Remote Working, Without the Fraud Risk
Fraudsters know a good opportunity when they see one—and the recent, mass shift to remote working was an opportunity too good for them to pass up.
The Federal Bureau of Investigations, the Internal Revenue Service, and Interpol warn that phishing schemes and Business E-mail Compromise (BEC) attacks increased since the onset of the pandemic.
This is sobering news when you consider that an astounding 81% of businesses experienced attempted or actual payment fraud in 2019, the second-highest percentage of attempted and actual fraud attacks since 2009 (according to the Association for Financial Professionals (AFP)).
Fraudsters recognized that the sudden shift to remote working disrupted hardened processes and procedures for safeguarding payments to suppliers and sensitive customer information.
25% of accounts payable professionals say that the rising risk of fraud is their biggest concern about the disruption to their operations caused by remote work arrangements, according to the results of a poll conducted during a recent virtual town hall meeting held by the Institute of Finance and Management (IOFM). 19% of accounts payable pros polled by IOFM during the town hall meeting admit that they are “concerned” about their department’s processes for paying suppliers.
Accounts payable leaders are right to be concerned.
Many businesses are leaning hard on e-mail to onboard suppliers and approve invoices. While e-mail is one way to get work done when shelter-in-place restrictions make it impossible to get into the office, e-mail creates new vulnerabilities that throw the door open wide to payments fraud:
- Lots of manual intervention in payment approval workflows
- No separation of duties in payment approval workflows
- No tracking of actions taken to approve a payment
- No chain of custody assurance for sensitive banking data
- Inadequate visibility across the payment approval lifecycle
These are the types of vulnerabilities that fraudsters dream about.
Securing Payments Wherever AP Works
91% of accounts payable departments are working remotely, at least in part, IOFM research finds. 58% of accounts payable departments are entirely working remotely.
Since there is no telling when, or if, accounts payable teams will return to the office, businesses must find ways to mitigate their risks. Educating employees on the risks of payments fraud, and their role in preventing it, is a good first step. Regularly reviewing financial processes for vulnerabilities is another. Labeling external e-mails and being alert for potentially malicious links is also critical.
But nothing stops fraudsters in their tracks like a best-in-class electronic payments solution—technology that includes the built-in controls and segregation of duties that remote working demands.
- Configurable controls. Best-in-class solutions ensure control over payments with pre-defined system permissions and privileges, business rules for approvals, separation of duties and chain of custody assurance, audit trails, and administrative controls for security settings.
- Secure storage of banking information. Best-in-class solutions use a multi-layered approach to gather, verify, store, and continuously update supplier banking data.
- FBO segregated accounts. ‘For Benefit Of’ accounts were especially designed to handle funds intended to go to another party. FBO accounts at a reputable bank provide clear instructions as to who should receive funds, reducing the chances of interception.
- Virtual cards. Virtual cards do not require the distribution of physical cards. Virtual card numbers can only be used once, and only for a set time. Virtual card transactions can be restricted by amount, supplier and SIC code. Transactions must be approved. And suppliers only receive 10 of the 16 digits for a transaction, and eventually those numbers disappear.
- Two-factor authentication. Two-factor authentication enables organizations to restrict access to the solution. And advanced encryption technology makes payment information unreadable to unauthorized users, further protecting digital data.
- Reconciliation. Best-in-class solutions reconcile every supplier payment daily.
As businesses settle into an operational rhythm in the new reality, they must remain vigilant to the growing threat of phishing schemes and BEC attacks. The combination of best practices and a best-in-class electronic payments solution mitigate these fraud risks, no matter where employees work.
Want to learn more about mitigating your risk of fraud in the new reality?
Contact us today at sales@paymerang.com to schedule a demo with one of our electronic payment experts.