🔍 Top headlines
Fraud threats escalate as GenAI exploits finance–security gaps
The Trustmi 2025 Socially Engineered Fraud & Risk Report paints a not-so-comforting picture of how fraud is evolving in the generative AI era. Among 525 finance and cybersecurity leaders surveyed at US enterprises with $1B+ revenue, 84% reported at least one fraud attempt in the past year, and nearly half suffered direct financial losses, with more than half of those exceeding $500,000 in a single incident.
One-third of respondents pointed to misalignment between finance and security teams as a key factor in recent fraud events or near misses. Attacks are also increasingly multi-system, with 70% spanning platforms such as email, ERP, and vendor portals, and nine in 10 major incidents involving at least one failed control.
The findings of the report point to a clear reality that fraud is no longer an isolated finance or IT issue, but an enterprise-wide risk that demands unified visibility and shared responsibility.
IRS seeks to fill critical vacancies as workforce declines 25%
The IRS is scrambling to address a sharp workforce decline after losing roughly a quarter of its staff this year, according to the Treasury Inspector General for Tax Administration (TIGTA).
More than 25,000 employees have departed through incentive programs such as deferred resignations, while nearly 300 employees and more than 3,000 probationary employees received reduction-in-force notices, but haven’t been terminated as of yet because of a court injunction. In response, the agency has begun emailing employees who had agreed to deferred resignations, offering them the chance to rescind and stay on to fill “critical vacancies.” The move follows a TIGTA report showing that many terminated probationary staff had no performance issues, contradicting official termination letters.
With budget and staffing constraints already threatening modernization efforts, the IRS now faces the challenge of replenishing expertise in mission-critical areas, while rebuilding trust with employees.
PCAOB postpones effective date of QC 1000 and related standards
The Public Company Accounting Oversight Board (PCAOB) has postponed the effective date of QC 1000, A Firm’s System of Quality Control, and more than a dozen related standards, rules, and forms to December 15, 2026, one year later than originally planned. QC 1000 establishes a modernized framework for firm-level quality control, requiring registered firms to design systems that cover governance, ethics, independence, engagement performance, and monitoring. The package also includes new ethics guidance (EI 1000), amendments to auditing standards on risk assessment, audit documentation, and engagement deficiencies, and new reporting requirements on firms’ quality control evaluations.
Interim quality control standards, such as those governing personnel management, continuing education, and independence policies, will remain in effect until rescinded on the new date. The PCAOB cited implementation challenges at many firms, but stressed that the delay is intended to give firms time to put robust systems in place—not to weaken the reforms.
