March 23, 2012
Association for Financial Professionals releases 2012 Payments Fraud and Control survey results
WASHINGTON--Large companies and their corporate payments systems remain the prime targets for fraudsters, according to the 2012 AFP Payments Fraud and Control survey released today by the Association for Financial Professionals (AFP).
Now in its eighth year, the 2012 AFP Payments Fraud and Control survey, sponsored by J.P. Morgan, found that two-thirds of companies were hit by attempted or actual payments fraud during 2011, but few incurred financial loss because they took measures to mitigate exposures.
“Although attempted attacks still occurred in 2011, financial loss was typically avoided because companies have taken steps to eliminate vulnerabilities,” said Jim Kaitz, AFP’s president and CEO. “The Payments Fraud and Control survey reveals that cheques remain highly vulnerable to fraudulent activity, which has spurred many companies to switch to less vulnerable electronic payments. Now fraudsters have shifted their focus to higher-value payoffs, including attempting to hack into corporate accounts.”
Fraudsters aim for convenient targets of opportunity, especially big companies that handle many cheques. The 2012 survey revealed that larger organizations were targeted more frequently than smaller ones (81 per cent versus 55 per cent) and with a 22 per cent higher average loss. Industries with greater consumer access such as retail and insurance have fraud attack rates 15 to 20 per cent higher than other industries.
More than 80 per cent of companies surveyed employ best practices such as positive pay and daily reconciliations to mitigate fraud. When they do experience losses, it is often because they failed to comply with their own fraud policies.
“With the proliferation of payment options, fraudsters are constantly exploring newer and bolder ways to perpetrate fraud, making it necessary for treasury professionals to remain ever vigilant against these emerging schemes,” said Stephen Markwell, executive director, J.P. Morgan Treasury Services. “Sophisticated new fraud protection technologies are making it possible to combat fraud more effectively and efficiently, reducing the potential for losses and protecting critical assets. J.P. Morgan is pleased to once again sponsor this year’s Fraud Survey and looks forward to the dialogue and best practices the findings will generate.”
The survey revealed a noteworthy vulnerability: payouts to cheques cashers (bank and non-bank) from holder in due course situations. Most organizations have aggressively pushed to achieve 100 per cent electronic payroll to avoid this problem.
Additional key findings by payment type:
Cheques - Cheques remain the payment type most vulnerable to fraud attacks with 62 per cent incurring incidence of fraud and 26 per cent of respondents indicating they have been hit by frequent cheques fraud attacks. Attacks typically spread out over the course of the year, but many (38 per cent) cluster together.
Electronic cheque conversion - Electronic cheques conversion services continue to experience a very low incidence of fraud (two per cent), making this service a good choice in helping minimize instances of cheques fraud.
ACH – Only 14 per cent of organizations experience frequent attacks via ACH. As the least likely target of fraud, ACH remains one of the most favored payment mechanisms from a fraud control perspective.
Cards – The incidence of business card fraud continues to be relatively low, particularly on payroll and other benefit-related cards issued by companies to employees. Organizations need to maintain strict control over how, when and where their cards may be used.