3 easy ways to protect your organization from cybercrime in payments
| 3-2-2017 | Christian van Ledden | sponsored content |
Leoni, a well-known German manufacturer of cables and harnessing has recently made the news through a new type of fraudulent behavior. The CEO-fraud is a technique, whereby scammers act as ‘member’ of the organization and convince the controlling department to transfer funds under the pretense the company was in a financial emergency. USD 2 billion in losses due to CEO-fraud since January 2015.
Leoni is not the first company falling victim to the scam. According to a recent FBI report, CEO fraud has been reported by 17,642 victims amounting up to losses as high as €2 billion (around $2.3billion) in the United States alone. The FBI further reports about an astounding 270% increase in identified victims and exposed losses since January 2015.
CEO-fraud can jeopardize the existence of an organization altogether, as the example of the Austrian lightweight components manufacturer FACC shows. After experiencing losses amounting up to €50million, they were forced to increase their equity in order to continue running.
Rising number of cyberattacks in Europe
According to PricewaterhouseCoopers, the number of cyberattacks in 2015 on finance divisions has increased by a staggering 38%. Root cause for this upsurge lies in the heterogeneous treasury system-landscape, oftentimes including a variety of different ERP systems, eBanking- and accounting tools as well as manual solutions, for instance spreadsheets. Amongst each other, they may communicate via EBICS, HostToHost, SWIFT, ACH or other, even more risky data interfaces. As all these systems operate in silos, the lack of an overarching security process is easily taken advantage of by many criminals.
An additional challenge for finance departments lies in decentralized organizational structures and lacking transparency on bank accounts, daily cash flows and blurred ownerships of workflows and approval processes. The introduction of the four- or six-eye principle will significantly lower the risk of becoming victim to the CEO-fraud as release ownership of financial transactions can be controlled and monitored.
The European Union tightens legislations to protect personal rights
A new legislations released by the European Union will include stricter punishment on organizations for violations on personal rights. The proposed changes include punishments amounting up to €20million, or 4% of global revenue in case of theft of personal data, often found on e.g. bank statements. This change will require organizations to establish more secure mechanisms to protect personal and other sensitive information of their employees.
TIS – Your audit-proof payment transaction platform
3 core topics are crucial for shielding your enterprise from any of these risks: transparency/visibility, workflows and straight-through processing.
Transparency/visibility:
Create global transparency on your banking landscape, including the incoming and outgoing payments as well as the signatory rights of all employees worldwide. Establishing a central overview will enable you to guard your organization against any attacks.
Workflows:
Restructure your workflows and approval processes and include a four-, six-, or eight-eye principle. As no single employee can process a transaction, you actively safeguard your enterprise from cybercrime.
Straight-through processing:
Encryption of your financial data, e.g. from your accounting/ERP-system to your banks and back into your ERP or TMS will minimize your cyber-attack risks and make it harder for criminals.
Together all these methods will help to secure your enterprise from fraudulent behavior and fight the new challenges. These functionalities are a small exert of what the TIS payment platform can offer you.
How do you tackle the challenges of cybercrime and minimize fraudulent behavior? Curious for your thoughts & happy to read them in the comments! Please also visit our website for additional information.
Christian van Ledden
Sales Executive at Treasury Intelligence Solutions GmbH (TIS)
