostensibly about consumer protection, while more reflecting concerns about changes to established structures in the legal profession.

LegalZoom won some of the class actions and settled others on friendly terms, typically agreeing to limit the use of certain words in its advertising, paying some class member claims, offering its attorney-access plans on a complimentary basis, and paying attorneys鈥� fees.

Supreme Court precedents

Two U.S. Supreme Court decisions would prove highly important to the UPL battles. The first came in in which the Court ruled that companies could include class action waivers in arbitration provisions. Soon after, LegalZoom began implementing this type of arbitration provision to coincide with the resolution of several major class actions to make sustaining a class action against it in the future more difficult.

The second Supreme Court ruling to impact UPL came in in which the Court ruled that a state occupational licensing board cannot claim state-action antitrust immunity if a controlling number of its decision-makers are active market participants in the occupation it regulates and the state does not actively supervise the board. This decision put state bars at risk.

The fight that changed the conversation was the LegalZoom lawsuit against the North Carolina State Bar (NCSB) that was modeled after the result in the Dental Board matter. LegalZoom had built a prepaid legal services plan offering attorney access to its customers 鈥� a narrower version of what the auto clubs had offered in the past. These types of plans historically were supported by the ABA and National Association of Attorneys General, but a few states pushed back on LegalZoom offering one. Most notably, North Carolina objected and LegalZoom sued the NCSB for a declaratory judgment that it was not engaged in UPL as well as on antitrust and other grounds, leading to a settlement and cooperative legislation that cleared the way for LegalZoom to continue operations, including launching its legal plan, in that state.

Upon the case’s conclusion, University of Tennessee College of Law professor , LegalZoom fought the North Carolina Bar 鈥� and LegalZoom won. Barton opined that the 鈥淪outh Carolina [where the Supreme Court had found LegalZoom practices lawful] and North Carolina precedents will likely end all state bar action on UPL.鈥� He was largely correct, as future LegalZoom and other industry skirmishes would not amount to much, allowing the industry to thrive.

The future of UPL

Today, the LegalZoom fights look quaint. It was essentially a fight over the online equivalents to form books, when a few years later AI would explode onto the scene and upend everything. We now have everything from foundation models such as ChatGPT, Claude, and Gemini to legal specialists available to the public and generating research memos at the push of a button.

This, perhaps, brings us back to where we started. And now may be the time to ask whether a new system of regulation is needed around UPL, because no other justice tech company should have to run the gauntlet of fights that LegalZoom faced.

In the next part of this blog series, we will look at how the issues raised by UPL in the AI age may require a new regulatory solution, possibly one based on a consumer protection model that would replace today鈥檚 supplier-based regulations

Key insights:

• • • AI is supercharging old fraud schemes听鈥� By making synthetic identities, deepfake scams, and customer fraud faster, more credible, and harder to detect, AI is amplifying fraud and crime.

    • The real vulnerability may be internal silos听鈥� Institutions need to be on the lookout, because what looks like a credit loss, an HR issue, or a payment request may actually be part of a wider multi-vector AI-enabled attack.

    • Institutions already have the tools to respond听鈥� Through KYC and internal and behavioral data, financial institutions have the ability to respond to fraud threats 鈥� but only if teams connect and act together.

Fraud and crime existed long before AI, of course, but today鈥檚 technology delivers an acceleration in speed, scale, and success rate for fraudsters, resulting in billions of dollars in losses for victims. AI-enabled frauds on financial institutions by 2027 in the United States alone, and of detected fraud attempts on financial institutions use AI 鈥� and of these, 29% are successful.

To respond effectively to these threats, institutions need to implement a unified response that brings together departments that may not traditionally be partners. This cross-functional coordination should include not only the institution鈥檚 fraud and financial crime risk teams but also its credit risk, cybersecurity, and human resources functions.

And this response is critical, because today, financial institutions are being targeted by multiple types of AI-enabled attacks, including tactics such as:

• • • use of synthetic identities to circumvent know your customer/customer due diligence (KYC/CDD) controls and perpetrate fraud or launder money;
    • use of deepfake identities to gain employment, particularly by North Korean IT workers;
    • AI-enhanced 鈥淐EO frauds鈥� to deceive staff into taking unauthorized actions; and
    • Bank customers may be targeted by fraud too, presenting further risk to financial institutions.

Let鈥檚 look at these threat vectors individually:

Vector 1: Synthetic identities and KYC/CDD

Synthetic identities can be entirely fabricated or may use combinations of real and fabricated personal information to create a new identity. For example, a fraudster may construct a synthetic identity using a Social Security number exposed during a data breach combined with an AI-generated passport.

This threat is real and happening now: identifies that criminals have already used AI to successfully open accounts using falsified documents, photographs, and videos. And according to , synthetic identities were used to open as many as 3% of US bank accounts, representing millions of identities. Not surprisingly, these illicit accounts are used to commit fraud and launder the proceeds of money laundering.

Vector 2: North Korean IT workers

North Korean individuals have successfully gained employment as remote IT workers at American companies, often passing themselves off as US nationals using AI-generated face-swapping technology combined with proxy computers and false identity documents. North Korean IT workers are almost $800 million annually for the regime.

Institutions deceived into employing these workers are not only against North Korea, but they are also exposing commercially sensitive data and systems to an adversary state, increasing the possibility of theft, cyber-attacks, and extortion.

Vector 3: CEO Fraud

A 鈥淐EO fraud鈥� is a cybercrime in which an attacker impersonates an executive to deceive an employee into taking actions such as sending unauthorized wire transfers or disclosing sensitive information. AI accelerates these frauds by making them more personalized and credible.

In one of the more well-known examples, in an AI-enhanced CEO fraud in 2024 after the fraudster impersonated Arup Engineering鈥檚 CFO and requested a staff member to make several financial transfers. The criminals added credibility to the fraud by using a in which the target recognized many of their colleagues 鈥� unfortunately, all of them were deepfakes.

Vector 4: Frauds targeting customers

Where customers are targets, AI provides the scale, speed, and personalization to allow illicit actors to deliver individualized fraud. For example, whereas romance scams previously used repetitive scripts and re-used the same images of the romantic 鈥減artner,鈥� fraudsters can now use AI-generated messages, images, or videos, continuously adapting the execution of the scam to the target鈥檚 responses and behaviors.

