Perhaps the most costly cyber-related threat that companies face are Business Email Compromise (BEC) scams, which, according to the FBI, have cost businesses over $26 billion in the last three years. BECs involve cyber criminals using fake or compromised email accounts to send fraudulent wire transfer requests to unwitting employees at companies who perform transfer of funds, causing them to send money to the criminals. These threats are becoming more sophisticated and effective, as advances in technology, including the use of deepfake audio, are making the scams harder to detect. At the same time, regulators have turned their attention to BECs, and the SEC and FINRA have recently alerted companies that their internal controls may come under regulatory scrutiny if they are the victim of a preventable BEC scam. This presentation will cover the current threat environment companies face from BECs, the evolving regulatory landscape, and practical steps companies can take to reduce the risk of falling victim to a BEC, as well as mitigate the related regulatory risks.