Cyber Brief for CFOs: November / December 2024
All the news, tactics and scams for finance leaders to know for November / December 2024.
2021 was a difficult and challenging year for many finance teams. As staff transitioned to remote work, and reliance on digital communications has increased, payment controls have been under stress.
As a result, many finance executives find themselves searching for solutions to regain control over the day to day operations of their Accounts Payable teams.
Much has changed since eftsure was founded in 2014. At that time, there was very little public awareness of a fundamental gap that sits at the heart of the banks’ EFT verification processes.
Through discussions with many accountants and finance professionals, it was clear that very few were aware of the fact that banks do not match an Account Name to a BSB or Account Number when processing an EFT payment.
It was becoming clear that this verification gap put many organisations at risk, even if they were unaware of this fact. They could be unwittingly processing payments to the wrong recipients, either due to human error or as a result of fraudsters manipulating supplier banking data.
What makes this issue so concerning is the fact that banks have limited ways of recovering funds that have been sent to the wrong recipient. If an organisation clicks the “approve payment” button and sends funds to the wrong recipient, they may never see those funds again.
This liability problem is the key-driver behind eftsure’s solution.
By aggregating supplier banking data, eftsure allows organisations to process payments with peace of mind. Thanks to eftsure, it is possible to know whether other organisations have paid the same supplier using the same banking data. If so, then you can be confident that the supplier banking data in your ERP and Vendor Master File is accurate.
The need for such a solution recently became painfully clear when Levitas Capital was defrauded via an elaborate payment redirection scam. Cybercriminals were able to steal over $9 million, leading to severe repercussions for the fund.
Unfortunately, this incident was not unique. The Australian Securities and Investments Commission (ASIC) reported that Business Email Compromise (BEC) attacks are the fastest growing form of cybercrime. Over 4,600 BEC incidents were reported in Australia last financial year. This figure is believed to be significantly underreported.
The total costs of BEC in Australia rose to $81.5 million, a 15% rise over the previous year. Meanwhile, the average amount lost in a BEC attack jumped a whopping 54% to $50,600.[1]
Steadily, through working alongside many organisations, we have been able to generate greater understanding of the problem, as well as the solution eftsure offers. In a world beset by far greater levels of cyber-crime, utilising technology solutions to facilitate continuous compliance monitoring has never been more important.
Whereas in the past, many finance executives relied on their people to control payments, the reality is that human error and complacency prevent organisations from effectively monitoring all outgoing funds. Instead, many Accounts Payable teams rely on manual spot checks, putting themselves at a higher risk-level.
Additionally, and perhaps the greatest change over the past year, is the attitude of financial institutions. We’re seeing a lot of innovation across the sector, with initiatives such as open banking and the new payments platform. Financial institutions are embracing new technologies to prevent fraud. Over time this should result in a more secure economy.
Recently, our co-founder Ian Mirels spoke on the topic on the HSBC Business Talks Podcast. In this wide-ranging discussion, he discusses the growing impact of cybercrime and BEC attacks to the Australian economy and how businesses can proactively embrace initiatives that help strengthen their security.
As a clear indication of the seriousness with which businesses are taking this issue, this year, for the first time, eftsure surpassed securing $6 billion in monthly EFT payments. Organisations that join eftsure now have the ability to cross-match their EFT payments against a database comprising over 2 million verified Australian organisations.
Over the coming year, eftsure will continue its efforts to engage the business community about the risks confronting EFT payments. We will partner with more organisations, helping them enhance their resiliency in the face of rising cyber-crime rates.
With eftsure working in close collaboration with the banks and organisations of all sizes, it is possible to substantially reduce instances of payments fraud in Australia.
We look forward to you joining with eftsure on this journey.
[1]https://www.cyber.gov.au/acsc/view-all-content/reports-and-statistics/acsc-annual-cyber-threat-report-2020-21
All the news, tactics and scams for finance leaders to know for November / December 2024.
Each month, the team at Eftsure monitors the headlines for the latest accounts payable (AP) and security news. We bring you all …
Discover key insights from the OAIC report on data breaches, including the impact of human error and strategies for CFOs to protect their organisations.
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.