Payments fraud continues to thrive, despite the multitude of precautions that corporates are taking to prevent it. Last year, most organizations were subject to some form of payments fraud, according to the 2011 AFP Payments Fraud and Control Survey.
Kevin Roth, PhD, Managing Director of Research and Strategy Analysis at AFP, said, “Recent trends in fraud activity continued during 2010. About 75 percent of corporates fell victim to payments fraud in 2009, and it was nearly the same in 2010.”
Corporates attribute the persistently high fraud rates in recent years to the Great Recession. The growth of electronic payments coincided with companies facing economic collapse, providing a convenient opportunity for fraudsters.
The good news is, at the present time, fraud does not appear to be evolving. So as long as corporates remain vigilant, their funds should be fairly secure. “We haven’t witnessed any new trends,” said Laura Howley, CTP, Senior Manager at The Boeing Co. “Most of the fraud attempts we’ve experienced have been similar in nature over the past few years.”
In an AFP Annual Conference session last November, Nicholas Alex, CTP, SVP and Director of Product Management, Strategy and Development at SunTrust and a member of AFP’s Payments Advisory Group (PAG), remarked that check fraud was the most common form of fraud. The 2011 AFP Payments Fraud and Control Survey confirms that 93 percent of respondents suffered check fraud.
Alex noted that despite the gradual decline of check usage, check fraud remains the preferred method for fraudsters primarily because it is a relatively uncomplicated, expeditious way to commit crime. There are a number of methods organizations use to stem the flow of check fraud. According to AFP, 84 percent of organizations employ the positive and/or reverse positive pay method.
Another form of payments fraud, ACH fraud, can be perpetrated in numerous ways. In terms of prevention, 76 percent of AFP survey respondents said they use ACH debit blocks, and 61 percent use debit filters. ACH positive pay (27 percent) and using the Universal Payment Identification Code (UPIC) for ACH credits (7 percent) were less utilized.
Business-to-business (B2B) cards remain another regular target of fraudsters. According to the survey, 15 percent of the fraud cases in 2010 were related to corporate/commercial cards. Seventy-seven percent of the organizations that experienced payments fraud via the use of their own corporate/commercial card last year reported that an unknown external party committed the crime. Thirty-two percent of those organizations suffered actual financial losses.
“There does seem to be a lot of p-card fraud (or potential p-card fraud) because a lot of companies do not have controls in place to look at the p-card,” said PAG member Anita Patterson, CTP, Director of Treasury Services at Cox Enterprises Inc., at the AFP Annual Conference. “I think they do now, more than they used to. But there are still a lot of attempts out there to steal via the p-card because it makes it very easy.”
According to the AFP survey, best practices to mitigate payments fraud risks include:
- Increasing the use of electronic payments for the business-to-business (B2B) transactions (88 percent)
- Increasing the use of electronic payments to employees (86 percent)
- Separating accounts for disbursement and collections (75 percent)
- Separating bank accounts by payment type (47 percent)
- Open accounts for receiving ACH debit payments (36 percent).
Experiences with fraud
Northrop Grumman encounters about 35 to 40 check fraud attempts per year, a trend that began in 2007. In most instances, fraudsters issued checks to victims—typically people in certain demographics that generally need money—for a greater amount than what was supposedly owed, and convinced them to return the excess amount via wire transfer. “The first scenario was a lottery scheme,” PAG member Jerl L. Rossi, CTP, Director of Treasury Operations at Northrop Grumman, said at the AFP Annual Conference. “They told the victim, ‘You won the lottery; here’s a Northrop Grumman check for $5,000. Deposit the check and send me $1,000.’ Interestingly enough, about half the people that got these letters deposited the checks and sent the money.”
Boeing also was hit with an array of fraud attempts after the financial crisis began in 2008 and, as a result, built up its prevention practices. “We completed extensive industry research and benchmarking, which included meeting with our key banking partners,” said Howley. “We spoke with the banks’ fraud mitigation product specialists and fraud investigation teams, and benchmarked with other large corporate on best practices.”
Boeing’s Global Treasury Operations established an enterprise-wide fraud/risk reduction team, which is used to educate business units on best practices and keep open dialogue on fraud attempts, said Howley.
Patterson stressed that often, the worst threats come from within. “We have experienced some issues with employees attempting to perpetrate fraud against our own company,” she said. She relayed the story of an employee whose job was to contact vendors that had outstanding checks that were stale-dated. The employee was to find out what happened, cancel the original checks and reissue. “Well, he reissued the checks alright—but he did it to himself. He set up fictitious vendors, and he would have made off with quite a bit of money. Fortunately, there was an eagle eye in the accounting department that did some questioning, some looking, some reconciliation—and was able to catch the items.”
Patterson said she is amazed that so many people fall victim to fraud despite the publicity it gets, and emphasized the importance corporates taking the necessary precautions. “It’s imperative that you use the banking services that are provided—the positive pay, the reverse positive pay—to make sure that you protect yourself in those regards,” she said.