Creating a cross-functional and unified response

The examples above demonstrate the diverse and highly sophisticated uses of AI by illicit actors, both adversary states and criminal networks. Detecting and responding to these illicit activities requires joint action between teams that may not traditionally work closely together.

For example, if an account holder fails to repay a loan, the credit team may consider it to be a default by a legitimate customer and write it off as a credit loss. However, if the account was opened using a synthetic identity, investigation may reveal other accounts that share similar customer data points or transactional patterns. This could reveal a network of accounts that are perpetrating a fraud or money-laundering scheme. To detect and respond effectively, joint action is needed between KYC/CDD on-boarding teams, financial crime investigators, and fraud and credit risk professionals.

Alternatively, for HR teams to effectively identify use of face-swapping videos during a hiring process, knowledge from the organization鈥檚 cybersecurity team, especially of deepfake indicators, would be valuable. If a North Korea IT worker is hired and only later identified, cybersecurity and sanctions teams must be involved in the response to mitigate data, network, and compliance exposures.

Detecting and responding to all illicit activities requires joint action between teams that may not traditionally work closely together.

Finally, all staff may be targeted by deepfake fraud, but those in senior positions or departments with financial authority are the most vulnerable. This means it is essential for institutions to deliver employee training using real-life case studies, 鈥渘ear misses,鈥� and scenarios drawn from across the institution and industry. This type of training will increase vigilance and minimize the likelihood of a successful attack.

For customers, financial institutions are well-positioned to identify indicators of fraud due to their extensive datasets of KYC/CDD records, transactional, and behavioral information. Institutions should enhance their customer relationships (as well as meet applicable regulatory requirements) by taking proactive measures to inform and protect their customers.

While AI has accelerated fraud and crime, financial institutions also hold valuable and relevant assets: the knowledge distributed across their cybersecurity, HR, credit risk, financial crime compliance, fraud, and KYC/CDD teams. By connecting these teams together, even in contexts in which these departments have not traditionally been partners, institutions will be well-positioned to protect both themselves and their customers from illicit actors鈥� sophisticated AI-enabled threats.

You can learn more about the fraud-fighting challenges faced by financial institutions and other organizations here

Key highlights:

• • • AI governance is hard to prove in practice 鈥� While our research shows that 44% of companies publish an AI strategy, 76% of those same companies show no evidence of having policies to evaluate the quality of data used to train AI systems.

    • Workers are being left under-prepared and under-protected 鈥� Only 14% of companies have policies to mitigate the negative impacts of AI on workers, and only 31% offer any reskilling or training programs around adapting to an AI-integrated workplace.

    • Human rights and ethics appear an afterthought in AI governance 鈥� Almost three-quarters (72%) of companies conduct no AI impact assessments, and less than 1 in 10 companies conduct ethical or human rights assessments.

There is a widening chasm at the heart of corporate AI governance, according to a new report, , published by the 成人VR视频 Foundation and the United Nations Educational, Scientific and Cultural Organization (UNESCO).

The Foundation鈥檚 analyzed publicly available information from nearly 3,000 companies across 11 industry sectors, creating the most comprehensive picture yet of how organizations are managing AI.

Beneath the surface of corporate AI governance mechanisms, divergence between the speed of AI adoption and meaningful human oversight is growing. The report’s findings make clear that this is no longer a gap that organizations can afford to ignore, especially when backlash against is growing and are solidifying among consumers in the United States.

Data highlights the illusion of AI governance

Businesses of different sizes and across multiple sectors are adopting AI technology at a rapid pace. When governance exists only in the wording of a strategy or company vision, however, the people most affected by AI systems 鈥� workers, consumers, and communities 鈥� are left vulnerable. According to the report:

• • • 44% of companies publicly communicate having an AI strategy. However, a gap in AI governance is evident as more than three-quarters of those companies (76%) do not seem to have policies to evaluate the quality of data used to train AI systems.
    • 40% of companies report board- or committee-level oversight of AI. At the same time, strategic signals do not necessarily indicate operational capacity or day-to-day governance. In fact, less than one-third of all sampled companies claim to have an additional team or resource dedicated to AI governance. Moreover, limited information is publicly disclosed on the teams, processes, and accountability mechanisms that translate intent into action.

Workers are being left behind

Research by the International Monetary Fund finds almost , highlighting the acute nature of concerns about job displacement and declining opportunities for some groups. Without sufficient oversight, AI can threaten workers’ rights, amplify bias, and increase surveillance and work intensity, which can enable inhumane decision-making at scale.

The TR Foundation/UNESCO report notes that many companies are adopting AI without the safeguards needed to support workers and help them to adapt to the changes this technology brings. Less than one-third of companies were shown to offer training and reskilling programs for employees who may be adapting to an AI-integrated workplace. Even within the 31% of organizations in which these training programs exist, there is a vast variation in the scope and depth of the training offered.

In fact, many company training programs are not enterprise-wide or structured. Instead, they are ad-hoc or limited to leadership roles. This lack of investment in talent risks undermining the significant investment that companies are making in AI.

Despite growing pressure from regulators, policymakers and social justice campaigners, the ethical impact of AI appears poorly governed, with companies sharing limited information publicly.

The picture on worker protections is equally concerning. Only 14% of companies have public policies in place to mitigate the negative impacts of AI systems on workers, the report shows. This means the majority of companies either have no policies in place or do not publicly communicate them.

What is more troubling is that when workers experience harm, there is almost nowhere for them to turn. Only 2% of companies indicated they had a complaints mechanism 鈥� a critical early warning system for potential concerns. The findings suggest many organizations lack a mechanism for AI-related internal complaints beyond the broad generic complaint channel, and this is compounded by low awareness of the areas in which AI systems may infringe employees’ rights and protections.

Ethics and human dignity as an afterthought

Despite growing pressure from regulators, policymakers and social justice campaigners, the ethical impact of AI appears poorly governed, with companies sharing limited information publicly.

Human rights and ethical use of AI are treated as secondary considerations to compliance, according to our research. The majority of companies (72%) do not conduct any impact assessment with regard to AI. Only 7% publicly communicate conducting a fundamental or human rights impact assessment, and just 5% report conducting an ethical impact assessment.

Among those companies conducting some form of impact assessment, the focus skews sharply toward compliance rather than people. The most prevalent assessments are privacy or compliance-focused, with 18% of those companies that conduct some form of impact assessment reporting that they conducted a data protection impact assessment, and 14% reporting they conducted a privacy impact assessment.

