Main Menu


Six Tips to Protect Your Organization Against Payments Fraud

By Kyriba

Payments fraud increased 71 percent from 2022 to 2023, with 96 percent of companies targeted by at least one payments fraud attempt in 2023. Regularly reviewing your infrastructure and verifying your enterprise security measures are robust is crucial, especially to ensure payments fraud protection. One message is clear–if you have strong, consistently executed processes safeguarding your payment from its initiation all the way to its receipt, you significantly reduce the chances of a successful payments fraud attack.

The Threat of Impersonation

At the heart of many business email compromises (BEC)–and more recent developments like deepfake fraud–is the threat of impersonation. Cybercriminals use social engineering tactics to develop profiles on company employees or routine vendors, which they then impersonate to dupe unsuspecting people into making critical mistakes.

To identify an impersonator, it’s helpful to know the telltale signs. More than likely, the payment request will be urgent and will attempt to exploit unique circumstances, such as a specific time when employees are out of the office. Additionally, if your organization is making a lot of payments to contractors for a project, fraudsters might attempt to exploit that opportunity.

While BEC scams may seem a bit boring in comparison to deepfake fraud, they still warrant attention, as shown by these BEC scam examples:

  • A real estate developer in Paris, Sefri-Cime, lost €38 million in a CFO email compromise fraud. The company’s CFO received an email from individuals purporting to be lawyers at a well-known French accounting firm. In a matter of days, the BEC scammer established trust with the CFO and initiated successful requests for substantial and urgent transfers totaling millions of euros.
  • Eagle Mountain City in Utah fell prey to a $1.13 million vendor impersonator scam. During an email exchange regarding a major construction project, cybercriminals posing as the construction vendor entered the email thread using a fake email address similar to that of the actual construction vendor. The fraudsters then convinced a staff member to transfer an electronic payment to them instead of the legitimate vendor. Complacency may have also been a factor: Amid rapid growth and with an influx of payment requests from multiple vendors, the city may have become less vigilant about being alert to potential scams.

Common Fraud Myths

When it comes to payments fraud, many treasury and finance departments still get lulled into thinking they are more protected than they are. Organizations may assume that their procedures are infallible or that any lost funds will be reimbursed, but they quickly get a wake-up call when a successful attack happens. The following myths are common:

  • “We have an approval process in place.” Even the companies with the strictest policies in place can still have a breakdown in processes. Employee ID/password combinations can be stolen. Regional treasury/shared service centers may require fewer numbers of approvals due to limited in-country staff. And companies with multiple ERP systems might have different approval processes—a scenario that is ripe for fraud.
  • “My bank will cover me.” There is no obligation for a bank to cover any client for payments fraud, unless the bank itself has been breached, like in a bank employee scheme. The bank may still reimburse corporate clients on a case-by-case basis, but don’t bet on it.
  • “We have cyber insurance.” Many companies assume that if they purchase cyber insurance, they are covered in the event of a loss. However, if an organization can’t prove it took all the right steps to protect itself, the insurance policy may or may not cover the loss

What Can You Do for Payments Fraud Protection?

Fortunately, there are many ways to protect your payments and your data. The following tips can help:

  1. Embrace the cloud. Organizations should embrace cloud technology to secure payments and systems. IT teams know that payments data and connectivity are more secure when hosted externally.
  2. Align all departments. Your internal IT department, as well as any key areas that touch payment processing areas such as treasury, accounts payable, shared services, etc., all should be aligned with your enterprise security policies. With more and more companies allowing remote work, companies must ensure that all employees are using effective protections such as strong passwords, policy controls, multifactor authentication, IP filtering, single sign-on, and data encryption.
  3. Automate payment processes and standardize controls. Automation allows organizations to standardize the payment journey from the initial request to the receipt of the payment. Risk lies in the exceptions to a standardized process, i.e., payments made outside of a typical format provide fraudsters with opportunities. Again, these are usually one-time, urgent payment requests that can come in for things like mergers and acquisitions, legal settlements, emergency payroll, etc.
  4. Enable real-time screening, alerts, and notifications. The rise of same-day and real-time payment systems has increased the need for real-time responses to fraud attempts. Modern fraud detection software uses artificial intelligence (AI) and machine learning to screen payments against historical payment data, pinpointing any anomalies.
  5. Implement fraud prevention workflows. Modern payments fraud protection modules support fully automated, end-to-end workflows for the resolution of outstanding suspicious payments. Users can determine how each detected payment is managed, enforcing the separation of duties between the initiator, approver, and reviewer of a detected payment.
  6. Know your vendors. Vendors can be a major liability for your company. In some cases, vendors are granted access to their customer’s network credentials. If that vendor’s security protocols are lacking, they can become an unknowing backdoor into that customer’s systems. This lack of protocols is what happened in the infamous Target breach of 2013. Having a detailed information security questionnaire is crucial and provides confidence in the governance and risk programs that a vendor has in place. Additionally, organizations need to verify requests for payment instruction changes directly with the vendor before any transactions are completed.

