Tag Archives: fraud prevention


Remote Working, Without the Fraud Risk

Fraudsters know a good opportunity when they see one—and the recent, mass shift to remote working was an opportunity too good for them to pass up.  The Federal Bureau of Investigations, the Internal Revenue Service, and Interpol warn that phishing schemes and Business E-mail Compromise (BEC) attacks increased since the onset of the pandemic. This … Read More

8 Best Practices for Mitigating the Risk of Payments Fraud

If it feels like your accounts payable department is under siege by fraudsters, you are not alone. Payments fraud is at an all-time high. Worse, it’s not just your checks that are at risk.  Fraudsters are using new tools and sophisticated schemes to infiltrate electronic payments to suppliers.  The good news is that eight best … Read More

Paymerang and Kaplan Partner to Tackle Payment Fraud

How can you protect your organization against payment fraud risk? Paymerang has partnered with Kaplan, one of the world’s largest and most diverse education providers, to share more about the risk of payment fraud. In a jointly produced video, Paymerang CEO, Nasser Chanda, addresses the risk of payment fraud and what organizations can do to shield their … Read More

Paymerang is proud to partner with VASS, VASBO, and former Virginia Governor Terry McAuliffe to address cyber security with Virginia School Superintendents and Business Officers 

From its inception, Paymerang has helped our clients fight fraud and protect their organization’s treasury. That’s why we are proud to partner with the Virginia Association of State Superintendents (VASS), the Virginia Association of School Business Officers (VASBO), and former Virginia Governor Terry McAuliffe to help Virginia’s public schools learn how they can protect their … Read More

The Growing Threat of Payment Fraud

Fraud is a very real threat to finance departments in today’s modern world.  Do you know how to protect your business from the threat of fraud? Kroll, the leading global provider of risk and investigative services, released the 10th Annual Edition Global Fraud and Risk Report.  According to this report the incidence of fraud continued to climb. … Read More

Remote Working, Without the Fraud Risk

Fraudsters know a good opportunity when they see one—and the recent, mass shift to remote working was an opportunity too good for them to pass up. 

The Federal Bureau of Investigations, the Internal Revenue Service, and Interpol warn that phishing schemes and Business E-mail Compromise (BEC) attacks increased since the onset of the pandemic.

This is sobering news when you consider that an astounding 81% of businesses experienced attempted or actual payment fraud in 2019, the second-highest percentage of attempted and actual fraud attacks since 2009 (according to the Association for Financial Professionals (AFP)). 

Fraudsters recognized that the sudden shift to remote working disrupted hardened processes and procedures for safeguarding payments to suppliers and sensitive customer information. 

25% of accounts payable professionals say that the rising risk of fraud is their biggest concern about the disruption to their operations caused by remote work arrangements, according to the results of a poll conducted during a recent virtual town hall meeting held by the Institute of Finance and Management (IOFM).  19% of accounts payable pros polled by IOFM during the town hall meeting admit that they are “concerned” about their department’s processes for paying suppliers. 

Accounts payable leaders are right to be concerned. 

Many businesses are leaning hard on e-mail to onboard suppliers and approve invoices.  While e-mail is one way to get work done when shelter-in-place restrictions make it impossible to get into the office, e-mail creates new vulnerabilities that throw the door open wide to payments fraud: 

  • Lots of manual intervention in payment approval workflows
  • No separation of duties in payment approval workflows
  • No tracking of actions taken to approve a payment
  • No chain of custody assurance for sensitive banking data
  • Inadequate visibility across the payment approval lifecycle

These are the types of vulnerabilities that fraudsters dream about.

Securing Payments Wherever AP Works

91% of accounts payable departments are working remotely, at least in part, IOFM research finds.  58% of accounts payable departments are entirely working remotely. 

Since there is no telling when, or if, accounts payable teams will return to the office, businesses must find ways to mitigate their risks.  Educating employees on the risks of payments fraud, and their role in preventing it, is a good first step.  Regularly reviewing financial processes for vulnerabilities is another.  Labeling external e-mails and being alert for potentially malicious links is also critical.

But nothing stops fraudsters in their tracks like a best-in-class electronic payments solution—technology that includes the built-in controls and segregation of duties that remote working demands.

  • Configurable controls.  Best-in-class solutions ensure control over payments with pre-defined system permissions and privileges, business rules for approvals, separation of duties and chain of custody assurance, audit trails, and administrative controls for security settings.
  • Secure storage of banking information.  Best-in-class solutions use a multi-layered approach to gather, verify, store, and continuously update supplier banking data. 
  • FBO segregated accounts.  ‘For Benefit Of’ accounts were especially designed to handle funds intended to go to another party.  FBO accounts at a reputable bank provide clear instructions as to who should receive funds, reducing the chances of interception.
  • Virtual cards.  Virtual cards do not require the distribution of physical cards.  Virtual card numbers can only be used once, and only for a set time.  Virtual card transactions can be restricted by amount, supplier and SIC code.  Transactions must be approved.  And suppliers only receive 10 of the 16 digits for a transaction, and eventually those numbers disappear. 
  • Two-factor authentication.  Two-factor authentication enables organizations to restrict access to the solution.  And advanced encryption technology makes payment information unreadable to unauthorized users, further protecting digital data.
  • Reconciliation.  Best-in-class solutions reconcile every supplier payment daily. 

