If you’re reading this blog, you’re probably someone that manages the day-to-day finance operations within your company, and if we’ve guessed it right, you’re also looking for a way to further secure this process.
Fraud and error can cost organisations time and money, and even cause reputational damage. In the news recently there has been reports that invoice fraud is on the rise. Fraudsters divert genuine invoices or payment instructions sent by email, often from a familiar supplier or contractor, and send replica emails with the banks details changed to an account owned by them. These emails are often so well constructed it’s hard to spot what’s genuine and what’s not. And, staggeringly these scams make up 55 per cent of all money lost to fraud, according to Barclays.
Astoundingly, situations like this can be prevented if they have the correct payment security measures in place to identify suspicious transactions and flag up unknown accounts.
Here at AccessPay, we manage millions of payments for our customers between their financial systems and the banks, so we know how important it is to mitigate risk wherever possible.
We automate financial processes for our customers, freeing up their time so they can see the bigger picture when it comes to their finances. We also know that automating what are typically, manual processes means we are significantly reducing the risk of human error. But even when automated processes are in place, there can be a chance that suspicious transactions can occur.
Our industry-leading payments security feature, Detect has been specifically designed to flag potential risks and critical errors that may not be obvious to the human eye before payment files are processed.
What are suspicious transactions?
When we talk about how to identify suspicious transactions, these can take many forms and sometimes they can be almost impossible to detect. Over the years, we have worked closely with customers to understand and identify the challenges they have faced which has helped us develop a feature so businesses can avoid future errors and fraudulent attempts.
Of course, some businesses have learned the hard way and they have only noticed these errors after payments have been processed. By that point, it’s too late.
Examples of suspicious transactions
There was one case where a fraudulent email was sent to the finance team of a large corporation, spoofing the CEO of the company demanding that a certain supplier was paid ‘urgently’. The finance team had no payment controls in place, and as a result, ended up paying the supplier. The company had unknowingly paid a fraudulent account thousands of pounds and this money was not retrievable. The business suffered a huge blow to its overall cash position as a result.
Have you ever been in a similar situation? It’s increasingly harder to spot fraudulent emails, and with many businesses reliant on email as their main form of communication it’s understandable that this scenario happened.
In fact, a staggering report from PWC found that “46% of surveyed organisations reported experiencing fraud, corruption or other economic crimes in the last 24 months” and in their “Global Economic Crime and Fraud Survey 2022 respondents reported total losses of US$42billion, on top of damage to brand, reputation and market share.” [PWC Global Economic Crime and Fraud Survey 2022]
Another example was when a finance team was dealing with a corrupt file where a supplier account number had been wrongly recorded. The file had random sets of account numbers and unfortunately, it turned out one of the random account numbers matched a real account outside of their supplier list, and the money was paid out, and again, non-retrievable.
In both cases, these small errors were hardly noticeable to the human eye and were only acknowledged after the payments had been made.
If these businesses had used the Detect feature within AccessPay these payments would have been flagged as High Risk before they were processed.
Using something known as our Creditor Unrecognised rule (this is one of six rules which we will touch on later), the Detect feature prompts finance teams to double-check payment details before completing a submission.
In some cases, unrecognised creditors may need paying so the feature will not disable the action fully, but it will always flag it for the finance manager to review as an added layer of security.
In both instances, these situations could have been easily avoided and ultimately saved their companies thousands of pounds.
How it works in the AccessPay
The premium Detect feature harnesses the power of our automation and AI engine to flag any issues that look suspicious within a company’s payment files.
It uses a simple set of 6 pre-defined rules which can be easily adapted to build a profile of irregular and regular activity for your organisation.
Any irregular activity will be instantly flagged using a red, amber and green traffic light system to indicate any suspicious transactions that need attention before it’s processed.
The 6 rules available for Detect are as follows:
- Unrecognised creditors
- Creditors paid more than once within the same file: Referring to duplicated information
- Creditors paid the same amount more than once within the same file: Similar to the above
- Thresholds on total transaction count: This will flag potentially large payments that sit outside of expected or normal payment amounts
- Thresholds on the total transaction amount
- Thresholds on individual transaction amounts
With growing cyber threats prevalent in society, businesses know that reducing risk must be top of the agenda. By detecting and being alerted to these issues finance professionals know that they have taken all the necessary steps to prevent payment fraud and eliminate risk.
As Detect is part of the AccessPay solution you will already need to be using our tool to automate and manage your payments to benefit from the feature.
If you are still manually processing your payments between your finance application and the bank, you would benefit from speaking to us. Please, fill out the form below: