Vendor Onboarding 101: How to Build a More Secure and Compliant Process

Top 3 Take-Aways from Our Live Event with AP Guru, Debra R. Richardson

We recently had the pleasure of talking to Debra R. Richardson, LLC., who is using her 20+ years of experience in AP, AR, general ledger and financial reporting for Fortune 500 companies to help AP teams implement authentication

techniques, internal controls and best practices to prevent fraud in the vendor master file. She also has a weekly blog and hosts the podcast: “Putting the AP in hAPpy”.

The 2021 numbers are in... and fraudsters are still gonna fraud.

Both the Association of Financial Professionals 2022 Payments Fraud and Controls Survey and the FBI's Internet Crime Report for 2021 recently published, and while there were no big surprises, there were a couple of points that are worth pondering.

In an effort to stay competitive U.S. banks are budgeting big money on tech updates in 2022!

JP Morgan Chase recently announced plans to spend most of its new project budget – a number close to $15 billion – on tech plans as a necessary means to meet customer expectations and compete with other banks and fintechs who are making innovative use of tech. 

So exactly what type of technology are these dollars being spent on? 

All the cybersecurity tools in the world aren’t going to protect your organization from a fraudster who has succeeded in getting your employee to believe a scam.

It’s no secret that fraudsters have figured out how to trick even the most diligent and well-trained employee into believing that they are dealing with their actual vendor. Once they’ve done that, it’s just a matter of time until banking information is changed and the fraudster runs off with money that was intended for your supplier. 

The aftermath of such an event isn’t pretty: bad press, lost jobs, damaged reputations.

Here are three common ways that fraudsters will attempt to trick your employees- and what you should watch out for.

Social Engineering Fraud & Vendor Management: Friction vs. Risk Live Event Synopsis

Social engineering fraud, business email compromise (BEC) fraud and business-to-business payments fraud: three different names, same game. All are a form of a man in the middle attack, where a fraudster sends an email to an accounts payable person to request a change to the banking credentials in the vendor master to divert a valid vendor payment to a fraudulent bank account. This is the largest source of cybercrime from a monetary standpoint and it only continues to increase.

To address this problem, we brought together three industry experts in a panel discussion, “Social Engineering Fraud & Vendor Management: Friction vs. Risk”. Joe Hussey, vice chair at J.P. Morgan, Rob Unger, senior director for product management and strategic initiatives with Nacha and Thayer Stewart, CEO of PaymentWorks, dissected social engineering fraud and how it plays into the vendor management process and specifically what role the battle between friction and risk plays in finding a solution.

Watch a clip below!

Our recent live event, Social Engineering Fraud and Your Vendor Master - Managing the Risk, brought together industry experts – Taylor Nemeth, Head of Payments at PaymentWorks, and Christopher Arehart, SVP and Product Manager of Crime, Financial Fidelity, Kidnap/Ransom and Extortion at Chubb Insurance. (The dynamic duo also happen to be co-authors of the recent white paper “Guarding Against Social Engineering Fraud." Please download a free copy!)

They took a deep dive into the increasingly hot topic of business payments fraud, which they agree is, at the core, an identity problem. This identity problem happens to be a multi-billion-dollar problem which can be attributed to the combined effect of the fact that 300+ billion emails are being exchanged every day across businesses and individuals and that 30% of existing suppliers are changing their information over the course of a year (PaymentWorks database statistic, 2021). This has added up to $28 billion in losses with an average incident loss of over $150,000 (from 2016-2020), a number which has doubled in 2021! (FBI Internet Crime Report 2021.)

The big question on everyone’s mind is how can organizations avoid this problem and avoid the financial and reputational loss that comes with it? Here, we offer you the top three takeaways from this electric and informational event.