All the news, tactics and scams for finance leaders to know about in November 2023.
Payment Security 101
Learn about payment fraud and how to prevent it
On 30 August 2021, Australia’s Treasurer, Josh Frydenberg, released the final report of the Review of the Australian Payments System.
In recent years we have witnessed a dramatic change in the payments landscape. New technologies and shifting expectations are opening up a world of opportunities that are radically transforming both B2C and B2B payments.
However, with rapid change comes a range of challenges that government, regulators and industry must contend with. Among the most significant challenges is safety. Payments have become almost exclusively digital. Whilst this undoubtedly drives significant innovation and efficiencies, it also expands the potential for increased levels of fraud.
At eftsure, we are committed to strengthening the safety of B2B Electronic Funds Transfer (EFT) payments in order to mitigate the growing risk of fraud.
We welcome this final report and believe the following recommendations will contribute to a safer payments landscape in Australia:
In recommending changes to Australia’s regulatory architecture, four key principles should be embraced: service, strategy, safety, and simplicity.
eftsure is pleased to see a strong emphasis on safety. The safety principle enshrines the notion that protecting users of the payments ecosystem is critical. The report makes clear that any updates to regulatory architecture should seek to minimise instances of “fraud, scams, and mistaken payments.” Furthermore, clear arrangements should be put in place to provide for redress if those incidents occur.
An important element in strengthening the safety of the payment system is increasing community awareness of the risks of errors and fraud, how these can be avoided and what steps can be taken when they occur.
This is particularly important given our increased reliance on digital payments. The report notes that whilst online transactions and data-rich payments provide significant benefits, they also come with “increasing susceptibility to cyberattacks and privacy breaches.” The report recommends greater coordination between regulatory bodies, industry and government to deliver on key principles, including safety.
Further coordination is certainly a step in the right direction, however, when it comes to securing EFT transactions, the fundamental challenge remains that banks do not match an Account Name with either the BSB or Account Number. eftsure believes there are opportunities for both regulators and industry to do more in ensuring that greater coordination will address this core safety gap, in particular through enabling enhanced information sharing.
The Australian Securities and Investments Commission (ASIC) is currently conducting a review into Australia’s ePayments Code. The current Code is voluntary. The report recommends that the ePayments Code be made mandatory and integrated with the broader regulatory framework for the payments landscape.
One of the challenges of having a voluntary ePayments Code is that it lacks the capacity to address the growing risks of fraud, such as invoice redirection scams or Business Email Compromise attacks. As a result, the ePayment Code restricts itself to defining a “Mistaken Internet Payment” (MIP) as an instance of human error.
eftsure believes a mandatory ePayments Code would be a step in the right direction. By ensuring all payment service providers are obligated to adhere to a Code, it would provide an opportunity for greater transparency and information sharing around EFT transactions that could mitigate the growing risk of payments fraud.
The report recognises that both consumers and businesses are increasingly exposed to a variety of new payment methods and technologies. Whilst these offer significant convenience, “the knowledge needed to use these methods safely is not guaranteed.”
Whilst more coordinated regulation will help mitigate instances of scams and fraud, the report notes there is also a need to ensure greater levels of education and awareness. Increased payments education is not the sole responsibility of government and regulators, but also private industry. The report notes that existing support and education initiatives exist and points to the ACCC’s ScamWatch as an example.
Importantly, the report notes that businesses also need additional education, as they face unique challenges that individual consumers are unlikely to face. Whilst the report focuses on the challenges businesses face when it comes to Payment Service Providers, it should also be a priority to educate businesses about EFT payments risks. This is a growing risk, and many businesses remain unaware of their exposure. This is particularly the case with SMEs.
eftsure believes opportunities exist for strengthening awareness of EFT payments risks for businesses and has advocated more detailed information being made available to businesses when they are processing EFT transactions in their online banking portals.
This final report of the Review of the Australian Payments System represents a significant step forward in ensuring the safety of the payments landscape. The initiatives being proposed will have a meaningful impact on reducing the risks inherent in many of the new payment methods and technologies.
Given the rising risks of EFT payments fraud, eftsure believes that it would be beneficial to make the security of EFT transactions a core priority for government, regulators and industry. A coordinated approach that enables greater information sharing, a mandatory ePayments Code and enhanced education will all ensure that Australian organisations will be less vulnerable to the risks of EFT fraud.
For further information on the many ways eftsure can help your organisation secure your EFT payments, contact us.
With cybercrime on the rise, it’s critical to know what finance leaders are (and aren’t) doing to protect their organisations from digital …
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.