Supply Chain Weak Links Pose Incoming Payments Fraud Risks for CFOs

business financial manager

Hackers and fraudsters constantly probe their would-be victims for weaknesses.

And when it comes to B2B fraud — where the payoff can be in the millions of dollars — for the moment, the accounts receivable (AR) departments and workflows are among the most enticing targets.

To that end, as found in our most recent research done in tandem with Corcentric, there are some puts and takes among the data that show where CFOs are concentrating their investment efforts in the months ahead. As relayed in the report “Digital Payments Technology: Investing in Payments Systems for the Digital Economy,” a vast majority of retail and manufacturing firms, at 81%, plan to invest in upgrading their accounts payable (AP) operations.

The data also show, we note, that in at least some respects, amid the great digital shift that occurred during the pandemic, where companies scrambled to get digitization underway just to keep business intact and deal with the pandemic … well, some initiatives are not keeping pace. We found the share of firms, overall, that had terminated fraud prevention/risk management and accounts receivable investments stood at a respective 16% and 15%. The findings dovetail with separate PYMNTS and nsKnox data showing that 85% of CFOs are prioritizing AR fraud controls, again leaving, by implication, a mid-teens percentage point slice of companies that don’t feel the urgency of those investments, or don’t have the resources to meet the challenges.

Most (But Not All) Companies See the Urgency

The good news: Triangulating the above data leaves the great majority of firms as being ready, willing and able to keep investing in those tech upgrades. But consider the fact that B2B payments weave a tight link across supply chains. Companies that are well-armored against fraud attacks across all manner of back-office interactions are doing business with firms that are less-well-defended. The old saying goes that any chain is only as strong as its weakest link.

We reported earlier this year that a broad range of attack vectors are embraced by bad actors. More than 60% of companies we surveyed said they’d seen an increase in phishing attacks in 2022 as measured from the previous year. Business email compromises, as has been well-known, have also been on the rise. Twenty-nine percent of fraud has occurred because of a lack of internal controls. The end result, no matter which of these scams are deployed, is that employees and AR departments are leveraged to trick B2B customers into sending funds to fraudulent bank accounts. Internal fraud, too, is costing companies, on average, about $1.8 million per incident. As we spotlighted here last month, nsKnox Chief Operating Officer Nithai Barzam and Ansys Corporate Controller Bob Bonacci told PYMNTS’ Karen Webster that the impact of incoming payments malfeasance can be long-lasting, destroying corporate reputations and profits over the long-term, perhaps permanently.

And yet, only 38% of businesses, overall, are using document and identity authentication tools. More robust data (and databases), segregation of duties in the AR department, along with digital KYC controls will be instrumental in fighting fraud. So will  bank account validation that is done digitally, and is consistent and ongoing.