New Fixes for Old Problems: Corporate Treasury Fraud

FinLync | March 18, 2022

Fraud has cost global businesses $42 billion over 24 months, according to PwC’s Global Economic Crime and Fraud Survey 2020. And that is cash that comes directly off a company’s bottom line.

But treasury and finance teams are still not considering the true cost of manual processes, particularly when it comes to circumventing the threat of fraud. So why is it time to get rid of those processes for once and for all – and what should you be doing instead?

The trouble with spreadsheets

Around the world, many treasury and finance teams are still using spreadsheets and carrying out manual processes, such as logging onto banking portals one at a time. Their reasoning? For one thing, spreadsheets are flexible – in other words, it’s easy to manipulate formulas and link datasets between tabs and spreadsheets.

Spreadsheets are believed to also be an inexpensive option. But the caveat here is that the true costs of using spreadsheets are greater than the perceived benefits. For one thing, the cost of labor is much higher for time-consuming manual processes than it is for an automated alternative. What’s more, the cost per user of accessing Microsoft Excel might be low compared to a treasury solution – but using spreadsheets and manual processes also makes it easier for fraudsters to target your business.

There are a couple of reasons for this. First, payment approval processes requiring wet signatures on pieces of paper are easier to manipulate than secure alternatives. Second, when your process involves treasury and finance users logging into banking portals one at a time, it’s difficult to track who has access to passwords, and have confidence that the physical tokens used to access portals are kept safe – and up-to-date. Last, the areas within the company that often use manual processes as part of their daily activities are prime targets for fraud activities.

Get the free eBook: the Essential Guide to Bank APIs

According to the AFP 2021 AFP Payments Fraud and Control Survey some of the areas most susceptible to fraud include:

  • Accounts Payable departments are the most susceptible to Business Email Compromise (BEC) fraud. Sixty-one percent of respondents report that their Accounts Payable department is most often vulnerable to BEC.
  • In 2020, 74% of organizations were targets of payment scams, indicating that a large percentage of companies continue to be impacted by payments fraud.
  • According to 77% of treasury and finance practitioners, educating employees on the threat of BEC and training them to identify spear phishing attempts is an important component in controlling BEC.
  • In 2020, checks and wire transfers continued to be the payment methods most impacted by fraud activity.

Familiarity over security

No-one doubts that spreadsheets are convenient as a “tried and true” method many are familiar with using.  But they are also cumbersome and, more importantly, not necessarily secure. When you consider how quickly incidents of fraud are occurring and how sophisticated those perpetuating it are getting, the fact that spreadsheets are not constructed with basic security mechanisms or have only limited authentication measures, creates potential fraud issues.

There are additional security problems, particularly in terms of the ease with which spreadsheets can be replicated and distributed. Essentially, anyone with access to a spreadsheet can duplicate it and email it to themselves.

Though spreadsheets may seem acceptable to use, the lack of data encryption, multifactor authentication, automated data integration and advanced user-access controls are just a few of the reasons why choosing spreadsheets over a more advanced means of fraud control leaves your organization open to greater fraud risk.

Get the free eBook: the Essential Guide to Bank APIs

Out with the old, in with the new

It’s clear that fraud affects a company’s bottom line. According to PwC’s report, nearly half of the reported fraud incidents that led to losses of $100 million or more were committed by insiders. While alarming, the financial cost of fraud is not the only outcome to consider: falling victim to fraud can also severely damage a company’s reputation. Manual processes also come with a heightened risk of error, as well as being costly and inefficient.

Fortunately, spreadsheets are not the only option. A treasury solution based on bank API connectivity provides a direct link between your systems and the bank. It also gives you more secure access via multi-factor authentication and secure passwords, meaning that the CFO, Treasurer or finance lead can control who has access to sensitive information.

“The emergence of Instant Payments, Process Automation, Open Banking and APIs will propel the treasury function from ‘managing transactions’ to the higher trajectory of ‘managing strategic drivers.”- Standard Chartered, ABR Treasury Review

In addition, audit trails keep everyone honest within the organization. Unlike spreadsheets, an API-powered solution can track changes to information such as dollar amounts or account numbers by user, time and date – which discourages bad behavior and makes it easier to spot potential fraud. Furthermore, API connectivity reduces the risk of fraud by limiting the number of hands that touch a payment.

The bottom line: spreadsheets and manual processes make your company more vulnerable to attacks. The solution is to take advantage of a treasury solution that offers direct API connectivity between you and your bank — whether a single bank or multi bank connectivity — and protects your organization through secure, traceable processes.

Essential Guide to Bank APIs