by Colleen Lang
Fraud can come in many forms, from counterfeit checks to stolen credit cards and from trusted employees to savvy hackers. For businesses, fraudulent activity is always bad news. According to the Association for Financial Professionals’ (AFP’s) 2015 survey, 62 percent of companies were targets of payments fraud in 2014, with financial losses that ranged anywhere from a relatively small amount to millions of dollars.
The good news for businesses is that there are many measures out there that can help prevent and detect fraudulent activity. In addition, advanced technology that will help companies better protect their operations and their bottom line is being developed and deployed.
The Many Forms of Fraud
According to the AFP, the most common forms of fraud that businesses encounter are through checks, corporate credit/debit cards, wire transfers and ACH debits. Paper checks continue to be the payment type most vulnerable to fraudulent attacks and account for the largest dollar amount of financial loss, even though their use continues to decline. Credit and debit cards are the second most popular form of business fraud, with the percentage of organizations experiencing credit/debit card fraud declining from 43 percent in 2013 to 34 percent in 2014. Companies with wire fraud incidents almost doubled, from 14 percent in 2013 to 27 percent last year. And last, ACH debit fraud is the fourth largest form of fraud – nearly equal to that of wire fraud incidents.
The newest form of fraud is cyberfraud, in which criminals create an email account for corporate executives or vendors and send emails with payment instructions to employees in the accounting department. Employees who are unaware of the fake or altered email account will follow the instructions and make payment.
While it may seem daunting, businesses can take steps to protect against fraudulent activity. Positive pay is one example of how companies can get ahead of the game. Positive pay is an automated fraud detection tool offered by most banks. Here is how it works: Companies cut checks every month and send the bank a list of all those checks, including check numbers, amounts and payees. As checks clear against the account, the bank makes sure the checks match up, eliminating any fraudulent or altered checks.
To protect against ACH payment fraud, consider the use of ACH blocks or filters. With ACH blocks, all debits are automatically returned without any review because a “block” has been put on that certain account. ACH filters allow companies to review an ACH debit being presented before it posts to their account and determine whether the debit should be accepted or returned.
To protect against internal fraud, business owners should implement dual control and separation of duties, particularly for electronic payment processes such as ACH originations or wires where one person initiates a payment and a second approves or confirms it. Businesses also should understand who is in charge of what responsibilities on the financial side and make sure there are no gaps. Last, business owners should review financial statements on a weekly or monthly basis.
To mitigate compromise in these areas, businesses should review all areas of their operation and put the proper preventions in place to protect against fraud. For instance, businesses should ensure their employees have the proper education and training for fraud detection. They should install, maintain and update spam filters, anti-virus software and firewalls. Reducing check writing, outsourcing payroll and having dual controls are additional actions that can help prevent fraudulent activity.
New Technology on the Way
In addition to being prepared, businesses will soon be able to rely on new technology to help protect against fraud. The latest and most anticipated technology is EMV (Europay, MasterCard and Visa) chip cards, which will have a major impact on lessening credit and debit card fraud. So much so that 92 percent of financial professionals believe EMV technology will be effective in reducing fraud at the point of sale.
Traditional magnetic stripe cards require a signature for security purposes, whereas the new chip cards will add an additional layer of sophisticated fraud protection through an embedded microchip that turns the cardholder’s information into a unique code that is difficult to duplicate or copy when used at a chip-enabled terminal.
Merchants and retailers are currently in the process of investing in new card-reading technology that will accept EMV chip cards. If they do not update their technology, they – rather than the user or card issuer – could potentially be liable for fraudulent transactions. Visa intends to institute a liability shift in the U.S. for domestic and cross-border counterfeit transactions effective Oct. 1, 2015. This shift will encourage Visa issuing banks to begin issuing EMV chip cards and merchants to begin deploying card swipe technology that can process the chip-on-chip transaction.
While new technology and preventative measures can help businesses protect against fraud, the truth is that it will always exist in one form or another. What businesses can do is educate their employees, make sure they are using the most up-to-date technology and work with their financial partners to ensure the best practices and protective measures are in place. n
Colleen Lang is vice president, treasury management sales officer for UMB Bank in St. Louis. She can be reached at Colleen.Lang@umb.com.
Submitted 7 years 124 days ago