Survey shows some overall improvement in combating fraud, but companies must remain diligent.
At first glance results of the recently released 2012 AFP Payments Fraud and Control Survey look promising. Overall incidences of fraud fell in 2011 (to the lowest level since 2004) and average dollar losses sustained appear to be well contained.
But a closer look indicates that corporate payment fraud is still rampant and emerging payment methods and technologies are bringing new challenges for organizations engaged in business-to-business transactions. Companies should not get complacent.
Below are some key findings and some treasury trends that are helping to fight payment fraud.
Improvements shown in the AFP survey, a collaborative effort by AFP and JPMorgan, include a drop in the percent of organizations experiencing fraud last year. In addition, this is the second year in a row that the number of attempted or real payments fraud attacks as reported has fallen. The other good news is that most companies that were effectively able to combat the fraud. “Three-quarters of organizations subject to fraud attempts during 2011 did not suffer actual losses from fraud,” the AFP reported.
Two-thirds attacked. But despite the downward trend in fraud incidences, the reality is that roughly two-thirds of the organizations surveyed were attacked last year and while the average dollars per loss is relatively low, there are companies that lost hundreds of thousands of dollars. The conclusion is that businesses have not yet made big inroads into keeping fraudsters at bay.
The results did have some other interesting take aways for treasury groups. One was that there was found to be a higher percentage of large companies reporting “no loss/cost” from fraud when they had fewer payment accounts. This supports the trend toward centralization of corporate payments, whereby a lower number of accounts is the best practice. Also, centralization tends to increase the use of payment channels that can further streamline the payment process; it also adds control. Secondly, the report found that most payment fraud, by a substantial percentage, was found to occur within the US.
A previous article on payments fraud, “Payments Fraud Remains a Constant Threat,” lists some internal best practices to adopt to increase controls and help to ward off a fraud attack. These include having all bank systems and applications channeled through an encrypted connection; centrally managing all system users; and educating and training all personnel on fraud.
Going mobile. Although all types of business-to-business payments are at risk, mobile device initiated payments is the newest area for fraudsters and is being watched closely for new ways in which they attempt to tap into payment data transmitted from the devices. With most commercial banks now introducing mobile applications, treasury will not be immune to the inevitable risk of unauthorized access and compromised data security.
As mobile payments become an industry standard and corporate treasury use increases, keep in mind that fraudsters are often a step ahead of banks and other financial institutions in conjuring up tools and methods to access confidential data.
Keep tight control over payment application access and collaborate with both your IT support and banking partners to improve your line of defense. While recent surveys may show a reversal of the increasing trend of payment fraud activity, there is a long way to go and new technologies are bringing new challenges.