BEC Tops Fraud Attempts Against Treasurers: Survey

Cybersecurity

The 2020 Association for Financial Professionals (AFP) Payments Fraud and Control Survey underwritten by JPMorgan found that business email compromise (BEC) was the most noted origin of tried or actual fraud incidents in 2019, according to an announcement.

More than six in 10 — or 61 percent — of treasury and finance professionals that went through tried or actual fraud indicated that BEC was the origin.

Three-quarters — or 75 percent — of all organizations were impacted by BEC last year, which was lower than 80 percent a year prior. And more than eight in 10 — or 81 percent — of organizations reported being targets of a tried or actual payments fraud attack last year. That figure marks the second-highest percentage in the past 10 years.

“Payments fraud and business email compromise in particular have been thorns in financial professionals’ sides for years, but this recent surge is especially concerning,” AFP President and CEO Jim Kaitz said in the announcement. “Organizations can better contain BEC scams by educating and training their employees, as well as adopting processes to validate payment requests internally.”

While financial leaders at eight in 10 organizations are helping their workers understand how to more efficiently identify BEC, over half of respondents noted it is difficult to implement BEC controls. And almost six in 10 organizations have a fraud policy to fight against and contend with fraud.

Checks, for their part, have stayed as a top target for actual and attempted fraud. Almost three-quarters — or 74 percent — of organizations registered experiencing check fraud, which was higher by four percentage points from the prior year.

ACH payment methods also seem to be of greater interest to scammers. Results noted a bit of a rise in ACH credit fraud. ACH debit fraud was not different from 2018 but had a five-percentage point rise from 2017.

“Institutions shouldn’t wait until they’ve become victims of fraud to take the steps necessary to prevent it,” said Alec Grant, head of Client Fraud Prevention for Commercial Banking at JPMorgan Chase in the announcement. “It’s encouraging to see financial leaders are taking this threat seriously as a majority of attacks can be prevented by putting the right controls in place.”

A 2019 survey found that 87 percent of large firms with over $1 billion in revenues were hit by payments fraud in the past year, a 7 percent increase from the year before, per news at the time.