How to center people in AI governance

Closing this governance gap is essential for companies in order to adopt AI responsibly and avoid costly legal, ethical operational, talent-related risks.

To support companies in navigating this challenge, offers a free survey to help companies map the areas in which AI is used across products, operations and services, and then benchmark those against peers their sector.

The report also contains case studies from companies that voluntarily shared their responsible practices with us. For example, German software company SAP intentionally designs and deploys its internal AI systems with a human-in-the-loop in which AI automates repetitive tasks and supports decision-making while final judgment and complex problem-solving remain firmly in the hands of employees.

As AI becomes part of core business infrastructure, companies must move beyond statements of intent and toward measurable AI governance.

In another example, BASF, a German chemical conglomerate, has jointly agreed with its workers’ councils on a general reskilling program that covers technical, hard, and soft skills. Finally, Canadian telecom company TELUS’ Indigenous Advisory Council provides guidance on AI ethics issues that directly affect indigenous communities.

Next steps for companies

The TR Foundation/UNESCO report highlights the most impactful concrete commitments that companies can take now to future proof against AI-related risk, including:

• • • investing in structured, enterprise-wide worker-reskilling programs that measure outcomes, not just participation;
    • establishing enforceable human rights impact assessments as a standard part of AI deployment, not as an optional addition; and
    • creating accessible, AI-specific internal grievance mechanisms so that workers and users have a genuine pathway to raise concerns and seek remedy.

As AI becomes part of core business infrastructure, companies must move beyond statements of intent and toward measurable AI governance. While this data demonstrates clear governance gaps, it also presents an opportunity for companies to take the lead on implementing responsible AI that operates openly in the public interest.

You can learn more about

Key insights:

• • • Define your risk appetite 鈥� A clearly defined fraud risk appetite aligns prevention efforts with strategic objectives and ensures accountability by establishing acceptable levels of fraud risk across the organization.

    • Create a fraud-specialized team 鈥� Dedicated ownership of the vendors that supply fraud solutions by a fraud-specialized team 鈥� rather than by the procurement function 鈥� is critical to maximizing technology performance and adapting to emerging threats.

    • Establish a specialized prevention division 鈥� The rise of sophisticated scams demands the creation of a separate, specialized prevention division to avoid overburdening core fraud teams and ensure targeted, effective responses.

Corporate fraud represents one of the most significant risks facing organizations today. Yet many companies lack the structured governance and technology infrastructure needed to combat fraud effectively.

The solution requires that comprehensive fraud prevention frameworks be built on clear governance, proper technology deployment, and data-driven insights, according to Aaron Frye, Founder & CEO of Lucid Point Consulting. Organizations that implement these five pillars create resilient fraud prevention functions capable of identifying and preventing fraud before it impacts results. These five pillars include:

1. Develop a fraud risk appetite

Effective fraud prevention begins with a well-defined fraud risk appetite that tells the right story to the right stakeholders. Your framework must communicate to your board, executive leadership, and operational teams the level of fraud losses your organization should tolerate, and in which areas you should prioritize fraud prevention investments.

The fraud risk appetite framework must address several key considerations; for example, it should define the level of fraud risk that aligns with the organization’s growth objectives, identify the areas of greatest vulnerability, and evaluate which investments will yield the strongest return. Equally important is the ongoing monitoring and communication of progress through regular reporting on fraud risk metrics, vendor assessments, and investigation outcomes. These actions demonstrate to stakeholders that fraud prevention remains an active priority for the organization and ensures that fraud risk continues to inform organizational decision-making.

2. Establish clear ownership of risk-solution vendors

Many organizations invest significantly in fraud detection tools only to see disappointing returns. The problem often lies not in the tools themselves, but in unclear ownership and accountability for their performance.

Organizations that implement these five pillars create resilient fraud prevention functions capable of identifying and preventing fraud before it impacts results.

If your organization lacks a designated person or team within your fraud strategy function whose job it is to ensure the risk-solution tools you鈥檙e getting from vendors are the best for your enterprise, you likely aren’t getting the most out of your vendors. This dedicated fraud service ownership role must act as your internal champion, evaluating vendor performance, staying current with product enhancements, and ensuring integration with other fraud prevention initiatives.

Critically, procurement, sourcing, and vendor management functions should never own this role. These teams, by the nature of their titles and responsibilities, don’t prioritize fraud. They lack the specialized knowledge required to assess whether your fraud detection technology is performing optimally or adapting to emerging threat landscapes. Without dedicated fraud expertise overseeing your technological investments, advanced tools sit underutilized and critical fraud signals go undetected.

3. Develop a fraud governance function

Every organization should have a dedicated fraud risk governance team within its fraud risk management organization. This governance function serves as your second line of defense, working proactively to reduce operational chaos within your fraud strategy, operations, and investigation groups.

If a non-fraud governance function owns fraud governance, you are guaranteed not to be getting the best form of governance. Fraud is a specialized discipline requiring dedicated expertise and focus; and your governance team must develop policies, establish standards, monitor control effectiveness, and ensure consistent application of fraud prevention practices across the enterprise.

4. Document existing risks and resource gaps

One of the most important responsibilities of your fraud governance function is identifying and documenting the areas related to fraud risk that your current fraud risk teams don’t have time to review. Due to capacity constraints, it is impossible for many fraud risk teams to cover all open gaps. Your organization must understand those open gaps and not be ashamed to address them.

Create an action plan that documents open risk and self-identified issues that your current team cannot adequately address. This transparency demonstrates clear-eyed realism about your organization鈥檚 limitations and creates the business case for requesting additional resources or engaging external consultants to help close these risk gaps.

5. Address the growing scam-prevention challenge

needs its own prevention strategy division within your fraud risk function. Compromised business email, investment scams, and vendor fraud schemes represent an entirely new category of fraud risk that demands specialized attention.

Every organization should have a dedicated fraud risk governance team that serves as its second line of defense, working proactively to reduce operational chaos within corporate strategy, operations, and investigation groups.

There has never been a full manageable grip on fraud prior to the spike in scams. Therefore, you cannot expect your existing fraud risk teams to tackle a new wave of scams as a priority as well as to manage traditional fraud prevention responsibilities. Your core fraud function manages internal control systems, transaction monitoring, and investigation protocols. Adding comprehensive scam prevention to this workload without dedicated resources guarantees that identifying and preventing scams will receive insufficient attention.

