The CFO already separately sent him a message before the call, and I wonder if they'd get access to the CFO's number in a central directory (leaving aside the fact that you're asking to message them while they're live "in front" of you).

I fthe CFO gave a number on the call, it wouldn't also be much of a check.

I think the real improvement would be to have the CFO file a ticket, but obviously that company was used to play it loose and fast.

With $25 million on the line, I'd argue that the company could afford an airline ticket to fly to the UK and back to verify in person.

They might be able to afford ticket price, but not the time it takes to fly to the UK. Some things are time-sensitive.

It would detect number spoofing. Spoofing is easy, hacking phones is hard(er).