As businesses settle into an operational rhythm in the new reality, they must remain vigilant to the growing threat of phishing schemes and BEC attacks.  The combination of best practices and a best-in-class electronic payments solution mitigate these fraud risks, no matter where employees work. 

Want to learn more about mitigating your risk of fraud in the new reality?

Contact us today at sales@paymerang.com to schedule a demo with one of our electronic payment experts.

8 Best Practices for Mitigating the Risk of Payments Fraud

If it feels like your accounts payable department is under siege by fraudsters, you are not alone. Payments fraud is at an all-time high. Worse, it’s not just your checks that are at risk.  Fraudsters are using new tools and sophisticated schemes to infiltrate electronic payments to suppliers. 

The good news is that eight best practices can help organizations mitigate their fraud risk. 

Checks can easily be intercepted, white-washed and cashed, leaving buyers with the expense of investigation, the cost to re-issue checks, and losses, but there are steps that can be taken to reduce payment fraud risk such as using Positive Pay.   

But that doesn’t mean that paying suppliers electronically is without risk. Automated Clearing House (ACH) debit fraud is at all-time peak and shows no signs of slowing down. Business E-mail Compromise (BEC) attacks have resulted in significantly higher levels of wire transfer fraud. These sobering stats are from the Association of Finance Professionals’ (AFP) 2019 Payments Fraud and Control Survey

An eye-popping 78 percent of all organizations experienced attempted and/or actual payments fraud in 2017, AFP’s 2019 Payments Fraud and Control Survey finds. Eighty percent of organizations with at least $1 billion in annual revenues experienced attempted and/or actual payments fraud.

Ninety-two percent of organizations say payments fraud costs them half a percent of revenue. Most of these losses can be attributed to outside fraudsters via forged checks, stolen cards, and BEC schemes that impersonate legitimate suppliers and quickly move funds out of bank accounts. 

How to mitigate payments fraud

It is time for organizations to regain the upper hand in thwarting fraudsters. 

The following best practices will help your organization mitigate its risk of payments fraud:

Use check positive pay:  Positive pay isn’t new, but it is effective. The process matches the account number, check number, and amount of cashed checks against a list provided by buyers. Checks that don’t matched are automatically flagged for review.   

Better manage supplier banking information: Supplier banking information is a tantalizing target for fraudsters. Work with an electronic payment solutions provider with a proven and multi-layered approach to gathering, verifying, storing, and continuously updating supplier banking data. Ensure that the banking information provided by suppliers matches key data in your supplier record, such as their name and address. Ask for a letter from the supplier’s bank or a voided check to verify the supplier’s identity. And validate via telephone all contact and/or banking information update requests, to thwart potential BEC schemes.

Benefit from a ‘For Benefit Of’ or FBO account: Look for an electronic payment solutions provider that holds and disperses funds from FBO segregated accounts at a reputable bank.  Especially designed to handle funds intended to go to another party, FBO accounts provide clear instructions as to who should receive funds, reducing the chances of interception.

Ensure control over your payments: Without the proper controls, organizations can never be sure who is approving or initiating payments. Best-in-class electronic payment solutions organizations ensure control over payments with pre-defined system permissions and privileges, configurable business rules for approvals (including multiple levels of approval for high-dollar transactions), separation of duties and chain of custody assurances, complete audit trails of all activity, and administrative controls for security settings. Some of these solutions can also identify duplicate payments to suppliers before they go out the door.   

Keep sensitive data out of harm’s way: Keeping sensitive data from the prying eyes of fraudsters is a key step in mitigating potential risks. Two-factor authentication enables organizations to restrict system access. And advanced encryption technology makes payment information unreadable to unauthorized users, further protecting digital data confidentiality.

Get insurance: Across the enterprise, organizations use insurance to gain peace of mind.  Supplier payments should not be an exception. Some electronic payment solutions providers maintain coverage with highly rated insurers for general liability, errors and omissions, employee theft, forgery, computer fraud, funds transfer fraud, currency fraud, and credit card fraud. Leading providers maintain insurance that covers up to $1 million per occurrence.

Pay suppliers via virtual cards: Virtual cards are the most secure payment method. How can this be? Virtual cards don’t require the distribution of physical cards to far-flung staff; the cards are plastic-less. Importantly, a virtual card number can only be used once, and is only good for a set time period. Organizations can also restrict virtual card transactions by amount, supplier and SIC code. And virtual card transactions must go through an accounts payable department for approval, just like any other invoice. Finally, suppliers only receive 10 of the 16 digits for a virtual card transaction, and eventually those numbers disappear. 

Reconcile your payments: Traditional approaches to paying suppliers make it so burdensome to reconcile payments (think logging into multiple portals and downloading multiple spreadsheets) that many organizations can’t keep up with it. This leaves the door open to fraudsters. Leading electronic payment solutions reconcile every supplier payment daily.  And leading payment solutions provide complete audit trails of all system activity.