Establish a dedicated scam-prevention division focused specifically on emerging scam threats, employee education, scam-specific prevention technology, and response protocols. This specialized approach ensures sophisticated scam schemes receive the expertise and resources necessary while your core fraud function continues addressing traditional fraud prevention requirements.

Going forward into the fight against fraud

In an era of escalating fraud threats, reactive detection is no longer sufficient. Organizations must adopt a proactive stance grounded in strong governance, clear accountability, and strategic resource allocation.

By defining a fraud risk appetite, assigning ownership of fraud prevention tools, strengthening governance, documenting unaddressed risks, and establishing a dedicated scam prevention function, companies can build resilient, forward-looking fraud prevention frameworks. These five pillars enable organizations to anticipate threats, allocate resources effectively, and protect both financial performance and reputational integrity.

Today, the path to fraud resilience begins not with technology alone, but with deliberate, enterprise-wide commitment to proactive risk management.

You can find out more about ways to

Key insights:

• • • AI can improve officer safety听鈥� By helping them prepare for high-risk situations and make better decisions under pressure, advanced technology can enhance officer safety.

    • AI can increase operational efficiency听鈥� AI can reduce administrative burdens and improve efficiency overall, allowing officers to spend more time on police work.

    • Responsible implementation is essential听鈥� To ensure AI strengthens public trust while protecting civil liberties, proper guardrails and oversight need to be enacted.

Each year, during , we pause to honor the brave men and women in law enforcement who have made the ultimate sacrifice in service to their communities. As we pay tribute to those we have lost, we are reminded of the inherent dangers officers face every day.

In recognition of the importance of reflection and advancement, it is imperative that we examine the responsible application of emerging technologies, especially AI, to enhance officer safety, support their objectives, and reinforce overall public safety.

AI is already being integrated into public safety systems in meaningful, measurable ways. When guided by strong ethical principles, transparency, and commitment to community trust, AI can serve as a force multiplier and a protective partner for members of law enforcement. The goal is not to replace officers, of course, but to equip them with better tools, that allow them to reduce risk and return home safely after every shift.

Improving situational awareness and operational readiness

One of the most immediate benefits of AI in law enforcement is its ability to enhance situational awareness. When officers respond to a call, the first minutes on scene are often the most critical 鈥� and the most dangerous. AI can help reduce uncertainty by providing rapid access to relevant information.

For example, AI-powered systems can analyze incident data, criminal records, and community reports to give officers a clearer picture of what to expect when they arrive on scene. This includes identifying patterns of violence, recognizing repeat offenders, or flagging locations that may have a history of high-risk activity. Such insights allow for better preparation, smarter deployment, and more informed decision-making under pressure.

Additionally, AI can assist in public records and open-source searches, pulling critical data from comprehensive databases, the internet, and connected devices in seconds rather than hours. This immediate access to information enables faster, more effective responses. In short, AI can save valuable time when seconds count.

Streamlining administrative work to focus on the mission

Law enforcement officers spend a significant portion of their time on administrative duties, such as writing incident reports and managing court schedules and citations. These tasks, while necessary, take officers away from community engagement and proactive policing.

AI can help reduce this administrative burden by automating routine documentation. Natural language processing tools can draft reports based on officer input, ensuring consistency and freeing up time for frontline duties. Similarly, AI-driven scheduling systems can optimize shift assignments, account for court appearances, and manage on-call rotations. This AI-enabled administrative assistance goes a long way in ensuring that staffing levels are appropriate and that officers are not overburdened.

When guided by strong ethical principles, transparency, and commitment to community trust, AI can serve as a force multiplier and a protective partner for members of law enforcement.

By reducing the administrative load, AI allows officers to focus on what they do best 鈥� serving and protecting their communities. This not only improves job satisfaction among officers themselves but also increases operational efficiency and public safety outcomes.

Building guardrails for responsible AI use

As with any powerful advanced technology, the integration of AI into law enforcement must be guided by clear policies, oversight, and accountability. The goal is not to deploy AI indiscriminately, but rather to ensure its use enhances safety without compromising civil liberties or public trust.

This requires proactive collaboration between technologists, law enforcement agencies, policymakers, and the communities they serve. Standards must be developed for data privacy, algorithmic transparency, and bias mitigation. AI-enabled systems should undergo rigorous testing and independent review before deployment. Further, officers must be trained not only on how to use these tools, but also on the limitations and ethical implications of using these tools as well.

Finally, public trust is essential. Members of the community need to know that AI is being used to protect their safety and that of law enforcement 鈥� it is not a tool to surveil them without cause. Communicating transparently how the AI systems are designed, what data they use, and how decisions are made will be key to maintaining legitimacy and trust with the public.

A future of safer streets and stronger trust

The integration of AI into law enforcement is not about replacing human judgment 鈥� rather, it鈥檚 about augmenting officers鈥� judgment. When used responsibly, AI can reduce risk, improve preparedness, and support officers in carrying out their duties more safely and effectively.

In the years ahead, we can expect to see broader adoption of drone first responders, real-time language translation tools, and predictive systems that further help enhance officer and community safety measures. However, technology alone is not the answer. Success will depend on how thoughtfully these tools are implemented, how well citizens鈥� rights are safeguarded, and how deeply communities are involved in the process.

This week, as we honor those officers who have fallen in the line of duty, let us also commit to doing everything we can to protect those who serve today. AI, when applied with care, can be a powerful ally in their mission, keeping officers safe, allowing them to make better decisions, and together, building stronger, safer communities for all.

The data provided to you may not be used as a factor in establishing a consumer鈥檚 eligibility for credit, insurance, employment, or for any other purpose authorized under the Fair Credit Reporting Act.

You can find more on the challenges facing law enforcement here

Key insights:

• • • Prediction markets sit in a regulatory gray zone 鈥� Prediction markets鈥� economic function often looks much closer to gambling than traditional finance.

    • That ambiguity creates an AML blind spot 鈥� This blind spot allows potentially weaker controls around KYC, source of funds, sanctions screening, and suspicious activity reporting.

    • Banks and payment processors should focus on actual risk, not labels 鈥� Reputational, legal, and financial crime risk exposure can arise long before regulators clarify the rules.

Prediction markets have grown into a multi-billion-dollar ecosystem, offering the ability to enter into a contract to predict the outcomes on everything from elections and sports games to economic data and weather events. Yet as these platforms expand, they operate in a regulatory gray zone that raises serious questions for banks, payment processors, and compliance professionals.

