BCR Publishing
We are the leading provider of news, market intelligence, events and training for the global receivables finance industry.
Working with industry leading organisations, experts, governments and universities, BCR Publications delivers expertise in factoring, receivables and supply chain finance to a global audience.
BCR has long been a beacon of innovation and excellence in the realm of receivables finance, playing an instrumental role in shaping the industry’s international landscape. Through its comprehensive conferences, insightful publications, and thought leadership, BCR has facilitated crucial dialogues and connections among industry professionals, driving forward the development of receivables finance globally.
Follow BCR Publishing
Free passes
For corporate treasurer roles/functions!
Identifying Types of Fraud/Scams
26-08-2021 | treasuryXL | XE |
Knowledge is power. When it comes to avoiding scams, forewarned is forearmed. Here are a few common types of scams that criminals will use to try to steal your money or – more importantly – your identity.
1. Give Money to Get Money
If you ever receive an “official” notification that you’ve won a lottery or that someone wants to generously give you a large sum of money but first you need to send money to cover taxes, fees, clearances, or some other cost before collecting your prize, proceed with extreme caution!
The common thread with this scam, apart from the too-good-to-be-true offer, is that you must “act now” or respond immediately to the official sending the notice. This scam relies on you feeling pressured to not miss out on the deal or prize.
One of the most well-known versions of this type of scam is the Nigerian Prince (also known as the 419 Scam).
2. Phishing
Phishing is almost what it sounds like. Someone is fishing – and using bait – to obtain sensitive information to steal everything from the cash in your bank account to your identity.
Phishing scams replicate official-looking emails (or other communication types) from well-known and reputable companies. These fake emails include links or phone numbers encouraging you to change passwords or send personal documents and information (to update your account). The email will make some claim that there is an issue with your account (i.e. you need to supply documents to receive funds being remitted to you) and you need to click on the link provided to fix the problem. These links may take you to a look-alike site created by the criminals or contain malware (malicious software) which can give the criminals access to your computer (so don’t click!). Phone numbers may work the same way by directing you to a fake answering service.
There are a number of sub-species of the Phishing scam:
a) Spear Phishing
Spear Phishing is a little more sophisticated as it specifically targets you and relies on the trust you’ve built around a person, company, or brand. Most likely the communication will be personalized. Criminals target you from information they have found on sites like social media.
b) Clone Phishing
Clone Phishing differs in that it will copy a legitimate email that included an attachment or link. The attachment or link is replaced with a fraudulent version and the email is sent from a disguised address that appears to come from the original sender. The email may claim to be just a resend of the original or even an updated version.
c) Whaling
Whaling goes after the “big fish”. It targets senior executives or high-profile people within in a company. This type of fraud usually appears as a legitimate concern such as a legal request or subpoena, client issue, or corporate matter.
d) SMiShing
Cute name, not so cute fraud tactic using text or SMS. Potential victims receive an unsolicited text or SMS message with a link to a site that can contain malware or viruses. The urge to click is usually based on a “confirmation” of account activity and the risk of incurring additional charges or fees if the intended victim doesn’t take care of the problem immediately (by clicking the link).
3. Fear-Based (Service Cut Off/Jail Time)
You receive notification, usually through email or phone, that your account is in areas and you need to pay the balance immediately or have the utility service cut off. This type of fraud includes claims of unpaid taxes requiring immediate payment to avoid jail time. Criminals in this case are dependent on your fear of losing a necessity, like heat or water, or your personal freedom.
Conclusion
The ultimate goal of the criminal is to rob you. Criminals will try every sneaky tactic to get what they want and will play upon your fears, your generosity, or your trustfulness to get it.
Scammers attack when you’re least expecting it and often prey on the most well-intentioned people. Educate yourself on how to protect yourself and your loved ones from unexpected fraud. Here are several resources that provide helpful information:
Remember, no matter who is contacting you, NEVER give them any of your passwords, account numbers, or personal information without double-checking their identity first.
Be smart, be aware, and be safe!
Are you curious to know more about XE?
Maurits Houthoff, senior business development manager at XE.com, is always in for a cup of coffee, mail or call to provide you the detailed information.
Visit XE.com
Visit XE partner page
Helping Hand: Using Cashforce to Manage Growth Through M&A
24-08-2021 | treasuryXL | Cashforce
How one treasurer used Cashforce technology to improve forecasting and support growth.
When one treasurer saw that his team was getting too bogged down managing the company’s dozens of bank accounts across 25 entities, he sought out an automated cash management system, but he had a concern: the company is continually growing through mergers and acquisitions, and in the past, new accounts made everything muddy.
New accounts, new problems.
Before turning to Cashforce, the treasurer had significant capital committed to grow the business through acquisitions. He only had two or three people managing this aspect, and he said the company’s TMS offered little assistance.
Feel the force.
Because Cashforce can take those inputs, the treasurer said it could work. But would it actually save enough time, and free up cash through efficient management of working capital? The solution, he said, had four clear advantages that made cash forecasting “a lot more accurate” in just six months:
Feel the force.
