Foresight Briefing · 004

Executive summary

• Disinformation and synthetic media have been treated mainly as political risks. Over the last 18–24 months the weak signals show this risk cluster moving into the operational and financial core of firms.
  

• Executive‑impersonation deepfakes, narrative attacks on corporate brands, and early regulatory moves on AI and digital communications are converging into a structural risk to payments, funding conditions, market confidence and regulatory exposure.
  

• Global risk work now ranks misinformation and disinformation among the most severe short‑term global risks, tightly coupled with cyber insecurity and adverse AI outcomes.
  

• For boards, CFOs and CROs, the question is whether digital influence risk is still being treated as scattered “cyber” or “comms” incidents, or as a cross‑domain risk cluster that belongs on the core risk register over the next 6–12 months.

1. Where the risk is moving

The most important shift is not just technical capability – it is where those capabilities are being applied. Tools for synthetic audio, video and text have improved rapidly, but the deeper change is that they are being aimed at decision‑points inside firms, not only at public politics.

From political leaders to corporate officers

Deepfake‑enabled fraud has moved from spoof celebrity and politician videos to executive‑grade impersonation. In Hong Kong, a finance worker at a multinational firm was tricked into transferring around 25 million dollars after a video call in which fraudsters used deepfake technology to impersonate the company’s CFO and other colleagues. A similar case saw British engineering group Arup lose roughly 25 million dollars after scammers used AI‑manipulated deepfake video to pose as the CFO and instruct transfers to Hong Kong accounts.

Industry commentary and law‑enforcement briefings suggest deepfake‑enabled fraud and CEO‑style scams are growing quickly, with attackers using AI to generate highly convincing synthetic identities for voice and video channels that staff have historically trusted.

Confidence assessment: High confidence that executive‑style deepfake fraud is now an established modus operandi rather than a novelty; medium confidence on incident numbers, given under‑reporting and uneven disclosure.

Board implications this quarter

• Treat video and voice channels as high‑risk for payments and approvals unless reinforced by strong, independent controls.

• Ask whether treasury and finance teams have specific training and playbooks for synthetic‑identity fraud, not just generic phishing awareness.

• Expect insurance, banking partners and regulators to probe control adequacy after major incidents.

  
  

From public debates to targeted corporate narratives

The World Economic Forum’s Global Risks Report 2026 ranks misinformation and disinformation as the second most severe short‑term global risk, highlighting “narrative attacks” as a critical emerging threat. These attacks use synthetic media, bots and targeted messaging to distort perceptions of companies’ ESG performance, integrity, safety or strategy among investors, employees, customers and regulators.

Analysis of recent campaigns describes “influence‑as‑a‑service” offerings that can be hired to target sectors and brands, not just political actors, blending fabricated content with existing grievances and activist narratives.

Confidence assessment: High confidence that narrative attacks on corporates are increasing in sophistication and frequency; medium confidence on the probability of any one firm being targeted in the near term, with higher exposure for visible brands and contentious sectors.

Board implications this quarter

• Ask whether there is any dedicated capability to monitor and interpret harmful narratives targeting the organisation and sector, beyond generic social‑media listening.

• Ensure that ESG, strategy and communications teams have a shared view of which narratives would be most damaging if amplified with synthetic media.

• Consider how sudden shifts in narrative could affect valuations, counterparties and regulatory posture.
  

From platform responsibility to shared liability

Regulators and legal commentators are increasingly clear that organisations remain accountable for what AI and digital systems do in their name. The WEF Global Risks Report notes that adverse outcomes of AI, cyber insecurity and disinformation are tightly intertwined in both short‑ and long‑term risk rankings, and that governance expectations are rising accordingly.

In parallel, security and legal analysis points out that only a minority of firms provide substantive training on deepfake and AI‑phishing risks or have formal playbooks for synthetic‑media incidents. The liability signal is moving; internal readiness is not keeping pace.

Confidence assessment: High confidence that regulators will increasingly expect boards to treat AI‑enabled influence and fraud as part of core governance; medium confidence on the timing and form of specific rules, sector by sector.

Board implications this quarter

• Ask explicitly who owns digital influence risk across cyber, fraud, communications, legal and compliance.

• Review whether current training, policies and incident‑response plans cover synthetic media and AI‑enabled fraud.

• Expect questions from supervisors, auditors and insurers about how these risks are governed.

2. From PR challenge to operating and financial risk

For many executive teams, disinformation still feels like a reputational problem. The weak signals suggest this view is now too narrow.

In practice, synthetic‑media incidents and narrative attacks can create at least four business‑relevant impact channels:

• Financial and treasury risk Deepfake‑enabled executive fraud sits inside payments, treasury and cash‑management processes. As incident volumes rise, financial institutions and insurers are likely to revisit underwriting, coverage conditions and expectations for internal controls.

• Market and funding risk Narrative attacks that question a firm’s integrity, ESG performance or strategic direction can fuel volatility around earnings, capital raises or contentious projects, especially when intertwined with broader political and social narratives.

• Regulatory and legal risk

  As AI is embedded in customer journeys and internal workflows, regulators may view failure to anticipate synthetic‑media threats – for example in mis‑selling, misleading content or inadequate fraud controls – as a governance lapse.

• Operational and workforce risk

  Staff are both targets and amplifiers. AI‑phishing and deepfakes aimed at employees can drive data breaches, internal disruption and mistrust, while staff may unintentionally propagate manipulated narratives without clear guidance.