Yet, the classification question that regulators and financial institutions continue to debate is not merely academic. It determines whether prediction market platforms will face the same anti-money laundering (AML) and know-your-customer (KYC) obligations as casinos and sportsbook venues, or whether prediction markets can continue to operate with minimal compliance oversight. This distinction has real consequences for the financial system.

鈥淧rediction markets are not just a classification problem, they represent a structural gap in how financial crime risk is currently understood and managed,鈥� says James Lephew, Founder & CEO of , a Charlotte-based consulting firm that serves major gambling operators and financial institutions globally.

Clarification is required in classifying this sector

Prediction markets occupy an ambiguous middle ground. Market operators position their platforms as financial derivatives or forecasting tools rather than gambling venues, emphasizing price discovery and statistical analysis over chance-based wagering. A contract on the outcome of a presidential election or a sports event, they argue, reflects crowd-sourced probability estimates grounded in information aggregation, not gambling luck.

Yet the fundamental mechanics raise legitimate questions. A user who buys a contract predicting that a candidate will lose an election is, in economic terms, wagering money on an uncertain outcome. The distinction between betting on a football game and trading a contract on the outcome of that same game becomes difficult to defend from a regulatory standpoint 鈥� and this classification matters enormously.

The distinction between betting on a football game and trading a contract on the outcome of that same game becomes difficult to defend from a regulatory standpoint 鈥� and this classification matters enormously.

If prediction markets are treated as gaming operations, they trigger Title 31 obligations under the Bank Secrecy Act, including currency transaction reporting, suspicious activity reporting (SAR) requirements, and comprehensive KYC procedures. If on the other hand, prediction markets are classified more akin to financial markets, these requirements may not apply. Currently, many prediction market platforms claim financial market status, allowing them to operate outside gaming regulations and with potentially weaker AML controls.

There is a compliance gap

Without clear regulatory classification, prediction markets create a significant AML blind spot. Casinos must report cash transactions exceeding $10,000, conduct source-of-funds reviews, and maintain detailed customer profiles. Sportsbooks face licensing requirements, geolocation checks, and responsible-gaming safeguards. Prediction market platforms, by contrast, often operate with minimal reporting obligations.

This gap introduces concrete risks. Digital wallets and cryptocurrency channels can obscure the source of funds. Structuring and layering of sources become easier without robust verification, further clouding who exactly playing in these markets. Collusive trading through multiple accounts allows value transfer that may go undetected. And VPN use and foreign payment channels can enable sanctions evasion.

Further, without mandatory SAR reporting, suspicious patterns tied to money laundering, terrorist financing, or market manipulation may never reach law enforcement.

“What we’re seeing is an AML blind spot,鈥� says Lephew. 鈥淧latforms enabling financial flows with characteristics of gambling, but without the controls that regulators would normally expect.” Until classification catches up with the technology, he adds, this blind spot remains open 鈥� and exploitable.

Why this matters for banks and processors

Banks and payment processors that support prediction market platforms may carry significant reputational and legal risk if they haven’t conducted thorough due diligence 鈥� and they cannot rely on a platform’s self-classification as a financial market or forecasting tool. Nevada and other jurisdictions are actively examining whether these platforms constitute gambling, echoing concerns from the American Gaming Association that products carrying similar economic risks deserve similar regulatory treatment.

If a product allows participants to wager on uncertain outcomes and creates risk that is substantially similar to gambling, it should face AML and customer identification requirements proportionate to that risk.

“Risk must be assessed based on how the product actually behaves, not how it is marketed,” Lephew explains. And that means evaluating whether a platform applies robust KYC procedures, verifies the source of deposits and beneficial ownership, screens against sanctions lists, reports SARs to the government, prohibits contracts on high-risk events such as assassinations or terrorism, and uses geolocation controls to block users in restrictive jurisdictions. Those answers matter far more than whatever label the platform chooses, Lephew says.

The path forward

Regulators have several options. One approach applies gaming regulations uniformly, treating all prediction markets with economic characteristics similar to gambling as gaming operations subject to Title 31. A second approach creates explicit financial market classification with statutory AML obligations and enhanced scrutiny of high-risk contracts. A third option adopts a tiered or risk-based framework, classifying contracts on lower-risk events such as economic data or weather under financial market rules, while sports and election markets could face enhanced scrutiny. Violent outcome markets would be prohibited entirely.

Regardless of which path regulators choose, the principle should be the same: Classification should follow economic function. If a product allows participants to wager on uncertain outcomes and creates risk that is substantially similar to gambling, it should face AML and customer identification requirements proportionate to that risk.

Financial institutions should not wait for regulatory clarity. They should apply rigorous due diligence now, treating prediction markets with a heightened level of scrutiny appropriate to their actual risk profile rather than their claimed legal status.

The goal is not to eliminate prediction markets, but to ensure they operate within a framework that prevents money laundering, terrorist financing, and market abuse. “If it looks like gambling, behaves like gambling, and carries the same financial crime risk, it should be regulated accordingly,鈥� Lephew notes. 鈥淎nything less creates systemic exposure.”

You can find out more about the challenges financial institutions face in their anti-money laundering efforts here

Key insights:

• • • Protecting SNAP requires modernization and accountability 鈥� This includes providing chip-enabled cards, stronger monitoring, recipient education, retailer oversight, cross-agency coordination, and fair reimbursement for victims.

    • Skimming is a growing problem 鈥� In the context of financial fraud, skimming refers to the illegal capture of personal data, typically through concealed electronic devices placed over legitimate card readers.

    • The harm can be immediate and severe 鈥� If their food benefits are stolen through skimming, vulnerable households can lose essential food funds, deepening food insecurity in their community.

Electronic Benefit Transfer (EBT) cards serve as a critical resource for the millions of Americans who depend on the nation鈥檚 Supplemental Nutrition Assistance Program (SNAP) to keep food on the table. The typical SNAP household is low-income and often includes children, seniors, or individuals with disabilities, who have earnings that fall at or below the federal poverty level. Based on household size, income, and other qualifying factors, these families receive monthly monetary assistance to help cover basic nutritional needs at authorized retailers.

Think of an EBT card as a debit card specifically designed for food benefits. Recipients use it to access their monthly balance at approved stores, making the process straightforward and dignified. However, like any electronic payment system, EBT is not immune to exploitation. One of the most pressing threats is a type of fraud known as skimming, which puts vulnerable households at serious financial risk.

What is EBT skimming?

