Blog

    What You Need to Know About Fraud and Your Business

    What You Need to Know About Fraud and Your Business

    fraud

    /frôd/
    Noun
    1. wrongful or criminal deception intended to result in financial or personal gain.

    The best way to prevent losing money to fraudsters is to understand their tactics, identify your vulnerabilities and implement preventative measures across your business.

    Accounts Payable and supplier fraud - One tactic employed by fraudsters is to pose as a valid vendor seeking payment of an invoice. A common example is when a fraudster sends an email to a company pretending to be one of its suppliers. The email notifies the AP team of a change to the supplier’s bank details. If not verified, or caught immediately, the fraudster will receive all payments due to the supplier until the fraud is discovered.

    Phone schemes – A second tactic involves a fraudster posing as a trustworthy entity in order to acquire (sensitive) information. Known as “vishing” (phone-related), this tactic often involves a fraudster pretending to represent a trusted institution or company. The business may be asked to purchase something, be offered a “free” item, or be told their computer or network is infected and they need access to “fix” the problem.

    Business email compromise (BEC) fraud – BEC fraud is a type of phishing (email-related) attack in which a fraudster attempts to impersonate a known contact, such as a high-level executive or trusted colleague, and trick a recipient into transferring funds into a fraudulent account. BEC fraud does not usually rely on links or attachments, and that makes it harder to spot than the average phishing email. These emails rely on having enough personal information to accurately impersonate someone you know.

    According to Merchant Savvy, 2020, 47% of companies surveyed said they had experienced fraud in the past 2 years

    Here at JAGGAER we work every day to take the security of our systems and constituents seriously. It is a never-ending task, but the JAGGAER Security Team is constantly monitoring for malicious activity, including malicious tactics employed by third parties to abscond with vendor-customer payments. One common instance our team encounters is when an employee’s mailbox is compromised. In such cases, the bad actor, or fraudster, intercepts an invoice email and attempts to alter bank account information. Fortunately, JAGGAER Security remains vigilant in rooting out this type of activity, and when detected, is able to remove the bad actor from the JAGGAER system while notifying the impacted parties as soon as possible to avoid potential harm. JAGGAER and other security-minded companies typically employ multiple verification tools and tactics. How fast and effective are your security resources?

    What can you do to avoid these types of situations in your own business?

    1. Know who you are working with
      Know Your Client (KYC) or Know Your Customer (KYC) is a process to verify the identity and other credentials of a financial services user. KYC is a regulatory process of ascertaining the identity and other information of a financial services user.
    2. Establish and document your internal controls
      Internal controls are the mechanisms, rules, and procedures implemented by a company to ensure the integrity of financial and accounting information, promote accountability, and prevent fraud. Internal controls can help improve operational efficiency by improving the accuracy and timeliness of financial reporting.
    3. Be mindful
      Continue to be mindful of the ways your business collects and shares sensitive data. Data management is the practice of collecting, keeping, and using data securely, efficiently, and cost-effectively.
    4. Consider investing in digital transaction management solutions.
      Digital transaction management involves leveraging a set of electronic tools and practices to optimize routine document-based tasks.

    Another common example the JAGGAER Security Team sees is when a relationship is compromised with customers or vendors. This occurs when the bad actor gains access to a finance department’s files and email accounts, and then corresponds with the separate party via email, attempting to build rapport. Eventually, the separate party clicks on a link in an email sent from the bad actor, believing they were opening an expected document, on an expected timeline and following normal protocol. Detected early, the attempted fraud can be stopped, and all parties are notified before any harm is done.

    Cyber criminals conduct business email compromise through the exploitation of cloud-based email services, costing US businesses more than $2 Billion (source: FBI, 2020). What controls does your company have to prevent this?

    How many suppliers does your business have?  Thousands?

    Some organizations have tens of thousands. When your business becomes too large to monitor 100% of vendor payments or information, your accounting department, or that of your supplier, could become susceptible to fraud. With JAGGAER Pay Powered by Finexio, we are bringing our users partnerships that do some of the heavy lifting for them. Digital, instant, effortless and secure payments are available to you with JAGGAER Pay. Consider adding the important fraud mitigation enhancements from JAGGAER Pay and its collection, validation, and encryption of your supplier payment information as an important addition to your business practices.

    In conclusion

    There are a plethora of procedures and practices you can put in place to mitigate this kind of loss for your business and for yourself. In a world where data security is a major pillar of trust, businesses should invest in partnerships and processes that protect their information and that of their customers and suppliers. When these business processes are automated, you significantly reduce the risk of error, and the risk of fraud.

    Would you like to learn more about JAGGAER Pay or our other products?

     

    Contact Us

    Additional Resources