Taken from the blog of Ray Graber, SVP, Member Engagement, NEACH
According to Nacha, same-day ACH payments reached 178 million transactions in 2018, an increase of 137% over 2017. You would expect that fraud and fraud prevention would rise and you would be correct.
The Association of Financial Professional’s (AFP) Association for Financial Professionals’ Payments Fraud and Control Survey, 2018 study identified the scale of ACH fraud in the over 600 companies they surveyed. They found that scammers are moving from checks and wires to ACH.
“Overall, more than three-fourths (82%) of companies surveyed were targets of payments fraud last year, according to AFP. However, losses were limited. More than half (57%) of financial professionals reported that their organizations did not incur a direct financial loss as a result of fraudulent activity, and 19% reported a financial loss of less than $25,000.”
The study found that “33% of organizations were subject to ACH debit fraud and 20% were subject to ACH credit fraud”. This was an increase of several percentage points from 2017 and in fact was the single payment option that had a year over year increase.
The study found that is was not the payment method, but the processes preceding the transaction that was the issue. Among these were compromising a business’s internal systems (phishing attacks or insider help) and account takeover were the preferred methods.
The report goes on to say that Business email compromise (BEC) schemes that target individuals responsible for payments “were the method by which 33% of respondents said fraudsters accessed ACH credits (a direct payment pushing funds into an account) in 2018, up from 12% in 2017.”
The most cited countermeasures where account reconciliation (65%), ACH debit filter or positive pay (63%), and the blocking of all ACH debits on all accounts.
In addition, 76% said their companies were putting stronger internal controls in place; an example is not allowing ACH initiation via e-mail.
On the other hand, “56% of organizations surveyed said they were not actively taking steps to mitigate additional risks from same-day ACH. One-quarter (25%) of respondents said they had not received any advice on the matter from their banks.”
What steps are you taking and are you sharing your prevention methods with your customers?
Source: Scammers Target ACH Transactions – April 9, 2019, CFO Magazine, June/July Issue, page 9, by Vincent Ryan https://www.cfo.com/applications/2019/04/scammers-target-ach-transactions/