3 timeless tips to reduce corporate payments fraud

January 03, 2022

With the right tools and mindset, you can protect your data and money from payments fraud attempts.


Here’s a scenario that might sound familiar: An employee receives an email, supposedly from your organization’s CFO, requesting a large financial transfer in advance of a merger. The details are scant, and the email requests funds through a newer payment solution with faster clearing times (such as Real Time Payments or Same Day ACH). Since the email looks legitimate, the employee doesn’t raise any immediate concerns.

A day later, the company discovers that this “CFO” was a scammer, and the payment cleared with less chance of revocability.

It doesn’t need to end this way.

You have the power to protect your organization from emerging payments fraud. With the right combination of tracking tools and education, you can stay ahead of the increasingly sophisticated cybercrime industry.

The technologies for moving money may change, but the best practices for protecting your organization remain. Here is how you can take charge of payments fraud protection:


Ensure dual approval verification practices

No matter which solutions you choose, you must be confident that the people on the other end of your transactions are the rightful recipients. Fraud — both external and internal — can occur in any transaction, but the increased speed of modern payment solutions often means less time to catch fraudulent requests.

Fraud risk affects both payers and payees, in financial and non-financial terms. Even if payments are revocable (with some modern payment options), fraudsters might empty the recipient accounts before a revocation attempt. Reputational risks can also arise in these cases.

Banking partners and modern payment providers have measures in place to prevent and mitigate losses, but the burden to build verification best practices falls to organizations that choose to use the payments method. And most of the platform-specific fraud risks trace back to the goal of ensuring payer/payee account authenticity.


Review your tech infrastructure and security patches

Even the best-laid plans won’t succeed if your IT infrastructure falls behind on security updates. As new real-time payment options arise, those back-end systems must adjust to handle new venues for malware and spyware to infiltrate.

Consider the following short-term steps to shore up your back-end security:

  • Ensure all systems are current with security updates and anti-virus software
  • Review password policies for best practices in security
  • Expand multi-factor authentication processes, including the use of security tokens and biometric authentication
  • Validate any request to add or update customer information

Combating these risks may require your organization to refresh more traditional fraud prevention infrastructure and practices.


Limit the number of users for each type of transaction, but train everyone

Even if some of your employees are multifaceted in their skillsets, it’s best practice to allow as few hands as possible on a transaction. Just from a security standpoint, a large user base increases the chance of human error and adds more touch points for scammers to target.

This doesn’t mean that the rest of your team should be kept in the dark. Effective fraud protection rests largely on an educated and informed workforce. Here are a few lessons that you’ll need to solidify among your payments management team:

  • Segregate duties between payment types (check, wire, ACH, etc.)
  • Reinforce Business Email Compromise risk best practices, which can include how employees open emails, click on links and reply to emails

While no single control or set of controls will prevent your organization from being a target, we suggest these five tips to prevent your organization from falling victim to BEC:

  1. Confirm and verify email requests for fund transfers
  2. Use dual control for money movement activities
  3. Use multi-factor authentication for web-based email accounts
  4. Communicate quickly when fraud or security events occur
  5. Evaluate staff compliance with internal controls by using real-world security awareness testing

Cyber-fraudsters are smart, sophisticated, and they can steal your customer data and money if you’re not careful. Tools to combat these risks are readily available, and the opportunity to strengthen your payments process lies within your organization.


If you need further help identifying these risks or would like more information on how U.S. Bank protects customers, contact your relationship manager.

Related content

The cyber insurance question: Additional protection beyond prevention

Higher education strategies for e-payment migration, fighting fraud

The mobile app to download before summer vacation

5 Ways to protect your government agency from payment fraud

Authenticating cardholder data reduce e-commerce fraud

Insource or outsource? 10 considerations

4 strategies for coping with market volatility

Risk management strategies for foreign exchange hedging

Automate accounts payable to optimize revenue and payments

Protecting cash balances with sweep vehicles

3 tips to maintain flexibility in supply chain management

Webinar: How to stay safe from cyberfraud

How to avoid being the victim of a digital payments scam

Cybercrisis management: Are you ready to respond?

Dear Money Mentor: What is cryptocurrency?

How to keep your assets safe

Learn to spot and protect yourself from common student scams

Cryptocurrency custody 6 frequently asked questions

How to spot an online scam

Small business growth: 6 strategies for scaling your business

Manufacturing: 6 supply chain optimization strategies

Healthcare marketing: How to promote your medical practice

Liquidity management: A renewed focus for European funds

5 questions you should ask your custodian about outsourcing

Webinar: Approaching international payment strategies in today’s unpredictable markets.

10 ways a global custodian can support your growth

Webinar: Mobile banking tips for smarter and safer online banking

How to choose the right custodian for your managed assets

Webinar: How to fight off fraud

Webinar: Protect yourself or your loved ones from elder fraud

Increase working capital with Commercial Card Optimization

Fraud prevention checklist

4 ways to outsmart your smart device

Money muling 101: Recognizing and avoiding this increasingly common scam

What you need to know about financial fraud

How you can prevent identity theft

Alternative investments: How to track returns and meet your goals

Hospitals face cybersecurity risks in surprising new ways

Webinar: Cash management strategies for higher education

5 steps you should take after a major data breach

Cybersecurity – Protecting client data through industry best practices

Why KYC — for organizations

Post-pandemic fraud prevention lessons for local governments

BEC: Recognize a scam

Fight the battle against payments fraud

The latest on cybersecurity: Vulnerability testing and third-party software

The password: Enhancing security and usability

3 timeless tips to reduce corporate payments fraud

The surprising truth about corporate cards

White Castle optimizes payment transactions

Avoiding the pitfalls of warehouse lending

4 tips for protecting your business against Coronavirus-related scams

Proactive ways to fight vendor fraud

The latest on cybersecurity: Mobile fraud and privacy concerns

How to improve your business network security

The benefits of a full-service warehouse custodian

Webinar: A closer look at U.S. Bank AP Optimizer

The future of financial leadership: More strategy, fewer spreadsheets

How to improve digital payments security for your health system

Enhancing liquidity management: 4 benefits of visibility

Webinar: Fraud prevention and mitigation for government agencies

Webinar: CRE Digital Transformation – Balancing Digitization with cybersecurity risk

Webinar: Robotic process automation

Start of disclosure content

Loan approval is subject to credit approval and program guidelines. Not all loan programs are available in all states for all loan amounts. Interest rate and program terms are subject to change without notice. Mortgage, home equity and credit products are offered by U.S. Bank National Association. Deposit products are offered by U.S. Bank National Association. Member FDIC.