Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack
Raff, Edward, Kukla, Karen, Benaroch, Michel, Comprix, Joseph
Bad actors, primarily distressed firms, have the incentive and desire to manipulate their financial reports to hide their distress and derive personal gains. As attackers, these firms are motivated by potentially millions of dollars and the availability of many publicly disclosed and used financial modeling frameworks. Existing attack methods do not work on this data due to anti-correlated objectives that must both be satisfied for the attacker to succeed. We introduce Maximum Violated Multi-Objective (MVMO) attacks that adapt the attacker's search direction to find $20\times$ more satisfying attacks compared to standard attacks. The result is that in $\approx50\%$ of cases, a company could inflate their earnings by 100-200%, while simultaneously reducing their fraud scores by 15%. By working with lawyers and professional accountants, we ensure our threat model is realistic to how such frauds are performed in practice.
Jul-9-2025
- Country:
- Asia > Indonesia (0.04)
- Europe
- Denmark > Capital Region
- Copenhagen (0.04)
- Greece (0.04)
- Denmark > Capital Region
- North America
- Canada > Ontario
- Toronto (0.05)
- United States
- Illinois > Cook County
- Chicago (0.04)
- Maryland
- Baltimore (0.04)
- Baltimore County > Catonsville (0.04)
- New York
- New York County > New York City (0.14)
- Onondaga County > Syracuse (0.04)
- Pennsylvania > Allegheny County
- Pittsburgh (0.04)
- Illinois > Cook County
- Canada > Ontario
- Genre:
- Research Report > New Finding (0.93)
- Industry:
- Banking & Finance > Financial Services (0.68)
- Government (1.00)
- Information Technology > Security & Privacy (0.47)
- Law Enforcement & Public Safety > Fraud (0.46)
- Technology: