AP Automation and ‘Taking a Breath’ Are Key Defenses Against Payments Fraud

Check fraud is running rampant.

In an interview with PYMNTS, Finexio Chief Commercial Officer Bill Fox and EverC Vice President Melissa Sutherland said many companies in the battle against fraudsters can benefit from a thorough examination — and modernization — of accounts payable (AP) processes.

By modernizing back-office processes but still keeping some human touches in the mix, so to speak, companies can mitigate internal threats as well — while freeing up employees to concentrate on adding strategic value to the company, they said.

Fraudsters Ramp up Their Efforts

It has been well documented that the great digital shift wrought by the pandemic gave rise to the distributed workforce.

And at present, macro pressures are coming to bear on all manner of enterprises, said the panelists. Fox stated that digitization has proceeded as executives have sought to trim operating costs and boost revenues. During times of economic upheaval and uncertainty, fraud attacks intensify.

The paper check is pretty much the most vulnerable payment method out there. It’s over 20 times more likely to be successfully targeted by fraudsters than, say, virtual cards. And yet, the check remains a staple of payments so much so that Fox recalled a trip to New York City where he took a picture of a city street littered with the envelopes that previously had conveyed checks from senders to recipients — and via snail mail. Paper conduits are hardly the only ways criminals commit payment fraud; digital channels have their points of entry too.

Fraud, recounted Fox, is “something that we’re talking to our customers about every day. And that’s because fraud is one of those areas where you have an opportunity to reduce your attack ‘surface’ simply by moving to a more modern, more electronic payment-focused methodology.”

The very nature of just who is committing the fraud has changed too, stated Sutherland, as synthetic IDs and other waves of attack take root.

“The bad actors don’t travel in tiny little packs anymore,” she told PYMNTS. “They travel as giant, convergent threat actors.”

And for many companies, said Sutherland, the in-place defenses are less than optimal. There may be only a few fraud models in place, with just a few risk triggers.

Those systems, she said, “are in no way set up to understand that a ‘single, loan wolf’ attack is not going to happen anymore.”

Taking a Breath

There’s still a significant level of education to be done, said Fox, as firms such as Finexio and EverC seek to bring client firms and marketplaces up to speed on how to change processes and mindsets to improve AP and other back-office functions (particularly through AP Payments-as-a-Service). That includes making sure there’s still a bit of human intervention in the mix, when points of vulnerability are, well, vulnerable, such as when bank account details are changed with vendors or when confirmation of a transaction is warranted.

“You may be using all this automation, but there should also be some friction — where you’re taking a breath to make sure” that funds are going to legitimate parties, Fox said.

Data— and specifically where it’s collected — can also serve as an effective line of defense against attackers, Sutherland said. The information collected at the application layer can help understand the “ideal state” or, alternatively, anomalous customer transactions and profiles as so many new entrants make their way into the digital payments ecosystem.

The Internal Threats

The threats are not just external. Sutherland contended that “victimization does not always occur when there’s a third party coming at you … just because you might be having lunch” and otherwise interacting with coworkers every day “does not mean they are not in a position where they could be doing something bad within your ecosystem.” All companies need to constantly monitor and follow the money and the internal processes that keep those funds flowing.

Fox said it’s more common than many observers might think for checks to be found in back-office drawers, lingering for months and never cashed — only to be found and ultimately deposited into employees’ own accounts.

Eliminating many of the touchpoints where individual employees are handling payments eliminates at least some of the opportunities to commit fraud, Sutherland said.

Looking ahead, Fox stated that outsourcing and automating back-office tasks can help free up time and resources — and employees’ time, especially — to devote to value-added activities.

And that, said Sutherland and Fox, can have positive ripple effects.

“You have the ability to grow without adding people, necessarily,” observed Fox, “and you’re creating an atmosphere where people can innovate and be more productive because they are not bogged down by the manual processes.”

For all PYMNTS B2B coverage, subscribe to the daily B2B Newsletter.