How to protect your business against fraud
Business email compromise and wire fraud are on the rise
Payments fraud is once again on the rise, and wire transfers are now the second most targeted payment type. In 2015, as reported in the 2016 AFP Payments and Control Survey, 48 percent of organizations were exposed to wire fraud, which is a significant increase from the 27 percent and 14 percent that reported wire fraud in 2014 and 2013 respectively. One explanation for this alarming trend may be the escalation of Business Email Compromise (BEC).
Business Email Compromise. The FBI recently released a public service announcement (PSA) about the growing threat of wire fraud through email scams, how it happens and how businesses can reduce or stop the threat. In its PSA the FBI described BEC as: “A sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfer of funds.”
According to the PSA, since January 2015, there has been a 1,300 percent increase in identified exposed losses associated with BEC.
Best Practices & Protection. With the increased threat of BEC and wire fraud to businesses of all sizes, consider these best practices to strengthen your internal business controls:
Conduct due diligence before sending a wire. Consider the following:
Did the wire instructions arrive in the form of an email, fax or letter?
Does the industry type and location of the receiving party seem logical?
Does my company normally do business with this party?
Did I personally speak with an official at my company who is knowledgeable about our relationship with the receiver?
Always VERIFY the payment requests submitted to your business.
Verify with a second individual or with the requestor, but through a different channel than the one used to submit the request.
Verify requests by phone that are received via email or fax; always use a phone number on file, not a phone number contained in the request.
Never feel pressured to initiate a payment without verification. It is safer to take a little longer and be sure the payment is legitimate, than to be quick and lose thousands of dollars to fraud.
Verify any change to vendor payment instructions (i.e., bank name or account number) or vendor contact information with a second individual at the vendor’s business phone.
Dual Control: establish a dual control requirement for all outgoing ACH or Wire payments
Payments fraud is an ever-evolving threat, but continued awareness of the different methods that fraudsters employ and internal business controls can help reduce the risk. In addition, many financial institutions offer fraud protection tools, such as Positive Pay and ACH Filter to safeguard your accounts. For more information about BEC, visit https://www.ic3.gov/media/2016/160614.aspx
(Editor's note: This sponsored content was provided by Centennial Bank and Trust.)
Brendan C. Morse is Senior Vice president and Manager of Treasury Management for Centennial Bank and Trust. Morse has more than 16 years of treasury management experience. He also holds a Certified Treasury Professional designation. Reach him at (720) 873-3779 or firstname.lastname@example.org.