New technologies and new schemes are creating new fraud risks for organizations. Leveraging the eight best practices above will help your organization mitigate its vulnerabilities.

Want to learn more?  Contact us today to arrange a free, no-obligation consultation.

Paymerang and Kaplan Partner to Tackle Payment Fraud

How can you protect your organization against payment fraud risk?


Paymerang has partnered with Kaplan, one of the world’s largest and most diverse education providers, to share more about the risk of payment fraud. In a jointly produced video, Paymerang CEO, Nasser Chanda, addresses the risk of payment fraud and what organizations can do to shield their organizations from fraud.

What is Payment Fraud?

Payment fraud is any type of false or illegal transaction perpetrated by a cybercriminal. In a recent Kroll survey, 84% of financial professionals surveyed reported at least one incident of payment fraud, which is up from 82% reported in 2016 and 61% reported in 2012. Moreover, 86% of respondents reported at least one cyber incident or information data theft, loss, or attack within the last twelve months.

The Kaplan/Paymerang video helps finance professionals assess risk and assist in implementing preventative and protective measures.

An example of payment fraud is seen in a Texas School District that recently fell victim to a phishing scam that cost millions. Phishing scams are emails designed to trick users into handing over personal information. The school district is expected to recover some of the funds as the investigation into the scam continues.

Do you know how to build a resilient organization, ready to handle the growing threats of payment fraud?

Payment fraud risk is a very real threat to organizations. One slip-up in ACH processing or wire transferring could cost millions of dollars and result in significant embarrassment for finance teams. If you have money and secure data, no matter your company size or industry—you are at risk. The Kaplan and Paymerang partnership aims at educating finance professionals on how to navigate those risks.

To learn more about how to protect your organization from payment fraud, watch this video.

Paymerang is proud to partner with VASS, VASBO, and former Virginia Governor Terry McAuliffe to address cyber security with Virginia School Superintendents and Business Officers 

From its inception, Paymerang has helped our clients fight fraud and protect their organization’s treasury.

That’s why we are proud to partner with the Virginia Association of State Superintendents (VASS), the Virginia Association of School Business Officers (VASBO), and former Virginia Governor Terry McAuliffe to help Virginia’s public schools learn how they can protect their data and our taxpayer dollars from cybercrime.

The Governor and Paymerang CEO Nasser Chanda held a spirited session, with over 200 school superintendents and business officers, where they discussed some of the resources available to localities and school divisions. This includes partnering with the Fusion Center to do a cyber risk analysis, which can often be done free of charge and with minimal staff time.

On day two of the conference we held a Q&A session with thirty VASS and VASBO members, who heard from the current Governor’s administration, Paymerang’s own Director of Cybersecurity Jeff Gainer, and the Virginia State Police. The panel provided Superintendents and School Business Officers with the opportunity to learn about the threat cybercrime presents to their IT and financial infrastructure, and to ask questions of the foremost experts dealing with this threat every day.

One key takeaway from our discussion is that fighting cybercrime is not just one person’s job in an organization. It is important that organizations have a culture of information sharing and threat alertness.

The Growing Threat of Payment Fraud

Fraud is a very real threat to finance departments in today’s modern world.  Do you know how to protect your business from the threat of fraud?

Kroll, the leading global provider of risk and investigative services, released the 10th Annual Edition Global Fraud and Risk Report.  According to this report the incidence of fraud continued to climb. Overall, 84% of surveyed executives report their company fell victim to at least one instance of fraud in the past 12 months—whether check fraud or phishing scams. This represents a continuous rise since 2012.

This year’s Report addresses the diverse range of fraud-, cyber-, and security-related challenges that organizations are facing.

Executives offer an insider’s perspective on the nature of incidents their organizations have experienced, along with insights into the perpetrators and methods employed. They share specific steps taken to anticipate, detect, mitigate, and respond to an expanding and increasingly complex set of risks. These risks bring with them material consequences including potentially adverse financial and reputational impacts.

The good news? Paymerang can help.

From our inception, Paymerang has been working with companies around the US to protect against payment fraud. We securely enroll suppliers, encrypt data, use virtual prepaid cards, employ Positive Pay for checks, store information in a secure environment, and require secondary authentication for administrators using the website. We value our clients’ security and are always working to keep our clients protected.

Here are some additional security and compliance measures we have in place to protect our clients:

1. Your funds are held in an account managed by a publicly traded member FDIC bank. Funds are disbursed the same day you fund your batch. Virtual Account and ACH payments are funded immediately for processing. Checks are mailed out with Positive Pay to safeguard against check fraud. We manage reconcilement and follow up on outstanding payments. We promptly refund canceled or unclaimed transactions back to you.

2. All of your data is stored securely on our servers that are hosted at Amazon Web Services. Supplier bank account information is encrypted and tightly controlled. Our system requires two-factor authentication with a hardware security token to verify your identity.

3. We have numerous controls you can set with our software, including dual approval for all batches. You also control who is allowed to create batches, add suppliers and change addresses for suppliers. We only pay suppliers you have approved.

Want to learn more? Schedule a demo with us today!