Fraud impacts all segments of business. But more than that, it affects the people who become victims to it.
“Typically, someone like an accounts payable person is exposed to a fraudulent transaction,” says Jennifer Bidlingmyer, Senior Vice President, Treasury Management Sales Director, Premier Bank. “It’s another layer — the victim of fraud. They can lose confidence in the process and feel responsible for what happened. It’s more than just financial damage.”
Just by being in business and utilizing the financial system, companies and their people are exposed to fraud. Once a crack in the armor is found — a check is stolen from the mail, an emailed link is clicked — the organization may need to shut down its bank account, which can cripple an organization.
Smart Business spoke with Bidlingmyer about how companies are impacted by fraud and what they can do to reduce their exposure.
What are the more common types of fraud?
Across the spectrum of businesses, business email compromise is the most common fraud perpetrated. Someone posing as a known entity, such as a vendor, asks for a change to payment information. But the request is coming from a fraudster trying to get money sent to a new account. This tactic is surprisingly successful because when a company is not authenticating payment information with a second form of authentication or the multi-factor authentication, they’re vulnerable. Sometimes the person who ultimately authorized the transaction knew better — they were going to call and verify the information but they got busy and took the request at face value.
Checks being stolen from the mail is another area of attack. Each physical check has the business’s routing and account number, signature and other pertinent information that can be used by bad actors to steal money from the company. Often businesses aren’t looking closely, or at all, at the check images that are posting to their account, so they may not realize that a check is bad. The fraudster only changes the payee information, and so everything else looks good at a glance. It might not be detected until a vendor calls to say they never got paid. If enough time has passed before the fraud is discovered, it can be impossible to collect on those funds.
There are also ransom situations in which a computer or server is overtaken, enabling fraudsters to infiltrate. Clicking on links or attachments in an email can create a doorway into a computer system. Fraudsters can then lock the information away and demand payment for its return. Or, they’ll observe the activity happening on that computer or server for a period of time to learn how to impersonate someone from the C-suite, then make financial requests.
How can companies mitigate fraud?
As much as a company can get paper checks out of circulation, the better. There are alternative methods for paying, such as ACH and credit card. However, because checks are likely not going away anytime soon, companies should be sure they know who they’re sending their checks to. Make sure diligence is done so it’s clear who’s receiving the payments. Then, make sure to look at the images of the checks when they are presented to the account. Positive pay with payee verification is also an effective option to catch checks that do not match their check issue file.
Education is the key to preventing email fraud. Create internal policies that include dual control, ensuring payment verification and a second form of authentication is part of that critical first line of defense. Employees must also be skeptical and ask questions when they receive any request to move money outside an account.
Businesses can work with their banker on how to better insulate their company from fraud. Some banks may regularly send out educational information and risk awareness to keep companies informed about new fraud tactics and can take action to prevent them from impacting their business. Keep lines of communication open and if something appears ‘off,’ engage your banker in the conversation. Rather than have you experience a disruption that could have been avoided, they would much rather offer consultation, recommend protection tools, outline prevention training and put a contingency plan in place should a fraudulent situation occur.
INSIGHTS Banking & Finance is brought to you by Premier Bank
