Editor’s note: NeuGroup’s online communities provide members a forum to pose questions and give answers. Talking Shop shares valuable insights from these exchanges, anonymously. Send us your responses: [email protected].
Context: Payments fraud remains a significant threat to corporates—although some research shows it declined in 2022. The 2023 AFP Payments Fraud and Control Survey reported that 65% of organizations surveyed were victims of reported or actual payments fraud last year. That’s down from 71% in 2021 and the lowest percentage of fraud activity since 2014, when it was 62%. And it suggests some fraud detection, mitigation and prevention efforts by treasury and other finance teams are working.
- But in an age when both criminals and those working to stop payments fraud are exploring how artificial intelligence can help them, a large number of treasury teams still rely on phone calls to verify changes in vendor bank account information.
- More than half the respondents to the AFP survey (53%) said their companies validate beneficiary payment information verbally. Only 16% rely on an external service or third party to validate payment info. Another 17% rely on their banks or other financial vendors to do it.
Member question: “What process do you use to verify vendor bank accounts, especially when you have a request to change banking details? Do you use any third-party vendors to provide this service, any fintech products or companies that you can share?”
Peer answer: “A callback is made to the vendor. The callback cannot be done by using the phone number provided on the request e-mail or a new invoice. It is usually verified using contact details from a previous invoice. We do not use a third-party provider.”
Member response: “Callbacks are also the current process we have in place; but we are looking for ways to implement an automated check in our ERP system via a third-party provider.”
NeuGroup Insights follow-up. In an email exchange, the member posing the question explained why her team wants an automated solution and how it might work: “Having an automated solution is always better than a manual bank verification call. We see that fraudsters are getting more and more sophisticated, and we see more fraud attempts.
- “We also see that not all employees are following policy and processes for bank verification; some call the number in the fraudulent email.
- “We do not have a specific product in mind but are inquiring. Banks use algorithms which are based on payments history; but there is no option I’m aware of to match international bank account numbers (IBANs) with beneficiary information.
- “Ideally, before a payment is authorized the system would verify the IBAN and confirm that the beneficiary name matches the IBAN. Only when they match can a payment be released. In my view, this should work and be available.”
An update. This topic surfaced in a Talking Shop about a year ago that mentioned a bank account verification solution from GIACT. One of the members who had looked into GIACT is now exploring solutions offered by a company called apexanalytix that offers software for supply chain management and fraud prevention. The member is intrigued by “validation built into their vendor onboarding services.”
- The same member also said his treasury team has implemented and likes a validation service offered by U.S. Bank which leverages Early Warning Services, a fintech owned by the bank and six others. “It is an automated process where you input the information for the counterparty manually and it provides back guidance on the risk of making the payment to the counterparty,” he explained.
- “However it is limited, as not all counterparties are in the system,” he added. “This means we continue to do manual validation calls. One other limitation is the early warning system is only for domestic banks, it does not include international banks.”
