Every year criminals devise new ways to attack business bank accounts. That’s a constant. But two things never seem to change: The majority of businesses continue to experience fraud attempts, and check fraud remains the most prevalent form of attack.
According to Association for Financial Professionals (AFP) survey data, more than 7 out of 10 organizations reported being the targets of payments fraud attempts last year. And, once again, check fraud was the top culprit, with about two-thirds of organizations experiencing such attacks.1
Here are three recommendations for how businesses should respond:1. Migrate as many payments as possible from check to electronic methods.
Contributing to the check fraud problem has been the rising volume of “blue-box check fraud” where fraudsters get their hands on master keys to Postal Service boxes and steal mail, including bill-payment checks. The stolen checks give criminals all the information they need to perpetrate fraud in various ways, including replicating your checks or using your banking information to make payments online.
With this added check fraud threat, it’s more important than ever for organizations to migrate to electronic payment channels like Automated Clearing House (ACH) and card.
One way to ease the migration is to adopt payables outsourcing. With our VenPay service, you send us a single payment file and we will route the payments automatically to the proper channel based on how they are enrolled — card, ACH or check.
2. Use every fraud mitigation tool available to curb risk related to your electronic payment transactions.
Reducing check issuance is a great first step to combatting payments fraud. But here’s the rub: No method of payment is without fraud risk. So, although we view them as safer payment methods than checks, both ACH and cards are susceptible to fraud when you don’t have the right controls in place.
To defend against ACH fraud, we recommend businesses use ACH positive pay, which allows you to establish parameters for payments that are to be made automatically (e.g., payments to approved vendors under a certain dollar amount) and then review any exceptions to determine if they should be paid or rejected.
Reconciling accounts daily, rather than monthly, is another best practice that can help block ACH fraud attempts.
Businesses that allow trading partners to debit their accounts via the ACH network should also consider our Universal Payment Identification Code (UPIC) service, which masks their banking information so bad actors can’t use it for fraud purposes.
To secure card payments, one of the best protections is establishing alerts on card accounts. You can ask your card provider to alert cardholders or your card administrator with a text any time, for instance, there is a charge over a certain dollar amount.
Users of our VenPay payables outsourcing can take advantage of single-use virtual cards as well as Exact Match, which prevents unauthorized card charges — including any transaction in an amount that doesn’t exactly match your origination records — from posting to your account.
3. Impress upon employees the critical role they play in reducing payments fraud.
Many popular fraud scams, such as business email compromise, can only be successful if an employee at the targeted company gets fooled. As a result, regularly training employees to recognize and thwart common frauds is crucial to protecting your business.
Fraud education efforts should also include training employees to be diligent in following best practices related to bank security tools. For instance, positive pay and ACH positive pay are only effective if employees monitor red-flagged exceptions daily.
To learn more about best practices and tools for preventing payments fraud, visit our Cybersecurity Awareness page.
1 2022 AFP Payments Fraud and Control Survey, https://www.afponline.org/publications-data-tools/reports/survey-research-economic-data/Details/payments-fraud
The information, views, opinions, and positions expressed by the author(s), presenter(s), and/or presented in the article are those of the author or individual who made the statement and do not necessarily reflect the policies, views, opinions, and positions of Hancock Whitney bank. Hancock Whitney makes no representations as to the accuracy, completeness, timeliness, suitability, or validity of any information presented.