Despite the numerous warnings, press releases and industry-wide examples of payment fraud, companies continue to struggle1 implementing measures that limit risk exposure and the likelihood of being a target. Both internal and external issues contribute to inadequate response mechanisms to payment fraud risk, and many companies are limited to reactionary responses after a fraud event has occurred or triggered an emergency response.
Internal factors that contribute to potential payments fraud include the following:
External pressures also continue to contribute to fraud risk as schemes and scams become more sophisticated and use freely available information (i.e., social media and company Web sites) to target companies and their employees.
While there are often limited resources and internal constraints, companies nonetheless have the ability to bolster their payment fraud defenses by establishing and reinforcing governance and controls within the payment life cycle. Consider the following common steps taken to help minimize risk:
Strengthen weak passwords - Hackers are more sophisticated than before and can relatively easily uncover weak passwords. Use a more complicated combination of letters, numbers, and symbols that aren't commonly recognizable.
Train employees - Fraudsters easily trick staff into revealing account credentials. Train employees to not provide user name or password information over the phone or email-even if the source seems legitimate.
- Typically, companies share wire instructions with long-time vendors or business partners, but extensive due diligence around new vendors and payees is often not robust enough
Bank fraud services - Using Positive Pay services for checks and ACH and Payee Positive Pay for check disbursement accounts adds an extra layer of protection. Use debit blocks and alerts to reduce the risk of unauthorized payments