Business email compromise fraud, also known as chief executive officer fraud, has emerged as a growing threat to large and small businesses worldwide. In April 2016, the FBI issued an alert following a dramatic increase in these kinds of crimes, estimating that victim organisations lose on average between $25,000 and $75,000 to an attack. In 2015, toymaker Mattel lost $3m, commodities trader The Scoular Co lost $17.2m and technology firm Ubiquiti lost a massive $46.7m. This panel will discuss a scenario in which one company’s accounts are compromised and another company, with which it does much high-value business, is convinced to transfer funds to a cybercriminal’s account. The following issues will be discussed in this context: • How and when do companies become aware of the fraud? • How do cybercriminals move money and what can be done to trace and freeze accounts? • Would an arbitration clause in a framework agreement between the parties apply in such circumstances?