Because Cashforce can take those inputs, the treasurer said it could work. But would it actually save enough time, and free up cash through efficient management of working capital? The solution, he said, had four clear advantages that made cash forecasting “a lot more accurate” in just six months:
Bonus: data literacy.
An added “unofficial” benefit of Cashforce that the treasurer added was change management—the opportunity to get a once data-hesitant team to embrace the possibilities offered by analytics.
A Culture of Fraud Prevention: It’s Everyone’s Responsibility
23-08-2021 | treasuryXL | Kyriba |
It seems like every day there is a new fraud headline. As a result, companies are learning that preventing fraud needs to be a responsibility of all employees in the organisation. To prevent fraud, an organisation needs to focus on education through training, standardized controls, and IT policies on top of a strong technology solution.
The threat of fraud has grown dramatically in recent years. In fact, according to the 2021 AFP Fraud and Control Study, overall, 74% of companies have experienced fraud or attempted fraud. Your organisation needs to be prepared and Treasury activities need to support identifying and preventing fraud. Recently, I had a conversation with a Treasurer who said, “if it’s (fraud) not on your mind in Treasury, you’ve already lost”. He went on to talk about how much more difficult it is to manage fraud when you have a decentralized Treasury team.
Best in class fraud prevention is about having a strong overall ecosystem, culture and technology – the fabric of an organisation. Fraud prevention must be top of mind for everyone in the company. Specific training should be included in introductory orientation as well as ongoing training and annual awareness campaigns. Individuals need to be able to identify potential phishing and Business Email Compromise (BEC) campaigns to ensure they don’t become victims. It only takes one person to make a poor judgment call to allow access into a company’s system. It’s also important to consider cultural differences for offices in other parts of the world. Fraudsters are taking advantage of cultural norms. In some Asian countries it’s natural to defer to individuals with seniority. For example, receiving a message from the CFO to make a payment wouldn’t normally be questioned. Make sure that all individuals have a way to share, escalate and/or stop a transaction when there could be potential problems.
Standardised procedures are essential. With BEC, fraudsters assume that using the name and email of senior members of the management team, such as the CEO or CFO, will cause employees lower in the organisational hierarchy to do as instructed without question. To combat this, it is imperative that the procedures set up require strict adherence, and that senior management provides an environment where fewer senior members of the team are comfortable asking whether a payment is legitimate. If multiple ERP systems exist, ensure that consistent approval processes are in place across all systems. For smaller regional offices, set up procedures and approvals to ensure that separation of duties is in place and that you have visibility to the activities in remote offices. Some fraudsters like to target attacks on regional offices in hopes of bypassing some of the more stringent processes that are in place at headquarters.
Having an IT focus on fraud prevention and policies that support these efforts is also essential. IT should ensure that employees are password protected and that their passwords aren’t easily guessed. They should maintain strong firewalls and keep current on technology to identify potential hacker activity. In addition, it is helpful to randomly test employees with phishing emails to assist employees in recognizing fraudulent emails.
Finally, technology solutions to identify fraud are a critical component of fraud prevention. Solutions should include rules-based fraud detection that identifies multiple scenarios, for example situations where a vendor bank account number has changed. These transactions should be flagged and sent for validation. An individual should call the company using a phone number that is listed in the system of record. Or, the transaction should be sent for account verification allowing for confirmation that the bank account is owned by the organisation that is to be paid, and not some fraudulent entity. Account verification is a new tool that is being added to rules engines. It allows you to increase your confidence that the account is owned by the entity with which you have a relationship without having the time-consuming process of having to reach out to the entity directly to verify. The verification is quick and doesn’t slow down legitimate payments. Your fraud technology solution should also identify other fraud situations that you and a community of your peers have experienced or considered.
Machine learning to identify payment anomalies based on transaction history is also critical. It allows for patterns to be identified in the immense amounts of transactional data that your organisation has accumulated and then to match that in real-time to your specific transactions to identify potential fraud. This added layer of protection looks for behaviours that may not be identified by the human eye – timing of invoice receipt or change in the frequency of payment requests. The system continually adapts based on the information that it is tracking and provides suggestions when it identifies potentially fraudulent behavior.
Fraudsters continue to attack since they only need to find that one weak link on one day with a single person in your organisation. It’s up to you to make sure that the individuals in your company are prepared for the attack. Ensure that you have a training program that helps your employees identify potential fraud attempts. Define, monitor and enforce policies that support segregation of duties and consistent processes throughout the organisation. Confirm that your IT department is staying on top of technology that identifies and prevents hackers and supports best practices when establishing policies across the organisation. Last, but certainly not least, make sure that you are utilizing best-in-class technology to identify potentially fraudulent payments to stop those payments from going out your door. Some treasury solution providers use the terminology fraud detection tools to refer to having sanction screening or workflow tools in place while others notify you of a fraudulent item after the transaction is sent to the bank. A best-in-class technology solution combines workflow tools and approvals in addition to a robust rules engine and machine learning to identify potentially fraudulent transactions in real-time. Giving you an opportunity to stop any transaction before it leaves your organisation.
Preventing fraud is something that everyone in your organisation needs to commit to in order to prevent fraudsters from being successful.