Bottomline and Strategic Treasurer have released a global survey which highlights findings of corporate and banking experiences with fraud, concerning exposure risks, fraud prevention and securing data. This year marks the eighth annual survey between the two firms, whose research partnership also includes the annual B2B Payments Survey.
The Bottomline 2023 Treasury Fraud & Controls Survey showcases an ongoing need for protection against fraud. Seventy-three per cent of banks and corporates claim to have been impacted by fraud in the past year. Further. 53 per cent of whom indicate that they are in a better position to battle fraud when compared to last year.
The survey demonstrates year over year the top fraud attempts on businesses come from business email compromise (BEC) and social engineering. This year, respondents indicated that payment diversions also contributed to fraud attempts.
A significant portion of respondents indicated that the reliance on remote work increased their risk of fraud. Sixty-four per cent pointed towards BEC, 39 per cent to data theft and 38 per cent to external fraud. At the same time, 41 per cent of companies indicate that their requirements for security have grown. Still, only three out of seven firms run financial impact analyses where they evaluate the costs of fraud and the benefits of adding security.
We expect the spend on security to remain strong as we move through 2023. Thirty per cent of companies are spending more on fraud prevention, detection and controls than in previous years. The use of network visualisation and analytics to help investigate financial crimes is still a developing technology. Banks are leading the charge in this investment, with most banks (55 per cent) considering this, while only 11 per cent of corporates are doing the same.
The survey also indicates that centralised fraud investigation groups are becoming standard practice. Further buoyed by plans to use artificial intelligence (AI) and machine learning (ML) to fight sophisticated payments fraud.
Debunking payment myths
“We have seen banks and corporates embrace the need for widespread security system adoption across the ecosystem over the last few years. This year, the survey indicates treasurers are actively engaged and making a significant effort to implement fraud detection and prevention controls,” said Omri Kletter, global VP of product strategy, cyber fraud and risk management at Bottomline.
“This is encouraging given the growing concerns of internal and external threat levels organisations are experiencing. With the expansion of payment systems such as real-time payments, it is now crucial that corporates lean on their banks for guidance.
“Many companies still equate faster payments to elevated risk levels, with top concerns being irrevocability and speed of transactions. Bottomline continues to work with corporates and banks to debunk these myths and help customers prevent fraud across their payment ecosystems,” he added.
“Poor protection of the custody of sensitive payment files across a company’s network remains a massive exposure. Only 38 per cent of companies maintain a full audit trail of payment files across their network. Often, these files are unencrypted and un-hashed, exposing them to easy compromise and redirection of payments,” warns Craig Jeffery, managing partner and chief researcher at Strategic Treasurer.
Pre and post-pandemic comparison
Speaking exclusively to The Fintech Times, Omri Kletter of Bottomline added: “We must consider three important things when discussing fraud and financial crime pre- and post-pandemic.
“First, while digitisation would have naturally happened over an extended period, the pace of that digitisation due to the pandemic was accelerated exponentially. While this created greater simplicity and efficiency, it also created an environment ripe for fraudsters to find opportunities and intervene.
“Second, I’d say that remote working has had a dramatic effect on internal threats. Banks and businesses had to revisit their processes and systems to find and close potential fraud loopholes. But hiring from home has also allowed bad actors to purposefully enter an organisation. Managers once had daily visibility of their staff and could more easily identify triggers of bad behaviour. Now, it’s become harder to remotely discern that type of behaviour.
“And lastly, post-pandemic, we’ve found ourselves in a financial crisis. While disconnected from the pandemic, I don’t think we can discount it. The reality is that it’s paved the way for people facing very tough financial situations to be cajoled into committing unlawful acts of fraud.”