To reduce risk and protect your payments, organizations need an integrated solution connecting ERPs, internal frameworks, and external systems, ensuring a secure payment journey from start to finish. When exceptions occur, protocols can’t be abandoned no matter how urgent the request. Any departments that touch payments need to understand that one slip up can be catastrophic, leading to loss of funds, loss of jobs, and loss of reputational risk for the whole organization.

Protect Your Payments with Kyriba

Kyriba’s payments fraud capabilities offer clients a sophisticated, real-time fraud detection and prevention module specifically designed to enhance standard payment controls.

Kyriba’s robust capabilities were showcased in a recent incident where its fraud protections helped to thwart a CEO fraud attempt. An $8 million wire transfer request from a CEO imposter was stopped thanks to a diligent treasury team and Kyriba’s fraud prevention measures, which require multiple employees to process payments and enforce authority limits on payment amounts.

How Kyriba Helped Prevent a Fraudulent $8M Payment

This CEO fraud attempt started with an email seemingly from the CEO. Fortunately, the treasury team at a leading real estate developer had worked diligently to establish effective payment processes that would reduce the risk of fraudulent or inaccurate payments. These policies included internal controls, information technology, corporate culture, and monitoring/compliance.

  • The scam: With the company’s treasurer on vacation, the assistant treasurer was contacted via email by a CEO imposter, who requested an $8 million wire transfer to facilitate the acquisition of a UK-based company. Emphasizing the confidentiality of the transaction, the email instructed the assistant treasurer not to disclose the request to anyone else. Despite the email’s convincing resemblance to the CEO’s writing style, the assistant treasurer soon realized that executing the wire would be impossible for various reasons. When the assistant treasurer walked to the CEO’s office to address these concerns, it became evident that the wire request was fraudulent.
  • Fraud stopped in its tracks: The company’s reliance on Kyriba to uphold its internal payments fraud prevention measures played a pivotal role in thwarting this fraudulent attempt. Because of the controls established by the company and enforced by Kyriba:

    • The payment could not be processed by a single person. This company had configured Kyriba to require every payment have at least three separate employees involved before it can be processed. One employee requests the payment, one employee processes the payment, and a final employee approves/releases the payment.
    • The $8 million amount exceeded the assistant treasurer’s authority in Kyriba, which enforces authority limits restricting each employee to a specific maximum payment amount they can approve. The assistant treasurer would need approval from someone with a higher limit in order to execute the wire.

Thanks to Kyriba’s ability to support segregation of duties, payment authorization limits, and bank controls, this leading real estate developer avoided an $8 million loss.

Kyriba can also help prevent fraud for your organization. Solutions like Kyriba Enterprise Security ensure that treasury, payments, and risk data meet internal security policies and international security requirements while providing 24/7, global support. Kyriba’s Payments Fraud capabilities include:

  • Screening for suspicious payment activities through a set of predefined detection rules, such as transfers to blacklisted countries, payments to new vendors, or amounts exceeding established limits.
  • AI and machine learning algorithms to compare outgoing payments against historical payment patterns, effectively identifying and quarantining suspect transactions for further review.
  • Comprehensive resolution workflow, allowing for the customization of alerts and the management of detected payments according to the organization’s policies, which include the separation of duties and scenario-based payment stopping until issues are resolved.
  • Validation of bank account ownership in real time and ensuring compliance with corporate payment policies through API-driven connectivity platforms, offering an additional layer of protection against BEC scams and other sophisticated fraud attempts.

Find out how Kyriba helps clients protect and accelerate payments.