U.K. corporations are increasingly worried about business payment fraud, and while more than half fear attacks from the outside, concerns over insider fraud have spiked, according to a new report from Bottomline Technologies.
Fifty-six percent of U.K. business decision makers said fraud from external cyber attacks is a top concern, up from 37% last year, according to Bottomline’s second annual business payments report, which surveyed 400 executives at companies ranging from small firms to large enterprises.
But fears about insider payment fraud—when employees exploit systems and controls—also rose sharply over the last year, with 30% of executives citing it as a top concern, up from 13% last year.
In addition to employees committing fraud, concern is rising about people outside the company submitting fake invoices and manipulating employees in "CEO fraud," Bottomline's survey indicated.
“High-profile fraud events involving the Bank of Bangladesh and Switzerland’s ABB have been in the news, but so are incidents involving internal collusion, which are a newer worry for corporations,” said Ed Adshead-Grant, Bottomline’s general manager for payments.
Bottomline’s survey also found that more than half of respondents—about 60%—said they didn’t know whether they had been hit by fraud.
“Because business payments exist in a complex environment, companies often don’t know if all payments have been properly processed until some fraud incident occurs,” Adshead-Grant said.
Shoring up corporate systems against internal fraud should be the first order of business for companies looking to increase protections, he said.
“Battling external fraud is tough enough, but the easier one ought to be internal fraud, where corporations have an opportunity to get their own house in order,” Adshead-Grant said.