FAQ

Direct answers to common questions about deepfake/CEO-fraud defense via process controls and evidence.

Does this guarantee no fraud?

No. DirectiveLock reduces risk by making scams non-executable without verification: approved channels, callback protocol, multi-approval thresholds, and vendor bank change controls.

Do we need new software or tools?

Typically no. We align the process with your existing tools (email + approval workflow + banking/ERP practices), then document and evidence it.

Who should be involved internally?

Usually Finance/AP, CFO/Finance Ops, and one operations owner for the callback directory. For larger setups: procurement/vendor management.

What is “out-of-band verification”?

It means verifying a payment instruction through a second, independent channel—typically a callback to a number from your approved internal directory (not from the message).

What does the Evidence Pack include?

Signed policies and protocols, approval matrix and thresholds, vendor change procedure, registers/logs, training completion and quiz results, and (package-dependent) tabletop scenario report + management summary.

See the full breakdown

Do you do calls or meetings?

No by default. Delivery is async-first and email-first. Guided packages use written notes and sanitized screenshots for review.

Can you customize for multiple entities or countries?

Yes—Enterprise/Multi-entity scope is custom. It can include multiple threshold matrices, entity-specific registers, and larger-scale training.

Still unsure which package fits?

Email us your company size, payment thresholds, and vendor change workflow. We’ll recommend the right scope.

Contact

Not legal advice. Risk reduction, not a guarantee.