Skimming, in the context of financial fraud, refers to the illegal capture of personal data, typically through concealed electronic devices that are placed over legitimate card readers. In the case of EBT fraud, criminals generally install tampered card terminals to steal EBT card information, including account numbers and PINs.

Unlike most modern credit and debit cards, EBT cards still rely on magnetic stripe technology, not more secure embedded chips. This outdated system makes them especially vulnerable to cloning, or the creation of counterfeit cards that contain the victim鈥檚 account number and PIN. Once a thief captures the data, they can create these counterfeit cards and drain benefits almost immediately, often within minutes of the monthly benefit deposit.

The result is that much needed food benefits, meant to last an entire month, are stolen without warning or recourse.

Why is EBT skimming so devastating

The consequences of EBT skimming go far beyond financial loss. For recipients, the theft of SNAP benefits can have immediate and severe impacts on their household food security and well-being. Other reasons why this form of fraud is particularly harmful include:

• • • Irreplaceable funds 鈥� For low-income households, SNAP benefits represent a critical portion of their monthly food budget. Once stolen, these funds are often impossible to replace. Families may be forced to skip meals, rely on emergency food pantries, or divert money from other essential needs like rent or medicine.
    • Outdated security technology 鈥� Despite advances in payment security, most EBT cards still use magnetic stripes, which can be easily copied with inexpensive skimming devices. By contrast, EMV chip technology, standard on most consumer credit and debit cards, makes cloning significantly more difficult.
    • Speed and precision of theft 鈥� Thieves often time their attacks to coincide with the monthly benefit deposit cycle. Once benefits are loaded, stolen card data is used rapidly, sometimes within minutes, making recovery nearly impossible.
    • Targeting vulnerable populations 鈥� EBT skimming preys on some of the most vulnerable members of society, including seniors, disabled individuals, and families living paycheck to paycheck. Many recipients may not have the resources or knowledge to monitor account activity regularly or to lock their cards after use, leaving them at greater risk.

Beyond skimming: A broader challenge of fraud, waste & abuse

While skimming is a serious and visible form of EBT fraud, it is only one symptom of a larger systemic challenge that fraud, waste & abuse cause in federal benefit programs.

Other forms of fraud include: retailers trafficking in EBT benefits for cash, which is a violation of SNAP rules; misrepresentation of income or household size during application; duplicate or ineligible benefit issuance; and administrative errors that lead to overpayments.

Each instance, whether intentional or not, erodes public trust in the entire benefit system, strains limited program budgets, and diverts resources from those individuals who need them most.

With federal funding for social programs under constant scrutiny and subject to periodic budget constraints, it is imperative that every dollar is protected and used appropriately. Preventing fraud is not just about saving money 鈥� it鈥檚 about ensuring that limited public resources serve their intended purposes of reducing hunger and supporting economic stability.

How to prevent fraud, waste & abuse in SNAP

Addressing EBT skimming and broader program vulnerabilities requires a well-rounded strategy that features technology, policy, education, and oversight working together.

On the technology side, one of the most impactful steps forward would be transitioning EBT cards from outdated magnetic stripes to EMV chip technology. This upgrade alone would significantly reduce skimming risks, and federal investment in that infrastructure is a necessary part of making it happen. Alongside that, state and federal agencies should be leveraging data analytics and real-time transaction monitoring to flag suspicious activity, like multiple withdrawals across different locations within a short window of time.

Education also plays a bigger role than many people realize. A large portion of EBT users simply do not know how to protect themselves. Basic habits like covering the keypad when entering a PIN, routinely checking account balances, and reporting lost or stolen cards right away can go a long way in reducing exposure.

One of the most pressing threats is a type of fraud known as skimming, which puts vulnerable households at serious financial risk.

From an oversight perspective, the U.S. Department of Agriculture 鈥� the government agency that oversees SNAP 鈥� and state agencies need to conduct regular audits of authorized retailers and hold them accountable. Any retailer found engaging in trafficking or enabling skimming should face deauthorization and legal consequences as well. Equally important is making sure that victims of confirmed fraud are not left without recourse. Clear and consistent policies for replacing stolen benefits can help restore trust in the program and prevent the food insecurity that this type of fraud directly causes.

Finally, none of this works in isolation. Effective fraud prevention depends on strong coordination between state human services departments, law enforcement, financial institutions, and technology providers. Information sharing and joint task forces strengthen the ability to detect threats early and respond quickly when issues arise.

Protecting the safety net

SNAP is one of the nation’s most effective tools in the fight against hunger. However, its success depends on both integrity and accessibility. Skimming and other forms of fraud not only steal from individuals, but they also undermine confidence in the entire system.

Policymakers, administrators, and citizens must prioritize modernization, accountability, and victim protection. By addressing vulnerabilities like EBT skimming and reinforcing safeguards against waste and abuse, we can ensure that SNAP remains a reliable and secure resource for the millions of individuals who rely on it.

You can find out more about how public agencies are working to fight fraud in government benefit programs here

Key insights:

• • • Getting at the core legal question 鈥� In a case brought by defendant Ongkaruck Sripetch, the Supreme Court is deciding whether the SEC must prove investors suffered measurable financial loss before courts can order disgorgement, which would require fraudsters to give up illegal profits.

    • Why it鈥檚 high-stakes 鈥� Disgorgement is a major SEC enforcement tool 鈥� representing billions of dollars annually 鈥� so a new requirement to prove investor losses could sharply limit when and how much the SEC can recover.

    • How the justices seemed to lean (so far) 鈥� Questions at the argument before the Court suggested skepticism toward Sripetch鈥檚 position, with several justices asking why it would be an unfair penalty to take back ill-gotten gains and noting the practical difficulty of proving each investor鈥檚 exact loss.

If you鈥檝e ever wondered how the U.S. Securities and Exchange Commission (SEC) actually gets money back after it catches a fraudster, one of its biggest tools, disgorgement, is now under the microscope. This week, the U.S. Supreme Court heard arguments in a case, Sripetch v. SEC, that sounds technical on paper but has at its core a simple question: When the SEC makes a fraudster give up illegal profits, does it have to prove that investors suffered measurable, out-of-pocket losses first?

The case centers on Ongkaruck Sripetch, who the SEC says pocketed illicit proceeds through a classic pump-and-dump scheme from 2013 to 2017. Pump-and-dumps often involve penny stocks in which a person will hype up the price of these thinly traded stocks, then sell into the price spike they caused and walk away richer. Other stock traders who bought into the hype are the ones left holding the bag.

