The 6th annual global Treasury Fraud & Controls survey, sponsored by Strategic Treasurer and Bottomline and focusing on the global state of fraud and financial crime, revealed the expected – criminals exploited vulnerabilities exposed by the impact of COVID-19; and perhaps the unexpected – a third of organizations don’t have plans for adopting newer payment technologies.
The survey consisted of 100+ questions answered by treasury practitioners across all roles from banks and companies around the world. Topics spanned experience with fraud exposure; security control measures and spend levels; and strategies for bank account management.
Breaking news (or not?): fraud and financial crime continues to rise year after year. This year, results indicate that 87% of respondents have seen an increase in the overall financial crime threat level over last year. The largest jump was seen by small businesses, who are often targets of blanket automated attacks, with a disparity of 20% over their larger peers. But large businesses made up for that by experiencing a greater number of actual losses.
Exploiting a pandemic
To dig further into the effects the pandemic has had on fraudulent behavior, let’s start with the fact that it forced many businesses to quickly and radically change the way they conduct business. Workforces began to operate remotely with some workers relying more on personal devices for connectivity—scenarios that often don’t provide the level of fraud prevention or protection that corporate environments and networks typically do.
This reality fostered situations where malicious links were clicked on more frequently and on less secure devices. Many of these devices were being used to access sensitive financial and customer data in the course of normal business interactions. In many of these attacks, criminals took advantage of the pandemic by including COVID-19-related topics in their subject lines – such as availability of personal protective equipment or the latest updates on vaccines. While prevalent in attacks on businesses of all sizes, small business we’re more notably targeted with 26% of experienced fraud deploying these types of attacks, and only 17% of large businesses noting the same.
On the banking side, results indicate that concerns over business email compromise (BEC) is of greatest concern. 86% of banks see these types of fraud to be the greatest business risk over the next 2 years, with the majority planning to invest heavily in sophisticated machine learning (ML) and artificial intelligence (AI) technology solutions to combat criminals deploying these tactics.
BEC attacks come in different flavors, but the common thread is leading an employee to believe they are receiving payment or transaction instructions from an authorized person. For instance, an approved vendor requesting a change to payments instructions or a CEO requesting an urgent wire transfer. Account takeover concerns are a close second, which is exactly what it sounds like – criminals taking over an account or log-in credentials to actively divert funds. This is a more direct approach as it removes the effort of having to dupe an employee into the misdeed.
Along with investing in fraud prevention technologies that employ ML and AI, a dedicated approach to educating employees on how to spot fishing attempts can go a long way to stopping these attacks before the money leaves the building. And at a time when payments are moving faster than ever, the prevention of fraud is critical to retaining funds…because more often than not, criminally diverted funds are irretrievable.
The payments modernization effect
Payments modernization, put simply, is the adoption of technology that allows for faster movement of funds with richer information accompanying payments across their life cycle. This combination has upped the game in the B2B payments space. For a closer look at how payments modernization is expanding, the survey asked respondents if they had a payments modernization program and if so, what types of technologies those programs encompass. Results show that 21% of small businesses and 32% of large businesses either have a program already in place or underway, with another 29% and 18%, respectively, considering the move.
Of those with programs, it’s no surprise that faster payment systems like real-time payments and same-day ACH are leading the charge. But it’s important to remember that taking advantage of the speed these payment systems offer also means improvements to security measures have to follow in tandem. This could be one of the reasons why fintech integrations are a close second to the adoption of real-time payments and ACH. For banks, in particular, fintechs are also instrumental in equipping them to offer new payment technologies quickly and seamlessly, giving them an edge in the super-competitive market.
Keeping up with the criminal ‘Joneses’
While this year’s survey indicates that fraud is once again on the rise, the news isn’t all bad. Organizations are finding ways to fight back. By embracing emerging technologies, taking an increasing level of accountability for protecting transactions and partnering with fintechs, they’re increasingly making it harder and harder for criminals to succeed.
For a deeper dive into the full survey results, including an executive summary and actions you can take to protect your organization, check out the following:
- 2021 Treasury Fraud & Controls Survey Results OnDemand Webinar—on demand webinar featuring commentary from Craig Jeffery, Founder & Managing Partner of Strategic Treasurer and Omri Kletter, Global VP, Fraud & Risk Management at Bottomline
- 2021 Treasury Fraud & Controls Survey Report – full results report in PDF
- 2021 Treasury Fraud & Controls Infographic – visual summary of results
For further insight into the payments and banking industries, subscribe now and stay up-to-date on the latest tips, trends, and topics. You can also check out The Payments Podcast, where experts engage each other on the real world factors impacting the payments and banking industries.