As businesses become more digital, the more at risk they become of fraud attacks. Today a majority of accounts payable departments are turning away from paper checks and are paying suppliers by ACH. This change in payment has caused an increase in fraud, specifically fraud attacks on ACH credits.
The most commonly known fraud attacks are Business Email Compromises (BECs). BECs are a scam that targets businesses who conduct wire transfers. Essentially, hackers use phishing to trick business owners or employees into taking harmful actions such as sending money to the attacker.
According to the 2020 AFP Payments and Fraud Control Survey Report, in 2019 75% of organizations experienced a BEC scheme and 54% of these individuals reported financial losses. Specifically, the report found that 37% of these fraud attacks targeted outgoing payments between buyers and suppliers. During the pandemic, these schemes have increased now that a majority of businesses are able to work from home and rely more on technology.
With ACH credit fraud on the rise, it is important that business owners are prepared to take steps to reduce this event from occurring.
The first step in preventing fraud is handling information with care. Business owners should be handling supplier banking data securely. This data is generally stored in an enterprise resource planning (ERP) system or on an Excel spreadsheet. It is crucial staff handle this information carefully as it can be easy for untrained employees to be tricked into providing banking information to a hacker.
This is why it is essential staff participate in cyber training so they can identify phishing scams.
You should also ensure that your staff uses a secure email when updating banking information. It can be very easy for hackers to intercept an unsecured email and steal the bank account details. Companies should also avoid putting important information on spreadsheets or in ERPs as these systems were not designed to securely hold this data. If your business is currently using one of these systems, consider having your suppliers update their own information in supplier portals where they can manage their own secured portal.
There are times businesses may be tempted to shift the risk onto others to avoid ACH fraud. For example, you could choose to pay your suppliers by a card instead of a wire transfer, but unfortunately this puts the risk on credit card companies.
It should be noted that virtual cards are more secure, however, one drawback is that some suppliers do not accept cards or there may be fees to consider.
Another tip to reduce your risk is by using a payment automation provider to assist you. The provider will be able to manage and protect supplier information which will help eliminate liability. Essentially you will be outsourcing risk. The provider will be responsible for ensuring on-time payments to your suppliers and will keep their information safe.
In conclusion, as companies continue to shift to electronic payment methods, businesses will continue to see an increase in cyberattacks. As fraud increases, business owners should consider outsourcing professionals to assist them as this can be your best defense. Besides this, businesses should train staff to keep bank information protected to help reduce the risk of any future ACH attacks.
