The Payments Fraud and Control Survey, sponsored by JPMorgan Chase and released at the recent AFP Payments Forum held in Atlanta, GA, identifies checks and ACH debits as the most frequent vehicles for payments fraud. Fifty-five percent (55%) of survey respondents said that their organization had been the victim of at least one case of payments fraud in 2004. Large organizations (those with revenues greater than $1 billion) were twice as likely to have experienced payments fraud as were smaller organizations. Nearly three-quarters of large organizations (73%) experienced payments fraud in 2004, while 37 percent of small organizations indicated they experienced payments fraud in 2004. Nearly all (94%) 2004 payments fraud victims indicated that they were subject to check fraud while 34 percent of respondents indicated that their organization was subject to ACH debit fraud. The typical organization that was subject to payments fraud in 2004 indicated that the fraud totaled $26,600. However, large organizations with revenues over $1 billion were more often hit by very high dollar payment fraud attacks. Thirteen percent of large organizations that experienced fraud in 2004 estimated that the total dollar amount of payments fraud exceeded $250,000. Virtually all companies have adopted basic internal fraud controls -- separation of disbursement and reconciliation duties and security features on check stock. However, many other internal fraud controls are used by less than half of organizations, and where they are used; they tend to be used by larger organizations. These fraud controls include reconciling checking accounts on a daily basis (47%), establishing separate accounts for checks and electronic payments (46%), and placing a post no checks restriction on electronic payment accounts (22%). In addition to the internal measures that most organizations count on to help guard against check, ACH and wire fraud, banks offer a variety of fraud control services to their business customers. The most widely offered and implemented service is positive pay. Eighty-eight percent (88%) of survey respondents use positive pay. Notably, 98 percent of larger organizations have implemented this service while just 76 percent of smaller organizations have done so. Offered less frequently than positive pay, payee positive pay is used by around one-third of organizations to control payment fraud. ACH debit blocks are the second most widely used bank-provided service to control ACH fraud (71%). Again, smaller organizations are less inclined to use this service -- 81 percent of organizations with revenues over $1 billion use ACH debit blocks compared to just 53 percent of smaller organizations. Reasons cited for not implementing payment controls include the view that the potential fraud loss is not worth the cost, the service is technically difficult to implement, or the bank does not offer the service. One-third of respondents indicated they would be willing to switch disbursement banks just to obtain fraud control services. Respondents consider the use of electronic payments -- specifically ACH payments -- to have a significant impact on their organizations exposure to fraud. Fifty-four percent believe their organization would reduce its exposure to fraud if it increased its use of ACH credits. On the other hand, 69 percent believe that their organization would have greater exposure to payments fraud if they were to allow more ACH debits to their accounts.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now