Sripetch admitted violating securities law and, in his subsequent criminal case, was sentenced to 21 months in prison. Separately, in the SEC鈥檚 civil action, a federal court in California ordered Sripetch to repay more than $3 million in ill-gotten gains plus interest.

The Supreme Court case isn鈥檛 a serious argument against the SEC鈥檚 ability to seek disgorgement 鈥� numerous courts have recognized the remedy for years, and Congress has since written the SEC鈥檚 ability to pursue it into federal law. The core question in the case is narrower, yet crucial for the SEC鈥檚 mission. It asks whether the SEC must show that victims suffered pecuniary or economic harm before a court can order disgorgement. Federal appeals courts have split on that point, which is why the Supreme Court agreed to take the case.

What is disgorgement, exactly?

Think of disgorgement as a legal give it back order. If a person or company makes money by breaking the securities laws 鈥� say by manipulating prices, lying to investors, or running a Ponzi-style scheme 鈥� disgorgement is designed to strip the profits away from that wrongdoing and the wrongdoers. In theory, it鈥檚 not about punishing someone for being bad, rather it鈥檚 about making sure crime doesn鈥檛 pay.

In real markets, harm can be scattered across thousands of trades, mixed up with normal price swings, and hard to trace to one bad actor. Disgorgement, on the other hand, gives securities regulators a way to focus on the part that鈥檚 often the clearest: How much ill-gotten profit the fraudster made.

Indeed, that not a punishment framing is important because the SEC has other ways to punish those convicted of securities law violations 鈥� such as civil penalties, disbarment from serving as an officer or director, industry suspensions, and more. Disgorgement is supposed to be different 鈥� an action that aims at profits, not pain. The government鈥檚 position in the Sripetch case puts it bluntly: Disgorgement is meant to strip ill-gotten gains from wrongdoers, not to compensate victims for their losses.

And disgorgement is not a niche tool. The SEC regularly collects big sums of seized money through disgorgement. According to recent figures, the SEC obtained about $1.4 billion through disgorgement in fiscal 2025 (excluding certain amounts), and $6.1 billion the year before, which represented nearly three-quarters of its total financial penalties for that year.

Those numbers may help explain why this Supreme Court fight is being watched so closely: The outcome could either keep the SEC鈥檚 playbook intact or force it to do a lot more legwork before it can ask courts to order payback.

The arguments before the Court

Earlier this week, both sides argued before the Supreme Court as to the potential future use of disgorgement and what requirements the SEC might have to meet when requesting court to order it.

Sripetch鈥檚 argument 鈥� Lawyers for Sripetch told the Court that the SEC shouldn鈥檛 be able to get disgorgement unless it can show that investors actually suffered financial harm, such as a price drop caused by the fraud or some other measurable loss. If the SEC can鈥檛 prove that kind of harm, the lawyer argues, then making Sripetch pay money looks less like giving it back and more like an impermissible penalty that the SEC is not allowed to levy.

The government鈥檚 argument 鈥� Lawyers for the U.S. Justice Department, defending the SEC, said the proof-of-loss requirement makes no sense. Disgorgement, in their view, is about the defendant鈥檚 gains, not the victim鈥檚 losses. One government lawyer summed it up as a straightforward principle: Disgorgement is intended to ensure a defendant does not profit from their own wrongdoing.

At this week鈥檚 argument, the justices sounded (at least generally) more sympathetic to the government than to Sripetch. Justice Amy Coney Barrett pressed the defense on its basic logic: If the court is only taking away ill-gotten gains 鈥� money the wrongdoer was never entitled to 鈥� why is that a penalty at all? Justice Ketanji Brown Jackson made a similar point, suggesting disgorgement would only feel like punishment when someone is forced to pay money that was rightfully theirs.

When Sripetch鈥檚 lawyer suggested the SEC should have to identify and prove each victim鈥檚 dollar loss, Justice Sonia Sotomayor鈥檚 response was basically, Why would anyone bother? If the SEC has to run a mini-trial on every investor鈥檚 exact harm just to reclaim the fraudster鈥檚 profits, disgorgement would be unworkable in many cases.

The practicality of that point is a big deal in securities fraud. In real markets, harm can be scattered across thousands of trades, mixed up with normal price swings, and hard to trace to one bad actor. Disgorgement, on the other hand, gives securities regulators a way to focus on the part that鈥檚 often the clearest: How much ill-gotten profit the fraudster made. The idea is deterrence-by-math 鈥� if you can鈥檛 keep the profits, the incentive to run the scheme shrinks.

The Supreme Court’s ruling, when it comes, could re-shape how the SEC negotiates settlements, litigates fraud cases, and talks about remedies and punishments going forward.

Still, some justices raised broader concerns about how disgorgement gets used in the real world, such as whether certain applications start to look punitive, or whether they raise questions about a defendant鈥檚 right to a trial by jury. However, the Court also seemed interested in deciding only the question of the requirement to prove victims鈥� losses and leaving those bigger constitutional debates for another day.

Why this matters (even if you aren鈥檛 the SEC)

If the Supreme Court agrees with Sripetch and requires proof of investor pecuniary harm, the SEC could face a higher hurdle in cases in which misconduct is real, but losses are tough to quantify on a trade-by-trade basis. That could mean fewer disgorgement awards, smaller ones, or more pressure to rely on classic penalties instead.

If the Court backs the government, however, disgorgement stays what it has largely been 鈥� a fast, flexible way to reclaim profits from securities fraud and a core part of how the SEC tries to keep the securities markets honest.

Either way, the ruling will shape how the SEC negotiates settlements, litigates fraud cases, and talks about remedies and punishments going forward. With the Court expected to issue its decision by the end of June, securities lawyers and stock market mavens will be keeping an eye on this case.

You can find more about the challenges facing the SEC here

Key insights:

• • • Tariffs erode supply chain integrity, not just margins 鈥� Rapid policy shifts can destabilize manufacturers鈥� supplier relationships, customs compliance, and production networks.

    • Unpredictability is the real threat 鈥� Changing duty rates and exemptions undermine forecasting and inventory planning, creating bottlenecks that ripple across customer commitments.

    • Adaptation beats anticipation 鈥� Leading manufacturers aren’t waiting for policy clarity, rather they鈥檙e adapting to the uncertain environment now.

