According to the most recent Association for Financial Professionals (AFP)
‘Payments Fraud and Control Survey’
by JP Morgan, 62% of companies were victims of actual or attempted payment fraud in 2014, while
that fraudulent activity in UK companies is at its highest level in 12 years.
Such activity can be as the result of external efforts, with outside entities attempting to obtain sensitive financial or customer data – or from within the organisation, as employees use their access rights and understanding of internal processes to steal from their own company. Indeed, according to the BDO report, 10% of fraud cases in the UK are due to accidental mismanagement of figures. Whatever the source, a combination of deliberate fraud and human error costs UK businesses a no less than £98.6bn each year.
It’s clear that organisations need to take steps to protect themselves from further financial damage, through instigating stricter internal procedures for financial transactions, along with greater restrictions on access to data from external sources.
Keeping a Watchful Eye
In attempting to prevent fraud, it’s crucial to have full visibility of what’s taking place across the company. After all, it isn’t easy to keep track of something – or notice its disappearance – if you don’t know what you have in the first place.
In the fight against corporate fraud, a treasury management system (TMS) can prove invaluable in reinforcing a company’s anti-fraud procedures. Once implemented, a TMS is able to offer a company-wide view of all bank accounts and transactions, while monitoring payments and balances. This is no easy task, given the potentially huge volume of transactions involved, which could run into hundreds of thousands each month.
An effective TMS can reconcile actual transactions against forecasts, flagging any anomalies, unusual money movements, or suspicious patterns, for resolution by the treasury team. Speed is the key here – the sooner an account or transaction is blocked, the smaller the potential magnitude of the attempted fraud.
By centralising the monitoring and maintenance of bank accounts, a TMS will enable treasury teams to oversee accounts in multiple countries across a variety of banks. An incomplete view of banking activities across different territories could lead to issues such as phantom accounts, monetary losses, and an inability to comply with local and international regulations.
Tracking bank account signatories, for example, can be a daunting administrative task when a company holds hundreds, or thousands of accounts across the world, but can be streamlined with a TMS holding a centralised repository of signatories, mapped to corresponding bank accounts. With such a repository in place, the potential for fraud can be significantly reduced by severing employee-account relationships once an employee leaves the company.
Staying on Track
Organisations should also focus their attention on reducing payment fraud, implementing electronic initiation and payment approval to reduce opportunities for fraudulent activities. Phishing attempts and potentially fraudulent payment requests can be thwarted by eliminating paper or e-mail payment requests. Doing so makes it increasingly difficult for external parties to use publicly available information, such as employees’ names and e-mail addresses, to target unstructured payment systems.
Instead, by using a centralised TMS to manage all payment approvals and initiations, all tracking will be done through one single system, simplifying and reducing work processes. Furthermore, introducing digital signatures, which can be held within a TMS and applied to all payments, can help improve speed and accuracy in validating payments.
It might appear obvious, but a key step in reinforcing a company’s defences against fraud is to lock down access points to ensure that only the right people have access to sensitive information. Companies can do this by implementing more stringent access policies, such as authentication tools, or a requirement for stronger, more sophisticated passwords. As many as
nine in 10 passwords are so basic
they can easily be cracked by hackers, so forcing employees to strengthen theirs – and also change them regularly – is a quick and simple step to reducing the risk of compromise.
The security of a company’s TMS is also worth considering. Many companies do not apply strict access policies for their server rooms and in many cases – despite the sensitivity of the information it contains – will have different access controls in place for their TMS. Serious thought should be given to hosting the TMS offsite. Removing physical access, and moving it to an externally hosted and protected cloud, will help the treasury team in reinforcing their company’s security, eliminating fraud and maintaining data integrity.
By providing visibility into all of a company’s transactions and bank accounts, controlling access to its critical data, and simplifying its payments processes, the implementation of an efficient TMS can prove invaluable to any treasury team involved in the fight against fraud.
With the right systems in place, members can quickly and easily update procedures, simultaneously rolling out upgrades across the entire business, and staying one step ahead of those – both internally and externally – with fraudulent intentions.
For companies to survive the intense competition, the only way is to make better use of information gathered from the business process.
Accidental data breaches are causing almost as much concern as the steady rise in ransomware attacks, reports insurer Beazley.