Adversarial Machine Learning Attacks on Financial Reporting via Maximum Violated Multi-Objective Attack
This addresses the problem of financial fraud detection for regulators and auditors, though it is incremental as it builds on existing adversarial attack methods for a specific domain.
The paper tackles the problem of adversarial attacks on financial reporting by distressed firms aiming to manipulate earnings and fraud scores, introducing Maximum Violated Multi-Objective (MVMO) attacks that achieve 20x more satisfying attacks, enabling companies to inflate earnings by 100-200% and reduce fraud scores by 15% in about 50% of cases.
Bad actors, primarily distressed firms, have the incentive and desire to manipulate their financial reports to hide their distress and derive personal gains. As attackers, these firms are motivated by potentially millions of dollars and the availability of many publicly disclosed and used financial modeling frameworks. Existing attack methods do not work on this data due to anti-correlated objectives that must both be satisfied for the attacker to succeed. We introduce Maximum Violated Multi-Objective (MVMO) attacks that adapt the attacker's search direction to find $20\times$ more satisfying attacks compared to standard attacks. The result is that in $\approx50\%$ of cases, a company could inflate their earnings by 100-200%, while simultaneously reducing their fraud scores by 15%. By working with lawyers and professional accountants, we ensure our threat model is realistic to how such frauds are performed in practice.