Despite the move from paper to ACH, banks and other institutions still wrestle with payments fraud.
From check lottery schemes to false vendors to clever hackers, banks continue to invest heavily in payments fraud prevention to keep thieves at bay. But new threats are surfacing even as old threats linger. And as the playing field gets more global, keeping abreast of the latest tools for tackling today’s more sophisticated fraudster is a challenge for organizations—even the terminology is changing. How to be on the winning side in the war on payments fraud?
Old Threats Linger.
A few years ago, when check lottery schemes were popular, one US corporation dodged a bullet as “positive pay,” an anti-fraud service offered by just about every US commercial bank, nipped one scheme in the bud. Without positive pay, it would have wreaked havoc for the nearly victimized company whose stolen check copies were presented in a lottery to “winners” as prize money. Following the lottery letter’s instruction, winners paid a fee (in the range of $2000) via wire transfer from their personal bank account and deposited the bad check received, and then waited for their prize funds to post to their bank account, which of course never happened.
While positive pay successfully rejected those checks and protected the company, its bank ultimately asked that the account be closed and a new one reopened due to the volume and frequency of these bad checks. Luckily for this corporation there was no direct financial loss incurred but, unfortunately, individuals were scammed and lost personal funds. Not every company is so lucky – a 2010 survey indicates that close to 30 percent of companies who are victims of fraudulent attempts actually experience a financial loss.
The bigger company.
Most treasurers have seen the numbers and clearly the business of fraud is not showing signs of slowing. Losses from fraud remain high, with the larger institutions (those with more than $1bn in revenue) are seemingly more at risk. For years the fraudsters concentrated on paper checks before moving to ACH, and now have entered the cards and mobile marketplace.
Yes, locking away paper check stock in a secure area, requiring two signers for manual checks, and limiting the dollar amount of each check still remains good internal practice. But it is not enough. Stopping theft in its tracks or reducing the risk of fraud truly is a cooperative effort, and internal policies and procedures need to be combined with external tools in order to combat attempts at infiltrating corporate payment systems.
Equally important in the fast-changing technology world we deal in, is the sharing of intelligence across the business on fraud prevention and staying on top of new developments. This is one of the best approaches in defending your organization from becoming a victim from a fraudulent attack.