The referenced article is based upon results from a recent UK payments survey conducted by Bottomline Technologies, a fintech specializing in various solutions related to business payments. The gist of the piece is about concerns around fraud conducted by employees in some way, shape or form, and what firms should be doing about it. The response level of corporates for this particular issue rose by 25 percentage points year-on-year, possibly reflective of actual financial impact versus previous generic concerns.
The survey also found that 56% of companies are unaware if they have been the victim of payment fraud, and the need for greater security was found to be the biggest driver for change in the payments industry for the second year running. With a number of high-profile cases involving internal fraud in recent years, it is a legitimate concern.
We would certainly underscore the concern, as our 2018 Outlook documents contain risk management as one of the major themes in the coming years. A major recommendation within the cited piece is to continue moving away from paper processes, in order to facilitate more accurate monitoring of transaction patterns. This leads into a few separate points, ranging from the ongoing and increasing costs of managing fraud in conventional ways versus investing in modern technology, to the delicate balance of real fraud versus time and effort wasted on false positives.
The accuracy of detection is another vital component in ensuring that when an issue is flagged it is taken seriously. Fiserv’s Davies says: “There is a greater need for accurate detection, as there are often too many false positives. These mistaken fraudulent transactions feed into the idea of fraud not being a serious issue. “But falling into complacency about what is a false positive will not negate the likelihood of financial crime.” The arrival of real-time payments will make these scenarios more difficult to detect.
One thing for certain is that financial institutions have a higher risk than other industrials, given the regulatory impact and reputational damage that accompanies cases of actual fraud. We have pointed this out in a number of reports, and the stakes are increasing each year.
The outcome of falling victim to fraud extends further than loss of funds. Bottomline’s Richardson says: “Companies are very aware of the reputational risk they face now. The more they know about a transaction, the more they can be sure of who it is they are paying.” Keeping pace with changing payments might mean companies asking themselves some difficult questions about their own processes. Applying two-step authentication on making changes to account details or before a payment is sent might prevent some internal frauds.
Overview by Steve Murphy, Director, Commercial and Enterprise Payments Advisory Service at Mercator Advisory Group
Read the quoted story here