Many Finance departments are still operating remotely, at least in some capacity. That can be a big fraud risk for many reasons. But there’s good news: While it’s becoming more challenging to avoid payment fraud, it’s not due to telework.
Almost half of finance pros (47%) said working remotely isn’t to blame for any increases in payment fraud at their firm, according to the 2022 Association for Financial Professionals (AFP) Payments Fraud Survey. Only 32% of those surveyed said they believed payment fraud increased because of remote work.
So even though the rise in remote work may make it more difficult to verify payments and transactions, it’s not making it impossible – and it’s not hurting security as much as some may think.
Status of payment fraud during COVID
Payment fraud actually declined slightly during the pandemic overall. Before COVID, over 80% of companies were affected by payments fraud. In 2021, however, 71% of businesses were victims of payments fraud.
A big source of payment fraud is business email compromise scams, where crooks convince Finance pros to click on suspicious links or download unfamiliar attachments with fraudulent email addresses.
More good news: Email fraud is also declining. Scammers targeted 68% of companies with business email compromise fraud schemes in 2021. This is the lowest figure since 2015. Much of this has to do with employers’ investments in technology and training for employees on how to recognize and avoid scams.
To continue to prevent payment fraud, you need to know what’s causing it right now. Telework isn’t necessarily affecting payment fraud – but the method you’re using for payments is.
Common types of payment fraud
Check fraud is the top type of payment fraud that impacts companies, per the AFP survey. Two-thirds of employers experienced check fraud last year.
Many companies are moving away from using paper checks. But they’re still the most popular payment method used for businesses. So it’s key to be as safe as possible when issuing them. Working with banks and using tools such as positive pay to make sure all checks issued by your company are legitimate can help fight check fraud.
The second most popular payment method crooks are currently targeting is ACH debits. ACH debits have finally replaced wire payments on the list. Tools like ACH filters and blocks can help prevent this type of fraud from impacting your company. And it’s also key to know what kinds of safeguards your banks and vendors have in place to keep ACH fraud at bay.
Other types of payment fraud that are rising at companies right now include:
- Corporate/commercial credit cards (26% of payment fraud attempts), and
- ACH credits (24% of payment fraud attempts).
Top fraud target at companies
Out of all of Finance, A/P is most likely to experience a fraud attempt. Nearly 60% of companies said their A/P department was targeted by a business email compromise scam in 2021. Criminals typically imitate trusted vendors or finance execs to try and get A/P to send payment information or other sensitive personnel data.
A/P can avoid falling victim to payment fraud by:
- Using all appropriate fraud prevention tools available from banks, vendors and IT
- Reconciling payments on a daily basis
- Regularly conducting internal audits to ensure payment procedures are fraud-proof, and
- Reviewing payment policies and procedures for fraud-prevention controls.
It’s also helpful to validate payment beneficiary info with an outside source or through banks and vendors – a tactic taken by two-thirds of companies.
Per the AFP survey, Finance pros are using multiple strategies to verify payments. They’re verbally validating large transactions, speaking directly with their vendors before initiating payments and verifying any change requests (e.g., new account info for payments).
Because A/P is a big target for payment fraud, it’s important for staff to verify any unexpected payment requests directly with the source, especially if they’re received via email. The tactics used by scammers are getting more and more sophisticated. Some are even committing identity theft, posing as a higher-up via info stolen from LinkedIn or an employer’s website to fool unsuspecting finance pros.
Hackers are also initiating video conferences with A/P staff via email. In these “meetings,” they’re pretending to be the CFO, claiming the video or audio connection is bad and asking for payment info. Finance should be aware of these schemes.
If a request like this comes through, be sure to double-check the email address it comes from first. And it never hurts to verify the meeting is legit by giving the exec a call.
Fraud prevention
Ultimately, Finance pros (especially A/P staff) must be proactive and keep up to date with the latest technology and how it can be used to commit payment fraud.
Criminals are taking advantage of tech developments in their fraud schemes, so it’s essential for you to remain one step ahead. Regularly check in with IT to see what steps you can take to boost payment security and nip payment fraud in the bud – whether you’re working at home or in the office.