Fraud is a concern for all businesses – and in today’s environment, there are more threats than ever that companies need to be aware of. As such, companies of all sizes need to understand the risks they face, and make sure that they have suitable measures in place to protect themselves from the threat of criminal activity. Read our business fraud prevention tips to find out which risks you need to be aware of, and some of the ways to prevent fraud.
What is fraud prevention?
At the broadest level, fraud can be defined as the use of deception for financial or other gain. There are many different types of fraud, but in the context of business/corporate fraud, one of the most significant is payment fraud – in other words, the risk that fraudsters will steal money from the company by attacking its payment processes.
All companies – from small and medium-sized businesses to large multinational corporations – are at risk of fraud, and as such it is essential to put measures in place to protect B2B payments from criminal activity. The risks are considerable and falling victim to fraud is commonplace in today’s environment. For example, the AFP’s 2021 Payments Fraud and Control Survey found that 74% of organizations had experienced attempted or actual payment fraud in 2020.
Get the free eBook: the Essential Guide to Bank APIs
How to avoid fraud
Prevention is better than cure – so it’s essential that companies know how to prevent fraud in business, and have robust measures in place. This should include a clear framework, with suitable policies in place that are regularly reviewed and updated as new threats emerge. Awareness is also an important component of fraud prevention, so companies should ensure that all relevant employees are kept fully up-to-date about the latest scams and how to avoid them.
Fraud awareness and prevention
Fortunately, there are a number of steps that companies can take to reduce the risk of fraud, from adopting effective processes and enforcing audit trails to taking advantage of the latest technology. Some of the most important measures to bear in mind are as follows:
- Clear processes, controls and audit trails
Having the right processes and controls in place is essential when it comes to preventing fraud. For example, segregation of duties is a way of reducing fraud risk by making different people responsible for the initiation and the approval of payments. Other key measures that companies can take include the use of digital signatures and audit trails:
- Digital signatures. Before the Covid-19 crisis, the continuing use of wet signatures represented an ongoing fraud risk for many companies. Indeed, the AFP survey noted that the second most often mentioned source of payments fraud in 2020 was an external source, such as a forged check or stolen card. At the beginning of the pandemic, however, all this changed. With staff working from home, it was clear that tighter controls were needed, leading to a rapid rise in the use of digital signatures. Likewise, companies collaborated more closely with their banks and vendors to ensure they had robust controls in place.
- Audit trails. One important fraud prevention tool is the use of clear audit trails to track payment-related activity, such as changes to a vendor’s bank account information. If all actions taken by staff in relation to payments are tracked and recorded, this can act as a powerful deterrent to potential fraudsters, as well as making it easier to identify any suspicious activity that might occur.
- Employee education
Employee education is also an important consideration, and staff should be given regular training to ensure that awareness of the company’s fraud prevention measures remains high. It’s also important to educate employees about the latest threats.One notable risk is Business Email Compromise (BEC) scams, which were identified as the primary source of payments fraud by the AFP survey. In a BEC attack, a fraudster typically attempts to trick an employee into making an illicit payment by masquerading as a senior member of staff, often claiming that the payment in question is both sensitive and urgent.As such, employees should be educated about the risk posed by BEC scams, and should have a clear understanding of the measures that should be taken to validate any suspicious requests.
- Fraud prevention techniques
There are a number of business fraud prevention methods for companies to consider. Where check fraud is concerned, one notable tool is Positive Pay, in which the company gives the bank a file of checks and ACH payments that it has issued. The bank will then only pay the checks and ACH requests that match those detailed in the file.While Positive Pay can play an important part in detecting duplicate or forged checks, it is not infallible. For example, it doesn’t detect situations in which an authorized check has been endorsed and cashed by a third party. There is also a risk of false positives – for example, if the company fails to send a complete file.Account reconciliation likewise plays a part in protecting organizations from fraud. However, by definition this will only identify instances of fraud after they have already taken place.
Get the free eBook: the Essential Guide to Bank APIs
- Fraud prevention technology
Technology has an important role to play when it comes to reducing the risk of fraud – and in many cases there is plenty of room for improvement. For example, legacy technology and traditional bank connectivity methods, such as host-to-host connectivity, still require files to be stored on servers before being transmitted to the bank. This opens up the risk that files might be manipulated.As such, one important business fraud prevention tip is the use of bank APIs to mitigate this risk. APIs were designed for the real-time exchange of data between two counterparties, without the need for an intermediary. Each counterparty remains in control of their data and is able to request what they want, when they want it.Bank APIs also work on a synchronous data exchange. This means that corporates instantly know whether or not a counterparty has received a message, with the progress of the payment updated in real-time until it reaches its final destination.
Bank APIs can mitigate the risk of fraud by reducing the number of hands that touch any particular payment. They can also reduce fraud risk by tracking any changes made by specific users. Companies should therefore consider using sophisticated API-based treasury software to reduce the risk of fraud, track users’ activities and ensure robust controls are in place.
Business fraud prevention checklist
While fraud is a significant risk for any business, the good news is that there are plenty of measures companies can take to protect themselves. Keep in mind the following business fraud prevention tips to help you avoid the risk of fraud in your business:
- Ensure fraud prevention policies are fit for purpose and up-to-date
- Build robust processes and adopt effective fraud prevention controls
- Enforce audit trails for payment processes
- Educate payments staff on the latest threats, such as BEC scams
- Ensure that the relevant staff are trained in fraud prevention techniques
- Use tools like Positive Pay, but be aware of the possible shortcomings
- Adopt sophisticated treasury software that includes robust controls
- Take advantage of bank APIs