Fraud is a fact of life these days – an “unfortunate” one if you ask Bob Stark, vice president of strategy for the cloud treasury solution provider Kyriba. In a digital webinar discussion with PYMNTS CEO Karen Webster, Stark explains the concept of a payment factory and how it can help protect companies from fraud.
“I hate the fact that we have to talk about this,” Stark said. Fraud “increases every year. Even if it’s just attempted fraud, somebody’s trying to take your money. It’s unfortunate.”
A payments factory offers a means of centralizing payments from organizations to various banks. Payments are initiated within a company by a variety of groups and systems, from smaller, regular enterprise resource planning (ERP)-paid invoices to larger transfers by the treasury. When CFOs speak of “payment on behalf of” or optimizing global payment structures, they are referring to a payment factory.
Three-quarters of organizations see attempted payments fraud, and the number increases daily. Attacks are also becoming more sophisticated, forcing organizations to view fraud protection as a top priority when considering implementation of a payment factory.
“The risk of not getting this right is very, very high – and increasing,” Stark said. “If there is some kind of significant fraud attempt or successful fraud occurrence, it affects not just the CEO and CFO but shareholders as well.”
The security component of a payment factory protects the payment system itself, fortifying the data within it and safeguarding payments en route to banks with digital signatures and encryptions. It introduces consistency against all potential negative scenarios, ensuring adherence to safety protocols each and every time.
Protocol is important because it leaves no security shortcomings that a cybercriminal could potentially exploit. By the time an organization receives a phone call or email from a fraudster asking it to send money, that criminal has already been inside the system to evaluate its weak spots. Exploitation of weak spots occurs in myriad ways.
A perpetrator may have listened to earnings calls, picking up not only important financial information, but also voices to mimic when requesting funds be sent. He may have studied email correspondence for content and individuals’ voice profiles to see how they typically conduct payments. Additionally, any irregularities – such as urgent payments handled differently than regular invoices, and domestic versus cross-border payments or large versus small transactions requiring additional procedures – represent vulnerabilities that a criminal could use to his advantage.
Stark compared payment factory breaches to credit card fraud. When a criminal steals card information, he doesn’t go straight to Best Buy or the BMW dealership. Instead, he makes a series of smaller purchases to gauge the level of attention the cardholder and issuer are paying to those transactions. Cybercriminals will conduct similar reconnaissance before attempting to steal money from an organization.
The more independent security systems an organization has in place, the more difficult it becomes for that organization to track where payments are going – making it more difficult to determine if money has been sent somewhere it should not have been.
More systems mean more policies, and these can create inconsistencies. Organizations require process transparency, and standardizing disparate controls can be expensive and complex. Payment factories alleviate these stressors.
A payment factory’s dashboard offers complete transparency into the entire company. It can help CFOs discover and revise discrepancies in payment approval, encryption and authentications deployed, and required review or acknowledgments steps along the way.
Although payment factories are skilled at helping organizations avoid fraud, they were invented to simplify the secure payment process and come with many benefits. One of the greatest payoffs is efficiency, which also leads to cost savings.
Instead of internally managing payments, the payment factory automatically determines the optimal method for transferring funds to banks. Optimization covers everything from methodology and transfer format to selecting the appropriate routing bank and beyond, saving a company’s employees from having to manually approve, format and send the same information through a bank portal.
Payment factories guarantee that each payment is sent through the most-efficient, least-expensive route and automatically ensures the bank receives it in the format it requires – an element that can vary widely from institution to institution.