Deteriorating financial conditions in 2008 coupled with the emergence of new payments types and the growth of electronic payments opened up new opportunities for payment fraud, according to the 2009 AFP Payments and Fraud Control Survey, sponsored by J.P. Morgan Treasury Services. The assault on payments is widespread: over seventy percent of organizations surveyed experienced attempted or actual payments fraud in 2008.
Large organizations were more likely to have experienced payments fraud than were smaller ones. Eighty percent of organizations with annual revenues over $1 billion were victims of payments fraud in 2008 compared with 63 percent of organizations with annual revenues under $1 billion.
Since 2005, the Association for Financial Professionals (AFP) has examined the nature and frequency of fraudulent attacks on business-to-business payments and the industry fraud-risk tools that organizations use to control payments fraud. Continuing that research, in January 2009 AFP conducted its Payments and Fraud Control Survey to capture the payments experiences of organizations during 2008.
Thirty percent of survey respondents report that incidents of fraud increased in 2008 compared to 2007. Further, nearly 40 percent of organizations experienced increased fraud activity during the second half of 2008 as economic conditions worsened in the U.S.
Nine out of ten organizations (91 percent) that experienced attempted or actual payments fraud in 2008 were victims of check fraud. The percentage of organizations affected by payments fraud via other payment method were: ACH debit (28 percent); consumer credit/debit cards (18 percent); corporate/commercial cards (14 percent); ACH credits (seven percent); and wire transfers (six percent).
Sixty-three percent of organizations that were victims of actual and/or attempted payments fraud in 2008 experienced no financial loss, and among organizations that did suffer a financial loss resulting from payments fraud in 2008, the typical loss was relatively small at $15,200.
Many organizations are mitigating financial loss from fraud by turning to a number of defensive measures provided by their banks, including:
• Positive pay/reverse positive pay (82 percent)
• ACH debit blocks (71 percent)
• ACH debit filters (55 percent)
• Payee positive pay (50 percent)
• "Post no checks" restriction on depository accounts (34 percent)
Organizations can also develop and/or modify internal business processes to minimize potential payments fraud risks. The processes considered important include:
• Stopping the provision of payment instructions by phone or fax (86 percent);
• Increasing the use of electronic payments for business-to-consumer and business-to-business transactions (82 percent); and
• Reducing the number of bank accounts (82 percent).
The survey includes responses from 629 corporate treasury and finance professionals including assistant treasurers, controllers, cash managers, analysts, and directors. To obtain a complete report of the 2009 Payments Fraud and Control Survey go to www.AFPonline.org/research.