Payment Security 101
Learn about payment fraud and how to prevent it
Attention finance leaders: The 2024 AFP Payments Fraud and Control Survey Report is out, and it’s packed with eye-opening fraud statistics and trends. Spoiler alert: cybercriminals aren’t slowing down, and they’re getting craftier by the minute. Let’s dive into what this means for you and your organisation’s financial security.
That’s up from 65% the year before.
We’re almost back to the 2018 peak when 82% of organisations were hit.
About 1 in 4 (26%) of financial professionals saw an uptick in fraud activity last year.
47% of respondents said they’re the most exploited payment method in BEC attacks, up 13 percentage points from 2022.
39% of respondents report wire transfers as the top target, down six percentage points from 2022.
Checks and ACH debit fraud affected 65% and 33% of organisations, respectively.
Corporate/commercial credit card fraud dropped from 36% in 2022 to 20% in 2023.
We saw a 6% drop in ACH debit email scams compared to last year.
ACH debit fraud rose from 30% to 33% between 2022 and 2023.
ACH credit fraud dropped from 30% in 2022 to just 19% in 2023.
63% of organisations experienced BEC attacks in 2023.
77% of attacks use spoofed emails to deceive recipients into believing they are interacting with a trusted source.
83% of these organisations in this segment faced attempted or actual payments fraud in 2023.
Half of the companies surveyed saw attempts on ACH credits.
Wire transfers were targeted in 30% of cases.
23% of these companies faced fraud attempts.
That’s more than any other payment method in 2023.
The 2024 AFP Payments Fraud and Control Survey Report makes one thing clear: financial crime is always evolving. While some old-school fraud methods are declining, new vulnerabilities are popping up, especially in electronic payment systems. To stay safe, organisations need to stay on their toes, keep security measures up to date, train employees, and adapt their fraud prevention strategies.
As fraudsters get smarter, so do our defences. Many organisations are turning to cutting-edge tech like AI and machine learning to spot weird transaction patterns. Multi-factor authentication is becoming the norm, especially for big-ticket transactions. There’s also a growing trend towards real-time payment monitoring and fraud detection systems that can flag suspicious activities on the spot.
The fintech industry is stepping up with innovative solutions. They’re exploring blockchain for its potential to create tamper-proof transaction records. Biometric authentication methods, like fingerprint and facial recognition, are being built into payment systems. And tokenisation is gaining traction as a way to keep sensitive financial data safe during transactions.
In the B2B world, specialised fraud prevention platforms are emerging as powerful tools. For example, Eftsure offers real-time verification for vendor and supplier payments. These platforms add an extra layer of security to existing financial systems, helping organisations defend against sophisticated fraud attempts, including business email compromise (BEC) attacks and other social engineering tactics.
Governments and financial regulators are stepping up their game too. They’re introducing new rules to make financial institutions and payment service providers beef up their security. There’s also more focus on international teamwork to tackle cross-border fraud. Regulators are pushing for better reporting systems to track and respond to new fraud trends.
Here are some examples of how different countries are tackling fraud:
In the US, the Federal Reserve’s FedNow Service includes fraud detection for real-time payments.
Australia’s New Payments Platform (NPP) has built-in fraud prevention for real-time payments.
The EU’s Revised Payment Services Directive (PSD2) requires strong customer authentication for electronic payments.
In the UK, the Financial Conduct Authority (FCA) is pushing banks to step up their fraud prevention game.
With ACH fraud on the rise, organisations are tightening controls. Best practices for preventing ACH fraud include:
With BEC still a major threat, employee training is crucial. Organisations are investing in regular training programs to teach staff how to spot phishing attempts, double-check payment requests, and stay skeptical of urgent or unusual demands. Some companies are even running simulated phishing exercises to keep their employees on their toes.
Some companies are also exploring dedicated fraud insurance policies to mitigate potential losses from ACH fraud.
Checks remain the most fraud-prone payment method, with 65% of organizations reporting they experienced fraud attempts targeting checks in 2023.
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.