Siloed security is making corporate payment fraud more dangerous
Just as the consumer payments space has evolved and transformed over the past decade, so too has the B-to-B payments landscape.
While the digitization of payments has helped to create efficiencies, improve the customer experience, and provide new global growth opportunities for U.S. corporates and banks, this has been accompanied by a rash of new fraud risks that many organizations are struggling to mitigate.
Criminal fraud behavior is now increasingly focused on the payments process, as thieves realize that the movement of money presents significant exposure for corporate organizations, particularly as payments have become faster and more technology-driven. What is especially concerning is that nearly three-quarters of organizations in the U.S. experienced attempted and/or actual payments fraud in 2016, according to the Association of Finance Professionals. This is up from 60% in 2013.
While the threat of fraud in all its forms has long been a concern for corporates and banks, it’s clear that this risk is increasing as fraudsters continue to adopt more sophisticated techniques. In fact, a recent survey sponsored by Bottomline Technologies showed that 46% of corporates’ payment security concerns are either higher or significantly higher than last year, compared with just 2% who have lower security concerns.
The security threats associated with payments are clearly playing on the minds of corporates and banks alike as they struggle to keep up with cyberthieves.
This new reality is forcing corporates and banks to engage external expertise, generally in the form of financial technologies, as they try and secure payments across functions such as e-invoicing, accounts payable and online banking. This move has been necessary to provide confidence to an increasingly concerned group of stakeholders. These security tools can be overly complex for management to interpret, however, and are generally ineffective if they aren’t an integrated part of the overall systems within the organization.
A dirty little secret of the security industry is that siloed data and disparate warning systems actually prevent organizations from achieving truly effective security.
It might feel good to have a number of security systems in place (more is always better, right?), but unless those systems are implemented thoughtfully, with a goal of stopping fraud threats before they happen and providing a comprehensive view of an organization’s end-to-end security position, then they’re little more than a distraction. Ineffective at proactively preventing fraud or reducing the damage done when a breach does occur.
It’s encouraging that corporates and banks are working valiantly to keep up with fraudsters trying to take advantage of their vulnerabilities. But it’s imperative they understand that having a fragmented collection of security tools is no longer enough. It’s time to take a step back and think about security as a companywide endeavor. Pre-integrated and flexible solutions that can also look across existing tools are essential. In fact, they’re the only way organizations can successfully combat the increasing threat of payment fraud.