
How to Prevent B2B Payment Fraud With Vigilance and the Right Tech
By Dean Kaplan
Imagine your accounts payable manager receiving an email from a valued vendor announcing a change in payment procedures. A new payment link is provided, which your manager bookmarks and uses to remit the amount due that week.
When the late notices start rolling in, the manager is flummoxed. The payment has been debited from your bank account, but your vendor can prove they haven’t received it.
You’ve both been scammed by a skilled fraudster who put together a legitimate-looking email, then directed your payment to their own account. You are now one of thousands of businesses across the globe that fall victim to payment scams every year. The lose-lose situation that costs billions every year.
The scenario I’ve just described begins with a case of business email compromise (BEC) which allowed scammers to capture customer email addresses, account numbers, and possibly more. The business owners who remitted the large payment that scammers stole came to our collection firm for advice on how to resolve the matter. They valued their relationship with the vendor, but had no wish to pay twice (or be sent to collections for refusing to pay).
Unfortunately, we had no good news for them. As with most online scams, there is no practical way to catch the scammer, much less collect from them. Choosing to file a lawsuit to test who was legally liable seemed unwise. Case law governing online scams continues to evolve, so there was no way to guess how a judge might rule.
In the end, our client was forced to remit the amount due a second time, which prompted their staff (and ours) to think about the steps needed to safeguard a growing business against payment fraud.
Scammers blend new tech with classic cons to divert payments
There are countless ways skilled payment scammers can defraud businesses. Mobile payment platforms such as Google Wallet, Apple Pay, Venmo, and others are gaining ground among consumers and business owners who buy supplies and pay vendors on behalf of their companies. As mobile usage grows, scams are proliferating—with an estimated 70% of all fraudulent transactions involving mobile devices.
BEC scams, like the one experienced by our client, involve hacking or phishing tactics used to gain access to business emails containing sensitive information, such as account numbers, balances, and payment credentials. The information is then used either to set up fake payments or contact the business’s customers with “new payment procedures” that divert funds to the scammer’s account.
Fake check scams remain a threat for businesses that still accept paper payments. As graphic design technology improves, hackers can create exact copies of consumer or business checks, identical in every detail to the real thing. In one case our company reviewed, scammers had duplicated checks right down to the amounts payable, defrauding the business involved of thousands of dollars.
Fundamental steps every business should take to fight B2B payment fraud
You might assume that shutting down tech-based payment scams is as simple as finding the right tech-based solution. While that’s partly true, the most effective solution pairs technology with human vigilance. Here are the essential steps every growing company should take to prevent payment fraud.
Keep pace with secure payment technologies
All U.S. businesses with at least one electronic payment terminal were required to start accepting EMV chip cards by October 2015, a crucial step toward greater security. If you accept payments via POS systems, stay abreast of new technology and keep your systems updated. If the majority of your payments are handled online rather than at point of sale, select a payment platform that encrypts transactions for maximum protection.
Use advanced fraud detection software
There are thousands of options, so if you do not have an in-house IT expert, you may want to consult with one to determine the right software for your company’s size and growth plans. Your financial team can also study the options and make recommendations based on your company’s payment volume and business processes.
Support digital solutions with human monitoring
Software can detect unusual behaviors and patterns that might signal fraud, but there is no substitute for continuous review of payments (incoming and outgoing) by your financial staff. The monitoring routines that will work best for your company or professional practice depend on transaction volume, payment platforms used, and many other factors. If you don’t have clear procedures for reviewing payment data, assign your financial team to create standards and recommend the best and quickest way to implement them.
Use equal vigilance in monitoring outgoing payments
Your financial team should review payables continuously to make sure all payments have been received and credited. Hopefully, your vendors are just as concerned about payment fraud as you are, which means they offer payment through secure platforms. Always choose the most secure method of remitting payments to vendors and service providers, avoiding riskier methods such as checks or credit and debit cards.
Restrict access to sensitive data
Many payment scams are inside jobs, and while you might resist the thought that someone on your staff would commit fraud, it’s wise to accept the ever-present reality of this risk. Configure systems and procedures to limit the number of people with access to sensitive information. Support this with continuous monitoring by trusted senior managers.
Prioritize continuous learning
Companies can’t afford to be behind the curve in understanding cybersecurity threats. Require your financial team to stay on top of payment scams and emerging techniques for preventing fraud. The Better Business Bureau (BBB) publishes scam studies that can be helpful in understanding how fraudsters work. Webinars on cybersecurity and payment processing should be on your team’s education agenda.
Beyond financial losses: The not-so-hidden costs of B2B payment fraud
No company wants to absorb the cost of writing off fraudulent payments. But beyond this concern, there are other reasons you should make payment security a top priority:
Fraud can cause damage to your company’s reputation. All business transactions rest on a foundation of trust. Whenever a security breach affects incoming payments, your customers are likely to feel less comfortable doing business with you. Anything that shakes their confidence can drive them to consider a competitor’s goods and services over yours.
Fraud causes disruption and downtime that affects cash flow—and your staff. When cyberthreats hit payment systems, costly delays in payment processing often follow. Even a single case of payment fraud can cost your financial staff dozens of hours to resolve, which takes their attention away from the overarching goal of managing receivables profitably.
Be proactive in protecting your business from payment fraud
Proactive steps to prevent payment scams will empower your staff to control losses instead of finding themselves in a reactive position when fraud inevitably happens. Giving your payment systems and procedures a thorough look now will pay off in more ways than one.
B2B payment fraud FAQs
What is B2B payment fraud?
B2B payment fraud occurs when a scam organization or individual deceives a business to gain unauthorized access to funds or sensitive financial information.
What are the risks of B2B payment fraud?
The creditor can suffer major financial losses when payments are diverted—and also lose customers, because no one feels comfortable working with a vendor whose systems aren't safe. The customer can suffer losses, too, and possibly even the privilege of doing business with the creditor if legitimate payments are not received and the account goes into default. This can also damage the payor's credit rating until the missing payment situation is resolved—if it ever can be.
What are some types of B2B payment fraud?
Types of B2B payment fraud include forged checks, stolen account information, false invoicing, embezzlement, fraudulent wire transfer requests, and phishing schemes to gain access to account information.
About the Author
Post by: Dean Kaplan
Dean Kaplan is president of The Kaplan Group, a commercial collection agency specializing in large claims and international transactions. With more than 35 years of experience in manufacturing, international business leadership, and customer service, he provides business planning, training, and consultation services for a wide range of global companies.
Company: The Kaplan Group
Website: www.kaplancollectionagency.com
Connect with me on LinkedIn.