  
  

Confidence assessment: High confidence that digital influence incidents can affect financials, operations and governance in multiple channels; medium confidence on the severity and speed of impact for any individual firm.

Board implications this quarter

• Reclassify digital influence risk as a cross‑cutting structural risk, not solely a reputational or IT concern.

• Ask management to identify the top 5–10 decision‑points (payments, disclosures, crises) that could be manipulated via synthetic media.

• Ensure that risk appetite statements and control frameworks explicitly address these channels.

3. Why the next 6–12 months matter

The coming year is a critical window for three reasons.

• Tool‑side acceleration

  Voice and video cloning tools are becoming cheaper and easier to use, reducing the barrier to entry for attackers who want to impersonate executives or staff. That increases volume and spreads risk from large multinationals to mid‑market firms.

• Stressful information environment

  A backdrop of geopolitical tension, sanctions and economic uncertainty gives narrative attacks fertile ground, particularly around supply chains, ESG, product safety and financial resilience.

• Governance lag and liability drift

  Global risk and regulatory discussions now treat misinformation, cyber insecurity and adverse AI outcomes as top‑tier risks, but most organisations have not yet embedded structured detection, response and foresight for digital influence.

  
  

Taken together, these signals support a plausible scenario in which a major corporation faces simultaneous fraud, reputational and regulatory pressure rooted in synthetic media within the next year, especially in sectors like financial services, critical infrastructure, healthcare, defence, technology and high‑profile consumer brands.

Confidence assessment: High confidence that synthetic‑media and digital influence incidents will grow materially over 6–12 months; medium confidence on where the first headline‑grabbing corporate convergence event will land.

Board implications this quarter

• Treat the next planning cycle as the window to move from awareness to concrete governance and controls.

• Ask whether current crisis‑response and disclosure plans are ready for synthetic‑media‑driven events.

• Consider whether the organisation wants to be ahead of, or merely compliant with, emerging expectations.

4. Why this matters for boards and executives

If you sit on a board or executive committee, there are three practical reasons this cluster deserves attention now.

• It cuts across silos

  Digital influence risk sits at the intersection of cyber, fraud, communications, legal, compliance and strategy. No single function fully owns it, which is why incidents are often treated as one‑offs rather than symptoms of structural exposure.

• It targets decision‑points and trust

  The most consequential attacks exploit trust in leaders, processes and information channels – convincing finance teams to move money, investors to doubt a strategy, regulators to question a track record, or staff to disengage.

• It is still early enough to shape response

  Global risk work recognises the threat, but most organisations have yet to implement structured early‑warning, playbooks and accountability. That gap is a strategic opportunity for firms that move first.
  

Confidence assessment: High confidence that early movers on governance and resilience will be better placed with regulators, investors and insurers; medium confidence on how quickly markets will price that advantage.

Board implications this quarter

• Decide which committee will own digital influence risk and how often it will appear on the agenda.

• Ask for an initial cross‑functional view of current exposure and controls.

• Start positioning preparedness as part of the organisation’s resilience and governance narrative.

5. Where the HORIZON Futures Engine adds value

This is precisely the kind of cross‑cutting, fast‑evolving risk where a futures‑led, external‑intelligence approach has the most impact. The challenge is not waiting for a deepfake scandal in your own sector; it is systematically tracking weak signals that show how the information environment is changing around the business.

The HORIZON Futures Engine helps by:

• Connecting threat, context and business exposure

  Clustering incidents, regulatory signals and narrative trends into sector‑specific emerging issues such as “executive synthetic‑identity risk in European financials” or “ESG‑driven narrative attacks on global industrials”.

• Scoring likelihood, impact and velocity on a 2–18 month horizon

  Assessing signals for probability, potential severity and speed, then mapping them to planning windows used by boards and CFOs.

• Framing early‑warning indicators in business language

  Turning technical and threat‑intel detail into clear triggers, scenarios and questions that risk and executive committees can use.

6. Signals to watch over the next 12 months

• Trends in executive deepfake incidents and AI‑enabled fraud in relevant sectors and regions, including losses, regulatory commentary and insurance disputes.

• Evidence of coordinated narrative campaigns using synthetic media against peer firms, especially around ESG, product safety and financial resilience.

• Regulatory speeches, consultations and guidance that link AI, misinformation and corporate accountability, particularly from financial, data‑protection and consumer regulators.

• Investor and ratings‑agency commentary that starts treating synthetic‑media exposure and narrative risk as part of governance and resilience assessments.

7. Questions for your next executive or risk committee meeting

• Which of the organisation’s critical decisions and processes – in treasury, payments, approvals, incident response and external communications – could be manipulated if synthetic media convincingly impersonated key people or fabricated plausible narratives?

• Is there a coherent enterprise‑level view of digital influence risk, or is it fragmented between cyber, fraud, communications and legal with no single owner?

• What would regulators, clients and investors expect us to demonstrate if we were hit by a deepfake‑enabled fraud or narrative attack that affected financial results or market confidence?

• Which weak signals – in sector incidents, market commentary and regulatory speeches – would indicate that digital influence risk is accelerating from an emerging issue to a near‑term board‑level threat, and how are those signals being tracked today?

  
  

The emerging question for senior leaders is whether digital influence risk remains a peripheral concern, confined to political cycles and social‑media storms, or whether it is recognised now as a converging structural risk that can reshape payments, funding, regulation and trust long before it shows up in formal loss data.