Building protection from payments fraud.

Author:Adler, Todd

Can an organization afford to lose 5 percent or more of its revenue each year? For a $500-million company, that represents a $25-million loss. Though the answer seems obvious, the reality is that nearly 50 percent of organizations that admit their risk oversight processes are "immature to minimally mature" are doing just that, states a recent study by the Poole College of Management.

Payments fraud is one of the most common risks that businesses face. But there are several easy-to-implement tools available to protect against payments fraud.

* Make Payments Electronically. While most businesses use electronic banking platforms, a surprising number still opt for the paper check route. Not only is electronic banking cost effective, using an Automated Clearing House network to make payments electronically is the single-most effective way to protect against fraud.

This is because paper checks are involved in an estimated 90 percent of payment fraud issues given their longer payment verification times and the fact that they are more easily copied and reproduced. ACH blocks and filters can also be established to validate all attempts to remove funds from a company's account.

* Positive Pay. Positive Pay is a check fraud loss-prevention tool that makes sure that every check paid out of a company's account matches its corporate check register. When a check reaches the bank for payment, any discrepancies trigger an alert. This allows Positive Pay to identify fraudulent checks before a financial loss occurs.

Many companies experienced payments fraud in the past year, but perhaps the most frightening risk management challenge is the threat posed by increasing stealth cyber attacks. Because of the severe financial risk associated with cyber security breaches, nearly 42 percent of chief financial officers now directly manage their company's information technology according to a recent study by Gartner and Financial Executives Research Foundation.

Major data breaches recently at Epsilon Data Management LLC and Sony Corp. have set alarm bells ringing about businesses' online security or lack of it. But it's not just consumers' information that's in danger of being stolen.

A new form of cyber fraud comes in the form of "spearphishing" scams. Most spearphishing scams are aimed at the "big fish"--CEOs and CFOs--in the form of emails that appear to be from the Internal Revenue Service, the national courts system or another government entity. Once opened or...

To continue reading