Tariffs have presented significant challenges for manufacturers, increasing input costs and undermining the stability of global supply chains. During the Trump administration, tariffs have become a focal point in debates over the broader economic implications of trade policy. Since 2025, has included a 10% minimum global tariff on a broad range of imports, additional measures targeting China, and various product- and country-specific actions 鈥� all developments that have reshaped corporate sourcing strategies and international trade planning.

In February, the U.S. Supreme Court’s decision in听 marked a pivotal shift in trade authority. By a 6-3 vote, the Court held that the President lacked the constitutional authority under the International Emergency Economic Powers Act (IEEPA) to impose tariffs, emphasizing that such measures constitute taxes and are therefore within exclusive legislative domain of the U.S. Congress. The ruling invalidated many tariffs implemented by President Trump in 2025, providing some legal clarity while also raising questions about the future of US trade policy. Although the decision limits executive power, uncertainty still persists regarding how Congress will exercise its reasserted authority and what new legislative or trade measures may follow in such a dynamic and uncertain economic environment.

This Supreme Court’s ruling does not eliminate tariffs but rather shifts their governance by curtailing unilateral executive authority under IEEPA and reasserting Congress’s constitutional role in setting tax and customs policy. That means, of course, that tariffs will not disappear but instead will become more politically negotiated and legislatively codified. For supply chain leaders, this introduces a different kind of uncertainty that will be rooted in legislative timelines, committee negotiations, and the potential for prolonged policy stalemates.

Indeed, it鈥檚 unclear whether tariffs imposed through statute will prove more durable and harder to reverse than those enacted via executive order. Ultimately, this legal shift underscores the need for manufacturers to take a proactive adaptation and not one of complacency.

For corporate risk professionals, particularly those within manufacturing companies, these developments carry substantial implications. Tariffs extend beyond increasing import prices and affect profitability, workforce planning, and long-term supply chain resilience. They introduce volatility into customs procedures, supplier qualification, cross-border logistics, and production network design. When trade rules change rapidly, as they have in recent months, the integrity of global supply chains is increasingly difficult to maintain.

Why tariffs hit supply chain integrity so hard

In a global supply chain, every cross-border movement is governed by import and export rules set by the countries involved. Tariffs change those economics immediately, and they also trigger a chain reaction that ripples through sourcing, logistics, compliance, and planning. For example, the (CBP) has had to issue repeated implementation updates on new tariff actions, including guidance tied to imports from China, Canada, and Mexico, underscoring how quickly operating conditions can change for importers. That creates several clear risks to supply chain integrity.

One of the first impacts is on supplier relationships. When tariffs make a sourcing region less viable, manufacturers are often forced to move away from long-established suppliers and instead quickly on-board alternatives in lower-tariff markets. That may reduce immediate cost pressure, but it can also weaken quality control, transparency, and reliability if the new suppliers prove to be less able.

This is already showing up in manufacturer behavior. , a nonprofit organization dedicated to supporting manufacturing leaders, reported that in January, more than half (57%) of manufacturers said that US tariff policies were having a moderate or significant negative effect on confident decision-making related to sourcing, pricing, and investment timing. The same research found that companies were increasingly shifting from passive monitoring their supply chains to making active changes in sourcing.

Even after the Supreme Court鈥檚 legal invalidation, many impacts of previously imposed tariffs persist, as retroactive refunds are not guaranteed 鈥� indeed, the government has for such refunds. And these administrative delays in duty recovery can strain cash flow, while companies that already restructured their operations by relocating suppliers, renegotiating contracts, or investing in new logistics infrastructure cannot easily unwind those changes.

Clearly, the economic and operational consequences of past tariffs have already altered global sourcing maps, and those manufacturers that had shifted production to Southeast Asia or Mexico during the 2025 tariff surge may maintain those footprints even if duties are lifted, due to sunk costs or new regional advantages. This illustrates how even temporary policy shifts can have permanent effects on supply chain integrity.

Tariffs force structural changes and create bottlenecks

Tariffs also create operational instability. When duty rates, exemptions, and country-specific rules change, manufacturers鈥� ability to forecast their trade strategy becomes more difficult, and inventory planning becomes less reliable. Customs processing can become more complicated as companies work through classification questions, preference claims, and changing documentation requirements.

For manufacturers running lean networks, that unpredictability can be dangerous. Delays at ports, shipment holds, or reworks tied to customs compliance can ripple across production schedules and customer commitments. The CBP has specifically noted ongoing tariff implementation updates through its Cargo Systems Messaging Service, which only underscores how much administrative attention that manufacturers now need to dedicate to keeping updated on trade compliance.

Tariffs can also break the logic of just-in-time supply chains. If landed costs become unstable or sourcing risk rises, companies often shift toward just-in-case strategies by holding more inventory, extending forecast horizons, or redesigning production footprints. That may improve resilience in the short term, but it also ties up working capital and reduces efficiency.

Manufacturers Alliance research describes this as a move toward tactical adaptation rather than true resolution. In other words, many manufacturers are learning how best to operate in a tariff-heavy environment; however, as the system becomes more buffered, more complex, and often less efficient, it鈥檚 unclear when or whether things will return to a state resembling the previous stability.

How supply chain professionals can mitigate tariff risk

For corporate risk and supply chain leaders, the most practical response starts with supplier diversification. Overconcentration in one tariff-exposed region creates avoidable vulnerability. Manufacturers also should use supplier information management technology to map sub-tier dependencies, because tariff exposure often sits deeper in the supply base than tier-one suppliers alone reveal.

Other strong mitigation strategies include nearshoring to reduce long-distance logistics exposure and scenario planning to stress-test tariff shocks before they happen.

Those manufacturers best positioned for continued disruption ; instead, they are building flexibility into sourcing, inventory, and trade compliance now.

The bottom line

The Supreme Court’s decision in Learning Resources marks a significant check on executive power around tariffs, but it does not signal a return to stable or predictable trade policy. Tariffs remain a potent and politically salient tool, now subject to legislative rather than unilateral control.

For manufacturers and their corporate risk professionals, the imperative remains unchanged: Supply chains must be designed not just to survive today’s tariffs, but to adapt to the next wave of trade policy disruption. Indeed, resilience is no longer a function of cost minimization alone. It requires transparency, agility, and a deep understanding of how legal, political, and economic forces converge at the border. The most effective manufacturing companies will continue to be those that treat tariff exposure not as a compliance afterthought, but as a core dimension of supply chain integrity.

You can find out more about the challenges manufacturers are facing from tariffs here