Protect your business against fraud

A

ccording to a 2016 PwC study, more than one-third of organizations have experienced economic crime in the past 24 months. And this could spell trouble for businesses that are not taking steps to safeguard their financial accounts and other sensitive information.

Payments fraud is once again on the increase, and wire transfers are now the second most targeted payment type. In 2015, as reported in the 2016 AFP Payments and Control Survey, 48 percent of organizations were exposed to wire fraud, which is a significant increase from the 27 percent and 14 percent that reported wire fraud in 2014 and 2013, respectively. The explanation for this alarming trend is likely the escalation of Business Email Compromise (BEC).

Business Email Compromise

According to the FBI, BEC is described as “A sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfer of funds.”

There has been a 1,300 percent increase in identified exposed losses associated with BEC since January 2015, according to the FBI. With the threat of BEC and wire fraud on the increase, businesses should consider the following best practices to strengthen their internal business controls.

Wire-transfer due diligence

• Did the wire instructions arrive in the form of an email, fax or letter?

• Does the industry type and location of the receiving party seem logical?

• Does my company normally do business with this party?

• Did I personally speak with an official at my company who is knowledgeable about our relationship with the receiver?

Payment request verification

• Verify with a second individual or with the requestor, but through a different channel than the one used to submit the request.

• Verify requests by phone that are received via email or fax; always use a phone number on file, not a phone number contained in the request.

• Never feel pressured to initiate a payment without verification. It is safer to take a little longer and be sure the payment is legitimate, than to be quick and lose thousands of dollars to fraud.

• Verify any change to vendor payment instructions (i.e., bank name or account number) or vendor contact information with a second individual at the vendor’s business phone.

• Dual Control:  establish a dual control requirement for all outgoing ACH or Wire payments.

Understanding the different methods that fraudsters employ and using these types of internal business controls can help reduce the risk of payment fraud. Other fraud protection tools, such as Positive Pay and ACH Filter, may be available through your financial institution to help combat ever-evolving threats and safeguard your business. For additional information about BEC, visit www.ic3.gov/media/2016/160614.aspx.

Wendy Reynolds is executive vice president and commercial banking manager for Centennial Bank and Trust. Reach her at 303-460-4703 or wreynolds@centennialbanking.com.

on Facebook on LinkedIn