The Association for Financial Professionals (AFP) produces the AFP Payments Fraud and Control Survey every year, and like clockwork, cheque fraud tops the list of fraud methods that criminals use. However, the most recent survey revealed two disturbing trends among the US organisations surveyed:
• Cheque fraud incidence is getting worse, and
• Treasury departments are actually doing less to protect themselves against it.
Three in four, or 75% of organisations experienced cheque fraud last year, up from 71% in 2015. That might not sound like a lot, but the incidence of cheque fraud in North America had actually been in decline since 2010. Now we’re seeing it start to go back up.
This reversal actually doesn’t come as much of a surprise, given what we observed just a few months ago. According to the 2016 AFP Electronic Payments Survey, 51% of companies’ business to business (B2B) payments are made by cheque, which is one percentage point higher than it was three years ago. Again not much, but significant because cheque payments in the US had been in decline for several years up until this point.
Why businesses are paying by cheque more often in the digital age is anyone’s guess, though it’s possible that it could have something to do with the rise in business email compromise (BEC) scams. Although cheques can also be targeted in these schemes, BEC scammers’ preferred payment method remains wire transfers. According to the fraud survey, 74% of organisations experienced BEC in 2017 – a 10% increase on the previous year. Thus old-fashion cheque payments might look more appealing to corporates.
Yet whatever the reason companies are reverting back to paying by cheque, they are actually doing less to secure it. The fraud survey also found the usage of prevention methods that safeguard businesses against cheque fraud have gone down dramatically. Positive pay went from 88% in 2015 to 74% in 2016. Daily reconciliations dropped to 64% from 77%. Payee positive pay fell from 56% to 41%. Across the board, companies are using these measures less.
The reasons for this are unclear, but perhaps those companies that began reducing cheques decided to scrap services like positive pay because their mind-set was that they’d eventually be getting rid of cheques altogether. However, if so that decision appears to have been premature.
Another reason could be that, simply, these services are a cost, and not one that delivers guaranteed returns unless you’re experiencing a lot of fraud attempts. So companies that, up until this point, haven’t experienced much – or any – fraud might decide that the preventative measures are not worth the money.
Nevertheless, these prevention methods – especially positive pay – can save companies a lot of money. As security consultant and reformed cheque forger Frank Abagnale – whose exploits were the subject of the Spielberg film ‘Catch Me If You Can’ – explained last month, positive pay “is probably the best technology in the world to prevent forgery.” And he would know!
If you’re going to continue to use checks, make sure you’re investing in preventative measures. Positive pay is a must-have for any organisation that’s paying this way—especially if you’re issuing more cheques.
Lastly, as I touched on earlier, cheques can also be used in BEC scams. As Greg Litster, president of fraud specialist SAFEChecks, discussed at latest AFP’s Treasury Advisory Group (TAG) meeting, fraudsters have been known to impersonate executives and request check payments be sent to PO Box addresses that they control.
The good news is that, unlike in BEC scams that target wires, your company may not be held liable for the loss. Litster explained that in that scenario, you have a “forced endorsement”- a cheque made payable to a particular party that was intercepted by someone else. “That becomes the liability of the bank of first deposit,” he noted. However, you have to pay attention and you have to have good legal counsel.
So protect yourself when using cheques. It might cost a little money and it might take some effort, but it’s well worth your time. Because fraudsters aren’t taking a day off.
• How prepared is your organisation to fight payments fraud? Take the quiz to see how you compare against others.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.
Despite all the automation and improvements that digital banking has the potential to achieve, customers and their needs still form the very core of the banking sector.
Banks might feel justified in victim blaming when fraud occurs, but it does little for customer confidence.