Incidents of payments fraud continue to increase as fraudsters take advantage of the digitization of work, shopping and general operations and communications. Despite growing attacks and attempts on digital payments — ACH debits and credits, wires, virtual cards, mobile wallets and cryptocurrency — the payments most vulnerable to fraud continue to be a more traditional method of payment: checks.
The Association for Financial Professionals® recently published the 2023 AFP “Payments Fraud and Control Survey,” which examines the nature of fraud attacks on business-to-business transactions, the payment methods impacted, and the strategies organizations are adopting to protect themselves from those committing payments fraud.
The findings help business owners and financial and accounting professionals better protect incoming and outgoing payments from fraud, glean insights into fraud trends and identify ways to partner with a bank’s treasury management department.
Here are three key takeaways:
Check Fraud Via Mail Theft Surged
In 2022, there was a large increase in “brazen and successful attempts” at stealing mail from U.S. Postal Service mailboxes, the blue drop boxes found in residential neighborhoods and commercial properties, or a building’s mailroom.
When mail contains a check, a fraudster washes the signed check, a chemical process that removes ink, and alters the check amount and/or the name of the payee. Then, the fraudster endorses and deposits the stolen check into an account they are soon to close.
Criminals utilize this type of fraud attack because it is low tech and low cost, and check fraud has been the most vulnerable payment method for the past 18 years.
Three out of four organizations using checks don’t plan to stop. These organizations may believe that using checks is safer than digital payments because of the vulnerabilities to cybercrime, but 63% of organizations reported being the subject of check fraud attempts or attacks in 2022.
To address check fraud, treasury and finance professionals implement internal controls and take advantage of a powerful tool to combat check fraud: positive pay, a check protection service from a bank’s treasury management department that deters fraud by matching the checks a company issues with those it presents for payment. This allows for easy monitoring and rejection of unauthorized transactions.
Multiple Payment Methods, Multiple Vulnerabilities
Accepting more payment methods inevitably means more openings a fraudster can exploit.
In 2022, 36% of businesses were hit by fraud through credit and debit cards — the highest level since 39% of organizations reported experiencing this type of fraud in 2015. The uptick in use of corporate and commercial cards post-pandemic contributes to this trend.
Businesses reporting ACH credit fraud on electronic payments made from one bank to another through the Automated Clearing House also went up 6% year over year. ACH credit payments are a common way for employers to push payroll out to employees and also a common way for businesses to send payments to other businesses and vendors.
Since ACH payments require a bank account number and routing number, this type of fraud is easily perpetrated if a fraudster obtains information through an email phishing scam or data breach.
ACH Positive Pay, also known as ACH Debit Filter, mitigates these risks by blocking or flagging transactions that weren’t originated by an authorized vendor, but also allows for approval of exceptions.
Rely on a Bank Treasury Management Department
The sooner fraud is detected, the greater the chances of recovery.
Larger enterprises may have in-house fraud detection products and services, but a bank can help set up tools, as well. A well-organized treasury department is most likely to uncover both attempted and actual payments fraud activity (61%), followed by an accounts payable team (47%), according to AFP.
In addition to internal controls and processes, fraud can be detected through external inquiries on payments, positive pay, internal review, verbal verification, callbacks, reconciliation and a banking partner’s fraud investigation.
A majority of organizations recoup less than 10% of funds stolen due to fraud. The main reason for this is lack of detection tools, with the result that when an accountant, controller, auditor or other team member discovers fraud has occurred, it’s too late to cancel a payment.
Not surprisingly, organizations able to recover more funds are typically those with greater revenue and higher volume of payment accounts, because they are better equipped to detect fraud early. However, businesses of all sizes can prioritize safeguarding payments and accounts, and work with a bank’s treasury management department to adopt tools and processes to more effectively combat fraud.
Karah Gagnon serves as senior vice president, commercial banking team lead at Enterprise Bank & Trust. With more than two decades of commercial banking experience, Gagnon is a trusted expert and resource for her clients and team. She leads Enterprise’s commercial banking team in Arizona, focusing on strategy, lead generation, strengthening current client relationships and supporting the execution of clients’ financial success.